refactor UI backend calls to python endpoints

2026-03-31 07:12:23 -07:00 · 2026-01-10 03:06:02 +00:00
parent 6aa4e13b54
commit d849583dd5
33 changed files with 2186 additions and 313 deletions
--- a/server/api_server/api_server_start.py
+++ b/server/api_server/api_server_start.py
@@ -275,7 +275,8 @@ def api_update_device_column(mac):
    column_name = data.get("columnName")
    column_value = data.get("columnValue")

-    if not column_name or not column_value:
+    # columnName is required, but columnValue can be empty string (e.g., for unassigning)
+    if not column_name or "columnValue" not in data:
        return jsonify({"success": False, "message": "ERROR: Missing parameters", "error": "columnName and columnValue are required"}), 400

    device_handler = DeviceInstance()
--- a/server/api_server/dbquery_endpoint.py
+++ b/server/api_server/dbquery_endpoint.py
@@ -3,6 +3,7 @@
 import os
 import base64
 import sys
+from urllib.parse import unquote
 from flask import jsonify

 # Register NetAlertX directories
@@ -15,7 +16,8 @@ from database import get_temp_db_connection  # noqa: E402 [flake8 lint suppressi
 def read_query(raw_sql_b64):
    """Execute a read-only query (SELECT)."""
    try:
-        raw_sql = base64.b64decode(raw_sql_b64).decode("utf-8")
+        # Decode: base64 -> URL decode (matches JS: btoa(unescape(encodeURIComponent())))
+        raw_sql = unquote(base64.b64decode(raw_sql_b64).decode("utf-8"))

        conn = get_temp_db_connection()
        cur = conn.cursor()
@@ -35,7 +37,8 @@ def read_query(raw_sql_b64):
 def write_query(raw_sql_b64):
    """Execute a write query (INSERT/UPDATE/DELETE)."""
    try:
-        raw_sql = base64.b64decode(raw_sql_b64).decode("utf-8")
+        # Decode: base64 -> URL decode (matches JS: btoa(unescape(encodeURIComponent())))
+        raw_sql = unquote(base64.b64decode(raw_sql_b64).decode("utf-8"))

        conn = get_temp_db_connection()
        cur = conn.cursor()
--- a/server/db/db_helper.py
+++ b/server/db/db_helper.py
@@ -74,6 +74,28 @@ def row_to_json(names, row):
    return rowEntry


+# -------------------------------------------------------------------------------
+def safe_int(setting_name):
+    """
+    Helper to ensure integer values are valid (not empty strings or None).
+
+    Parameters:
+        setting_name (str): The name of the setting to retrieve.
+
+    Returns:
+        int: The setting value as an integer if valid, otherwise 0.
+    """
+    # Import here to avoid circular dependency
+    from helper import get_setting_value
+    try:
+        val = get_setting_value(setting_name)
+        if val in ['', None, 'None', 'null']:
+            return 0
+        return int(val)
+    except (ValueError, TypeError, Exception):
+        return 0
+
+
 # -------------------------------------------------------------------------------
 def sanitize_SQL_input(val):
    """
--- a/server/scan/device_handling.py
+++ b/server/scan/device_handling.py
@@ -8,7 +8,7 @@ from const import vendorsPath, vendorsPathNewest, sql_generateGuid
 from models.device_instance import DeviceInstance
 from scan.name_resolution import NameResolver
 from scan.device_heuristics import guess_icon, guess_type
-from db.db_helper import sanitize_SQL_input, list_to_where
+from db.db_helper import sanitize_SQL_input, list_to_where, safe_int

 # Make sure log level is initialized correctly
 Logger(get_setting_value("LOG_LEVEL"))
@@ -464,22 +464,22 @@ def create_new_devices(db):
                        devReqNicsOnline
                        """

-    newDevDefaults = f"""{get_setting_value("NEWDEV_devAlertEvents")},
-                        {get_setting_value("NEWDEV_devAlertDown")},
-                        {get_setting_value("NEWDEV_devPresentLastScan")},
-                        {get_setting_value("NEWDEV_devIsArchived")},
-                        {get_setting_value("NEWDEV_devIsNew")},
-                        {get_setting_value("NEWDEV_devSkipRepeated")},
-                        {get_setting_value("NEWDEV_devScan")},
+    newDevDefaults = f"""{safe_int("NEWDEV_devAlertEvents")},
+                        {safe_int("NEWDEV_devAlertDown")},
+                        {safe_int("NEWDEV_devPresentLastScan")},
+                        {safe_int("NEWDEV_devIsArchived")},
+                        {safe_int("NEWDEV_devIsNew")},
+                        {safe_int("NEWDEV_devSkipRepeated")},
+                        {safe_int("NEWDEV_devScan")},
                        '{sanitize_SQL_input(get_setting_value("NEWDEV_devOwner"))}',
-                        {get_setting_value("NEWDEV_devFavorite")},
+                        {safe_int("NEWDEV_devFavorite")},
                        '{sanitize_SQL_input(get_setting_value("NEWDEV_devGroup"))}',
                        '{sanitize_SQL_input(get_setting_value("NEWDEV_devComments"))}',
-                        {get_setting_value("NEWDEV_devLogEvents")},
+                        {safe_int("NEWDEV_devLogEvents")},
                        '{sanitize_SQL_input(get_setting_value("NEWDEV_devLocation"))}',
                        '{sanitize_SQL_input(get_setting_value("NEWDEV_devCustomProps"))}',
                        '{sanitize_SQL_input(get_setting_value("NEWDEV_devParentRelType"))}',
-                        {sanitize_SQL_input(get_setting_value("NEWDEV_devReqNicsOnline"))}
+                        {safe_int("NEWDEV_devReqNicsOnline")}
                        """

    # Fetch data from CurrentScan skipping ignored devices by IP and MAC