Add files via upload

Author: shadabshaukat

Dockerfile

@@ -0,0 +1,46 @@
+FROM ghcr.io/oracle/oraclelinux:8
+
+RUN yum install -y oracle-release-el8 \
+    && yum-config-manager --enable ol8_oracle_instantclient \
+    && yum install -y oracle-instantclient19.10-basic
+
+
+RUN dnf -y module disable python36 && \
+    dnf -y module enable python39 && \
+    dnf -y install python39 python39-pip python39-setuptools python39-wheel && \
+    rm -rf /var/cache/dnf
+
+RUN yum install -y postgresql-devel
+
+RUN yum install -y gcc \
+    && yum install -y libaio-devel
+
+ADD requirements.txt .
+COPY requirements.txt ./requirements.txt
+RUN pip3 install -r requirements.txt
+
+
+# Set the environment variable for LD_LIBRARY_PATH
+ENV LD_LIBRARY_PATH /usr/lib/oracle/19.10/client64/lib/
+
+ADD main.py .
+
+ADD key.pem .
+
+ADD cert.pem .
+
+ADD add_employee.html .
+
+ADD get_employees.html .
+
+ADD update_employee.html .
+
+ADD confirm_delete_employee.html .
+
+ADD crud_options.html .
+
+ADD search_employee.html .
+
+ADD employee_not_found.html .
+
+CMD ["python3", "./main.py"]

add_employee.html

@@ -0,0 +1,27 @@
+<!-- Use Bootstrap for styling -->
+<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
+
+<!-- Create a banner -->
+<div class="jumbotron">
+  <h1 class="display-4">Employee Management System</h1>
+  <p class="lead">Add new employees to the system</p>
+</div>
+
+<!-- Use a container to center the form -->
+<div class="container">
+  <form action="/api/add_employee" method="post">
+    <div class="form-group">
+      <label for="name">Name:</label>
+      <input type="text" class="form-control" id="name" name="name" required>
+    </div>
+    <div class="form-group">
+      <label for="email">Email:</label>
+      <input type="email" class="form-control" id="email" name="email" required>
+    </div>
+    <div class="form-group">
+      <label for="department">Department:</label>
+      <input type="text" class="form-control" id="department" name="department" required>
+    </div>
+    <button type="submit" class="btn btn-primary">Add Employee</button>
+  </form>
+</div>

cleanup.sql

@@ -0,0 +1,5 @@
+-- Cleanup
+drop table employees;
+drop table employees_salary;
+drop procedure generate_employees_salary;
+drop procedure add_employees;

crud_options.html

@@ -0,0 +1,61 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>EMS Main Page</title>
+    <!-- Use Bootstrap for styling -->
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
+    <script>
+        function updateEmployee() {
+            var id = prompt("Enter ID:");
+            if (id != null) {
+                window.location.href = "/api/update_employee/" + id;
+            }
+        }
+
+        function deleteEmployee() {
+            var id = prompt("Enter ID:");
+            if (id != null) {
+                window.location.href = "/api/delete_employee/" + id;
+            }
+        }
+
+        function searchEmployee() {
+            var id = prompt("Enter ID:");
+            if (id != null) {
+                window.location.href = "/api/search_employee/" + id;
+            }
+        }
+    </script>
+</head>
+<body>
+    <!-- Create a banner -->
+    <div class="jumbotron">
+        <h1 class="display-4">Employee Management System</h1>
+        <p class="lead">Select an Employee Operation to Perform</p>
+    </div>
+
+    <!-- Use a container to center the form -->
+    <div class="container">
+        <div class="row">
+            <div class="col-md-3">
+                <a href="{{ url_for('add_employee_form') }}" class="btn btn-primary btn-block">Create</a>
+            </div>
+            <div class="col-md-3">
+                <a href="{{ url_for('get_all') }}" class="btn btn-primary btn-block">Read</a>
+            </div>
+            <div class="col-md-3">
+                <button class="btn btn-primary btn-block" onclick="updateEmployee()">Update</button>
+            </div>
+            <div class="col-md-3">
+                <button class="btn btn-primary btn-block" onclick="deleteEmployee()">Delete</button>
+            </div>
+        </div>
+        <div class="row mt-3">
+            <div class="col-md-3">
+                <button class="btn btn-primary btn-block" onclick="searchEmployee()">Search</button>
+            </div>
+        </div>
+    </div>
+</body>
+</html>
+

