From f0e36f4f4356982b13918e344152f20a5ea4b559 Mon Sep 17 00:00:00 2001
From: adleywd <adleydamaceno@gmail.com>
Date: Fri, 17 Oct 2014 15:08:32 -0300
Subject: [PATCH] correção dos formulários e adição da encryptação da senha para um hash

---
 wscacicneo/model/reports.py             | 10 +++++-----
 wscacicneo/templates/cadastro_coleta.pt |  9 ++-------
 wscacicneo/templates/editaruser.pt      |  8 ++++----
 wscacicneo/utils/utils.py               |  8 +++++++-
 wscacicneo/views.py                     | 42 +++++++++++++++++++++++-------------------
 5 files changed, 41 insertions(+), 36 deletions(-)

diff --git a/wscacicneo/model/reports.py b/wscacicneo/model/reports.py
index 7874532..d10786a 100644
--- a/wscacicneo/model/reports.py
+++ b/wscacicneo/model/reports.py
@@ -20,14 +20,15 @@ log = logging.getLogger()
 
 class Reports():
 
-    def __init__(self, nm_base, rest_url=None):
+    def __init__(self, nm_base, rest_url=None, response_object=True):
+        self.base_nm = nm_base
         if rest_url is None:
             self.rest_url = config.REST_URL
         else:
             self.rest_url = rest_url
         self.coleta_manual_base = coleta_manual.ColetaManualBase(nm_base, self.rest_url)
         self.base = self.coleta_manual_base.lbbase
-        self.documentrest = DocumentREST(self.rest_url, self.base, response_object=True)
+        self.documentrest = DocumentREST(self.rest_url, self.base, response_object)
 
 
     def get_base_orgao(self):
@@ -51,20 +52,19 @@ class Reports():
 
         return conv.document2dict(coleta_base.lbbase, self)
 
-    def coleta_to_json(self):
+    def coleta_to_json(self, document):
         """
         Convert object to json
         :return:
         """
 
-        return conv.document2json(nm_base.lbbase, self)
+        return conv.document2json(document.lbbase, self)
 
     def create_coleta(self, document):
         """
         Insere dados de coleta
         """
         result = self.documentrest.create(document)
-
         return result
   
     def update_coleta(self,id, document):
diff --git a/wscacicneo/templates/cadastro_coleta.pt b/wscacicneo/templates/cadastro_coleta.pt
index b5ca4fe..32ec03c 100644
--- a/wscacicneo/templates/cadastro_coleta.pt
+++ b/wscacicneo/templates/cadastro_coleta.pt
@@ -15,13 +15,8 @@
     </div>
     <div class="form-group">
       <label class="col-lg-2 control-label">Data da Coleta:</label>
-      <div class="col-lg-5">
-         <div id="datetimepicker1" class="input-append input-group dtpicker">
-          <input data-format="dd-MM-yyyy" type="text" id="data_coleta" class="form-control">
-          <span class="input-group-addon add-on">
-            <i data-time-icon="fa fa-times" data-date-icon="fa fa-calendar"></i>
-          </span>
-        </div>
+      <div class="col-lg-2">
+        <input type="date" id="data_coleta" class="form-control" >
       </div>
     </div>
     <br/>
diff --git a/wscacicneo/templates/editaruser.pt b/wscacicneo/templates/editaruser.pt
index c33e296..d3ee476 100755
--- a/wscacicneo/templates/editaruser.pt
+++ b/wscacicneo/templates/editaruser.pt
@@ -59,12 +59,12 @@
                 <div class="form-group">
                     <label class="col-lg-2 control-label">Senha</label>
                         <div class="col-lg-5">
-                        <input type="text" id="senha" class="form-control" placeholder="Informe novamente sua senha">
+                        <input type="password" id="senha" class="form-control" placeholder="Informe novamente sua senha">
                     </div>
                 </div><div class="form-group">
                     <label class="col-lg-2 control-label">Confirmar Senha</label>
                         <div class="col-lg-5">
-                        <input type="text" id="confirmarsenha"  class="form-control" placeholder="Confirme sua senha">
+                        <input type="password" id="confirmarsenha"  class="form-control" placeholder="Confirme sua senha">
                     </div>
                 </div>
                 <div class="form-group">
@@ -119,7 +119,7 @@
                 if (data.email.indexOf("gov.br") > -1 == true){
                   emailCorreto = 1;
                 }
-                if(senha.value == confirmarsenha.value && senha.value != "" ){
+                if($('#senha').val() == $('#confirmarsenha').val() && $('#senha').val() != "" ){
                   senhaConfere = 1;
                 }
                 if (emailCorreto == 0 || senhaConfere == 0){
@@ -134,7 +134,7 @@
                       type: "PUT",
                       url: "${request.route_url('root')}put_user",
                       data: data, 
-                      success: function(){ alert('Alteração realizado com sucesso') },
+                      success: function(){ alert('Alteração realizada com sucesso') },
                       error: function(){ alert('Erro ao Alterar do usuário. Todos os campos são obrigatórios') },
                   });
                 }
diff --git a/wscacicneo/utils/utils.py b/wscacicneo/utils/utils.py
index e8d2be0..30eb21a 100755
--- a/wscacicneo/utils/utils.py
+++ b/wscacicneo/utils/utils.py
@@ -1,6 +1,8 @@
 import requests
 import json
 import unicodedata
+import hashlib
+import uuid
 from wscacicneo.model.orgao import Orgao
 from wscacicneo.model.orgao import OrgaoBase
 
