diff --git a/flaschengeist/.app.py.swo b/flaschengeist/.app.py.swo new file mode 100644 index 0000000..37fe53c Binary files /dev/null and b/flaschengeist/.app.py.swo differ diff --git a/flaschengeist/app.py b/flaschengeist/app.py index 3fc4b3c..a2ec07c 100644 --- a/flaschengeist/app.py +++ b/flaschengeist/app.py @@ -48,7 +48,7 @@ import pkg_resources discovered_plugins = { entry_point.name: entry_point.load() for entry_point - in pkg_resources.iter_entry_points('geruecht.plugins') + in pkg_resources.iter_entry_points('flaschengeist.plugins') } #from geruecht import routes @@ -60,9 +60,9 @@ discovered_plugins = { #from geruecht.registration_route import registration DEBUG.info("Registrate bluebrints") -for k, v in discovered_plugins: - DEBUG("Register %s" % k) - app.register_blueprint(v()) +for name in discovered_plugins: + DEBUG.info("Register %s" % name) + app.register_blueprint(discovered_plugins[name]()) #app.register_blueprint(baruser) #app.register_blueprint(finanzer) diff --git a/flaschengeist/modules/__init__.py b/flaschengeist/modules/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/flaschengeist/modules/routes.py b/flaschengeist/modules/routes.py deleted file mode 100644 index 07b78ce..0000000 --- a/flaschengeist/modules/routes.py +++ /dev/null @@ -1,216 +0,0 @@ -from geruecht import app -from geruecht.logger import getDebugLogger -from geruecht.decorator import login_required -from geruecht.exceptions import PermissionDenied -import geruecht.controller.accesTokenController as ac -import geruecht.controller.mainController as mc -from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN -from flask import request, jsonify - -accesTokenController = ac.AccesTokenController() -mainController = mc.MainController() - -debug = getDebugLogger() - -@app.route("/valid", methods=['POST']) -@login_required(bar=True) -def _valid(**kwargs): - debug.info('/valid') - try: - accToken = kwargs['accToken'] - data = request.get_json() - mainController.validateUser(accToken.user.uid, data['password']) - debug.debug('return {{ "ok": "ok" }}') - return jsonify({"ok": "ok"}) - except Exception as err: - debug.warning("exception in valide.", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@app.route("/pricelist", methods=['GET']) -def _getPricelist(): - try: - debug.info("get pricelist") - retVal = mainController.getPricelist() - debug.info("return pricelist {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.warning("exception in get pricelist.", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@app.route('/drinkTypes', methods=['GET']) -def getTypes(): - try: - debug.info("get drinktypes") - retVal = mainController.getAllDrinkTypes() - debug.info("return drinktypes {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.warning("exception in get drinktypes.", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@app.route('/getAllStatus', methods=['GET']) -@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True) -def _getAllStatus(**kwargs): - try: - debug.info("get all status for users") - retVal = mainController.getAllStatus() - debug.info("return all status for users {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.warning("exception in get all status for users.", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@app.route('/getStatus', methods=['POST']) -@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True) -def _getStatus(**kwargs): - try: - debug.info("get status from user") - data = request.get_json() - name = data['name'] - debug.info("get status from user {{ {} }}".format(name)) - retVal = mainController.getStatus(name) - debug.info( - "return status from user {{ {} }} : {{ {} }}".format(name, retVal)) - return jsonify(retVal) - except Exception as err: - debug.warning("exception in get status from user.", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@app.route('/getUsers', methods=['GET']) -@login_required(groups=[USER], bar=True) -def _getUsers(**kwargs): - try: - extern = True - if 'extern' in request.args: - extern = not bool(int(request.args['extern'])) - debug.info("get all users from database") - users = mainController.getAllUsersfromDB(extern=extern) - debug.debug("users are {{ {} }}".format(users)) - retVal = [user.toJSON() for user in users] - debug.info("return all users from database {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.warning( - "exception in get all users from database.", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@app.route("/getLifeTime", methods=['GET']) -@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True) -def _getLifeTime(**kwargs): - try: - debug.info("get lifetime of accesstoken") - if 'accToken' in kwargs: - accToken = kwargs['accToken'] - debug.debug("accessToken is {{ {} }}".format(accToken)) - retVal = {"value": accToken.lifetime, - "group": accToken.user.toJSON()['group'], - "lock_bar": accToken.lock_bar} - debug.info( - "return get lifetime from accesstoken {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.info("exception in get lifetime of accesstoken.", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@app.route("/saveLifeTime", methods=['POST']) -@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True) -def _saveLifeTime(**kwargs): - try: - debug.info("save lifetime for accessToken") - if 'accToken' in kwargs: - accToken = kwargs['accToken'] - debug.debug("accessToken is {{ {} }}".format(accToken)) - data = request.get_json() - lifetime = data['value'] - debug.debug("lifetime is {{ {} }}".format(lifetime)) - debug.info("set lifetime {{ {} }} to accesstoken {{ {} }}".format( - lifetime, accToken)) - accToken.lifetime = lifetime - debug.info("update accesstoken timestamp") - accToken = accesTokenController.updateAccessToken(accToken) - accToken = accesTokenController.validateAccessToken(accToken.token, [USER, EXTERN]) - retVal = {"value": accToken.lifetime, - "group": accToken.user.toJSON()['group']} - debug.info( - "return save lifetime for accessToken {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.warning( - "exception in save lifetime for accesstoken.", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@app.route("/passwordReset", methods=['POST']) -def _passwordReset(): - try: - debug.info('password reset') - data = request.get_json() - mail = mainController.resetPassword(data) - index = mail.find('@') - for i in range(index): - if i == 0: - continue - mail = mail.replace(mail[i], "*", 1) - return jsonify({"ok": "ok", "mail": mail}) - except Exception as err: - debug.warning("excetpion in password reset", exc_info=True) - return jsonify({"error": str(err)}), 409 - -@app.route("/logout", methods=['GET']) -@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True) -def _logout(**kwargs): - try: - debug.info("logout user") - if 'accToken' in kwargs: - accToken = kwargs['accToken'] - debug.debug("accesstoken is {{ {} }}".format(accToken)) - debug.info("delete accesstoken") - accesTokenController.deleteAccessToken(accToken) - debug.info("return ok logout user") - return jsonify({"ok": "ok"}) - except Exception as err: - debug.warning("exception in logout user.", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@app.route("/login", methods=['POST']) -def _login(): - """ Login User - - Nothing to say. - Login in User and create an AccessToken for the User. - - Returns: - A JSON-File with createt Token or Errors - """ - debug.info("Start log in.") - data = request.get_json() - username = data['username'] - password = data['password'] - debug.debug("username is {{ {} }}".format(username)) - try: - user_agent = request.user_agent - debug.info("search {{ {} }} in database".format(username)) - user = mainController.loginUser(username, password) - debug.debug("user is {{ {} }}".format(user)) - token = accesTokenController.createAccesToken(user, user_agent=user_agent) - debug.debug("accesstoken is {{ {} }}".format(token)) - debug.info("validate accesstoken") - dic = accesTokenController.validateAccessToken( - token, [USER, EXTERN]).user.toJSON() - dic["token"] = token - dic["accessToken"] = token - debug.info("User {{ {} }} success login.".format(username)) - debug.info("return login {{ {} }}".format(dic)) - return jsonify(dic) - except PermissionDenied as err: - debug.warning("permission denied exception in logout", exc_info=True) - return jsonify({"error": str(err)}), 401 - except Exception as err: - debug.warning("exception in logout.", exc_info=True) - return jsonify({"error": "permission denied"}), 401 diff --git a/flaschengeist/modules/schedule/__init__.py b/flaschengeist/modules/schedule/__init__.py new file mode 100644 index 0000000..ff2fc7d --- /dev/null +++ b/flaschengeist/modules/schedule/__init__.py @@ -0,0 +1,413 @@ +from flask import Blueprint, request, jsonify +#from geruecht.decorator import login_required +#import geruecht.controller.mainController as mc +#import geruecht.controller.accesTokenController as ac +#from geruecht.model import USER +#from datetime import datetime, time, date +#from geruecht.exceptions import DayLocked +#from geruecht.logger import getDebugLogger, getCreditLogger, getJobsLogger +#from geruecht.model.accessToken import AccessToken + +user = Blueprint("user", __name__) + +#mainController = mc.MainController() +#accesTokenController = ac.AccesTokenController() + +debug = getDebugLogger() +#creditL = getCreditLogger() +#jobL = getJobsLogger() + + +#@user.route("/user/main") +#@login_required(groups=[USER]) +#def _main(**kwargs): +# debug.info("/user/main") +# try: +# if 'accToken' in kwargs: +# accToken = kwargs['accToken'] +# accToken.user = mainController.getUser(accToken.user.uid) +# retVal = accToken.user.toJSON() +# retVal['creditList'] = {credit.year: credit.toJSON() +# for credit in accToken.user.geruechte} +# debug.debug("return {{ {} }}".format(retVal)) +# return jsonify(retVal) +# except Exception: +# debug.debug("exception", exc_info=True) +# return jsonify("error", "something went wrong"), 500 + + +#@user.route("/user/addAmount", methods=['POST']) +#@login_required(groups=[USER]) +#def _addAmount(**kwargs): +# debug.info("/user/addAmount") +# try: +# if 'accToken' in kwargs: +# accToken = kwargs['accToken'] +# data = request.get_json() +# amount = int(data['amount']) +# date = datetime.now() +# mainController.addAmount( +# accToken.user.uid, amount, year=date.year, month=date.month) +# accToken.user = mainController.getUser(accToken.user.uid) +# retVal = accToken.user.toJSON() +# retVal['creditList'] = {credit.year: credit.toJSON() +# for credit in accToken.user.geruechte} +# debug.debug("return {{ {} }}".format(retVal)) +# creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format( +# date, accToken.user.firstname, accToken.user.lastname, amount/100)) +# return jsonify(retVal) +# except Exception: +# debug.debug("exception", exc_info=True) +# return jsonify({"error": "something went wrong"}), 500 + + +#@user.route("/user/saveConfig", methods=['POST']) +#@login_required(groups=[USER]) +#def _saveConfig(**kwargs): +# debug.info("/user/saveConfig") +# try: +# if 'accToken' in kwargs: +# accToken = kwargs['accToken'] +# data = request.get_json() +# password = data['acceptedPassword'] +# data.pop('acceptedPassword') +# accToken.user = mainController.modifyUser( +# accToken.user, data, password) +# retVal = accToken.user.toJSON() +# retVal['creditList'] = {credit.year: credit.toJSON() +# for credit in accToken.user.geruechte} +# debug.debug("return {{ {} }}".format(retVal)) +# return jsonify(retVal) +# except Exception as err: +# debug.debug("exception", exc_info=True) +# return jsonify({"error": str(err)}), 409 + + +#@user.route("/user/jobs", methods=['POST']) +#@login_required(groups=[USER]) +#def _getUsers(**kwrags): +# debug.info("/user/jobs") +# try: +# data = request.get_json() + #from_date = data['from_date'] + #to_date = data['to_date'] + #from_date = datetime( + #from_date['year'], from_date['month'], from_date['day']) + #to_date = datetime(to_date['year'], to_date['month'], to_date['day']) + #lockedDays = mainController.getLockedDays(from_date, to_date) + #retVal = [] + #for lockedDay in lockedDays: + #day = datetime.combine(lockedDay['daydate'], time(12)) + #retDay = { + #"worker": mainController.getWorker(day), + #"day": { + #"date": { + #"year": day.year, + #"month": day.month, + #"day": day.day + #}, + #"locked": lockedDay['locked'] + #}, + #"jobkinddate": mainController.getJobKindDates(day.date()) + #} + #retVal.append(retDay) + + #debug.debug("return {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + +#@user.route("/user/jobsOnDates", methods=['POST']) +#@login_required(groups=[USER]) +#def _getJobsOnDates(**kwargs): + #debug.info("/user/jobsOnDates") + #try: + #data = request.get_json() + #lockedDays = mainController.getLockedDaysFromList(data) + #retVal = [] + #for lockedDay in lockedDays: + #day = datetime.combine(lockedDay['daydate'], time(12)) + #retDay = { + #"worker": mainController.getWorker(day), + #"day": { + #"date": { + #"year": day.year, + #"month": day.month, + #"day": day.day + #}, + #"locked": lockedDay['locked'] + #}, + #"jobkinddate": mainController.getJobKindDates(day.date()) + #} + #retVal.append(retDay) + + #debug.debug("return {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + +#@user.route("/user/job", methods=['POST']) +#@login_required(groups=[USER]) +#def _getUser(**kwargs): + #debug.info("/user/job") + #try: + #data = request.get_json() + #day = data['day'] + #month = data['month'] + #year = data['year'] + #date = datetime(year, month, day, 12) + #lockedDay = mainController.getLockedDay(date) + #if not lockedDay: + #lockedDay = { + #'date': { + #'year': year, + #'month': month, + #'day': day + #}, + #'locked': False + #} + #else: + #lockedDay = { + #'date': { + #'year': year, + #'month': month, + #'day': day + #}, + #'locked': lockedDay['locked'] + #} + #retVal = { + #'worker': mainController.getWorker(date), + #'day': lockedDay + #} + #debug.debug("retrun {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + + +#@user.route("/user/addJob", methods=['POST']) +#@login_required(groups=[USER]) +#def _addUser(**kwargs): + #debug.info("/user/addJob") + #try: + #if 'accToken' in kwargs: + #accToken = kwargs['accToken'] + #user = accToken.user + #data = request.get_json() + #day = data['day'] + #month = data['month'] + #year = data['year'] + #date = datetime(year, month, day, 12) + #job_kind = None + #if 'job_kind' in data: + #job_kind = data['job_kind'] + #mainController.addWorker(user.uid, date, job_kind=job_kind, userExc=True) + #retVal = mainController.getWorker(date) + #debug.debug("return {{ {} }}".format(retVal)) + #jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format( + #user.firstname, user.lastname, date.date())) + #return jsonify(retVal) + #except DayLocked as err: + #debug.debug("exception", exc_info=True) + #return jsonify({'error': str(err)}), 403 + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({'error': str(err)}), 409 + + +#@user.route("/user/deleteJob", methods=['POST']) +#@login_required(groups=[USER]) +#def _deletJob(**kwargs): + #debug.info("/user/deleteJob") + #try: + #if 'accToken' in kwargs: + #accToken = kwargs['accToken'] + #user = accToken.user + #data = request.get_json() + #day = data['day'] + #month = data['month'] + #year = data['year'] + #date = datetime(year, month, day, 12) + #mainController.deleteWorker(user.uid, date, True) + #retVal = mainController.getWorker(date) + #debug.debug("return ok") + #jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format( + #user.firstname, user.lastname, date.date())) + #return jsonify(retVal) + #except DayLocked as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 403 + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 409 + +#@user.route("/user/storno", methods=['POST']) +#@login_required(groups=[USER]) +#def _storno(**kwargs): + #""" Function for Baruser to storno amount + + #This function added to the user with the posted userID the posted amount. + + #Returns: + #JSON-File with userID and the amount + #or ERROR 401 Permission Denied + #""" + + #debug.info("/user/storno") + #try: + #if 'accToken' in kwargs: + #accToken = kwargs['accToken'] + #user = accToken.user + #data = request.get_json() + #amount = int(data['amount']) + + #date = datetime.now() + #mainController.addCredit( + #user.uid, amount, year=date.year, month=date.month) + #accToken.user = mainController.getUser(accToken.user.uid) + #retVal = accToken.user.toJSON() + #retVal['creditList'] = {credit.year: credit.toJSON() + #for credit in accToken.user.geruechte} + #debug.debug("return {{ {} }}".format(retVal)) + #creditL.info("{} {} {} storniert {} €".format( + #date, user.firstname, user.lastname, amount/100)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + + +#@user.route("/user/getJobInvites", methods=['POST']) +#@login_required(groups=[USER]) +#def _getJobInvites(**kwargs): + #try: + #debug.info("/user/getJobInvites") + #from_user = None + #to_user = None + #on_date = None + + #data = request.get_json() + + #if 'from_user' in data: + #from_user = data['from_user'] + #if 'to_user' in data: + #to_user = data['to_user'] + #on_date = date(data['date']['year'], data['date']['month'], data['date']['day']) + #retVal = mainController.getJobInvites(from_user, to_user, on_date) + #debug.debug("return {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + +#@user.route("/user/JobInvites", methods=['PUT', 'POST']) +#@login_required(groups=[USER]) +#def _JobInvites(**kwargs): + #try: + #debug.info("/user/JobInvites") + #data = request.get_json() + #if request.method == 'PUT': + #mainController.setJobInvites(data) + #retVal = mainController.getJobInvites(kwargs['accToken'].user.toJSON(), None, datetime.now().date()) + #debug.debug("return {{ {} }}".format(retVal)) + #if request.method == 'POST': + #retVal = mainController.updateJobInvites(data) + + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + +#@user.route("/user/deleteJobInvite", methods=['POST']) +#@login_required(groups=[USER]) +#def _deleteJobInvite(**kwargs): + #try: + #debug.info("/user/deleteJobInvite") + #data = request.get_json() + #mainController.deleteJobInvite(data) + #retVal = mainController.getJobInvites(data['from_user'], None, datetime.now().date()) + #debug.debug("return {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + + +#@user.route("/user/getJobRequests", methods=['POST']) +#@login_required(groups=[USER]) +#def _getJobRequests(**kwargs): + #try: + #debug.info("/user/getJobRequests") + #from_user = None + #to_user = None + #on_date = None + + #data = request.get_json() + + #if 'from_user' in data: + #from_user = data['from_user'] + #if 'to_user' in data: + #to_user = data['to_user'] + #on_date = date(data['date']['year'], data['date']['month'], data['date']['day']) + #retVal = mainController.getJobRequests(from_user, to_user, on_date) + #debug.debug("return {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + +#@user.route("/user/JobRequests", methods=['PUT', 'POST']) +#@login_required(groups=[USER]) +#def _JobRequests(**kwargs): + #try: + #debug.info("/user/JobRequests") + #data = request.get_json() + #if request.method == 'PUT': + #mainController.setJobRequests(data) + #retVal = mainController.getJobRequests(kwargs['accToken'].user.toJSON(), None, datetime.now().date()) + #debug.debug("return {{ {} }}".format(retVal)) + #if request.method == 'POST': + #data['on_date'] = date(data['on_date']['year'], data['on_date']['month'], data['on_date']['day']) + #retVal = mainController.updateJobRequests(data) + + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + +#@user.route("/user/deleteJobRequest", methods=['POST']) +#@login_required(groups=[USER]) +#def _deleteJobRequest(**kwargs): + #try: + #debug.info("/user/deleteJobRequest") + #data = request.get_json() + #mainController.deleteJobRequest(data) + #retVal = mainController.getJobRequests(data['from_user'], None, datetime.now().date()) + #debug.debug("return {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 + + +#@user.route("/user/getAccessTokens", methods=['GET', 'POST']) +#@login_required(groups=[USER]) +#def _getAccessTokens(**kwargs): + #try: + #debug.info("/user/getAccessTokens") + #if request.method == 'POST': + #data = request.get_json() + #delAccToken = AccessToken(data['id'], kwargs['accToken'].user, None, None, None) + #accesTokenController.deleteAccessToken(delAccToken) + #tokens = accesTokenController.getAccessTokensFromUser(kwargs['accToken'].user) + #retVal = [] + #for token in tokens: + #retVal.append(token.toJSON()) + #debug.debug("return {{ {} }}".format(retVal)) + #return jsonify(retVal) + #except Exception as err: + #debug.debug("exception", exc_info=True) + #return jsonify({"error": str(err)}), 500 diff --git a/flaschengeist/modules/schedule/routes.py b/flaschengeist/modules/schedule/routes.py new file mode 100644 index 0000000..6b5e3c2 --- /dev/null +++ b/flaschengeist/modules/schedule/routes.py @@ -0,0 +1,413 @@ +from flask import Blueprint, request, jsonify +from geruecht.decorator import login_required +import geruecht.controller.mainController as mc +import geruecht.controller.accesTokenController as ac +from geruecht.model import USER +from datetime import datetime, time, date +from geruecht.exceptions import DayLocked +from geruecht.logger import getDebugLogger, getCreditLogger, getJobsLogger +from geruecht.model.accessToken import AccessToken + +user = Blueprint("user", __name__) + +mainController = mc.MainController() +accesTokenController = ac.AccesTokenController() + +debug = getDebugLogger() +creditL = getCreditLogger() +jobL = getJobsLogger() + + +@user.route("/user/main") +@login_required(groups=[USER]) +def _main(**kwargs): + debug.info("/user/main") + try: + if 'accToken' in kwargs: + accToken = kwargs['accToken'] + accToken.user = mainController.getUser(accToken.user.uid) + retVal = accToken.user.toJSON() + retVal['creditList'] = {credit.year: credit.toJSON() + for credit in accToken.user.geruechte} + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception: + debug.debug("exception", exc_info=True) + return jsonify("error", "something went wrong"), 500 + + +@user.route("/user/addAmount", methods=['POST']) +@login_required(groups=[USER]) +def _addAmount(**kwargs): + debug.info("/user/addAmount") + try: + if 'accToken' in kwargs: + accToken = kwargs['accToken'] + data = request.get_json() + amount = int(data['amount']) + date = datetime.now() + mainController.addAmount( + accToken.user.uid, amount, year=date.year, month=date.month) + accToken.user = mainController.getUser(accToken.user.uid) + retVal = accToken.user.toJSON() + retVal['creditList'] = {credit.year: credit.toJSON() + for credit in accToken.user.geruechte} + debug.debug("return {{ {} }}".format(retVal)) + creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format( + date, accToken.user.firstname, accToken.user.lastname, amount/100)) + return jsonify(retVal) + except Exception: + debug.debug("exception", exc_info=True) + return jsonify({"error": "something went wrong"}), 500 + + +@user.route("/user/saveConfig", methods=['POST']) +@login_required(groups=[USER]) +def _saveConfig(**kwargs): + debug.info("/user/saveConfig") + try: + if 'accToken' in kwargs: + accToken = kwargs['accToken'] + data = request.get_json() + password = data['acceptedPassword'] + data.pop('acceptedPassword') + accToken.user = mainController.modifyUser( + accToken.user, data, password) + retVal = accToken.user.toJSON() + retVal['creditList'] = {credit.year: credit.toJSON() + for credit in accToken.user.geruechte} + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 409 + + +@user.route("/user/jobs", methods=['POST']) +@login_required(groups=[USER]) +def _getUsers(**kwrags): + debug.info("/user/jobs") + try: + data = request.get_json() + from_date = data['from_date'] + to_date = data['to_date'] + from_date = datetime( + from_date['year'], from_date['month'], from_date['day']) + to_date = datetime(to_date['year'], to_date['month'], to_date['day']) + lockedDays = mainController.getLockedDays(from_date, to_date) + retVal = [] + for lockedDay in lockedDays: + day = datetime.combine(lockedDay['daydate'], time(12)) + retDay = { + "worker": mainController.getWorker(day), + "day": { + "date": { + "year": day.year, + "month": day.month, + "day": day.day + }, + "locked": lockedDay['locked'] + }, + "jobkinddate": mainController.getJobKindDates(day.date()) + } + retVal.append(retDay) + + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@user.route("/user/jobsOnDates", methods=['POST']) +@login_required(groups=[USER]) +def _getJobsOnDates(**kwargs): + debug.info("/user/jobsOnDates") + try: + data = request.get_json() + lockedDays = mainController.getLockedDaysFromList(data) + retVal = [] + for lockedDay in lockedDays: + day = datetime.combine(lockedDay['daydate'], time(12)) + retDay = { + "worker": mainController.getWorker(day), + "day": { + "date": { + "year": day.year, + "month": day.month, + "day": day.day + }, + "locked": lockedDay['locked'] + }, + "jobkinddate": mainController.getJobKindDates(day.date()) + } + retVal.append(retDay) + + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@user.route("/user/job", methods=['POST']) +@login_required(groups=[USER]) +def _getUser(**kwargs): + debug.info("/user/job") + try: + data = request.get_json() + day = data['day'] + month = data['month'] + year = data['year'] + date = datetime(year, month, day, 12) + lockedDay = mainController.getLockedDay(date) + if not lockedDay: + lockedDay = { + 'date': { + 'year': year, + 'month': month, + 'day': day + }, + 'locked': False + } + else: + lockedDay = { + 'date': { + 'year': year, + 'month': month, + 'day': day + }, + 'locked': lockedDay['locked'] + } + retVal = { + 'worker': mainController.getWorker(date), + 'day': lockedDay + } + debug.debug("retrun {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@user.route("/user/addJob", methods=['POST']) +@login_required(groups=[USER]) +def _addUser(**kwargs): + debug.info("/user/addJob") + try: + if 'accToken' in kwargs: + accToken = kwargs['accToken'] + user = accToken.user + data = request.get_json() + day = data['day'] + month = data['month'] + year = data['year'] + date = datetime(year, month, day, 12) + job_kind = None + if 'job_kind' in data: + job_kind = data['job_kind'] + mainController.addWorker(user.uid, date, job_kind=job_kind, userExc=True) + retVal = mainController.getWorker(date) + debug.debug("return {{ {} }}".format(retVal)) + jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format( + user.firstname, user.lastname, date.date())) + return jsonify(retVal) + except DayLocked as err: + debug.debug("exception", exc_info=True) + return jsonify({'error': str(err)}), 403 + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({'error': str(err)}), 409 + + +@user.route("/user/deleteJob", methods=['POST']) +@login_required(groups=[USER]) +def _deletJob(**kwargs): + debug.info("/user/deleteJob") + try: + if 'accToken' in kwargs: + accToken = kwargs['accToken'] + user = accToken.user + data = request.get_json() + day = data['day'] + month = data['month'] + year = data['year'] + date = datetime(year, month, day, 12) + mainController.deleteWorker(user.uid, date, True) + retVal = mainController.getWorker(date) + debug.debug("return ok") + jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format( + user.firstname, user.lastname, date.date())) + return jsonify(retVal) + except DayLocked as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 403 + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 409 + +@user.route("/user/storno", methods=['POST']) +@login_required(groups=[USER]) +def _storno(**kwargs): + """ Function for Baruser to storno amount + + This function added to the user with the posted userID the posted amount. + + Returns: + JSON-File with userID and the amount + or ERROR 401 Permission Denied + """ + + debug.info("/user/storno") + try: + if 'accToken' in kwargs: + accToken = kwargs['accToken'] + user = accToken.user + data = request.get_json() + amount = int(data['amount']) + + date = datetime.now() + mainController.addCredit( + user.uid, amount, year=date.year, month=date.month) + accToken.user = mainController.getUser(accToken.user.uid) + retVal = accToken.user.toJSON() + retVal['creditList'] = {credit.year: credit.toJSON() + for credit in accToken.user.geruechte} + debug.debug("return {{ {} }}".format(retVal)) + creditL.info("{} {} {} storniert {} €".format( + date, user.firstname, user.lastname, amount/100)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@user.route("/user/getJobInvites", methods=['POST']) +@login_required(groups=[USER]) +def _getJobInvites(**kwargs): + try: + debug.info("/user/getJobInvites") + from_user = None + to_user = None + on_date = None + + data = request.get_json() + + if 'from_user' in data: + from_user = data['from_user'] + if 'to_user' in data: + to_user = data['to_user'] + on_date = date(data['date']['year'], data['date']['month'], data['date']['day']) + retVal = mainController.getJobInvites(from_user, to_user, on_date) + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@user.route("/user/JobInvites", methods=['PUT', 'POST']) +@login_required(groups=[USER]) +def _JobInvites(**kwargs): + try: + debug.info("/user/JobInvites") + data = request.get_json() + if request.method == 'PUT': + mainController.setJobInvites(data) + retVal = mainController.getJobInvites(kwargs['accToken'].user.toJSON(), None, datetime.now().date()) + debug.debug("return {{ {} }}".format(retVal)) + if request.method == 'POST': + retVal = mainController.updateJobInvites(data) + + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@user.route("/user/deleteJobInvite", methods=['POST']) +@login_required(groups=[USER]) +def _deleteJobInvite(**kwargs): + try: + debug.info("/user/deleteJobInvite") + data = request.get_json() + mainController.deleteJobInvite(data) + retVal = mainController.getJobInvites(data['from_user'], None, datetime.now().date()) + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@user.route("/user/getJobRequests", methods=['POST']) +@login_required(groups=[USER]) +def _getJobRequests(**kwargs): + try: + debug.info("/user/getJobRequests") + from_user = None + to_user = None + on_date = None + + data = request.get_json() + + if 'from_user' in data: + from_user = data['from_user'] + if 'to_user' in data: + to_user = data['to_user'] + on_date = date(data['date']['year'], data['date']['month'], data['date']['day']) + retVal = mainController.getJobRequests(from_user, to_user, on_date) + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@user.route("/user/JobRequests", methods=['PUT', 'POST']) +@login_required(groups=[USER]) +def _JobRequests(**kwargs): + try: + debug.info("/user/JobRequests") + data = request.get_json() + if request.method == 'PUT': + mainController.setJobRequests(data) + retVal = mainController.getJobRequests(kwargs['accToken'].user.toJSON(), None, datetime.now().date()) + debug.debug("return {{ {} }}".format(retVal)) + if request.method == 'POST': + data['on_date'] = date(data['on_date']['year'], data['on_date']['month'], data['on_date']['day']) + retVal = mainController.updateJobRequests(data) + + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@user.route("/user/deleteJobRequest", methods=['POST']) +@login_required(groups=[USER]) +def _deleteJobRequest(**kwargs): + try: + debug.info("/user/deleteJobRequest") + data = request.get_json() + mainController.deleteJobRequest(data) + retVal = mainController.getJobRequests(data['from_user'], None, datetime.now().date()) + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@user.route("/user/getAccessTokens", methods=['GET', 'POST']) +@login_required(groups=[USER]) +def _getAccessTokens(**kwargs): + try: + debug.info("/user/getAccessTokens") + if request.method == 'POST': + data = request.get_json() + delAccToken = AccessToken(data['id'], kwargs['accToken'].user, None, None, None) + accesTokenController.deleteAccessToken(delAccToken) + tokens = accesTokenController.getAccessTokensFromUser(kwargs['accToken'].user) + retVal = [] + for token in tokens: + retVal.append(token.toJSON()) + debug.debug("return {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.debug("exception", exc_info=True) + return jsonify({"error": str(err)}), 500 diff --git a/flaschengeist/modules/user/__init__.py b/flaschengeist/modules/user/__init__.py index e69de29..ec9f6f3 100644 --- a/flaschengeist/modules/user/__init__.py +++ b/flaschengeist/modules/user/__init__.py @@ -0,0 +1,56 @@ +####################################### +# Plugin: Users # +# Functionality: Allow management # +# of users, login, logout, etc # +####################################### + +from flask import Blueprint +from flaschengeist.app import app + +def register(): + return Blueprint('user', __name__) + +####################################### +## Routes ## +####################################### +#dummy +@app.route("/") +def _dummy(): + return 'Noch funktioniert hier mal überhaupt nichts!' + +@app.route("/login", methods=['POST']) +def _login(): + """ Login User + + Nothing to say. + Login in User and create an AccessToken for the User. + + Returns: + A JSON-File with createt Token or Errors + """ + debug.info("Start log in.") + data = request.get_json() + username = data['username'] + password = data['password'] + debug.debug("username is {{ {} }}".format(username)) + try: + user_agent = request.user_agent + debug.info("search {{ {} }} in database".format(username)) + user = mainController.loginUser(username, password) + debug.debug("user is {{ {} }}".format(user)) + token = accesTokenController.createAccesToken(user, user_agent=user_agent) + debug.debug("accesstoken is {{ {} }}".format(token)) + debug.info("validate accesstoken") + dic = accesTokenController.validateAccessToken( + token, [USER, EXTERN]).user.toJSON() + dic["token"] = token + dic["accessToken"] = token + debug.info("User {{ {} }} success login.".format(username)) + debug.info("return login {{ {} }}".format(dic)) + return jsonify(dic) + except PermissionDenied as err: + debug.warning("permission denied exception in logout", exc_info=True) + return jsonify({"error": str(err)}), 401 + except Exception as err: + debug.warning("exception in logout.", exc_info=True) + return jsonify({"error": "permission denied"}), 401 diff --git a/flaschengeist/modules/user/routes.py b/flaschengeist/modules/user/routes.py index 6b5e3c2..07b78ce 100644 --- a/flaschengeist/modules/user/routes.py +++ b/flaschengeist/modules/user/routes.py @@ -1,413 +1,216 @@ -from flask import Blueprint, request, jsonify +from geruecht import app +from geruecht.logger import getDebugLogger from geruecht.decorator import login_required -import geruecht.controller.mainController as mc +from geruecht.exceptions import PermissionDenied import geruecht.controller.accesTokenController as ac -from geruecht.model import USER -from datetime import datetime, time, date -from geruecht.exceptions import DayLocked -from geruecht.logger import getDebugLogger, getCreditLogger, getJobsLogger -from geruecht.model.accessToken import AccessToken +import geruecht.controller.mainController as mc +from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN +from flask import request, jsonify -user = Blueprint("user", __name__) - -mainController = mc.MainController() accesTokenController = ac.AccesTokenController() +mainController = mc.MainController() debug = getDebugLogger() -creditL = getCreditLogger() -jobL = getJobsLogger() - -@user.route("/user/main") -@login_required(groups=[USER]) -def _main(**kwargs): - debug.info("/user/main") +@app.route("/valid", methods=['POST']) +@login_required(bar=True) +def _valid(**kwargs): + debug.info('/valid') try: + accToken = kwargs['accToken'] + data = request.get_json() + mainController.validateUser(accToken.user.uid, data['password']) + debug.debug('return {{ "ok": "ok" }}') + return jsonify({"ok": "ok"}) + except Exception as err: + debug.warning("exception in valide.", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@app.route("/pricelist", methods=['GET']) +def _getPricelist(): + try: + debug.info("get pricelist") + retVal = mainController.getPricelist() + debug.info("return pricelist {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.warning("exception in get pricelist.", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@app.route('/drinkTypes', methods=['GET']) +def getTypes(): + try: + debug.info("get drinktypes") + retVal = mainController.getAllDrinkTypes() + debug.info("return drinktypes {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.warning("exception in get drinktypes.", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@app.route('/getAllStatus', methods=['GET']) +@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True) +def _getAllStatus(**kwargs): + try: + debug.info("get all status for users") + retVal = mainController.getAllStatus() + debug.info("return all status for users {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.warning("exception in get all status for users.", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@app.route('/getStatus', methods=['POST']) +@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True) +def _getStatus(**kwargs): + try: + debug.info("get status from user") + data = request.get_json() + name = data['name'] + debug.info("get status from user {{ {} }}".format(name)) + retVal = mainController.getStatus(name) + debug.info( + "return status from user {{ {} }} : {{ {} }}".format(name, retVal)) + return jsonify(retVal) + except Exception as err: + debug.warning("exception in get status from user.", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@app.route('/getUsers', methods=['GET']) +@login_required(groups=[USER], bar=True) +def _getUsers(**kwargs): + try: + extern = True + if 'extern' in request.args: + extern = not bool(int(request.args['extern'])) + debug.info("get all users from database") + users = mainController.getAllUsersfromDB(extern=extern) + debug.debug("users are {{ {} }}".format(users)) + retVal = [user.toJSON() for user in users] + debug.info("return all users from database {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.warning( + "exception in get all users from database.", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@app.route("/getLifeTime", methods=['GET']) +@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True) +def _getLifeTime(**kwargs): + try: + debug.info("get lifetime of accesstoken") if 'accToken' in kwargs: accToken = kwargs['accToken'] - accToken.user = mainController.getUser(accToken.user.uid) - retVal = accToken.user.toJSON() - retVal['creditList'] = {credit.year: credit.toJSON() - for credit in accToken.user.geruechte} - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception: - debug.debug("exception", exc_info=True) - return jsonify("error", "something went wrong"), 500 - - -@user.route("/user/addAmount", methods=['POST']) -@login_required(groups=[USER]) -def _addAmount(**kwargs): - debug.info("/user/addAmount") - try: - if 'accToken' in kwargs: - accToken = kwargs['accToken'] - data = request.get_json() - amount = int(data['amount']) - date = datetime.now() - mainController.addAmount( - accToken.user.uid, amount, year=date.year, month=date.month) - accToken.user = mainController.getUser(accToken.user.uid) - retVal = accToken.user.toJSON() - retVal['creditList'] = {credit.year: credit.toJSON() - for credit in accToken.user.geruechte} - debug.debug("return {{ {} }}".format(retVal)) - creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format( - date, accToken.user.firstname, accToken.user.lastname, amount/100)) - return jsonify(retVal) - except Exception: - debug.debug("exception", exc_info=True) - return jsonify({"error": "something went wrong"}), 500 - - -@user.route("/user/saveConfig", methods=['POST']) -@login_required(groups=[USER]) -def _saveConfig(**kwargs): - debug.info("/user/saveConfig") - try: - if 'accToken' in kwargs: - accToken = kwargs['accToken'] - data = request.get_json() - password = data['acceptedPassword'] - data.pop('acceptedPassword') - accToken.user = mainController.modifyUser( - accToken.user, data, password) - retVal = accToken.user.toJSON() - retVal['creditList'] = {credit.year: credit.toJSON() - for credit in accToken.user.geruechte} - debug.debug("return {{ {} }}".format(retVal)) + debug.debug("accessToken