parent
92c2c95a34
commit
16e50ea751
|
@ -1,7 +1,7 @@
|
|||
from flask import Blueprint, request, jsonify
|
||||
from geruecht.controller import ldapController as ldap, accesTokenController, userController
|
||||
from datetime import datetime
|
||||
from geruecht.model import BAR
|
||||
from geruecht.model import BAR, MONEY
|
||||
|
||||
baruser = Blueprint("baruser", __name__)
|
||||
|
||||
|
@ -108,8 +108,9 @@ def _search():
|
|||
token = request.headers.get("Token")
|
||||
print(token)
|
||||
accToken = accesTokenController.validateAccessToken(token, BAR)
|
||||
accToken2 = accesTokenController.validateAccessToken(token, MONEY)
|
||||
|
||||
if accToken:
|
||||
if accToken or accToken2:
|
||||
data = request.get_json()
|
||||
|
||||
searchString = data['searchString']
|
||||
|
|
|
@ -70,7 +70,9 @@ def _addAmount():
|
|||
month = datetime.now().month
|
||||
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
||||
userController.addAmount(userID, amount, year=year, month=month, finanzer=True)
|
||||
retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte}
|
||||
user = userController.getUser(userID)
|
||||
retVal = {str(geruecht.year): geruecht.toJSON() for geruecht in user.geruechte}
|
||||
retVal['locked'] = user.locked
|
||||
LOGGER.info("Send updated Geruecht")
|
||||
return jsonify(retVal)
|
||||
LOGGER.info("Permission Denied")
|
||||
|
@ -114,8 +116,10 @@ def _addCredit():
|
|||
month = datetime.now().month
|
||||
|
||||
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
||||
retVal = userController.addCredit(userID, credit, year=year, month=month).toJSON()
|
||||
retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte}
|
||||
userController.addCredit(userID, credit, year=year, month=month).toJSON()
|
||||
user = userController.getUser(userID)
|
||||
retVal = {str(geruecht.year): geruecht.toJSON() for geruecht in user.geruechte}
|
||||
retVal['locked'] = user.locked
|
||||
LOGGER.info("Send updated Geruecht")
|
||||
return jsonify(retVal)
|
||||
LOGGER.info("Permission Denied")
|
||||
|
@ -147,3 +151,23 @@ def _finanzerSetConfig():
|
|||
retVal = userController.updateConfig(username, {'lockLimit': limit, 'autoLock': autoLock}).toJSON()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerAddUser", methods=['POST'])
|
||||
def _finanzerAddUser():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, MONEY)
|
||||
|
||||
if accToken:
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
userController.getUser(username)
|
||||
LOGGER.debug("Get all Useres")
|
||||
users = userController.getAllUsersfromDB()
|
||||
dic = {}
|
||||
for user in users:
|
||||
LOGGER.debug("Add User {} to ReturnValue".format(user))
|
||||
dic[user.uid] = user.toJSON()
|
||||
dic[user.uid]['creditList'] = {credit.year: credit.toJSON() for credit in user.geruechte}
|
||||
LOGGER.debug("ReturnValue is {}".format(dic))
|
||||
return jsonify(dic), 200
|
||||
return jsonify("error:" "permission denied"), 401
|
Loading…
Reference in New Issue