CI: remove workflow files per request

Validation: add email-validator + phonenumbers; improve server-side validation; add tests; update templates and requirements
feat(app): refactor to app-factory; add application package and routes
2025-12-21 23:15:34 +01:00 · 2025-12-21 23:00:01 +01:00 · 2025-12-21 22:22:07 +01:00 · 2025-11-10 21:14:42 +01:00 · 2025-11-10 21:06:06 +01:00 · 2025-11-10 21:00:37 +01:00
22 changed files with 906 additions and 155 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,27 @@
+name: CI
+
+on:
+  push:
+    branches: [ '**' ]
+  pull_request:
+    branches: [ '**' ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ['3.11']
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+      - name: Run tests
+        run: |
+          pytest -q
--- a/.gitignore
+++ b/.gitignore
@@ -16,4 +16,11 @@ __pycache__/
 .DS_Store

 # vCards
-vcards
+vcards/
+
+# Logs
+logs/
+
+#
+anmeldung.sqbpro
+docs/CHAT_SUMMARY.md
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -0,0 +1,14 @@
+stages:
+  - test
+
+test:
+  image: python:3.11
+  stage: test
+  before_script:
+    - pip install --upgrade pip
+    - pip install -r requirements.txt
+  script:
+    - pytest -q
+  only:
+    - branches
+    - merge_requests
--- a/PR_DESCRIPTION.md
+++ b/PR_DESCRIPTION.md
@@ -0,0 +1,40 @@
+Titel: Feature: App‑Factory, Validierung, vCard-Export, Tests
+
+Kurzbeschreibung
+- Ersetzt das papierbasierte Anmeldeformular durch eine Flask-Webseite (App‑Factory).
+- Speichert deutsche Adressdaten inkl. Telefon und E‑Mail in SQLite.
+- Fügt serverseitige Validierung für PLZ, E‑Mail und Telefon hinzu (`email-validator`, `phonenumbers` mit Fallback).
+- Generiert vCard 4.0 nach erfolgreicher Einreichung und speichert sie unter `vcards/`.
+- Enthält Unit- und Integrationstests (pytest) und initiale Datenbank-Migrationen (Alembic/Flask‑Migrate).
+
+Änderungen
+- Neue/überarbeitete Dateien:
+  - `application/` package (App‑Factory, `routes.py`, `models.py`, `extensions.py`)
+  - `utils.py` (vCard-Generator)
+  - `templates/index.html` (Formular/Fehlermeldungen)
+  - `tests/` (Unit- und Integrationstests)
+  - `migrations/` (gestampfte Basis)
+  - `requirements.txt` (`email-validator`, `phonenumbers`)
+
+Testen (lokal)
+1. Virtuelle Umgebung aktivieren / Python 3.11 verwenden.
+2. Abhängigkeiten installieren:
+   ```bash
+   pip install -r requirements.txt
+   ```
+3. Tests ausführen:
+   ```bash
+   pytest -q
+   ```
+
+Migrationshinweise
+- `migrations/` ist initialisiert und die DB wurde gestampft. Bei Modelländerungen bitte neue Migrationen mit `flask db migrate` und `flask db upgrade` erzeugen.
+
+Review-Checklist
+- [ ] Validierung (E‑Mail / Telefon / PLZ) prüfen.
+- [ ] Formular-UI prüfen (templates/index.html).
+- [ ] vCard-Export testen (Erstellung in `vcards/`).
+- [ ] CI testen (siehe `.github/workflows/ci.yml` / `.gitlab-ci.yml`).
+
+Zusätzliche Hinweise
+- `email-validator` wird ohne externe Lieferbarkeitschecks verwendet, damit Tests reproduzierbar sind.
--- a/README.md
+++ b/README.md
@@ -23,3 +23,49 @@ python app.py
 ```

 Das Formular ist dann unter http://127.0.0.1:5000/ erreichbar.
+
+Migrations (Flask-Migrate / Alembic)
+---------------------------------
+
+Das Projekt verwendet jetzt Flask-Migrate (Alembic) für Datenbank-Migrationen. Ablauf lokal:
+
+```bash
+# virtuelles Environment aktivieren
+source .venv/bin/activate
+
+# Migrationen initialisieren (nur einmal)
+export FLASK_APP=app.py
+flask db init
+
+# Neue Migration auf Basis der Models erzeugen
+flask db migrate -m "Beschreibung der Änderung"
+
+# Migration anwenden
+flask db upgrade
+```
+
+Hinweis: Wenn die Datenbank bereits Tabellen enthält, benutze `flask db stamp head`, damit Alembic den aktuellen Stand als angewendet markiert.
+
+Tests
+-----
+
+Die Tests laufen mit pytest:
+
+```bash
+source .venv/bin/activate
+python -m pytest -q
+```
+
+vCard Export
+-----------
+
+Nach dem Absenden eines Anmeldeformulars wird eine vCard 4.0 im Ordner `vcards/` erzeugt. Dateiname-Muster:
+
+```
+Nachname_Vorname_<id>.vcf
+```
+
+Hinweis zur Chat-Zusammenfassung
+--------------------------------
+
+Die Datei `docs/CHAT_SUMMARY.md` enthält eine lokale Zusammenfassung unserer Chat-Sitzungen und wird bewusst nicht versioniert (sie ist in `.gitignore` eingetragen). Du findest die Datei lokal unter `docs/CHAT_SUMMARY.md`.
