Newer
Older
################################################################################
# Data decryption
def do_decrypt( data ):
return AESCipher( session[ 'password' ] ).decrypt( data )
def do_encrypt( data ):
return AESCipher( session[ 'password' ] ).encrypt( data )
################################################################################
# File upload
@app.route( baseurl + '/upload', methods = [ 'GET', 'POST' ] )
@login_required
def upload_file():
upload_type = request.form.get( "upload_type", None )
if upload_type == None:
return jsonify( {
'error': True,
'msg': 'Must specify a file type to upload a file'
} )
if request.method == 'POST':
if 'file' not in request.files:
return jsonify( { 'error': True, 'msg': 'No file in the POST request' } )
elif 'upload_id' not in request.form:
return jsonify( { 'error': True, 'msg': 'No upload_id' } )
else:
try:
upload_id = request.form.get( "upload_id" )
sql = "SELECT id FROM submissions WHERE uuid = %s"
r = config.db.query( sql, ( upload_id, ) )
upload_id = r.fetchone()[ 'id' ]
except:
return jsonify( {
'error': True
} )
file = request.files[ 'file' ]
filename = do_encrypt( file.filename )
file_uuid = str( uuid4() )
fp = StringIO()
file.save( fp )
file_size = fp.tell()
fp.seek( 0 )
if upload_type in [ 'latent', 'tenprint_card_front', 'tenprint_card_back' ]:
img = Image.open( fp )
img_format = img.format
width, height = img.size
res = int( img.info[ 'dpi' ][ 0 ] )
img = rotate_image_upon_exif( img )
buff = StringIO()
img.save( buff, format = img_format )
buff.seek( 0 )
file_data = buff.getvalue()
if upload_type in [ 'tenprint_card_front', 'tenprint_card_back' ]:
create_thumbnail( file_uuid, img )
else:
file_data = fp.getvalue()
file_data = base64.b64encode( file_data )
if upload_type == "consent_form":
file_data = gpg.encrypt( file_data, config.gpg_key )
file_data = str( file_data )
upload_type_id = {
'consent_form': 0,
'tenprint_card_front': 1,
'tenprint_card_back': 2,
'latent': 3
sql = "INSERT INTO files ( folder, creator, filename, type, format, size, width, height, resolution, uuid, data ) VALUES ( %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s )"
data = ( upload_id, session[ 'user_id' ], filename, upload_type_id, img_format, file_size, width, height, res, file_uuid, file_data )
config.db.query( sql, data )
config.db.commit()
return jsonify( {
'error': False,
'filename': filename,
'filesize': file_size,
'uuid': file_uuid
} )
else:
return abort( 403 )
################################################################################
# Submission of a new donnor
@app.route( baseurl + '/new_donnor' )
@login_required
def submission_form():
return render_template(
"new_donnor.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout
)
@app.route( baseurl + '/create_submission', methods = [ "GET", "POST" ] )
@login_required
def create_submission_case():
email = request.form.get( "email", False )
if email:
# Check for duplicate base upon the email data
sql = "SELECT id, email_hash FROM submissions WHERE submitter_id = %s"
r = config.db.query( sql, ( session[ 'user_id' ], ) )
for case in r.fetchall():
if pbkdf2( email, case[ 'email_hash' ] ):
return jsonify( {
'error': True,
'msg': "Email already used"
} )
break
email_aes = do_encrypt( email )
email_hash = pbkdf2( email, random_data( 50 ), 50000 )
upload_nickname = request.form.get( "upload_nickname", None )
upload_nickname = do_encrypt( upload_nickname )
submitter_id = session[ 'user_id' ]
status = "pending"
sql = "INSERT INTO submissions ( uuid, email_aes, email_hash, nickname, status, submitter_id ) VALUES ( %s, %s, %s, %s, %s, %s ) RETURNING id"
data = ( id, email_aes, email_hash, upload_nickname, status, submitter_id )
