2020-03-09 18:54:51 +00:00
|
|
|
from geruecht import app
|
2020-03-10 08:19:11 +00:00
|
|
|
from geruecht.logger import getDebugLogger
|
2020-03-03 21:33:47 +00:00
|
|
|
from geruecht.decorator import login_required
|
2019-12-28 20:52:49 +00:00
|
|
|
from geruecht.exceptions import PermissionDenied
|
2020-01-18 23:37:40 +00:00
|
|
|
import geruecht.controller.accesTokenController as ac
|
2020-05-22 19:55:14 +00:00
|
|
|
import geruecht.controller.mainController as mc
|
2020-03-04 20:11:41 +00:00
|
|
|
from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN
|
2019-04-11 21:56:55 +00:00
|
|
|
from flask import request, jsonify
|
|
|
|
|
2020-01-18 23:37:40 +00:00
|
|
|
accesTokenController = ac.AccesTokenController()
|
2020-05-22 19:55:14 +00:00
|
|
|
mainController = mc.MainController()
|
2019-12-28 20:52:49 +00:00
|
|
|
|
2020-03-10 08:19:11 +00:00
|
|
|
debug = getDebugLogger()
|
2019-04-12 12:51:37 +00:00
|
|
|
|
2020-03-17 19:37:01 +00:00
|
|
|
@app.route("/valid", methods=['POST'])
|
|
|
|
@login_required(bar=True)
|
|
|
|
def _valid(**kwargs):
|
|
|
|
debug.info('/valid')
|
|
|
|
try:
|
|
|
|
accToken = kwargs['accToken']
|
|
|
|
data = request.get_json()
|
2020-05-22 19:55:14 +00:00
|
|
|
mainController.validateUser(accToken.user.uid, data['password'])
|
2020-03-17 19:37:01 +00:00
|
|
|
debug.debug('return {{ "ok": "ok" }}')
|
|
|
|
return jsonify({"ok": "ok"})
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in valide.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
2020-03-10 10:08:24 +00:00
|
|
|
|
2020-08-23 19:14:43 +00:00
|
|
|
@app.route("/freeDrinkListConfig", methods=['GET', 'POST', 'PUT'])
|
2020-08-20 06:37:24 +00:00
|
|
|
@login_required()
|
|
|
|
def _free_drink_list_config(**kwargs):
|
|
|
|
try:
|
|
|
|
debug.info("get free_drink_list_config")
|
2020-08-23 19:14:43 +00:00
|
|
|
if request.method == 'GET':
|
|
|
|
retVal = mainController.get_free_drink_list_configs()
|
|
|
|
if request.method == 'POST':
|
|
|
|
data = request.get_json()
|
|
|
|
retVal = mainController.set_free_drink_list_config(data)
|
|
|
|
if request.method == 'PUT':
|
|
|
|
data = request.get_json()
|
|
|
|
retVal = mainController.update_free_drink_list_config(data)
|
2020-08-20 06:37:24 +00:00
|
|
|
debug.info("return free_drink_list_config {{ {} }}".format(retVal))
|
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in get free_dirnk_list_config.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-08-23 19:14:43 +00:00
|
|
|
@app.route("/deleteFreeDrinkListConfig", methods=['POST'])
|
|
|
|
@login_required()
|
|
|
|
def _delete_free_drink_list_config(**kwargs):
|
|
|
|
try:
|
|
|
|
debug.info("delete free_drink_list_config")
|
|
|
|
data = request.get_json()
|
|
|
|
retVal = mainController.delete_free_drink_list_config(data)
|
|
|
|
debug.info("return delete_free_drink_list_config {{ {} }}".format(retVal))
|
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in delete_free_dirnk_list_config.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-08-20 06:37:24 +00:00
|
|
|
@app.route("/freeDrinkListHistory", methods=['GET', 'POST', 'PUT'])
|
|
|
|
@login_required()
|
|
|
|
def _free_drink_list_history(**kwargs):
|
|
|
|
try:
|
|
|
|
debug.info("set free_drink_list_history")
|
|
|
|
user = kwargs['accToken'].user
|
|
|
|
if request.method == 'GET':
|
|
|
|
retVal = mainController.get_free_drink_list_history(user)
|
|
|
|
if request.method == 'POST' or request.method == 'PUT':
|
|
|
|
data = request.get_json()
|
|
|
|
if request.method == 'POST':
|
|
|
|
retVal = mainController.set_free_drink_list_history(user, data)
|
|
|
|
else:
|
|
|
|
retVal = mainController.update_free_drink_list_history(user, data)
|
|
|
|
debug.debug(f'return free_drink_list_history {{{retVal}}}')
|
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in get free_dirnk_list_config.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-08-23 21:17:12 +00:00
|
|
|
@app.route("/freeDrinkListHistoryFromTo", methods=['POST'])
|
|
|
|
@login_required(groups=[VORSTAND])
|
|
|
|
def _free_drink_list_history_from_to(**kwargs):
|
|
|
|
try:
|
|
|
|
debug.info("get free_drink_list_history")
|
|
|
|
data = request.get_json()
|
|
|
|