--- a/app.py
+++ b/app.py
@@ -1,160 +1,26 @@
-from flask import Flask, render_template, request, redirect, url_for
-from flask_sqlalchemy import SQLAlchemy
+"""Application entry-point wrapper.
+
+This module keeps the previous API (importing `app`, `db`, `Frage` from
+the top-level `app` module) while delegating the real implementation to
+the `application` package's factory.
+"""
+
+from application import create_app
+from application.extensions import db
+from application.models import Adresse, Frage, Antwort
 import os
-import re
-import pathlib
-import unicodedata

-BASE_DIR = os.path.dirname(os.path.abspath(__file__))
-DB_PATH = os.path.join(BASE_DIR, 'anmeldung.db')
-
-app = Flask(__name__)
-app.config['SQLALCHEMY_DATABASE_URI'] = f'sqlite:///{DB_PATH}'
-app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
-
-db = SQLAlchemy(app)
-
-
-class Adresse(db.Model):
-    id = db.Column(db.Integer, primary_key=True)
-    vorname = db.Column(db.String(100), nullable=False)
-    nachname = db.Column(db.String(100), nullable=False)
-    strasse = db.Column(db.String(200), nullable=False)
-    hausnummer = db.Column(db.String(50), nullable=True)
-    plz = db.Column(db.String(20), nullable=False)
-    ort = db.Column(db.String(100), nullable=False)
-    land = db.Column(db.String(50), default='Deutschland')
-    telefon_vorwahl = db.Column(db.String(20))
-    telefon_nummer = db.Column(db.String(50))
-    email = db.Column(db.String(200))
-
-
-class Frage(db.Model):
-    id = db.Column(db.Integer, primary_key=True)
-    text = db.Column(db.String(500), nullable=False)
-
-
-class Antwort(db.Model):
-    id = db.Column(db.Integer, primary_key=True)
-    adresse_id = db.Column(db.Integer, db.ForeignKey('adresse.id'), nullable=False)
-    frage_id = db.Column(db.Integer, db.ForeignKey('frage.id'), nullable=False)
-    text = db.Column(db.String(1000), nullable=True)
-
-
-@app.route('/', methods=['GET', 'POST'])
-def index():
-    if request.method == 'POST':
-        # Adresse speichern
-        vorname = request.form.get('vorname', '').strip()
-        nachname = request.form.get('nachname', '').strip()
-        strasse = request.form.get('strasse', '').strip()
-        hausnummer = request.form.get('hausnummer', '').strip()
-        plz = request.form.get('plz', '').strip()
-        ort = request.form.get('ort', '').strip()
-        land = request.form.get('land', 'Deutschland').strip()
-        telefon_vorwahl = request.form.get('telefon_vorwahl', '').strip()
-        telefon_nummer = request.form.get('telefon_nummer', '').strip()
-        email = request.form.get('email', '').strip()
-        # server-side E-Mail Validierung (einfache Prüfung)
-        errors = {}
-        email_re = re.compile(r"[^@]+@[^@]+\.[^@]+")
-        if email:
-            if not email_re.match(email):
-                errors['email'] = 'Ungültige E-Mail-Adresse'
-        # PLZ Validierung: genau 5 Ziffern
-        if plz:
-            if not re.fullmatch(r"\d{5}", plz):
-                errors['plz'] = 'Postleitzahl muss genau 5 Ziffern haben'
-
-        if errors:
-            fragen = Frage.query.all()
-            # pass form data back to template so fields are preserved
-            form = request.form.to_dict()
-            return render_template('index.html', fragen=fragen, errors=errors, form=form)
-
-        adresse = Adresse(
-            vorname=vorname,
-            nachname=nachname,
-            strasse=strasse,
-            hausnummer=hausnummer,
-            plz=plz,
-            ort=ort,
-            land=land,
-            telefon_vorwahl=telefon_vorwahl,
-            telefon_nummer=telefon_nummer,
-            email=email,
-        )
-        db.session.add(adresse)
-        db.session.commit()
-
-        # Antworten speichern
-        fragen = Frage.query.all()
-        for frage in fragen:
-            key = f'frage_{frage.id}'
-            antwort_text = request.form.get(key, '').strip()
-            antwort = Antwort(adresse_id=adresse.id, frage_id=frage.id, text=antwort_text)
-            db.session.add(antwort)
-        db.session.commit()
-
-        # vCard 4.0 erzeugen und speichern
-        try:
-            vcards_dir = os.path.join(BASE_DIR, 'vcards')
-            os.makedirs(vcards_dir, exist_ok=True)
-
-            # sanitize filename: remove diacritics and unsafe chars
-            def slug(s):
-                s = unicodedata.normalize('NFKD', s)
-                s = ''.join(c for c in s if not unicodedata.combining(c))
-                s = ''.join(c for c in s if c.isalnum() or c in (' ', '_', '-'))
-                return s.replace(' ', '_')
-
-            filename = f"{slug(adresse.nachname)}_{slug(adresse.vorname)}_{adresse.id}.vcf"
-            filepath = os.path.join(vcards_dir, filename)
-
-            # build vCard 4.0 content
-            lines = [
-                'BEGIN:VCARD',
-                'VERSION:4.0',
-                f'N:{adresse.nachname};{adresse.vorname};;;',
-                f'FN:{adresse.vorname} {adresse.nachname}',
-            ]
-            # ADR: PO Box;Extended;Street;Locality;Region;PostalCode;Country
-            street = adresse.strasse or ''
-            if adresse.hausnummer:
