From 16e50ea75162203055780a4620f1969d7759c80b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= Date: Sun, 29 Dec 2019 21:36:42 +0100 Subject: [PATCH] finanzer can add user from LDAP to DB bug fixes --- geruecht/baruser/routes.py | 5 +++-- geruecht/finanzer/routes.py | 32 ++++++++++++++++++++++++++++---- 2 files changed, 31 insertions(+), 6 deletions(-) diff --git a/geruecht/baruser/routes.py b/geruecht/baruser/routes.py index 155ae6c..5b8da89 100644 --- a/geruecht/baruser/routes.py +++ b/geruecht/baruser/routes.py @@ -1,7 +1,7 @@ from flask import Blueprint, request, jsonify from geruecht.controller import ldapController as ldap, accesTokenController, userController from datetime import datetime -from geruecht.model import BAR +from geruecht.model import BAR, MONEY baruser = Blueprint("baruser", __name__) @@ -108,8 +108,9 @@ def _search(): token = request.headers.get("Token") print(token) accToken = accesTokenController.validateAccessToken(token, BAR) + accToken2 = accesTokenController.validateAccessToken(token, MONEY) - if accToken: + if accToken or accToken2: data = request.get_json() searchString = data['searchString'] diff --git a/geruecht/finanzer/routes.py b/geruecht/finanzer/routes.py index f81ce0b..d72e2fc 100644 --- a/geruecht/finanzer/routes.py +++ b/geruecht/finanzer/routes.py @@ -70,7 +70,9 @@ def _addAmount(): month = datetime.now().month LOGGER.debug("Year is {} and Month is {}".format(year, month)) userController.addAmount(userID, amount, year=year, month=month, finanzer=True) - retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte} + user = userController.getUser(userID) + retVal = {str(geruecht.year): geruecht.toJSON() for geruecht in user.geruechte} + retVal['locked'] = user.locked LOGGER.info("Send updated Geruecht") return jsonify(retVal) LOGGER.info("Permission Denied") @@ -114,8 +116,10 @@ def _addCredit(): month = datetime.now().month LOGGER.debug("Year is {} and Month is {}".format(year, month)) - retVal = userController.addCredit(userID, credit, year=year, month=month).toJSON() - retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte} + userController.addCredit(userID, credit, year=year, month=month).toJSON() + user = userController.getUser(userID) + retVal = {str(geruecht.year): geruecht.toJSON() for geruecht in user.geruechte} + retVal['locked'] = user.locked LOGGER.info("Send updated Geruecht") return jsonify(retVal) LOGGER.info("Permission Denied") @@ -146,4 +150,24 @@ def _finanzerSetConfig(): limit = int(data['limit']) retVal = userController.updateConfig(username, {'lockLimit': limit, 'autoLock': autoLock}).toJSON() return jsonify(retVal) - return jsonify({"error": "permission denied"}), 401 \ No newline at end of file + return jsonify({"error": "permission denied"}), 401 + +@finanzer.route("/finanzerAddUser", methods=['POST']) +def _finanzerAddUser(): + token = request.headers.get("Token") + accToken = accesTokenController.validateAccessToken(token, MONEY) + + if accToken: + data = request.get_json() + username = data['userId'] + userController.getUser(username) + LOGGER.debug("Get all Useres") + users = userController.getAllUsersfromDB() + dic = {} + for user in users: + LOGGER.debug("Add User {} to ReturnValue".format(user)) + dic[user.uid] = user.toJSON() + dic[user.uid]['creditList'] = {credit.year: credit.toJSON() for credit in user.geruechte} + LOGGER.debug("ReturnValue is {}".format(dic)) + return jsonify(dic), 200 + return jsonify("error:" "permission denied"), 401 \ No newline at end of file