replace sqlite DB by mysql DB in container

77f6e167 · Romain Loth · 97fc2d6e · 77f6e167 · 77f6e167 · 77f6e167
Commit 77f6e167 authored Nov 24, 2016 by Romain Loth
5 changed files
--- a/server_comex_registration.py
+++ b/server_comex_registration.py
@@ -21,13 +21,15 @@ from flask       import Flask, render_template, request
 from ctypes      import c_int32
 # from time     import sleep
 from jinja2      import Template, Environment, FileSystemLoader
-from sqlite3     import connect
+from MySQLdb     import connect, ProgrammingError
 from re          import sub
 from os          import environ
+from traceback   import format_tb

 # ============= read environ =============
 MY_HOST = environ.get('HOST', '0.0.0.0')
 MY_DEBUG_FLAG = environ.get('DEBUG_FLAG') == 'true'
+MY_SQLDOCKERIP = environ.get('SQLDOCKERIP', '172.17.0.2')

 # ============= app creation =============
 app = Flask(__name__)
@@ -102,8 +104,18 @@ def one_big_form():

            clean_records = read_records(request.form)

+            # try:
            # save to DB
            save_to_db([clean_records.get(k[0], None) for k in COLS])
+            # except Exception as perr:
+            #     return render_template("thank_you.html",
+            #                             records = clean_records,
+            #                             form_accepted = False,
+            #                             backend_error = True,
+            #                             message = ("ERROR ("+str(perr.__class__)+"):<br/>"
+            #                                         + ("<br/>".join(format_tb(perr.__traceback__)))
+            #                                         )
+            #                            )

        # TODO use MY_DEBUG_FLAG here
        return render_template("thank_you.html",
@@ -173,18 +185,53 @@ def sanitize(value):
 def save_to_db(safe_recs_arr):
    """
    see COLS and table_specifications.md
+    see http://mysql-python.sourceforge.net/MySQLdb.html#some-examples
    """

-    # expected number of vals (for instance 3 vals ===> "(?,?,?)" )
-    db_mask = '('+ ','.join(['?' for i in range(len(COLS))]) + ')'
-
-    # £TODO check if email exists first
+    # TODO double-check if email exists first
    #   yes =>propose login via doors + overwrite ?)
    #   no => proceed

-    reg_db = connect('data/registered.db')
+    db_fields = []
+    db_vals = []
+    # we filter ourselves
+    for i in range(len(COLS)):
+        col = COLS[i]
+        val = safe_recs_arr[i]
+        if val != None:
+            db_fields.append(col[0])
+            db_vals.append(val)
+
+    # expected colnames "(doors_uid, last_modified_date, email, ...)"
+
+    db_mask_str = ','.join(db_fields)
+
+    # TODO check if str(tuple(vals)) is ok for quotes
+    # and injection (although we've sanitized them b4)
+    db_vals_str = str(tuple(db_vals))
+
+
+
+    print("dbmask = ", db_mask_str)
+    print("actual len = ", len(db_vals))
+    print("actual values str", db_vals_str)
+
+    # DB is actually in a docker and forwarded to localhost:3306
+    reg_db = connect( host=MY_SQLDOCKERIP,
+                      user="root",   # TODO change db ownership to a comexreg user
+                      passwd="very-safe-pass",
+                      db="comex_shared"
+                      )
+
    reg_db_c = reg_db.cursor()
-    reg_db_c.execute('INSERT INTO comex_registrations VALUES' + db_mask , safe_recs_arr)
+
+    # print("INSERTING values", safe_recs_arr)
+    reg_db_c.execute(
+                    'INSERT INTO comex_registrations (%s) VALUES %s' % (
+                            db_mask_str,
+                            db_vals_str
+                        )
+                    )
    reg_db.commit()
    reg_db.close()