-                street = f"{street} {adresse.hausnummer}".strip()
-            adr = f'ADR:;;{street};{adresse.ort};;{adresse.plz};{adresse.land}'
-            lines.append(adr)
-            if adresse.email:
-                lines.append(f'EMAIL;TYPE=internet:{adresse.email}')
-            phone = ''
-            if adresse.telefon_vorwahl or adresse.telefon_nummer:
-                phone = f"+{adresse.telefon_vorwahl}{adresse.telefon_nummer}".replace('++', '+')
-                lines.append(f'TEL;TYPE=voice:{phone}')
-            lines.append('END:VCARD')
-
-            with open(filepath, 'w', encoding='utf-8') as f:
-                f.write('\n'.join(lines))
-        except Exception:
-            # nicht kritisch: bei Fehlern nicht die ganze Anfrage abbrechen
-            pass
-
-        # Nach erfolgreichem Speichern weiterleiten
-        return redirect(url_for('danke', id=adresse.id))
-
-    # GET: Formular anzeigen
-    fragen = Frage.query.all()
-    return render_template('index.html', fragen=fragen)
-
-
-@app.route('/danke')
-def danke():
-    id = request.args.get('id')
-    adresse = Adresse.query.get(id)
-    return render_template('danke.html', adresse=adresse)
+# Create the Flask app using the factory
+app = create_app()


 if __name__ == '__main__':
-    # Ensure DB exists
-    if not os.path.exists(DB_PATH):
+    # In development only: if there is no migrations directory, create tables automatically.
+    migrations_dir = os.path.join(app.BASE_DIR, 'migrations')
+    if not os.path.exists(migrations_dir):
+        app.logger.info('No migrations directory found; creating database tables with db.create_all()')
+        with app.app_context():
            db.create_all()
+    else:
+        app.logger.info('Migrations directory present; please use "flask db upgrade" to update the database schema')
    app.run(debug=True)
--- a/application/init.py
+++ b/application/init.py
@@ -0,0 +1,43 @@
+import os
+from flask import Flask
+from .extensions import db, migrate
+import logging
+from logging.handlers import RotatingFileHandler
+
+
+def create_app(config=None):
+    BASE_DIR = os.path.dirname(os.path.abspath(__file__))
+    # point templates/static to repository-level folders for compatibility
+    project_root = os.path.dirname(BASE_DIR)
+    app = Flask(__name__, template_folder=os.path.join(project_root, 'templates'), static_folder=os.path.join(project_root, 'static'), instance_relative_config=True)
+    # default config
+    DB_PATH = os.path.join(os.path.dirname(BASE_DIR), 'anmeldung.db')
+    app.config.setdefault('SQLALCHEMY_DATABASE_URI', f'sqlite:///{DB_PATH}')
+    app.config.setdefault('SQLALCHEMY_TRACK_MODIFICATIONS', False)
+
+    if config:
+        app.config.update(config)
+
+    # init extensions
+    db.init_app(app)
+    migrate.init_app(app, db)
+
+    # logging setup (mirror previous behavior)
+    LOG_DIR = os.path.join(os.path.dirname(BASE_DIR), 'logs')
+    os.makedirs(LOG_DIR, exist_ok=True)
+    log_file = os.path.join(LOG_DIR, 'app.log')
+    handler = RotatingFileHandler(log_file, maxBytes=5 * 1024 * 1024, backupCount=3)
+    formatter = logging.Formatter('%(asctime)s %(levelname)s %(name)s: %(message)s')
+    handler.setFormatter(formatter)
+    handler.setLevel(logging.INFO)
+    app.logger.addHandler(handler)
+    app.logger.setLevel(logging.INFO)
+
+    # register blueprints
+    from .routes import bp as public_bp
+    app.register_blueprint(public_bp)
+
+    # expose BASE_DIR on app for compatibility
+    app.BASE_DIR = os.path.dirname(BASE_DIR)
+
+    return app
--- a/application/extensions.py
+++ b/application/extensions.py
@@ -0,0 +1,5 @@
+from flask_sqlalchemy import SQLAlchemy
+from flask_migrate import Migrate
+
+db = SQLAlchemy()
+migrate = Migrate()
--- a/application/models.py
+++ b/application/models.py
@@ -0,0 +1,27 @@
+from .extensions import db
+
+
+class Adresse(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    vorname = db.Column(db.String(100), nullable=False)
+    nachname = db.Column(db.String(100), nullable=False)
+    strasse = db.Column(db.String(200), nullable=False)
+    hausnummer = db.Column(db.String(50), nullable=True)
+    plz = db.Column(db.String(20), nullable=False)
+    ort = db.Column(db.String(100), nullable=False)
+    land = db.Column(db.String(50), default='Deutschland')
+    telefon_vorwahl = db.Column(db.String(20))
+    telefon_nummer = db.Column(db.String(50))
+    email = db.Column(db.String(200))
+
+
+class Frage(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    text = db.Column(db.String(500), nullable=False)
+
+
+class Antwort(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    adresse_id = db.Column(db.Integer, db.ForeignKey('adresse.id'), nullable=False)
+    frage_id = db.Column(db.Integer, db.ForeignKey('frage.id'), nullable=False)
+    text = db.Column(db.String(1000), nullable=True)
--- a/application/routes.py
+++ b/application/routes.py
@@ -0,0 +1,127 @@
+from flask import Blueprint, render_template, request, redirect, url_for, current_app
+from .extensions import db
+from .models import Adresse, Frage, Antwort
+from utils import generate_vcard
+import re
+
+# Prefer robust validators when available; fall back to simple checks.
