flaschengeist/geruecht/baruser/routes.py

121 lines
3.9 KiB
Python
Raw Normal View History

from flask import Blueprint, request, jsonify
from geruecht.controller import ldapController as ldap, accesTokenController, userController
from datetime import datetime
from geruecht.model import BAR
baruser = Blueprint("baruser", __name__)
@baruser.route("/bar")
def _bar():
2019-05-02 16:50:59 +00:00
""" Main function for Baruser
2019-05-02 16:50:59 +00:00
Returns JSON-file with all Users, who hast amounts in this month.
Returns:
JSON-File with Users, who has amounts in this month
or ERROR 401 Permission Denied
"""
print(request.headers)
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
dic = {}
if accToken:
users = userController.getAllUsersfromDB()
for user in users:
geruecht = None
geruecht = user.getGeruecht(datetime.now().year)
if geruecht is not None:
month = geruecht.getMonth(datetime.now().month)
2019-12-22 21:27:39 +00:00
amount = month[0] - month[1]
if amount != 0:
2019-12-22 21:27:39 +00:00
if amount >= 0:
type = 'credit'
else:
type = 'amount'
dic[user.uid] = {"username": user.uid,
"firstname": user.firstname,
"lastname": user.lastname,
2019-12-22 21:27:39 +00:00
"amount": abs(month[0] - month[1]),
"locked": user.locked,
2019-12-22 21:27:39 +00:00
"type": type
}
return jsonify(dic)
return jsonify({"error": "permission denied"}), 401
@baruser.route("/baradd", methods=['POST'])
def _baradd():
2019-05-02 16:50:59 +00:00
""" Function for Baruser to add amount
This function added to the user with the posted userID the posted amount.
Returns:
JSON-File with userID and the amount
or ERROR 401 Permission Denied
"""
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
userID = data['userId']
amount = int(data['amount'])
date = datetime.now()
userController.addAmount(userID, amount, year=date.year, month=date.month)
user = userController.getUser(userID)
month = user.getGeruecht(year=date.year).getMonth(month=date.month)
amount = abs(month[0] - month[1])
return jsonify({"userId": user.uid, "amount": amount, 'locked': user.locked})
return jsonify({"error", "permission denied"}), 401
@baruser.route("/barGetUsers")
def _getUsers():
2019-05-02 16:50:59 +00:00
""" Get Users without amount
This Function returns all Users, who hasn't an amount in this month.
Returns:
JSON-File with Users
or ERROR 401 Permission Denied
"""
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
retVal = {}
if accToken:
retVal = ldap.getAllUser()
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401
@baruser.route("/barGetUser", methods=['POST'])
def _getUser():
token = request.headers.get("Token")
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
username = data['userId']
retVal = userController.getUser(username).toJSON()
return jsonify(retVal)
return jsonify("error", "permission denied"), 401
2019-12-22 22:09:18 +00:00
@baruser.route("/search", methods=['POST'])
def _search():
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
2019-12-22 22:09:18 +00:00
searchString = data['searchString']
2019-12-22 22:09:18 +00:00
retVal = ldap.searchUser(searchString)
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401