@@ -204,9 +251,20 @@ def read_records(incoming_data):
    for field_info in COLS:
        field = field_info[0]
        if field in incoming_data:
-            if field not in ["doors_uid", "last_modified_date", "pic_file"]:
-                clean_records[field] = sanitize(incoming_data[field])
-            # these 3 fields were already validated actually :)
+
+            if field not in ["doors_uid", "last_modified_date"]:
+                if field == "pic_file":
+                    # TODO check blob copy goes well here
+                    val = incoming_data[field]
+                else:
+                    val = sanitize(incoming_data[field])
+                if val != '':
+                    clean_records[field] = val
+                else:
+                    # mysql will want None instead of ''
+                    val = None
+
+            # these 2 fields already validated
            else:
                clean_records[field] = incoming_data[field]


--- a/setup/dockers/1-create_sql_container.md
+++ b/setup/dockers/1-create_sql_container.md
@@ -9,16 +9,16 @@ sudo usermod -aG docker
 mkdir ../shared_mysql_data
 docker create mysql

-docker run --detach --name test_again \
-           -v /home/romain/comex/shared_mysql_data:/var/lib/mysql \
-           --env="MYSQL_ROOT_PASSWORD=mypassword" mysql
+docker run --detach --name comex_db \
+           -v /home/romain/comex/regcomex/data/shared_mysql_data:/var/lib/mysql \
+           --env="MYSQL_ROOT_PASSWORD=very-safe-pass" mysql


 # get the ip
-export SQLDOCKERIP=$(docker inspect test_again | jq -r '.[0].NetworkSettings.IPAddress')
+export SQLDOCKERIP=$(docker inspect comex_db | jq -r '.[0].NetworkSettings.IPAddress')

-# connect ---------------------------------------------
-mysql -uroot -pmypassword -h $SQLDOCKERIP -P 3306
+# connect --------------------------------------------
+mysql -uroot -pvery-safe-pass -h $SQLDOCKERIP -P 3306
 # -----------------------------------------------------



--- a/static/js/comex_reg_form_controllers.js
+++ b/static/js/comex_reg_form_controllers.js
@@ -580,10 +580,16 @@ var passwords = [pass1, pass2]


 // £DEBUG autofill ----------->8------
+first_name.value = "Jean"
+last_name.value = "Tartampion"
+initialsInput.value="JPP"
+document.getElementById('country').value = "France"
 email.value= makeRandomString(10)+"@om.fr"
 pass1.value="123456+789"
 pass2.value="123456+789"
-initialsInput.value="JPP"
+document.getElementById('jobtitle').value = "atitle"
+document.getElementById('keywords').value = "Blabla"
+document.getElementById('institution').value = "CNRS"
 // --------------------------->8------



--- a/templates/base_form.html
+++ b/templates/base_form.html
@@ -190,7 +190,7 @@
              <h3 class="formcat"> About your job and research </h3>

              <div class="question input-group">
-                <label for="jobtitle" class="smlabel input-group-addon">Job Title</label>
+                <label for="jobtitle" class="smlabel input-group-addon">* Job Title</label>
                <input id="jobtitle" name="jobtitle" maxlength="30"
                       type="text" class="form-control autocomp" placeholder="titre"
                       onblur="makeBold(this)" onfocus="makeNormal(this)">

--- a/templates/thank_you.html
+++ b/templates/thank_you.html
@@ -60,7 +60,12 @@
                  Thank you for your answers ! We have updated the <strong>Community Explorer</strong> registration database with this new information.
                {% else %}
                  <span class="red">
-                    Your answers couldn't be accepted because you filled some wrong information in the verification test !
+                    Your answers couldn't be accepted
+                    {% if backend_error %}
+                    because there was an <b>error in the DB save</b> (see detail below)
+                    {% else %}
+                    because you filled some wrong information in the verification test !
+                    {% endif %}
                    <br/> (if you click "back" you should be able to have your answers still in the form)
                  </span>
                {% endif %}
@@ -82,7 +87,9 @@
        {% endfor %}

        <h5>debug message</h5>
-        {{message}}
+        <p>
+            {{message|safe}}
+        </p>
      </div>
      <div class="spacer col-sm-2 col-md-2">&nbsp;</div>
    </div>