retVal = mainController.get_free_drink_list_history_from_to(data)
|
|
|
|
debug.debug(f'return free_drink_list_history {{{retVal}}}')
|
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in get free_dirnk_list_history.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-08-20 06:37:24 +00:00
|
|
|
@app.route("/deleteDrinkListHistory", methods=['POST'])
|
|
|
|
@login_required()
|
|
|
|
def _delete_free_drink_list_history(**kwargs):
|
|
|
|
try:
|
|
|
|
debug.info("delete free_drink_list_history")
|
|
|
|
data = request.get_json()
|
|
|
|
retVal = mainController.delete_free_drink_list_history(data)
|
|
|
|
return jsonify({"ok": retVal})
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in delete free_dirnk_list_config.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
2020-08-20 20:03:43 +00:00
|
|
|
|
|
|
|
@app.route("/freeDrinkListReasons", methods=['GET'])
|
|
|
|
@login_required()
|
|
|
|
def _free_drink_list_reasons(**kwargs):
|
|
|
|
try:
|
|
|
|
debug.info("get free_drink_list_reasons")
|
|
|
|
retVal = mainController.get_free_drink_list_reasons()
|
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in delete free_dirnk_list_reasons.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-08-21 19:59:39 +00:00
|
|
|
@app.route("/freeDrinkTypes", methods=['GET', 'POST'])
|
|
|
|
@login_required()
|
|
|
|
def _free_drink_types(**kwargs):
|
|
|
|
try:
|
|
|
|
debug.info("get free_drnik_types")
|
|
|
|
retVal = mainController.get_free_drink_types()
|
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("exception in free_dirnk_types.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-02-27 20:55:00 +00:00
|
|
|
@app.route("/pricelist", methods=['GET'])
|
|
|
|
def _getPricelist():
|
|
|
|
try:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("get pricelist")
|
2020-05-22 19:55:14 +00:00
|
|
|
retVal = mainController.getPricelist()
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info("return pricelist {{ {} }}".format(retVal))
|
2020-02-27 20:55:00 +00:00
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.warning("exception in get pricelist.", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 500
|
2020-02-27 20:55:00 +00:00
|
|
|
|
2020-03-01 18:20:47 +00:00
|
|
|
@app.route('/drinkTypes', methods=['GET'])
|
|
|
|
def getTypes():
|
|
|
|
try:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("get drinktypes")
|
2020-05-22 19:55:14 +00:00
|
|
|
retVal = mainController.getAllDrinkTypes()
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info("return drinktypes {{ {} }}".format(retVal))
|
2020-03-01 18:20:47 +00:00
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.warning("exception in get drinktypes.", exc_info=True)
|
2020-03-01 18:20:47 +00:00
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-03-10 10:08:24 +00:00
|
|
|
|
2020-03-03 21:33:47 +00:00
|
|
|
@app.route('/getAllStatus', methods=['GET'])
|
2020-03-17 19:37:01 +00:00
|
|
|
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
|
2020-03-03 21:33:47 +00:00
|
|
|
def _getAllStatus(**kwargs):
|
|
|
|
try:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("get all status for users")
|
2020-05-22 19:55:14 +00:00
|
|
|
retVal = mainController.getAllStatus()
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info("return all status for users {{ {} }}".format(retVal))
|
2020-03-03 21:33:47 +00:00
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.warning("exception in get all status for users.", exc_info=True)
|
2020-03-03 21:33:47 +00:00
|
|
|
return jsonify({"error": str(err)}), 500
|
2020-02-27 20:55:00 +00:00
|
|
|
|
2020-03-10 10:08:24 +00:00
|
|
|
|
2020-03-03 21:33:47 +00:00
|
|
|
@app.route('/getStatus', methods=['POST'])
|
2020-03-17 19:37:01 +00:00
|
|
|
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
|
2020-03-03 21:33:47 +00:00
|
|
|
def _getStatus(**kwargs):
|
|
|
|
try:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("get status from user")
|
2020-03-03 21:33:47 +00:00
|
|
|
data = request.get_json()
|
|
|
|
name = data['name']
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info("get status from user {{ {} }}".format(name))
|
2020-05-22 19:55:14 +00:00
|
|
|
retVal = mainController.getStatus(name)
