finanzer can add user from LDAP to DB

bug fixes

geruecht/baruser/routes.py

@@ -1,7 +1,7 @@
 from flask import Blueprint, request, jsonify
 from geruecht.controller import ldapController as ldap, accesTokenController, userController
 from datetime import datetime
-from geruecht.model import BAR
+from geruecht.model import BAR, MONEY
 
 baruser = Blueprint("baruser", __name__)
 
@@ -108,8 +108,9 @@ def _search():
     token = request.headers.get("Token")
     print(token)
     accToken = accesTokenController.validateAccessToken(token, BAR)
+    accToken2 = accesTokenController.validateAccessToken(token, MONEY)
 
-    if accToken:
+    if accToken or accToken2:
         data = request.get_json()
 
         searchString = data['searchString']

geruecht/finanzer/routes.py

@@ -70,7 +70,9 @@ def _addAmount():
             month = datetime.now().month
         LOGGER.debug("Year is {} and Month is {}".format(year, month))
         userController.addAmount(userID, amount, year=year, month=month, finanzer=True)
-        retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte}
+        user = userController.getUser(userID)
+        retVal = {str(geruecht.year): geruecht.toJSON() for geruecht in user.geruechte}
+        retVal['locked'] = user.locked
         LOGGER.info("Send updated Geruecht")
         return jsonify(retVal)
     LOGGER.info("Permission Denied")
@@ -114,8 +116,10 @@ def _addCredit():
             month = datetime.now().month
 
         LOGGER.debug("Year is {} and Month is {}".format(year, month))
-        retVal = userController.addCredit(userID, credit, year=year, month=month).toJSON()
+        userController.addCredit(userID, credit, year=year, month=month).toJSON()
-        retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte}
+        user = userController.getUser(userID)
+        retVal = {str(geruecht.year): geruecht.toJSON() for geruecht in user.geruechte}
+        retVal['locked'] = user.locked
         LOGGER.info("Send updated Geruecht")
         return jsonify(retVal)
     LOGGER.info("Permission Denied")
@@ -146,4 +150,24 @@ def _finanzerSetConfig():
         limit = int(data['limit'])
         retVal = userController.updateConfig(username, {'lockLimit': limit, 'autoLock': autoLock}).toJSON()
         return jsonify(retVal)
-    return jsonify({"error": "permission denied"}), 401
+    return jsonify({"error": "permission denied"}), 401
+
+@finanzer.route("/finanzerAddUser", methods=['POST'])
+def _finanzerAddUser():
+    token = request.headers.get("Token")
+    accToken = accesTokenController.validateAccessToken(token, MONEY)
+
+    if accToken:
+        data = request.get_json()
+        username = data['userId']
+        userController.getUser(username)
+        LOGGER.debug("Get all Useres")
+        users = userController.getAllUsersfromDB()
+        dic = {}
+        for user in users:
+            LOGGER.debug("Add User {} to ReturnValue".format(user))
+            dic[user.uid] = user.toJSON()
+            dic[user.uid]['creditList'] = {credit.year: credit.toJSON() for credit in user.geruechte}
+            LOGGER.debug("ReturnValue is {}".format(dic))
+        return jsonify(dic), 200
+    return jsonify("error:" "permission denied"), 401