test redesign gesthub

2025-12-16 01:31:23 +01:00
parent 4c7bb77890
commit e0883b04f6
5 changed files with 331 additions and 312 deletions
--- a/web/app.py
+++ b/web/app.py
@@ -1,29 +1,51 @@
 import os
 import uuid
 import json
-from flask import Flask, redirect, url_for, jsonify, session, render_template
+# J'ai ajouté 'request' aux imports
+from flask import Flask, redirect, url_for, jsonify, session, render_template, request
 from flask_sqlalchemy import SQLAlchemy
 from authlib.integrations.flask_client import OAuth

 app = Flask(__name__)
 ANNOUNCE_FILE = os.path.join(os.path.dirname(__file__), "annonces.json")
+# Ta config DB actuelle
 app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql+pymysql://flaskuser:flaskpass@mariadb/flaskdb'
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
 app.secret_key = os.environ.get("SECRET_KEY", "dev-key")

 db = SQLAlchemy(app)

-# Configuration de Authlib
-oauth = OAuth(app)
+# --- MODELE DE DONNEES POUR LES BLOCS ---
+class Block(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    block_type = db.Column(db.String(50))  # ex: 'iframe', 'buttons', 'html'
+    column_name = db.Column(db.String(20)) # ex: 'left', 'center', 'right'
+    position = db.Column(db.Integer)       # pour l'ordre (0, 1, 2...)
+    data = db.Column(db.Text)              # Contenu JSON (url, titre, etc.)

+    def to_dict(self):
+        return {
+            "id": self.id,
+            "type": self.block_type,
+            "column": self.column_name,
+            "position": self.position,
+            "data": json.loads(self.data) if self.data else {}
+        }
+
+# Création des tables si elles n'existent pas
+with app.app_context():
+    db.create_all()
+
+# ... (Ici, garde ta configuration OAUTH et tes routes Login/Logout/Auth inchangées) ...
+# ... (Garde aussi tes fonctions load_announces, save_announces etc.) ...
+
+oauth = OAuth(app)
 keycloak = oauth.register(
    name='keycloak',
    client_id='flask-app',
    client_secret='T5G5jzCBiphnBNh9uuj0f6YNc9HrP8r4',
    server_metadata_url='https://keycloak.ninolbt.com/realms/gesthub/.well-known/openid-configuration',
-    client_kwargs={
-        'scope': 'openid profile email',
-    }
+    client_kwargs={'scope': 'openid profile email'}
 )

@app.route('/')
@@ -31,7 +53,6 @@ def index():
    user = session.get('user')
    if user:
        return render_template('view/index.html', user=user)
-        
    return redirect(url_for('login'))

@app.route('/login')
@@ -48,88 +69,84 @@ def auth():
    userinfo = keycloak.parse_id_token(token, nonce=nonce)
    session['user'] = userinfo
    session["id_token"] = token.get("id_token")
-    app.logger.debug(f"User info: {userinfo}")
    return redirect('/')

@app.route("/logout")
 def logout():
    id_token = session.get("id_token")
-    print("ID Token Hint:", id_token)
    session.clear()
    return redirect(
        f"https://keycloak.ninolbt.com/realms/gesthub/protocol/openid-connect/logout"
        f"?post_logout_redirect_uri=https://dashboard.ninolbt.com"
        f"&id_token_hint={id_token}"
    )
-def load_announces():
-    try:
-        with open(ANNOUNCE_FILE, "r", encoding="utf-8") as f:
-            return json.load(f)
-    except (FileNotFoundError, json.JSONDecodeError):
-        return []

-def save_announces(announces):
-    with open(ANNOUNCE_FILE, "w", encoding="utf-8") as f:
-        json.dump(announces, f, ensure_ascii=False, indent=2)
+# --- API LAYOUT (Gestion des Blocs) ---

