Nirodan
7827cda224
- logger.py: note why log path uses abspath(__file__) instead of a relative path - token.py: note why [7:] slice is safe (startswith already verified) - ipcalc.py: explain /32 single-host and /31 RFC-3021 point-to-point special cases; explain why (~netmask) must be masked with 0xFFFFFFFF (Python ~int returns a negative arbitrary-precision value, not a 32-bit unsigned integer) - notes.py: document the module-level _table_ready flag lifetime; explain why tzinfo is stripped before passing datetime to mysql-connector - admin.py: document the module-level _tables_initialized flag lifetime Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
162 lines
5.4 KiB
Python
162 lines
5.4 KiB
Python
from flask import Blueprint, request, jsonify
|
|
from datetime import datetime, timezone
|
|
from util.logger import logger
|
|
from util.db_pool import get_connection
|
|
from auth.token import verify_token
|
|
|
|
notes_blueprint = Blueprint('notes_tool', __name__)
|
|
|
|
# Module-level flag: DDL runs at most once per process lifetime.
|
|
# Resets automatically on worker restart, which re-triggers the check.
|
|
_table_ready = False
|
|
|
|
|
|
def _ensure_table():
|
|
global _table_ready
|
|
if _table_ready:
|
|
return
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor()
|
|
cursor.execute("""
|
|
CREATE TABLE IF NOT EXISTS notes (
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
user_id INT NOT NULL,
|
|
title VARCHAR(255) NOT NULL,
|
|
content TEXT,
|
|
language VARCHAR(50) DEFAULT 'text',
|
|
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
|
|
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
|
|
)
|
|
""")
|
|
conn.commit()
|
|
cursor.close()
|
|
_table_ready = True
|
|
finally:
|
|
conn.close()
|
|
|
|
|
|
@notes_blueprint.route('/api/notes', methods=['GET'])
|
|
def get_notes():
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
_ensure_table()
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor(dictionary=True)
|
|
cursor.execute(
|
|
"SELECT id, title, content, language, created_at, updated_at FROM notes WHERE user_id = %s ORDER BY updated_at DESC",
|
|
(user['id'],)
|
|
)
|
|
notes = cursor.fetchall()
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
for n in notes:
|
|
if n.get('created_at'):
|
|
n['created_at'] = n['created_at'].isoformat()
|
|
if n.get('updated_at'):
|
|
n['updated_at'] = n['updated_at'].isoformat()
|
|
return jsonify(notes)
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes GET: {e}")
|
|
return jsonify({"message": "Fehler beim Laden"}), 500
|
|
|
|
|
|
@notes_blueprint.route('/api/notes', methods=['POST'])
|
|
def create_note():
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
_ensure_table()
|
|
data = request.get_json(silent=True) or {}
|
|
title = data.get("title", "Neue Notiz").strip() or "Neue Notiz"
|
|
content = data.get("content", "")
|
|
language = data.get("language", "text")
|
|
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"INSERT INTO notes (user_id, title, content, language) VALUES (%s, %s, %s, %s)",
|
|
(user['id'], title, content, language)
|
|
)
|
|
conn.commit()
|
|
note_id = cursor.lastrowid
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
|
|
logger.info(f"Notiz erstellt von {user['username']}: id={note_id}")
|
|
return jsonify({"id": note_id, "title": title, "content": content, "language": language})
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes POST: {e}")
|
|
return jsonify({"message": "Fehler beim Erstellen"}), 500
|
|
|
|
|
|
@notes_blueprint.route('/api/notes/<int:note_id>', methods=['PUT'])
|
|
def update_note(note_id):
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
_ensure_table()
|
|
data = request.get_json(silent=True) or {}
|
|
title = data.get("title", "").strip() or "Neue Notiz"
|
|
content = data.get("content", "")
|
|
language = data.get("language", "text")
|
|
# mysql-connector expects a naive datetime for DATETIME columns;
|
|
# strip tzinfo after converting to UTC to avoid driver warnings.
|
|
now = datetime.now(timezone.utc).replace(tzinfo=None)
|
|
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"UPDATE notes SET title=%s, content=%s, language=%s, updated_at=%s WHERE id=%s AND user_id=%s",
|
|
(title, content, language, now, note_id, user['id'])
|
|
)
|
|
conn.commit()
|
|
affected = cursor.rowcount
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
|
|
if affected == 0:
|
|
return jsonify({"message": "Notiz nicht gefunden"}), 404
|
|
return jsonify({"ok": True})
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes PUT: {e}")
|
|
return jsonify({"message": "Fehler beim Speichern"}), 500
|
|
|
|
|
|
@notes_blueprint.route('/api/notes/<int:note_id>', methods=['DELETE'])
|
|
def delete_note(note_id):
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
_ensure_table()
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"DELETE FROM notes WHERE id=%s AND user_id=%s",
|
|
(note_id, user['id'])
|
|
)
|
|
conn.commit()
|
|
affected = cursor.rowcount
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
|
|
if affected == 0:
|
|
return jsonify({"message": "Notiz nicht gefunden"}), 404
|
|
return jsonify({"ok": True})
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes DELETE: {e}")
|
|
return jsonify({"message": "Fehler beim Löschen"}), 500
|