@@ -24,4 +26,8 @@ class Utils:
     # Retorna uma string sem caracteres especiais(sem espaço e acentos).
     def format_name(data):
 	    return ''.join(x for x in unicodedata.normalize('NFKD', data) if \
-	    unicodedata.category(x)[0] == 'L').lower()
\ No newline at end of file
+	    unicodedata.category(x)[0] == 'L').lower()
+
+    def hash_password(password):
+        hash_object = hashlib.md5(password.encode())
+        return hash_object.hexdigest()
\ No newline at end of file
diff --git a/wscacicneo/views.py b/wscacicneo/views.py
index 3f38fa2..9bdebad 100755
--- a/wscacicneo/views.py
+++ b/wscacicneo/views.py
@@ -341,7 +341,7 @@ def post_user(request):
             cargo = doc['cargo'],
             setor = doc['setor'],
             permissao = doc['permissao'],
-            senha = doc['senha'],
+            senha = Utils.hash_password(doc['senha']),
             favoritos = favoritos,
             itens = itens
         )
@@ -405,7 +405,7 @@ def put_user(request):
         'cargo' : params['cargo'],
         'setor' : params['setor'],
         'permissao' : params['permissao'],
-        'senha' : params['senha']
+        'senha' : Utils.hash_password(params['senha'])
     }
     search = user_obj.search_user(matricula)
     id = search.results[0]._metadata.id_doc
@@ -489,9 +489,10 @@ def login(request):
     if 'form.submitted' in request.params:
         email = request.params['email']
         senha = request.params['senha']
+        senha_hash = Utils.hash_password(senha)
         try:
             usuario = user_obj.search_user_by_email(email)
-            if usuario.results[0].senha == senha:
+            if usuario.results[0].senha == senha_hash:
                 headers = remember(request, email)
                 return HTTPFound(location = came_from,
                                  headers = headers)
@@ -540,32 +541,35 @@ def post_coleta_manual(request):
     """
     document = request.params
     nm_base = document['orgao']
-    data_coleta = document['data_coleta'],
-    softwarelist = document['softwarelist'],
-    win32_processor_manufacturer = document['win32_processor_manufacturer'],
-    win32_processor_numberoflogicalprocessors = document['win32_processor_numberoflogicalprocessors'],
-    win32_processor_caption = document['win32_processor_caption'],
-    operatingsystem_version = document['operatingsystem_version'],
-    operatingsystem_installdate = document['operatingsystem_installdate'],
-    operatingsystem_caption = document['operatingsystem_caption'],
+    data_coleta = document['data_coleta']
+    softwarelist = document['softwarelist']
+    win32_processor_manufacturer = document['win32_processor_manufacturer']
+    win32_processor_numberoflogicalprocessors = document['win32_processor_numberoflogicalprocessors']
+    win32_processor_caption = document['win32_processor_caption']
+    operatingsystem_version = document['operatingsystem_version']
+    operatingsystem_installdate = document['operatingsystem_installdate']
+    operatingsystem_caption = document['operatingsystem_caption']
     win32_bios_manufacturer = document['win32_bios_manufacturer']
-
-    coleta_dict= { 
-        "data_coleta" : data_coleta,
-        "softwarelist" : [softwarelist],
+    nm_base_formatted = Utils.format_name(nm_base)
+    coleta_dict= {
+        "data_coleta": data_coleta,
         "win32_processor": {
             "win32_processor_manufacturer": win32_processor_manufacturer,
             "win32_processor_numberoflogicalprocessors": win32_processor_numberoflogicalprocessors,
-            "win32_processor_caption" : win32_processor_caption
+            "win32_processor_caption": win32_processor_caption
         },
         "operatingsystem": {
             "operatingsystem_version": operatingsystem_version,
             "operatingsystem_installdate": operatingsystem_installdate,
-            "operatingsystem_caption" : operatingsystem_caption
+            "operatingsystem_caption": operatingsystem_caption
         },
+        "softwarelist": [
+            softwarelist
+        ],
         "win32_bios": {
             "win32_bios_manufacturer": win32_bios_manufacturer
         }
     }
-    id_doc = Reports(nm_base).create_coleta(coleta_dict)
-    return Response(str(id_coleta))
+    dumps = json.dumps(coleta_dict)
+    id_doc = Reports(nm_base_formatted,response_object=False).create_coleta(dumps)
+    return Response(str(id_doc))
\ No newline at end of file
--
libgit2 0.21.2