crud_options.html.bak

@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>EMS Main Page</title>
+    <!-- Use Bootstrap for styling -->
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
+    <script>
+        function updateEmployee() {
+            var id = prompt("Enter ID:");
+            if (id != null) {
+                window.location.href = "/api/update_employee/" + id;
+            }
+        }
+
+        function deleteEmployee() {
+            var id = prompt("Enter ID:");
+            if (id != null) {
+                window.location.href = "/api/delete_employee/" + id;
+            }
+        }
+
+        function searchEmployee() {
+            var id = prompt("Enter ID:");
+            if (id != null) {
+                window.location.href = "/api/search_employee/" + id;
+            }
+        }
+    </script>
+</head>
+<body>
+    <!-- Create a banner -->
+    <div class="jumbotron">
+        <h1 class="display-4">Employee Management System</h1>
+        <p class="lead">Select an Employee Operation to Perform</p>
+    </div>
+
+    <!-- Use a container to center the form -->
+    <div class="container">
+        <div class="d-flex flex-column justify-content-start">
+            <div class="mb-2">
+                <a href="{{ url_for('add_employee_form') }}" class="btn btn-primary btn-block mr-2">Create</a>
+                <a href="{{ url_for('get_all') }}" class="btn btn-primary btn-block mr-2">Read</a>
+            </div>
+            <div class="mb-2">
+                <button class="btn btn-primary btn-block mr-2" onclick="updateEmployee()">Update</button>
+                <button class="btn btn-primary btn-block mr-2" onclick="deleteEmployee()">Delete</button>
+            </div>
+            <div class="mb-2">
+                <button class="btn btn-primary btn-block mr-2" onclick="searchEmployee()">Search</button>
+            </div>
+        </div>
+    </div>
+</body>
+</html>
+

employee_not_found.html

@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Employee Not Found</title>
+    <!-- Use Bootstrap for styling -->
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
+</head>
+<body>
+    <!-- Create a banner -->
+    <div class="jumbotron">
+        <h1 class="display-4">Employee Management System</h1>
+        <p class="lead">Employee Not Found</p>
+    </div>
+
+    <!-- Use a container to center the message -->
+    <div class="container">
+        <p>The employee with ID {{ id }} could not be found.</p>
+        <a href="{{ url_for('search_employee') }}" class="btn btn-primary">Back to Search</a>
+    </div>
+</body>
+</html>
+