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info(
|
|
|
|
"return status from user {{ {} }} : {{ {} }}".format(name, retVal))
|
2020-03-03 21:33:47 +00:00
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.warning("exception in get status from user.", exc_info=True)
|
2020-03-03 21:33:47 +00:00
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-03-10 10:08:24 +00:00
|
|
|
|
2020-03-03 21:33:47 +00:00
|
|
|
@app.route('/getUsers', methods=['GET'])
|
2020-05-27 10:10:51 +00:00
|
|
|
@login_required(groups=[USER], bar=True)
|
2020-03-03 21:33:47 +00:00
|
|
|
def _getUsers(**kwargs):
|
|
|
|
try:
|
2020-05-22 19:55:14 +00:00
|
|
|
extern = True
|
|
|
|
if 'extern' in request.args:
|
|
|
|
extern = not bool(int(request.args['extern']))
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("get all users from database")
|
2020-05-22 19:55:14 +00:00
|
|
|
users = mainController.getAllUsersfromDB(extern=extern)
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("users are {{ {} }}".format(users))
|
2020-03-03 21:33:47 +00:00
|
|
|
retVal = [user.toJSON() for user in users]
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info("return all users from database {{ {} }}".format(retVal))
|
2020-03-03 21:33:47 +00:00
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.warning(
|
|
|
|
"exception in get all users from database.", exc_info=True)
|
2020-03-03 21:33:47 +00:00
|
|
|
return jsonify({"error": str(err)}), 500
|
2020-01-17 00:05:58 +00:00
|
|
|
|
2020-03-10 10:08:24 +00:00
|
|
|
|
2020-03-07 13:56:44 +00:00
|
|
|
@app.route("/getLifeTime", methods=['GET'])
|
2020-03-17 19:37:01 +00:00
|
|
|
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
2020-03-07 13:56:44 +00:00
|
|
|
def _getLifeTime(**kwargs):
|
|
|
|
try:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("get lifetime of accesstoken")
|
2020-03-07 13:56:44 +00:00
|
|
|
if 'accToken' in kwargs:
|
|
|
|
accToken = kwargs['accToken']
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("accessToken is {{ {} }}".format(accToken))
|
2020-06-04 11:56:00 +00:00
|
|
|
retVal = {"value": accToken.lifetime,
|
2020-07-27 08:01:01 +00:00
|
|
|
"group": accToken.user.toJSON()['group'],
|
|
|
|
"lock_bar": accToken.lock_bar}
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info(
|
|
|
|
"return get lifetime from accesstoken {{ {} }}".format(retVal))
|
2020-03-09 18:54:51 +00:00
|
|
|
return jsonify(retVal)
|
2020-03-07 13:56:44 +00:00
|
|
|
except Exception as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("exception in get lifetime of accesstoken.", exc_info=True)
|
2020-03-07 13:56:44 +00:00
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-03-10 10:08:24 +00:00
|
|
|
|
2020-03-07 13:56:44 +00:00
|
|
|
@app.route("/saveLifeTime", methods=['POST'])
|
2020-03-17 19:37:01 +00:00
|
|
|
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
2020-03-07 13:56:44 +00:00
|
|
|
def _saveLifeTime(**kwargs):
|
|
|
|
try:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("save lifetime for accessToken")
|
2020-03-07 13:56:44 +00:00
|
|
|
if 'accToken' in kwargs:
|
|
|
|
accToken = kwargs['accToken']
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("accessToken is {{ {} }}".format(accToken))
|
2020-03-07 13:56:44 +00:00
|
|
|
data = request.get_json()
|
|
|
|
lifetime = data['value']
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("lifetime is {{ {} }}".format(lifetime))
|
|
|
|
debug.info("set lifetime {{ {} }} to accesstoken {{ {} }}".format(
|
|
|
|
lifetime, accToken))
|
2020-03-07 13:56:44 +00:00
|
|
|
accToken.lifetime = lifetime
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("update accesstoken timestamp")
|
2020-06-04 21:03:39 +00:00
|
|
|
accToken = accesTokenController.updateAccessToken(accToken)
|
|
|
|
accToken = accesTokenController.validateAccessToken(accToken.token, [USER, EXTERN])
|
2020-06-04 11:56:00 +00:00
|
|
|
retVal = {"value": accToken.lifetime,
|
|
|
|
"group": accToken.user.toJSON()['group']}
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info(
|
|
|
|
"return save lifetime for accessToken {{ {} }}".format(retVal))
|
2020-03-09 18:54:51 +00:00
|
|
|
return jsonify(retVal)
|