config.db.commit()
return jsonify( {
'error': False,
'id': id
} )
else:
return jsonify( {
'error': True,
'msg': "Email not provided"
} )
@app.route( baseurl + '/donnor/<id>' )
@login_required
def update_donnor_folder( id ):
try:
sql = "SELECT email_aes as email, nickname, created_time FROM submissions WHERE submitter_id = %s AND uuid = %s"
r = config.db.query( sql, ( session[ 'user_id' ], id ) )
user = r.fetchone()
for key in [ 'email', 'nickname' ]:
user[ key ] = do_decrypt( user[ key ] )
return render_template(
"data_update/update_donnor.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
upload_id = id,
**user
)
except:
return jsonify( {
'error': True,
'msg': "Case not found"
} )
@app.route( baseurl + '/submission/<id>/latents' )
@login_required
def update_files_folder( id ):
sql = "SELECT id FROM submissions WHERE uuid = %s AND submitter_id = %s"
r = config.db.query( sql, ( id, session[ 'user_id' ], ) )
id = r.fetchone()[ 'id' ]
sql = "SELECT uuid, filename, size, creation_time FROM files WHERE folder = %s AND type = 2"
r = config.db.query( sql, ( id, ) )
files = r.fetchall()
for i, v in enumerate( files ):
v[ 'filename' ] = do_decrypt( v[ 'filename' ] )
v[ 'size' ] = round( ( float( v[ 'size' ] ) / ( 1024 * 1024 ) ) * 100 ) / 100
return render_template(
"data_update/update_latents.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
upload_id = id,
files = files
)
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
@app.route( baseurl + '/submission/<id>/tenprints' )
@login_required
def update_submission_tenprint( id ):
sql = "SELECT id FROM submissions WHERE uuid = %s AND submitter_id = %s"
r = config.db.query( sql, ( id, session[ 'user_id' ], ) )
id = r.fetchone()[ 'id' ]
sql = "SELECT * FROM files_v WHERE folder = %s AND type = 1"
r = config.db.query( sql, ( id, ) )
files = r.fetchall()
for i, v in enumerate( files ):
v[ 'filename' ] = do_decrypt( v[ 'filename' ] )
v[ 'size' ] = round( ( float( v[ 'size' ] ) / ( 1024 * 1024 ) ) * 100 ) / 100
return render_template(
"data_update/update_tenprint.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
upload_id = id,
files = files
)
################################################################################
# Image processing
@app.route( baseurl + '/image/info/<id>' )
@login_required
def img_info( id ):
d = do_img_info( id )
if d != None:
return jsonify( d )
else:
return abort( 404 )
def do_img_info( id ):
sql = "SELECT size, width, height, resolution, format FROM files WHERE uuid = %s"
r = config.db.query( sql, ( id, ) )
d = r.fetchone()
if d != None:
return dict( d )
else:
return None
@app.route( baseurl + '/image/preview/<id>' )
@referer_required
@login_required
def img_preview( id ):
sql = "SELECT size, data FROM thumbnails WHERE uuid = %s"
r = config.db.query( sql, ( id, ) )
img = r.fetchone()
if img == None:
sql = "SELECT size, data FROM files WHERE uuid = %s"
r = config.db.query( sql, ( id, ) )
img = r.fetchone()
do_thumbnail = True
else:
do_thumbnail = False
if img != None:
img = base64.b64decode( img[ 'data' ] )
buff = StringIO()
buff.write( img )
buff.seek( 0 )
img = Image.open( buff )
if do_thumbnail:
img.thumbnail( ( 300, 300 ) )
buff = StringIO()
img.save( buff, format = 'PNG' )
buff.seek( 0 )
return send_file( buff, mimetype = "image/png" )
else:
return abort( 404 )
def create_thumbnail( file_uuid, img ):
img.thumbnail( ( 1000, 1000 ) )
width, height = img.size
file_format = img.format
buff = StringIO()
img.save( buff, format = img.format )
img_size = buff.tell()
buff.seek( 0 )
img_data = buff.getvalue()
img_data = base64.b64encode( img_data )
sql = "INSERT INTO thumbnails ( uuid, width, height, size, format, data ) VALUES ( %s, %s, %s, %s, %s, %s )"
