flaschengeist/geruecht/routes.py

from geruecht import app, LOGGER
from geruecht.decorator import login_required
from geruecht.exceptions import PermissionDenied
import geruecht.controller.accesTokenController as ac
import geruecht.controller.userController as uc
from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN
from flask import request, jsonify

accesTokenController = ac.AccesTokenController()
userController = uc.UserController()

def login(user, password):
    return user.login(password)


@app.route("/valid")
def _valid():
    token = request.headers.get("Token")
    accToken = accesTokenController.validateAccessToken(token, [MONEY])
    if accToken:
        return jsonify(accToken.user.toJSON())
    accToken = accesTokenController.validateAccessToken(token, [BAR])
    if accToken:
        return jsonify(accToken.user.toJSON())
    accToken = accesTokenController.validateAccessToken(token, [GASTRO])
    if accToken:
        return jsonify(accToken.user.toJSON())
    accToken = accesTokenController.validateAccessToken(token, [USER])
    if accToken:
        return jsonify(accToken.user.toJSON())
    return jsonify({"error": "permission denied"}), 401

@app.route("/pricelist", methods=['GET'])
def _getPricelist():
    try:
        retVal = userController.getPricelist()
        print(retVal)
        return jsonify(retVal)
    except Exception as err:
        return jsonify({"error": str(err)})

@app.route('/drinkTypes', methods=['GET'])
def getTypes():
    try:
        retVal = userController.getAllDrinkTypes()
        return jsonify(retVal)
    except Exception as err:
        return jsonify({"error": str(err)}), 500

@app.route('/getAllStatus', methods=['GET'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
def _getAllStatus(**kwargs):
    try:
        retVal = userController.getAllStatus()
        return jsonify(retVal)
    except Exception as err:
        return jsonify({"error": str(err)}), 500

@app.route('/getStatus', methods=['POST'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
def _getStatus(**kwargs):
    try:
        data = request.get_json()
        name = data['name']
        retVal = userController.getStatus(name)
        return jsonify(retVal)
    except Exception as err:
        return jsonify({"error": str(err)}), 500

@app.route('/getUsers', methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _getUsers(**kwargs):
    try:
        users = userController.getAllUsersfromDB()
        retVal = [user.toJSON() for user in users]
        return jsonify(retVal)
    except Exception as err:
        return jsonify({"error": str(err)}), 500

@app.route("/getLifeTime", methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
def _getLifeTime(**kwargs):
    try:
        if 'accToken' in kwargs:
            accToken = kwargs['accToken']
            return jsonify({"value": accToken.lifetime})
    except Exception as err:
        return jsonify({"error": str(err)}), 500

@app.route("/saveLifeTime", methods=['POST'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
def _saveLifeTime(**kwargs):
    try:
        if 'accToken' in kwargs:
            accToken = kwargs['accToken']

            data = request.get_json()
            lifetime = data['value']
            accToken.lifetime = lifetime
            accToken.updateTimestamp()

            return jsonify({"value": accToken.lifetime})
    except Exception as err:
        return jsonify({"error": str(err)}), 500

@app.route("/logout", methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
def _logout(**kwargs):
    try:
        if 'accToken' in kwargs:
            accToken = kwargs['accToken']
            accesTokenController.deleteAccessToken(accToken)
            return jsonify({"ok": "ok"})
    except Exception as err:
        return jsonify({"error": str(err)}), 500

@app.route("/login", methods=['POST'])
def _login():
    """ Login User

        Nothing to say.
        Login in User and create an AccessToken for the User.

        Returns:
            A JSON-File with createt Token or Errors
    """
    LOGGER.info("Start log in.")
    data = request.get_json()
    print(data)
    LOGGER.debug("JSON from request: {}".format(data))
    username = data['username']
    password = data['password']
    LOGGER.info("search {} in database".format(username))
    try:
        user, ldap_conn = userController.loginUser(username, password)
        user.password = password
        token = accesTokenController.createAccesToken(user, ldap_conn)
        dic = accesTokenController.validateAccessToken(token, [USER, EXTERN]).user.toJSON()
        dic["token"] = token
        dic["accessToken"] = token
        LOGGER.info("User {} success login.".format(username))
        return jsonify(dic)
    except PermissionDenied as err:
        return jsonify({"error": str(err)}), 401
    except Exception as err:
        return jsonify({"error": "permission denied"}), 401
    LOGGER.info("User {} does not exist.".format(username))
    return jsonify({"error": "wrong username"}), 401
update for UnitTests new controller: userController so routes don't have to import users or creditlist and don't do logics. 2019-12-28 20:52:49 +00:00			`from geruecht import app, LOGGER`
finished ##208 2020-03-03 21:33:47 +00:00			`from geruecht.decorator import login_required`
update for UnitTests new controller: userController so routes don't have to import users or creditlist and don't do logics. 2019-12-28 20:52:49 +00:00			`from geruecht.exceptions import PermissionDenied`
fixed imports, bugfix that accLifetime will load from config file 2020-01-18 23:37:40 +00:00			`import geruecht.controller.accesTokenController as ac`
			`import geruecht.controller.userController as uc`
finished ##213 2020-03-04 20:11:41 +00:00			`from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN`
new start 2019-04-11 21:56:55 +00:00			`from flask import request, jsonify`