+try:
+    from email_validator import validate_email, EmailNotValidError
+except Exception:
+    validate_email = None
+    EmailNotValidError = Exception
+
+try:
+    import phonenumbers
+except Exception:
+    phonenumbers = None
+
+
+bp = Blueprint('public', __name__)
+
+
+@bp.route('/', methods=['GET', 'POST'])
+def index():
+    if request.method == 'POST':
+        vorname = request.form.get('vorname', '').strip()
+        nachname = request.form.get('nachname', '').strip()
+        strasse = request.form.get('strasse', '').strip()
+        hausnummer = request.form.get('hausnummer', '').strip()
+        plz = request.form.get('plz', '').strip()
+        ort = request.form.get('ort', '').strip()
+        land = request.form.get('land', 'Deutschland').strip()
+        telefon_vorwahl = request.form.get('telefon_vorwahl', '').strip()
+        telefon_nummer = request.form.get('telefon_nummer', '').strip()
+        email = request.form.get('email', '').strip()
+
+        errors = {}
+
+        # Email validation: use `email_validator` if present, else fallback regex
+        if email:
+            if validate_email:
+                try:
+                    # disable deliverability checks (MX/DNS) to avoid rejecting
+                    # addresses like max@example.com during testing
+                    valid = validate_email(email, check_deliverability=False)
+                    email = valid.email
+                except EmailNotValidError:
+                    errors['email'] = 'Ungültige E-Mail-Adresse'
+            else:
+                email_re = re.compile(r"[^@]+@[^@]+\.[^@]+")
+                if not email_re.match(email):
+                    errors['email'] = 'Ungültige E-Mail-Adresse'
+
+        # German PLZ: exactly 5 digits
+        if plz:
+            if not plz.isdigit() or len(plz) != 5:
+                errors['plz'] = 'Postleitzahl muss genau 5 Ziffern haben'
+
+        # Phone validation: require both country code and number when provided
+        if telefon_vorwahl or telefon_nummer:
+            if not (telefon_vorwahl and telefon_nummer):
+                errors['telefon'] = 'Vorwahl und Telefonnummer müssen beide angegeben werden'
+            else:
+                if phonenumbers:
+                    raw = telefon_vorwahl.lstrip('+') + telefon_nummer
+                    international = '+' + raw
+                    try:
+                        parsed = phonenumbers.parse(international, None)
+                        is_valid = phonenumbers.is_valid_number(parsed)
+                    except Exception:
+                        is_valid = False
+                    # if phonenumbers says invalid, fall back to a simple heuristic
+                    if not is_valid:
+                        if not (telefon_vorwahl.lstrip('+').isdigit() and telefon_nummer.isdigit()) or len(telefon_nummer) < 3:
+                            errors['telefon'] = 'Ungültige Telefonnummer'
+                else:
+                    # fallback: basic numeric checks
+                    if not (telefon_vorwahl.lstrip('+').isdigit() and telefon_nummer.isdigit()):
+                        errors['telefon'] = 'Ungültige Telefonnummer'
+                    elif len(telefon_nummer) < 3:
+                        errors['telefon'] = 'Ungültige Telefonnummer'
+
+        if errors:
+            fragen = Frage.query.all()
+            form = request.form.to_dict()
+            return render_template('index.html', fragen=fragen, errors=errors, form=form)
+
+        adresse = Adresse(
+            vorname=vorname,
+            nachname=nachname,
+            strasse=strasse,
+            hausnummer=hausnummer,
+            plz=plz,
+            ort=ort,
+            land=land,
+            telefon_vorwahl=telefon_vorwahl,
+            telefon_nummer=telefon_nummer,
+            email=email,
+        )
+        db.session.add(adresse)
+        db.session.commit()
+
+        fragen = Frage.query.all()
+        for frage in fragen:
+            key = f'frage_{frage.id}'
+            antwort_text = request.form.get(key, '').strip()
+            antwort = Antwort(adresse_id=adresse.id, frage_id=frage.id, text=antwort_text)
+            db.session.add(antwort)
+        db.session.commit()
+
+        try:
+            base_dir = current_app.config.get('BASE_DIR') if current_app.config.get('BASE_DIR') else getattr(current_app, 'BASE_DIR', '.')
+            generate_vcard(adresse, base_dir)
+        except Exception:
+            current_app.logger.exception('Fehler beim Erzeugen der vCard for adresse id=%s', adresse.id if hasattr(adresse, 'id') else 'unknown')
+
+        return redirect(url_for('public.danke', id=adresse.id))
+
+    fragen = Frage.query.all()
+    return render_template('index.html', fragen=fragen)
+
+
+@bp.route('/danke')
+def danke():
+    ad_id = request.args.get('id')
+    adresse = db.session.get(Adresse, int(ad_id)) if ad_id else None
+    return render_template('danke.html', adresse=adresse)
--- a/application/routes_fixed.py
+++ b/application/routes_fixed.py
@@ -0,0 +1,124 @@
+from flask import Blueprint, render_template, request, redirect, url_for, current_app
+from .extensions import db
+from .models import Adresse, Frage, Antwort
+from utils import generate_vcard
+import re
+
+# Prefer robust validators when available; fall back to simple checks.