data = ( file_uuid, width, height, img_size, img.format, img_data, )
config.db.query( sql, data )
config.db.commit()
return
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
################################################################################
# Tenprint templates
@app.route( baseurl + '/tenprint_template/<id>/<t>' )
@login_required
def tp_template( id, t ):
if t in [ 'front', 'back' ]:
sql = """SELECT
tenprint_zones.pc, tl_x, tl_y, br_x, br_y, angle
FROM tenprint_zones
JOIN tenprint_zones_location ON tenprint_zones.pc = tenprint_zones_location.pc
WHERE card = %s AND tenprint_zones_location.side = %s ORDER BY pc
"""
r = config.db.query( sql, ( id, t, ) ).fetchall()
zones = []
for pc, tl_x, tl_y, br_x, br_y, angle in r:
tl_x = float( tl_x )
tl_y = float( tl_y )
br_x = float( br_x )
br_y = float( br_y )
zones.append( {
"pc": pc,
"tl_x": tl_x,
"tl_y": tl_y,
"br_x": br_x,
"br_y": br_y,
"angle": angle
} )
sql = "SELECT image_front_width, image_front_height, image_resolution, width, height FROM tenprint_cards WHERE id = %s LIMIT 1"
r = config.db.query( sql, ( id, ) )
img_info = r.fetchone()
card_info = {
'width': int( round( float( img_info[ 'width' ] ) / 2.54 * img_info[ 'image_resolution' ] ) ),
'height': int( round( float( img_info[ 'height' ] ) / 2.54 * img_info[ 'image_resolution' ] ) ),
}
svg_height = 1000
svg_width = int( round( svg_height * ( float( img_info[ 'image_front_width' ] ) / float( img_info[ 'image_front_height' ] ) ) ) )
card_img_info = {
'right': int( round( float( card_info[ 'width' ] ) / float( img_info[ 'image_front_width' ] ) * svg_width ) ),
'bottom': int( round( float( card_info[ 'height' ] ) / float( img_info[ 'image_front_height' ] ) * svg_height ) ),
}
card_img_info[ 'dpi' ] = card_img_info[ 'right' ] / ( float( img_info[ 'width' ] ) / 2.54 )
card_img_info[ 'dpc' ] = card_img_info[ 'right' ] / float( img_info[ 'width' ] )
return render_template(
"tp_template.html",
baseurl = baseurl,
admin = int( session[ 'account_type' ] ) == 1,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
account_type = session.get( "account_type", None ),
zones = zones,
img_info = img_info,
card_info = card_info,
svg_height = svg_height,
svg_width = svg_width,
card_img_info = card_img_info,
card_id = id,
t = t
)
else:
return abort( 403 )
@app.route( baseurl + '/tenprint_template/image/<id>/<t>' )
@referer_required
@login_required
def tp_template_img( t, id ):
if t in [ 'front', 'back' ]:
sql = "SELECT image_front, image_back FROM tenprint_cards WHERE id = %s LIMIT 1"
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
r = config.db.query( sql, ( id, ) )
img = r.fetchone()
if img != None:
img = base64.b64decode( img[ 'image_' + t ] )
buff = StringIO()
buff.write( img )
buff.seek( 0 )
img = Image.open( buff )
img.thumbnail( ( 1000, 1000 ) )
buff2 = StringIO()
img.save( buff2, format = 'PNG' )
buff2.seek( 0 )
return send_file( buff2, mimetype = "image/png" )
else:
return abort( 403 )
################################################################################
# Home page
@app.route( baseurl + '/' )
@login_required
return render_template(
"index.html",
baseurl = baseurl,
admin = int( session[ 'account_type' ] ) == 1,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
account_type = session.get( "account_type", None )
################################################################################
# Main startup
if __name__ == '__main__':
gpg = gnupg.GPG()
for file in os.listdir( config.keys_folder ):
with open( config.keys_folder + "/" + file, "r" ) as fp:
gpg.import_keys( fp.read() )
app.run( debug = debug, host = "0.0.0.0", threaded = True )