2020-03-07 13:56:44 +00:00
|
|
|
except Exception as err:
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.warning(
|
|
|
|
"exception in save lifetime for accesstoken.", exc_info=True)
|
2020-03-07 13:56:44 +00:00
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-06-28 10:31:58 +00:00
|
|
|
@app.route("/passwordReset", methods=['POST'])
|
|
|
|
def _passwordReset():
|
|
|
|
try:
|
|
|
|
debug.info('password reset')
|
|
|
|
data = request.get_json()
|
|
|
|
mail = mainController.resetPassword(data)
|
|
|
|
index = mail.find('@')
|
|
|
|
for i in range(index):
|
|
|
|
if i == 0:
|
|
|
|
continue
|
|
|
|
mail = mail.replace(mail[i], "*", 1)
|
|
|
|
return jsonify({"ok": "ok", "mail": mail})
|
|
|
|
except Exception as err:
|
|
|
|
debug.warning("excetpion in password reset", exc_info=True)
|
|
|
|
return jsonify({"error": str(err)}), 409
|
|
|
|
|
2020-03-07 13:56:44 +00:00
|
|
|
@app.route("/logout", methods=['GET'])
|
2020-03-17 19:37:01 +00:00
|
|
|
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
2020-03-07 13:56:44 +00:00
|
|
|
def _logout(**kwargs):
|
|
|
|
try:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("logout user")
|
2020-03-07 13:56:44 +00:00
|
|
|
if 'accToken' in kwargs:
|
|
|
|
accToken = kwargs['accToken']
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("accesstoken is {{ {} }}".format(accToken))
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("delete accesstoken")
|
2020-03-07 13:56:44 +00:00
|
|
|
accesTokenController.deleteAccessToken(accToken)
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("return ok logout user")
|
2020-03-07 13:56:44 +00:00
|
|
|
return jsonify({"ok": "ok"})
|
|
|
|
except Exception as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.warning("exception in logout user.", exc_info=True)
|
2020-03-07 13:56:44 +00:00
|
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
|
2020-03-10 10:08:24 +00:00
|
|
|
|
2019-04-11 21:56:55 +00:00
|
|
|
@app.route("/login", methods=['POST'])
|
|
|
|
def _login():
|
2019-04-17 12:46:46 +00:00
|
|
|
""" Login User
|
2019-05-01 20:43:28 +00:00
|
|
|
|
2019-04-17 12:46:46 +00:00
|
|
|
Nothing to say.
|
|
|
|
Login in User and create an AccessToken for the User.
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
A JSON-File with createt Token or Errors
|
|
|
|
"""
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("Start log in.")
|
2019-04-11 21:56:55 +00:00
|
|
|
data = request.get_json()
|
|
|
|
username = data['username']
|
|
|
|
password = data['password']
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("username is {{ {} }}".format(username))
|
2019-12-28 20:52:49 +00:00
|
|
|
try:
|
2020-06-04 22:34:32 +00:00
|
|
|
user_agent = request.user_agent
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info("search {{ {} }} in database".format(username))
|
2020-06-04 21:03:39 +00:00
|
|
|
user = mainController.loginUser(username, password)
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("user is {{ {} }}".format(user))
|
2020-06-04 22:34:32 +00:00
|
|
|
token = accesTokenController.createAccesToken(user, user_agent=user_agent)
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.debug("accesstoken is {{ {} }}".format(token))
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.info("validate accesstoken")
|
2020-03-10 10:08:24 +00:00
|
|
|
dic = accesTokenController.validateAccessToken(
|
|
|
|
token, [USER, EXTERN]).user.toJSON()
|
2019-12-28 20:52:49 +00:00
|
|
|
dic["token"] = token
|
|
|
|
dic["accessToken"] = token
|
2020-03-10 10:08:24 +00:00
|
|
|
debug.info("User {{ {} }} success login.".format(username))
|
|
|
|
debug.info("return login {{ {} }}".format(dic))
|
2019-12-28 20:52:49 +00:00
|
|
|
return jsonify(dic)
|
|
|
|
except PermissionDenied as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.warning("permission denied exception in logout", exc_info=True)
|
2019-12-28 20:52:49 +00:00
|
|
|
return jsonify({"error": str(err)}), 401
|
2020-06-04 21:03:39 +00:00
|
|
|
except Exception as err:
|
2020-03-09 18:54:51 +00:00
|
|
|
debug.warning("exception in logout.", exc_info=True)
|
2020-01-21 05:54:35 +00:00
|
|
|
return jsonify({"error": "permission denied"}), 401
|