Nirodan
9db922703b
migrations.py - schema_migrations table tracks applied versions (version, description, applied_at) - MIGRATIONS list is append-only; each entry is (version, description, sql) - backup() dumps all user-data tables to a timestamped JSON file in backups/ before any schema changes so data can be recovered if something goes wrong - run_migrations() is idempotent: already-applied versions are skipped Integration - app.py calls _run_startup_migrations() at module load so every restart applies any pending migrations (no-op if schema is current) - setup_routes.py calls run_migrations() after the initial setup form is submitted so all tables exist before the user hits the main page for the first time - notes.py and admin.py: removed all per-request CREATE TABLE DDL; schema is now owned entirely by the migration system Docker - docker-compose.dev.yml: add backups-data volume so JSON backups survive container restarts and rebuilds - Dockerfile: pre-create /app/backend/logs and /app/backend/backups so the directories exist even before volumes are mounted Adding future schema changes - Append a new (version, description, sql) tuple to MIGRATIONS in migrations.py - The next restart will detect it as pending, back up first, then apply it Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
131 lines
4.5 KiB
Python
131 lines
4.5 KiB
Python
from flask import Blueprint, request, jsonify
|
|
from datetime import datetime, timezone
|
|
from util.logger import logger
|
|
from util.db_pool import get_connection
|
|
from auth.token import verify_token
|
|
|
|
notes_blueprint = Blueprint('notes_tool', __name__)
|
|
|
|
|
|
@notes_blueprint.route('/api/notes', methods=['GET'])
|
|
def get_notes():
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor(dictionary=True)
|
|
cursor.execute(
|
|
"SELECT id, title, content, language, created_at, updated_at "
|
|
"FROM notes WHERE user_id = %s ORDER BY updated_at DESC",
|
|
(user['id'],)
|
|
)
|
|
notes = cursor.fetchall()
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
for n in notes:
|
|
if n.get('created_at'):
|
|
n['created_at'] = n['created_at'].isoformat()
|
|
if n.get('updated_at'):
|
|
n['updated_at'] = n['updated_at'].isoformat()
|
|
return jsonify(notes)
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes GET: {e}")
|
|
return jsonify({"message": "Fehler beim Laden"}), 500
|
|
|
|
|
|
@notes_blueprint.route('/api/notes', methods=['POST'])
|
|
def create_note():
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
data = request.get_json(silent=True) or {}
|
|
title = data.get("title", "Neue Notiz").strip() or "Neue Notiz"
|
|
content = data.get("content", "")
|
|
language = data.get("language", "text")
|
|
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"INSERT INTO notes (user_id, title, content, language) VALUES (%s, %s, %s, %s)",
|
|
(user['id'], title, content, language)
|
|
)
|
|
conn.commit()
|
|
note_id = cursor.lastrowid
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
|
|
logger.info(f"Notiz erstellt von {user['username']}: id={note_id}")
|
|
return jsonify({"id": note_id, "title": title, "content": content, "language": language})
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes POST: {e}")
|
|
return jsonify({"message": "Fehler beim Erstellen"}), 500
|
|
|
|
|
|
@notes_blueprint.route('/api/notes/<int:note_id>', methods=['PUT'])
|
|
def update_note(note_id):
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
data = request.get_json(silent=True) or {}
|
|
title = data.get("title", "").strip() or "Neue Notiz"
|
|
content = data.get("content", "")
|
|
language = data.get("language", "text")
|
|
# mysql-connector expects a naive datetime for DATETIME columns;
|
|
# strip tzinfo after converting to UTC to avoid driver warnings.
|
|
now = datetime.now(timezone.utc).replace(tzinfo=None)
|
|
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"UPDATE notes SET title=%s, content=%s, language=%s, updated_at=%s "
|
|
"WHERE id=%s AND user_id=%s",
|
|
(title, content, language, now, note_id, user['id'])
|
|
)
|
|
conn.commit()
|
|
affected = cursor.rowcount
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
|
|
if affected == 0:
|
|
return jsonify({"message": "Notiz nicht gefunden"}), 404
|
|
return jsonify({"ok": True})
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes PUT: {e}")
|
|
return jsonify({"message": "Fehler beim Speichern"}), 500
|
|
|
|
|
|
@notes_blueprint.route('/api/notes/<int:note_id>', methods=['DELETE'])
|
|
def delete_note(note_id):
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
conn = get_connection()
|
|
try:
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"DELETE FROM notes WHERE id=%s AND user_id=%s",
|
|
(note_id, user['id'])
|
|
)
|
|
conn.commit()
|
|
affected = cursor.rowcount
|
|
cursor.close()
|
|
finally:
|
|
conn.close()
|
|
|
|
if affected == 0:
|
|
return jsonify({"message": "Notiz nicht gefunden"}), 404
|
|
return jsonify({"ok": True})
|
|
except Exception as e:
|
|
logger.error(f"Fehler notes DELETE: {e}")
|
|
return jsonify({"message": "Fehler beim Löschen"}), 500
|