+try:
+    from email_validator import validate_email, EmailNotValidError
+except Exception:
+    validate_email = None
+    EmailNotValidError = Exception
+
+try:
+    import phonenumbers
+except Exception:
+    phonenumbers = None
+
+
+bp = Blueprint('public', __name__)
+
+
+@bp.route('/', methods=['GET', 'POST'])
+def index():
+    if request.method == 'POST':
+        vorname = request.form.get('vorname', '').strip()
+        nachname = request.form.get('nachname', '').strip()
+        strasse = request.form.get('strasse', '').strip()
+        hausnummer = request.form.get('hausnummer', '').strip()
+        plz = request.form.get('plz', '').strip()
+        ort = request.form.get('ort', '').strip()
+        land = request.form.get('land', 'Deutschland').strip()
+        telefon_vorwahl = request.form.get('telefon_vorwahl', '').strip()
+        telefon_nummer = request.form.get('telefon_nummer', '').strip()
+        email = request.form.get('email', '').strip()
+
+        errors = {}
+
+        # Email validation: use `email_validator` if present, else fallback regex
+        if email:
+            if validate_email:
+                try:
+                    # disable deliverability checks (MX/DNS) to avoid rejecting
+                    # addresses like max@example.com during testing
+                    valid = validate_email(email, check_deliverability=False)
+                    email = valid.email
+                except EmailNotValidError:
+                    errors['email'] = 'Ungültige E-Mail-Adresse'
+            else:
+                email_re = re.compile(r"[^@]+@[^@]+\.[^@]+")
+                if not email_re.match(email):
+                    errors['email'] = 'Ungültige E-Mail-Adresse'
+
+        # German PLZ: exactly 5 digits
+        if plz:
+            if not plz.isdigit() or len(plz) != 5:
+                errors['plz'] = 'Postleitzahl muss genau 5 Ziffern haben'
+
+        # Phone validation: require both country code and number when provided
+        if telefon_vorwahl or telefon_nummer:
+            if not (telefon_vorwahl and telefon_nummer):
+                errors['telefon'] = 'Vorwahl und Telefonnummer müssen beide angegeben werden'
+            else:
+                if phonenumbers:
+                    raw = telefon_vorwahl.lstrip('+') + telefon_nummer
+                    international = '+' + raw
+                    try:
+                        parsed = phonenumbers.parse(international, None)
+                        if not phonenumbers.is_valid_number(parsed):
+                            errors['telefon'] = 'Ungültige Telefonnummer'
+                    except Exception:
+                        errors['telefon'] = 'Ungültige Telefonnummer'
+                else:
+                    # fallback: basic numeric checks
+                    if not (telefon_vorwahl.lstrip('+').isdigit() and telefon_nummer.isdigit()):
+                        errors['telefon'] = 'Ungültige Telefonnummer'
+                    elif len(telefon_nummer) < 3:
+                        errors['telefon'] = 'Ungültige Telefonnummer'
+
+        if errors:
+            fragen = Frage.query.all()
+            form = request.form.to_dict()
+            return render_template('index.html', fragen=fragen, errors=errors, form=form)
+
+        adresse = Adresse(
+            vorname=vorname,
+            nachname=nachname,
+            strasse=strasse,
+            hausnummer=hausnummer,
+            plz=plz,
+            ort=ort,
+            land=land,
+            telefon_vorwahl=telefon_vorwahl,
+            telefon_nummer=telefon_nummer,
+            email=email,
+        )
+        db.session.add(adresse)
+        db.session.commit()
+
+        fragen = Frage.query.all()
+        for frage in fragen:
+            key = f'frage_{frage.id}'
+            antwort_text = request.form.get(key, '').strip()
+            antwort = Antwort(adresse_id=adresse.id, frage_id=frage.id, text=antwort_text)
+            db.session.add(antwort)
+        db.session.commit()
+
+        try:
+            base_dir = current_app.config.get('BASE_DIR') if current_app.config.get('BASE_DIR') else getattr(current_app, 'BASE_DIR', '.')
+            generate_vcard(adresse, base_dir)
+        except Exception:
+            current_app.logger.exception('Fehler beim Erzeugen der vCard for adresse id=%s', adresse.id if hasattr(adresse, 'id') else 'unknown')
+
+        return redirect(url_for('public.danke', id=adresse.id))
+
+    fragen = Frage.query.all()
+    return render_template('index.html', fragen=fragen)
+
+
+@bp.route('/danke')
+def danke():
+    ad_id = request.args.get('id')
+    adresse = db.session.get(Adresse, int(ad_id)) if ad_id else None
+    return render_template('danke.html', adresse=adresse)
--- a/migrations/README
+++ b/migrations/README
@@ -0,0 +1 @@
+Single-database configuration for Flask.
--- a/migrations/alembic.ini
+++ b/migrations/alembic.ini
@@ -0,0 +1,50 @@
+# A generic, single database configuration.