main.py

@@ -0,0 +1,167 @@
+import os
+import flask
+from flask import Flask, jsonify, request
+from flask import render_template
+from flask_cors import CORS
+from flask import session, redirect, url_for, request, Response
+import oracledb 
+
+# Environment Variables for Oracle Database Connectivity
+user = os.environ['ORACLE_USER']
+password = os.environ['ORACLE_PASSWORD']
+dsn = os.environ['ORACLE_DSN']
+
+app = Flask(__name__, template_folder='/')
+CORS(app)
+
+# List of API User and Auth Token
+VALID_USERS = {'user1': 'password1', 'user2': 'password2'}
+
+# Connect to the Oracle database
+con = oracledb.connect(user=user, password=password, dsn=dsn)
+
+# HTML Form Method to Create a New Employee
+@app.route('/api/add_employee', methods=['GET', 'POST'])
+def add_employee_form():
+    # Require authentication for all requests
+    auth = request.authorization
+    if not auth or not check_auth(auth.username, auth.password):
+        return authenticate()
+
+    if request.method == 'POST':
+        # Extract the employee data from the form
+        name = request.form['name']
+        email = request.form['email']
+        department = request.form['department']
+
+        # Insert the employee into the database
+        cur = con.cursor()
+        cur.execute("INSERT INTO employees (name, email, department) VALUES (:name, :email, :department)",
+                    {'name': name, 'email': email, 'department': department})
+        con.commit()
+
+        # Return the ID of the new employee
+        return redirect(url_for('get_all'))
+    else:
+        return render_template('add_employee.html')
+
+
+# HTML Method to Get a List of All Employees
+@app.route('/api/getall')
+def get_all():
+    # Require authentication for all requests
+    auth = request.authorization
+    if not auth or not check_auth(auth.username, auth.password):
+        return authenticate()
+
+    cur = con.cursor()
+    cur.prefetchrows = 100
+    cur.arraysize = 100
+    cur.execute("SELECT * FROM employees")
+    rows = cur.fetchall()
+    employees = []
+    for row in rows:
+        employee = {'id': row[0], 'name': row[1], 'email': row[2], 'department': row[3]}
+        employees.append(employee)
+    return render_template('get_employees.html', employees=employees)
+
+
+# HTML Method to Update en Employee
+@app.route('/api/update_employee/<int:id>', methods=['GET','POST'])
+def update_employee(id):
+
+    # Require authentication for all requests
+    auth = request.authorization
+    if not auth or not check_auth(auth.username, auth.password):
+        return authenticate()
+
+    cur = con.cursor()
+    if request.method == 'POST':
+        name = request.form['name']
+        email = request.form['email']
+        department = request.form['department']
+        cur.execute('UPDATE employees SET name=:name, email=:email, department=:department WHERE id=:id',
+                       {'name': name, 'email': email, 'department': department, 'id': id})
+        con.commit()
+        cur.close()
+        return redirect(url_for('get_all'))
+    else:
+        cur.execute('SELECT * FROM employees WHERE id=:id', {'id': id})
+        employee = cur.fetchone()
+        cur.close()
+        return render_template('update_employee.html', employee=employee)
+
+
+# HTML Method to Delete an Employee
+@app.route('/api/delete_employee/<int:id>', methods=['GET', 'POST'])
+def delete_employee(id):
+    # Require authentication for all requests
+    auth = request.authorization
+    if not auth or not check_auth(auth.username, auth.password):
+        return authenticate()
+
+    if request.method == 'POST':
+        cur = con.cursor()
+        cur.execute('DELETE FROM employees WHERE id=:id', {'id': id})
+        con.commit()
+        cur.close()
+        return redirect(url_for('get_all'))
+    else:
+        cur = con.cursor()
+        cur.execute('SELECT * FROM employees WHERE id=:id', {'id': id})
+        employee = cur.fetchone()
+        cur.close()
+        return render_template('confirm_delete_employee.html', employee=employee)
+
+# Main Page for Listing All Methods
+@app.route('/api/main', methods=['GET'])
+def crud_options():
+    # Require authentication for all requests
+    auth = request.authorization
+    if not auth or not check_auth(auth.username, auth.password):
+        return authenticate()
+
+    return render_template('crud_options.html')
+
+# HTML Method to Search for an Employee by ID
+@app.route('/api/search_employee/<int:id>', methods=['GET', 'POST'])
+def search_employee(id):
+    # Require authentication for all requests
+    auth = request.authorization
+    if not auth or not check_auth(auth.username, auth.password):
+        return authenticate()
+
+    if request.method == 'POST':
+        cur = con.cursor()
+        cur.execute('SELECT * FROM employees WHERE id=:id', {'id': id})
+        employee = cur.fetchone()
+        cur.close()
+
+        if employee is None:
+            # Display a message if the employee is not found
+            return render_template('employee_not_found.html', id=id)
+        else:
+            # Display the employee details if found
+            return render_template('search_employee.html', employee=employee)
+    else:
+        # Create an empty employee object if a GET request is received
+        return render_template('search_employee.html', employee=None)
+
+
+def check_auth(username, password):
+    """Check if a username/password combination is valid."""
+    return username in VALID_USERS and password == VALID_USERS[username]
+
+def authenticate():
+    """Send a 401 Unauthorized response that prompts the user to authenticate."""
+    return Response('Could not verify your access level for that URL.\n'
+                    'You have to login with proper credentials', 401,
+                    {'WWW-Authenticate': 'Basic realm="Login Required"'})
+
+if __name__ == '__main__':
+    # Print out all the routes and their associated URLs
+    for rule in app.url_map.iter_rules():
+        print(f"{rule.endpoint:50s} {rule.methods} {rule.rule}")
+
+    # Start the HTTPS server
+    app.run(host='0.0.0.0', port=4443, ssl_context=('cert.pem', 'key.pem'))