Nirdoan/Tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity
Files
98bb34f094718156474681c7434075ceea3c1cba
Tools/backend/tools/notes.py
T
Nirodan 98bb34f094 Fix bugs, add log rotation, and optimize hot paths 
- Fix AttributeError crash on empty request body in md5, hasher, textdiff,
  jwtdecoder, timestamp, passwordgen (get_json without silent=True / or {})
- Fix memory exhaustion in ipcalc: replace list(network.hosts()) with direct
  arithmetic — safe for /8 and larger networks
- Fix O(1M) loop in cronexplainer.get_next_runs: rewrite to skip by
  month/day/hour instead of iterating every minute
- Fix connection leak in notes.ensure_table: add try/finally around conn.close
- Fix admin._ensure_tables / notes._ensure_table running DDL on every request:
  guard with module-level flags (_tables_initialized, _table_ready)
- Fix update_website returning 200 when no row matched; delete_website returning
  success when nothing was deleted; add rowcount checks for both
- Add role validation in admin create_user / update_user (_VALID_ROLES guard)
- Add delimiter length guard in csvviewer (csv.reader requires single char)
- Fix loremipsum: wrap int(count) in try/except ValueError → 400 response
- Fix auth/token: use auth_header[7:] instead of fragile .replace()
- Fix app.py: remove duplicate import sys; cache DB liveness check with 30s TTL
  to avoid a new TCP connection on every frontend page load; move api/setup
  path guard before DB check
- Replace FileHandler with RotatingFileHandler (5 MB / 3 backups) in logger;
  fix relative log paths to absolute paths anchored to __file__
- Wrap all DB connections in try/finally conn.close() throughout admin and notes

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-06 10:06:29 +02:00

158 lines
5.1 KiB
Python
Raw Blame History

from flask import Blueprint, request, jsonify
from datetime import datetime, timezone
from util.logger import logger
from util.db_pool import get_connection
from auth.token import verify_token
notes_blueprint = Blueprint('notes_tool', __name__)
_table_ready = False
def _ensure_table():
global _table_ready
if _table_ready:
return
conn = get_connection()
try:
cursor = conn.cursor()
cursor.execute("""
CREATE TABLE IF NOT EXISTS notes (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
title VARCHAR(255) NOT NULL,
content TEXT,
language VARCHAR(50) DEFAULT 'text',
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
)
""")
conn.commit()
cursor.close()
_table_ready = True
finally:
conn.close()
@notes_blueprint.route('/api/notes', methods=['GET'])
def get_notes():
user = verify_token()
if not user:
return jsonify({"message": "Nicht autorisiert"}), 401
try:
_ensure_table()
conn = get_connection()
try:
cursor = conn.cursor(dictionary=True)
cursor.execute(
"SELECT id, title, content, language, created_at, updated_at FROM notes WHERE user_id = %s ORDER BY updated_at DESC",
(user['id'],)
)
notes = cursor.fetchall()
cursor.close()
finally:
conn.close()
for n in notes:
if n.get('created_at'):
n['created_at'] = n['created_at'].isoformat()
if n.get('updated_at'):
n['updated_at'] = n['updated_at'].isoformat()
return jsonify(notes)
except Exception as e:
logger.error(f"Fehler notes GET: {e}")
return jsonify({"message": "Fehler beim Laden"}), 500
@notes_blueprint.route('/api/notes', methods=['POST'])
def create_note():
user = verify_token()
if not user:
return jsonify({"message": "Nicht autorisiert"}), 401
try:
_ensure_table()
data = request.get_json(silent=True) or {}
title = data.get("title", "Neue Notiz").strip() or "Neue Notiz"
content = data.get("content", "")
language = data.get("language", "text")
conn = get_connection()
try:
cursor = conn.cursor()
cursor.execute(
"INSERT INTO notes (user_id, title, content, language) VALUES (%s, %s, %s, %s)",
(user['id'], title, content, language)
)
conn.commit()
note_id = cursor.lastrowid
cursor.close()
finally:
conn.close()
logger.info(f"Notiz erstellt von {user['username']}: id={note_id}")
return jsonify({"id": note_id, "title": title, "content": content, "language": language})
except Exception as e:
logger.error(f"Fehler notes POST: {e}")
return jsonify({"message": "Fehler beim Erstellen"}), 500
@notes_blueprint.route('/api/notes/<int:note_id>', methods=['PUT'])
def update_note(note_id):
user = verify_token()
if not user:
return jsonify({"message": "Nicht autorisiert"}), 401
try:
_ensure_table()
data = request.get_json(silent=True) or {}
title = data.get("title", "").strip() or "Neue Notiz"
content = data.get("content", "")
language = data.get("language", "text")
now = datetime.now(timezone.utc).replace(tzinfo=None)
conn = get_connection()
try:
cursor = conn.cursor()
cursor.execute(
"UPDATE notes SET title=%s, content=%s, language=%s, updated_at=%s WHERE id=%s AND user_id=%s",
(title, content, language, now, note_id, user['id'])
)
conn.commit()
affected = cursor.rowcount
cursor.close()
finally:
conn.close()
if affected == 0:
return jsonify({"message": "Notiz nicht gefunden"}), 404
return jsonify({"ok": True})
except Exception as e:
logger.error(f"Fehler notes PUT: {e}")
return jsonify({"message": "Fehler beim Speichern"}), 500
@notes_blueprint.route('/api/notes/<int:note_id>', methods=['DELETE'])
def delete_note(note_id):
user = verify_token()
if not user:
return jsonify({"message": "Nicht autorisiert"}), 401
try:
_ensure_table()
conn = get_connection()
try:
cursor = conn.cursor()
cursor.execute(
"DELETE FROM notes WHERE id=%s AND user_id=%s",
(note_id, user['id'])
)
conn.commit()
affected = cursor.rowcount
cursor.close()
finally:
conn.close()
if affected == 0:
return jsonify({"message": "Notiz nicht gefunden"}), 404
return jsonify({"ok": True})
except Exception as e:
logger.error(f"Fehler notes DELETE: {e}")
return jsonify({"message": "Fehler beim Löschen"}), 500
Reference in New Issue View Git Blame Copy Permalink