+
+[alembic]
+# template used to generate migration files
+# file_template = %%(rev)s_%%(slug)s
+
+# set to 'true' to run the environment during
+# the 'revision' command, regardless of autogenerate
+# revision_environment = false
+
+
+# Logging configuration
+[loggers]
+keys = root,sqlalchemy,alembic,flask_migrate
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+qualname =
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[logger_flask_migrate]
+level = INFO
+handlers =
+qualname = flask_migrate
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S
--- a/migrations/env.py
+++ b/migrations/env.py
@@ -0,0 +1,113 @@
+import logging
+from logging.config import fileConfig
+
+from flask import current_app
+
+from alembic import context
+
+# this is the Alembic Config object, which provides
+# access to the values within the .ini file in use.
+config = context.config
+
+# Interpret the config file for Python logging.
+# This line sets up loggers basically.
+fileConfig(config.config_file_name)
+logger = logging.getLogger('alembic.env')
+
+
+def get_engine():
+    try:
+        # this works with Flask-SQLAlchemy<3 and Alchemical
+        return current_app.extensions['migrate'].db.get_engine()
+    except (TypeError, AttributeError):
+        # this works with Flask-SQLAlchemy>=3
+        return current_app.extensions['migrate'].db.engine
+
+
+def get_engine_url():
+    try:
+        return get_engine().url.render_as_string(hide_password=False).replace(
+            '%', '%%')
+    except AttributeError:
+        return str(get_engine().url).replace('%', '%%')
+
+
+# add your model's MetaData object here
+# for 'autogenerate' support
+# from myapp import mymodel
+# target_metadata = mymodel.Base.metadata
+config.set_main_option('sqlalchemy.url', get_engine_url())
+target_db = current_app.extensions['migrate'].db
+
+# other values from the config, defined by the needs of env.py,
+# can be acquired:
+# my_important_option = config.get_main_option("my_important_option")
+# ... etc.
+
+
+def get_metadata():
+    if hasattr(target_db, 'metadatas'):
+        return target_db.metadatas[None]
+    return target_db.metadata
+
+
+def run_migrations_offline():
+    """Run migrations in 'offline' mode.
+
+    This configures the context with just a URL
+    and not an Engine, though an Engine is acceptable
+    here as well.  By skipping the Engine creation
+    we don't even need a DBAPI to be available.
+
+    Calls to context.execute() here emit the given string to the
+    script output.
+
+    """
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(
+        url=url, target_metadata=get_metadata(), literal_binds=True
+    )
+
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online():
+    """Run migrations in 'online' mode.
+
+    In this scenario we need to create an Engine
+    and associate a connection with the context.
+
+    """
+
+    # this callback is used to prevent an auto-migration from being generated
+    # when there are no changes to the schema
+    # reference: http://alembic.zzzcomputing.com/en/latest/cookbook.html
+    def process_revision_directives(context, revision, directives):
+        if getattr(config.cmd_opts, 'autogenerate', False):
+            script = directives[0]
+            if script.upgrade_ops.is_empty():
+                directives[:] = []
+                logger.info('No changes in schema detected.')
+
+    conf_args = current_app.extensions['migrate'].configure_args
+    if conf_args.get("process_revision_directives") is None:
+        conf_args["process_revision_directives"] = process_revision_directives
+
+    connectable = get_engine()
+
+    with connectable.connect() as connection:
+        context.configure(
+            connection=connection,
+            target_metadata=get_metadata(),
+            **conf_args
+        )
+
+        with context.begin_transaction():
+            context.run_migrations()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()
--- a/migrations/script.py.mako
+++ b/migrations/script.py.mako
@@ -0,0 +1,24 @@
+"""${message}
+
+Revision ID: ${up_revision}
+Revises: ${down_revision | comma,n}
+Create Date: ${create_date}
+
+"""
+from alembic import op
+import sqlalchemy as sa
+${imports if imports else ""}
+
+# revision identifiers, used by Alembic.
+revision = ${repr(up_revision)}
+down_revision = ${repr(down_revision)}
+branch_labels = ${repr(branch_labels)}
+depends_on = ${repr(depends_on)}
+
+
+def upgrade():
+    ${upgrades if upgrades else "pass"}
+
+
+def downgrade():
+    ${downgrades if downgrades else "pass"}
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -0,0 +1,2 @@
+pytest
+Flask-Migrate>=4.0
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,6 @@
 Flask>=2.0
 Flask-SQLAlchemy>=3.0
+Flask-Migrate>=4.0
+alembic>=1.9
+email-validator>=1.3.1
+phonenumbers>=8.13.0
--- a/templates/index.html
+++ b/templates/index.html
@@ -20,6 +20,9 @@
        <label>Land <input name="land" value="{{ form.land if form and form.land else 'Deutschland' }}"></label>
        <label>Telefon Vorwahl <input name="telefon_vorwahl" value="{{ form.telefon_vorwahl if form and form.telefon_vorwahl }}"></label>
        <label>Telefon Nummer <input name="telefon_nummer" value="{{ form.telefon_nummer if form and form.telefon_nummer }}"></label>
+        {% if errors and errors.telefon %}
+          <div style="color:red">{{ errors.telefon }}</div>
+        {% endif %}
        <label>E-Mail <input name="email" type="email" value="{{ form.email if form and form.email }}"> {% if errors and errors.email %}<strong style="color:red">{{ errors.email }}</strong>{% endif %}</label>
      </fieldset>

--- a/tests/test_utils_vcard.py
+++ b/tests/test_utils_vcard.py
@@ -0,0 +1,29 @@
+from types import SimpleNamespace
+from pathlib import Path
+
+from utils import generate_vcard
+
+
+def test_generate_vcard_writes_file(tmp_path):
+    addr = SimpleNamespace(
+        vorname='Anna',
+        nachname='Muster',
+        strasse='Beispielweg',
+        hausnummer='5a',
+        plz='54321',
+        ort='Beispielstadt',
+        land='Deutschland',
+        email='anna@example.com',
+        telefon_vorwahl='49',
+        telefon_nummer='7654321',
+        id=42,
+    )
+
+    path = generate_vcard(addr, str(tmp_path))
+    assert Path(path).exists()
+
+    content = Path(path).read_text(encoding='utf-8')
+    assert 'BEGIN:VCARD' in content
+    assert 'FN:Anna Muster' in content
+    assert 'EMAIL;TYPE=internet:anna@example.com' in content
+    assert 'TEL;TYPE=voice:+497654321' in content
--- a/tests/test_validation.py
+++ b/tests/test_validation.py
@@ -0,0 +1,77 @@
+import pytest
+from pathlib import Path
+
+from app import app, db, Frage
+
+
+@pytest.fixture
+def client(tmp_path):
+    db_file = tmp_path / "test.db"
+    app.config['TESTING'] = True
+    app.config['SQLALCHEMY_DATABASE_URI'] = f'sqlite:///{db_file}'
+    app.BASE_DIR = str(tmp_path)
+
+    with app.app_context():
+        db.drop_all()
+        db.create_all()
+        q = Frage(text='Testfrage?')