fixed imports, bugfix that accLifetime will load from config file 2020-01-18 23:37:40 +00:00			`accesTokenController = ac.AccesTokenController()`
			`userController = uc.UserController()`
update for UnitTests new controller: userController so routes don't have to import users or creditlist and don't do logics. 2019-12-28 20:52:49 +00:00
add creditList support but can't update database 2019-12-19 17:26:41 +00:00			`def login(user, password):`
			`return user.login(password)`

added normal user 2020-01-17 00:05:58 +00:00
task #23 und #22 wurden bearbeitet. 2019-04-23 22:08:25 +00:00			`@app.route("/valid")`
AccesTokenController ist ein Thread AccesTokenController schaut immer wieder nach, ob ein AccesToken noch valid ist. Zeitabstand beträgt bis jetzt 10 SeKunden ValidLifeTime beträgt bis jetzt 60 Sekunden 2019-04-12 12:51:37 +00:00			`def _valid():`
task #23 und #22 wurden bearbeitet. 2019-04-23 22:08:25 +00:00			`token = request.headers.get("Token")`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`accToken = accesTokenController.validateAccessToken(token, [MONEY])`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`if accToken:`
task #23 und #22 wurden bearbeitet. 2019-04-23 22:08:25 +00:00			`return jsonify(accToken.user.toJSON())`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`accToken = accesTokenController.validateAccessToken(token, [BAR])`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`if accToken:`
task #23 und #22 wurden bearbeitet. 2019-04-23 22:08:25 +00:00			`return jsonify(accToken.user.toJSON())`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`accToken = accesTokenController.validateAccessToken(token, [GASTRO])`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`if accToken:`
task #23 und #22 wurden bearbeitet. 2019-04-23 22:08:25 +00:00			`return jsonify(accToken.user.toJSON())`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`accToken = accesTokenController.validateAccessToken(token, [USER])`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`if accToken:`
AccesTokenController ist ein Thread AccesTokenController schaut immer wieder nach, ob ein AccesToken noch valid ist. Zeitabstand beträgt bis jetzt 10 SeKunden ValidLifeTime beträgt bis jetzt 60 Sekunden 2019-04-12 12:51:37 +00:00			`return jsonify(accToken.user.toJSON())`
			`return jsonify({"error": "permission denied"}), 401`

finished ##203 2020-02-27 20:55:00 +00:00			`@app.route("/pricelist", methods=['GET'])`
			`def _getPricelist():`
			`try:`
			`retVal = userController.getPricelist()`
			`print(retVal)`
			`return jsonify(retVal)`
			`except Exception as err:`
			`return jsonify({"error": str(err)})`

finished ##172 add, edit, delete drinks in pricelist add, edit, delete drinkTypes 2020-03-01 18:20:47 +00:00			`@app.route('/drinkTypes', methods=['GET'])`
			`def getTypes():`
			`try:`
			`retVal = userController.getAllDrinkTypes()`
			`return jsonify(retVal)`
			`except Exception as err:`
			`return jsonify({"error": str(err)}), 500`

finished ##208 2020-03-03 21:33:47 +00:00			`@app.route('/getAllStatus', methods=['GET'])`
finished ##213 2020-03-04 20:11:41 +00:00			`@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])`
finished ##208 2020-03-03 21:33:47 +00:00			`def _getAllStatus(**kwargs):`
			`try:`
			`retVal = userController.getAllStatus()`
			`return jsonify(retVal)`
			`except Exception as err:`
			`return jsonify({"error": str(err)}), 500`
finished ##203 2020-02-27 20:55:00 +00:00
finished ##208 2020-03-03 21:33:47 +00:00			`@app.route('/getStatus', methods=['POST'])`
finished ##213 2020-03-04 20:11:41 +00:00			`@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])`
finished ##208 2020-03-03 21:33:47 +00:00			`def _getStatus(**kwargs):`
			`try:`
			`data = request.get_json()`
			`name = data['name']`
			`retVal = userController.getStatus(name)`
			`return jsonify(retVal)`
			`except Exception as err:`
			`return jsonify({"error": str(err)}), 500`