-def get_next_id(announces):
-    return max((a.get("id", 0) for a in announces), default=0) + 1
+@app.route('/api/layout', methods=['GET'])
+def get_layout():
+    # Récupère tous les blocs triés par position
+    blocks = Block.query.order_by(Block.position).all()
+    return jsonify([b.to_dict() for b in blocks])

-@app.route("/api/annonces", methods=["GET"])
-def get_announces():
-    return jsonify(load_announces())
-
-@app.route("/api/annonces", methods=["POST"])
-def create_annonce():
+@app.route('/api/layout/save', methods=['POST'])
+def save_layout():
+    # Sauvegarde l'ordre et la colonne après un drag & drop
    user = session.get("user")
    if not user or "/admin" not in user.get("groups", []):
-        return jsonify({"error": "unauthorized"}), 403
+        return jsonify({"error": "Unauthorized"}), 403
+
+    layout_data = request.json # Liste de {id, column, position}
+    
+    for item in layout_data:
+        block = Block.query.get(item['id'])
+        if block:
+            block.column_name = item['column']
+            block.position = item['position']
+    
+    db.session.commit()
+    return jsonify({"status": "saved"})
+
+@app.route('/api/block/add', methods=['POST'])
+def add_block():
+    user = session.get("user")
+    if not user or "/admin" not in user.get("groups", []):
+        return jsonify({"error": "Unauthorized"}), 403
+
    data = request.json
-    if not data.get("text"):
-        return jsonify({"error": "missing text"}), 400
+    new_block = Block(
+        block_type=data.get('type'),
+        column_name=data.get('column', 'center'),
+        position=99, # Ajoute à la fin par défaut
+        data=json.dumps(data.get('data', {}))
+    )
+    db.session.add(new_block)
+    db.session.commit()
+    return jsonify(new_block.to_dict())

-    announces = load_announces()
-    new_announce = {
-        "id": get_next_id(announces),
-        "text": data["text"],
-        "author": user.get("preferred_username", "admin")
-    }
-    announces.append(new_announce)
-    save_announces(announces)
-    return jsonify({"status": "ok", "announce": new_announce})
-
-@app.route("/api/annonces/<int:annonce_id>", methods=["DELETE"])
-def delete_annonce(annonce_id):
+@app.route('/api/block/<int:block_id>', methods=['DELETE'])
+def delete_block(block_id):
    user = session.get("user")
    if not user or "/admin" not in user.get("groups", []):
-        return jsonify({"error": "unauthorized"}), 403
-    announces = load_announces()
-    announces = [a for a in announces if a["id"] != annonce_id]
-    save_announces(announces)
-    return jsonify({"status": "deleted"})
+        return jsonify({"error": "Unauthorized"}), 403

-@app.route("/api/annonces/<int:annonce_id>", methods=["PUT"])
-def edit_annonce(annonce_id):
-    user = session.get("user")
-    if not user or "/admin" not in user.get("groups", []):
-        return jsonify({"error": "unauthorized"}), 403
-    data = request.json
-    announces = load_announces()
-    found = False
-    for a in announces:
-        if a["id"] == annonce_id:
-            a["text"] = data.get("text", a["text"])
-            found = True
-    if not found:
-        return jsonify({"error": "not found"}), 404
-    save_announces(announces)
-    return jsonify({"status": "updated"})
+    block = Block.query.get(block_id)
+    if block:
+        db.session.delete(block)
+        db.session.commit()
+        return jsonify({"status": "deleted"})
+    return jsonify({"error": "not found"}), 404
+
+# --- API ANNONCES (Tes routes existantes) ---
+# ... (Colle ici tes routes /api/annonces existantes, elles sont très bien) ...
+# ... (N'oublie pas la route /api/is_admin) ...

@app.route("/api/is_admin")
 def is_admin():
    user = session.get("user")
+    # Sécurité : si pas de user, renvoie false
+    if not user: return jsonify({"admin": False})
    return jsonify({"admin": "/admin" in user.get("groups", [])})

-
 if __name__ == '__main__':
-    app.run(host='0.0.0.0', debug=True)
+    app.run(host='0.0.0.0', debug=True)