+        db.session.add(q)
+        db.session.commit()
+        app.config['TEST_QUESTION_ID'] = q.id
+
+    with app.test_client() as test_client:
+        yield test_client
+
+
+def _base_form(question_id):
+    return {
+        'vorname': 'Max',
+        'nachname': 'Mustermann',
+        'strasse': 'Musterstraße',
+        'hausnummer': '1',
+        'plz': '12345',
+        'ort': 'Musterstadt',
+        'land': 'Deutschland',
+        f'frage_{question_id}': 'Antwort'
+    }
+
+
+def test_invalid_email_shows_error(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    data.update({'email': 'not-an-email', 'telefon_vorwahl': '', 'telefon_nummer': ''})
+
+    res = client.post('/', data=data)
+    assert res.status_code == 200
+    assert 'Ungültige E-Mail-Adresse' in res.get_data(as_text=True)
+
+
+def test_invalid_phone_shows_error(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    # invalid numeric content
+    data.update({'email': 'max@example.com', 'telefon_vorwahl': '49', 'telefon_nummer': 'notnum'})
+
+    res = client.post('/', data=data)
+    assert res.status_code == 200
+    assert 'Ungültige Telefonnummer' in res.get_data(as_text=True)
+
+
+def test_missing_phone_part_shows_error(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    data.update({'email': 'max@example.com', 'telefon_vorwahl': '49', 'telefon_nummer': ''})
+
+    res = client.post('/', data=data)
+    assert res.status_code == 200
+    assert 'Vorwahl und Telefonnummer müssen beide angegeben werden' in res.get_data(as_text=True)
+
+
+def test_valid_email_and_phone_redirects(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    data.update({'email': 'max@example.com', 'telefon_vorwahl': '49', 'telefon_nummer': '1234567'})
+
+    res = client.post('/', data=data, follow_redirects=False)
+    # successful submission should redirect to /danke
+    assert res.status_code in (302, 303)
--- a/tests/test_vcard_export.py
+++ b/tests/test_vcard_export.py
@@ -0,0 +1,65 @@
+import pytest
+from pathlib import Path
+
+from app import app, db, Frage
+
+
+@pytest.fixture
+def client(tmp_path):
+    # Use a temporary directory for vcards and a temporary sqlite db
+    # temp DB file
+    db_file = tmp_path / "test.db"
+
+    # Configure app for testing
+    app.config['TESTING'] = True
+    app.config['SQLALCHEMY_DATABASE_URI'] = f'sqlite:///{db_file}'
+
+    # Use temp vcards dir by setting app.BASE_DIR
+    app.BASE_DIR = str(tmp_path)
+
+    # ensure clean DB and create tables
+    with app.app_context():
+        db.drop_all()
+        db.create_all()
+        # create a sample question so POST processing loops over it
+        q = Frage(text='Testfrage?')