			`@app.route('/getUsers', methods=['GET'])`
finished ##213 2020-03-04 20:11:41 +00:00			`@login_required(groups=[MONEY, GASTRO, VORSTAND])`
finished ##208 2020-03-03 21:33:47 +00:00			`def _getUsers(**kwargs):`
			`try:`
			`users = userController.getAllUsersfromDB()`
			`retVal = [user.toJSON() for user in users]`
			`return jsonify(retVal)`
			`except Exception as err:`
			`return jsonify({"error": str(err)}), 500`
added normal user 2020-01-17 00:05:58 +00:00
finished ##218 2020-03-07 13:56:44 +00:00			`@app.route("/getLifeTime", methods=['GET'])`
			`@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])`
			`def _getLifeTime(**kwargs):`
			`try:`
			`if 'accToken' in kwargs:`
			`accToken = kwargs['accToken']`
			`return jsonify({"value": accToken.lifetime})`
			`except Exception as err:`
			`return jsonify({"error": str(err)}), 500`

			`@app.route("/saveLifeTime", methods=['POST'])`
			`@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])`
			`def _saveLifeTime(**kwargs):`
			`try:`
			`if 'accToken' in kwargs:`
			`accToken = kwargs['accToken']`

			`data = request.get_json()`
			`lifetime = data['value']`
			`accToken.lifetime = lifetime`
			`accToken.updateTimestamp()`

			`return jsonify({"value": accToken.lifetime})`
			`except Exception as err:`
			`return jsonify({"error": str(err)}), 500`

			`@app.route("/logout", methods=['GET'])`
			`@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])`
			`def _logout(**kwargs):`
			`try:`
			`if 'accToken' in kwargs:`
			`accToken = kwargs['accToken']`
			`accesTokenController.deleteAccessToken(accToken)`
			`return jsonify({"ok": "ok"})`
			`except Exception as err:`
			`return jsonify({"error": str(err)}), 500`

new start 2019-04-11 21:56:55 +00:00			`@app.route("/login", methods=['POST'])`
			`def _login():`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`""" Login User`
clean up code, extra routes for finanzer and baruser 2019-05-01 20:43:28 +00:00
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`Nothing to say.`
			`Login in User and create an AccessToken for the User.`

			`Returns:`
			`A JSON-File with createt Token or Errors`
			`"""`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`LOGGER.info("Start log in.")`
new start 2019-04-11 21:56:55 +00:00			`data = request.get_json()`
fixed #79 and other bugs 2019-12-22 21:27:39 +00:00			`print(data)`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`LOGGER.debug("JSON from request: {}".format(data))`
new start 2019-04-11 21:56:55 +00:00			`username = data['username']`
			`password = data['password']`
mysql adapter and ldap adapter start adapetr for mysql not sqllite authenfication with ldap problem.. ldap and db is initialize in __init__.py when you initialize db, you initialize User and that requires ldap from __init__.py. But ldap is not initialize. if you initialize ldap, you initialize User and that requires db from __init__.py. But db is not initialize. 2019-12-19 07:12:29 +00:00			`LOGGER.info("search {} in database".format(username))`
update for UnitTests new controller: userController so routes don't have to import users or creditlist and don't do logics. 2019-12-28 20:52:49 +00:00			`try:`
added ldap modifying for users 2020-01-26 22:31:22 +00:00			`user, ldap_conn = userController.loginUser(username, password)`
added normal user 2020-01-17 00:05:58 +00:00			`user.password = password`
added ldap modifying for users 2020-01-26 22:31:22 +00:00			`token = accesTokenController.createAccesToken(user, ldap_conn)`
finished ##213 2020-03-04 20:11:41 +00:00			`dic = accesTokenController.validateAccessToken(token, [USER, EXTERN]).user.toJSON()`
update for UnitTests new controller: userController so routes don't have to import users or creditlist and don't do logics. 2019-12-28 20:52:49 +00:00			`dic["token"] = token`
			`dic["accessToken"] = token`
			`LOGGER.info("User {} success login.".format(username))`
			`return jsonify(dic)`
			`except PermissionDenied as err:`
			`return jsonify({"error": str(err)}), 401`
finished ##213 2020-03-04 20:11:41 +00:00			`except Exception as err:`
added flask ldapconn, fixed bug in login 2020-01-21 05:54:35 +00:00			`return jsonify({"error": "permission denied"}), 401`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`LOGGER.info("User {} does not exist.".format(username))`
update for UnitTests new controller: userController so routes don't have to import users or creditlist and don't do logics. 2019-12-28 20:52:49 +00:00			`return jsonify({"error": "wrong username"}), 401`