+        db.session.add(q)
+        db.session.commit()
+        # record question id for use in test POST data
+        app.config['TEST_QUESTION_ID'] = q.id
+
+    with app.test_client() as test_client:
+        yield test_client
+
+
+def test_vcard_created_after_submit(client):
+    data = {
+        'vorname': 'Max',
+        'nachname': 'Mustermann',
+        'strasse': 'Musterstraße',
+        'hausnummer': '1',
+        'plz': '12345',
+        'ort': 'Musterstadt',
+        'land': 'Deutschland',
+        'telefon_vorwahl': '49',
+        'telefon_nummer': '1234567',
+        'email': 'max@example.com',
+        # question id set in fixture
+        f'frage_{app.config.get("TEST_QUESTION_ID")}': 'Antwort'
+    }
+
+    # Submit the form
+    res = client.post('/', data=data, follow_redirects=True)
+    assert res.status_code == 200
+
+    # find vcards dir under tmp_path (app.BASE_DIR)
+    vcards_dir = Path(app.BASE_DIR) / 'vcards'
+    files = list(vcards_dir.glob('*.vcf'))
+    assert len(files) == 1
+
+    content = files[0].read_text(encoding='utf-8')
+    assert 'BEGIN:VCARD' in content
+    assert 'VERSION:4.0' in content
+    assert 'FN:Max Mustermann' in content
+    assert 'EMAIL;TYPE=internet:max@example.com' in content
+    assert 'ADR:' in content
--- a/utils.py
+++ b/utils.py
@@ -0,0 +1,57 @@
+import os
+import unicodedata
+
+
+def _slug(s: str) -> str:
+    if not s:
+        return ''
+    s = unicodedata.normalize('NFKD', s)
+    s = ''.join(c for c in s if not unicodedata.combining(c))
+    s = ''.join(c for c in s if c.isalnum() or c in (' ', '_', '-'))
+    return s.replace(' ', '_')
+
+
+def generate_vcard(adresse, base_dir: str):
+    """Generate a vCard 4.0 file for the given adresse object.
+
+    adresse: object with attributes vorname, nachname, strasse, hausnummer,
+             plz, ort, land, email, telefon_vorwahl, telefon_nummer, id
+    base_dir: directory where 'vcards/' will be created
+
+    Returns the path to the written vcard file.
+    """
+    vcards_dir = os.path.join(base_dir, 'vcards')
+    os.makedirs(vcards_dir, exist_ok=True)
+
+    filename = f"{_slug(adresse.nachname)}_{_slug(adresse.vorname)}_{adresse.id}.vcf"
+    filepath = os.path.join(vcards_dir, filename)
+
+    # build vCard 4.0 content
+    lines = [
+        'BEGIN:VCARD',
+        'VERSION:4.0',
+        f'N:{adresse.nachname};{adresse.vorname};;;',
+        f'FN:{adresse.vorname} {adresse.nachname}',
+    ]
+
+    street = getattr(adresse, 'strasse', '') or ''
+    hausnummer = getattr(adresse, 'hausnummer', '') or ''
+    if hausnummer:
+        street = f"{street} {hausnummer}".strip()
+
+    adr = f'ADR:;;{street};{getattr(adresse, "ort", "")};;{getattr(adresse, "plz", "")};{getattr(adresse, "land", "")}'
+    lines.append(adr)
+
+    if getattr(adresse, 'email', None):
+        lines.append(f'EMAIL;TYPE=internet:{adresse.email}')
+
+    if getattr(adresse, 'telefon_vorwahl', None) or getattr(adresse, 'telefon_nummer', None):
+        tel = f"+{getattr(adresse, 'telefon_vorwahl', '')}{getattr(adresse, 'telefon_nummer', '')}".replace('++', '+')
+        lines.append(f'TEL;TYPE=voice:{tel}')
+
+    lines.append('END:VCARD')
+
+    with open(filepath, 'w', encoding='utf-8') as f:
+        f.write('\n'.join(lines))
+
+    return filepath
Author	SHA1	Message	Date
Albert	01bb09af0d	CI: remove workflow files per request Some checks failed CI / test (3.11) (push) Has been cancelled Details	2025-12-21 23:15:34 +01:00
Albert	3d237a928c	Validation: add email-validator + phonenumbers; improve server-side validation; add tests; update templates and requirements	2025-12-21 23:00:01 +01:00
Albert	15c629a5e7	feat(app): refactor to app-factory; add application package and routes	2025-12-21 22:22:07 +01:00
Albert	86be10af8c	docs: note that docs/CHAT_SUMMARY.md is intentionally untracked	2025-11-10 21:14:42 +01:00
Albert	dd30c10801	docs: finalize README with migrations, tests and vCard notes	2025-11-10 21:06:06 +01:00
Albert	50cbd08950	chore: avoid unconditional db.create_all(); prefer Flask-Migrate when migrations/ exists	2025-11-10 21:00:37 +01:00
Albert	2545ab84fd	chore(migrations): add alembic migrations directory (initial)	2025-11-10 20:58:10 +01:00
Albert	799fdbd905	docs: add migrations, tests and vCard notes to README	2025-11-10 20:53:21 +01:00
Albert	49e2f16dbb	chore: add Flask-Migrate and Alembic to requirements	2025-11-10 20:50:58 +01:00
albert	800ccd8376	Merge pull request 'fix(query): use db.session.get for Adresse in danke() to avoid SQLAlchemy LegacyAPIWarning' (#1 ) from fix/query-get into main Reviewed-on: #1	2025-11-10 20:19:11 +01:00
Albert	fca9462bc7	fix(query): use db.session.get for Adresse in danke() to avoid SQLAlchemy LegacyAPIWarning	2025-11-10 19:49:54 +01:00
Albert	081915dacf	Docs: move CHAT_SUMMARY to docs/ and keep it untracked in repo	2025-11-09 20:09:32 +01:00
Albert	1e21730bd4	Add logging: log vCard export errors to logs/app.log and console; update .gitignore	2025-11-09 20:00:54 +01:00
Albert	62613a2f39	Refactor: extract vCard generator to utils; make BASE_DIR configurable for tests; add unit and integration tests for vcard export; update app to use utils	2025-11-09 19:56:46 +01:00
Albert	998574f26a	generate vCard in utils.py; added Tests	2025-11-09 19:43:03 +01:00