is {{ {} }}".format(accToken)) + retVal = {"value": accToken.lifetime, + "group": accToken.user.toJSON()['group'], + "lock_bar": accToken.lock_bar} + debug.info( + "return get lifetime from accesstoken {{ {} }}".format(retVal)) return jsonify(retVal) except Exception as err: - debug.debug("exception", exc_info=True) + debug.info("exception in get lifetime of accesstoken.", exc_info=True) + return jsonify({"error": str(err)}), 500 + + +@app.route("/saveLifeTime", methods=['POST']) +@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True) +def _saveLifeTime(**kwargs): + try: + debug.info("save lifetime for accessToken") + if 'accToken' in kwargs: + accToken = kwargs['accToken'] + debug.debug("accessToken is {{ {} }}".format(accToken)) + data = request.get_json() + lifetime = data['value'] + debug.debug("lifetime is {{ {} }}".format(lifetime)) + debug.info("set lifetime {{ {} }} to accesstoken {{ {} }}".format( + lifetime, accToken)) + accToken.lifetime = lifetime + debug.info("update accesstoken timestamp") + accToken = accesTokenController.updateAccessToken(accToken) + accToken = accesTokenController.validateAccessToken(accToken.token, [USER, EXTERN]) + retVal = {"value": accToken.lifetime, + "group": accToken.user.toJSON()['group']} + debug.info( + "return save lifetime for accessToken {{ {} }}".format(retVal)) + return jsonify(retVal) + except Exception as err: + debug.warning( + "exception in save lifetime for accesstoken.", exc_info=True) + return jsonify({"error": str(err)}), 500 + +@app.route("/passwordReset", methods=['POST']) +def _passwordReset(): + try: + debug.info('password reset') + data = request.get_json() + mail = mainController.resetPassword(data) + index = mail.find('@') + for i in range(index): + if i == 0: + continue + mail = mail.replace(mail[i], "*", 1) + return jsonify({"ok": "ok", "mail": mail}) + except Exception as err: + debug.warning("excetpion in password reset", exc_info=True) return jsonify({"error": str(err)}), 409 - -@user.route("/user/jobs", methods=['POST']) -@login_required(groups=[USER]) -def _getUsers(**kwrags): - debug.info("/user/jobs") - try: - data = request.get_json() - from_date = data['from_date'] - to_date = data['to_date'] - from_date = datetime( - from_date['year'], from_date['month'], from_date['day']) - to_date = datetime(to_date['year'], to_date['month'], to_date['day']) - lockedDays = mainController.getLockedDays(from_date, to_date) - retVal = [] - for lockedDay in lockedDays: - day = datetime.combine(lockedDay['daydate'], time(12)) - retDay = { - "worker": mainController.getWorker(day), - "day": { - "date": { - "year": day.year, - "month": day.month, - "day": day.day - }, - "locked": lockedDay['locked'] - }, - "jobkinddate": mainController.getJobKindDates(day.date()) - } - retVal.append(retDay) - - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@user.route("/user/jobsOnDates", methods=['POST']) -@login_required(groups=[USER]) -def _getJobsOnDates(**kwargs): - debug.info("/user/jobsOnDates") - try: - data = request.get_json() - lockedDays = mainController.getLockedDaysFromList(data) - retVal = [] - for lockedDay in lockedDays: - day = datetime.combine(lockedDay['daydate'], time(12)) - retDay = { - "worker": mainController.getWorker(day), - "day": { - "date": { - "year": day.year, - "month": day.month, - "day": day.day - }, - "locked": lockedDay['locked'] - }, - "jobkinddate": mainController.getJobKindDates(day.date()) - } - retVal.append(retDay) - - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@user.route("/user/job", methods=['POST']) -@login_required(groups=[USER]) -def _getUser(**kwargs): - debug.info("/user/job") - try: - data = request.get_json() - day = data['day'] - month = data['month'] - year = data['year'] - date = datetime(year, month, day, 12) - lockedDay = mainController.getLockedDay(date) - if not lockedDay: - lockedDay = { - 'date': { - 'year': year, - 'month': month, - 'day': day - }, - 'locked': False - } - else: - lockedDay = { - 'date': { - 'year': year, - 'month': month, - 'day': day - }, - 'locked': lockedDay['locked'] - } - retVal = { - 'worker': mainController.getWorker(date), - 'day': lockedDay - } - debug.debug("retrun {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@user.route("/user/addJob", methods=['POST']) -@login_required(groups=[USER]) -def _addUser(**kwargs): - debug.info("/user/addJob") +@app.route("/logout", methods=['GET']) +@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True) +def _logout(**kwargs): try: + debug.info("logout user") if 'accToken' in kwargs: accToken = kwargs['accToken'] - user = accToken.user - data = request.get_json() - day = data['day'] - month = data['month'] - year = data['year'] - date = datetime(year, month, day, 12) - job_kind = None - if 'job_kind' in data: - job_kind = data['job_kind'] - mainController.addWorker(user.uid, date, job_kind=job_kind, userExc=True) - retVal = mainController.getWorker(date) - debug.debug("return {{ {} }}".format(retVal)) - jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format( - user.firstname, user.lastname, date.date())) - return jsonify(retVal) - except DayLocked as err: - debug.debug("exception", exc_info=True) - return jsonify({'error': str(err)}), 403 + debug.debug("accesstoken is {{ {} }}".format(accToken)) + debug.info("delete accesstoken") + accesTokenController.deleteAccessToken(accToken) + debug.info("return ok logout user") + return jsonify({"ok": "ok"}) except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({'error': str(err)}), 409 - - -@user.route("/user/deleteJob", methods=['POST']) -@login_required(groups=[USER]) -def _deletJob(**kwargs): - debug.info("/user/deleteJob") - try: - if 'accToken' in kwargs: - accToken = kwargs['accToken'] - user = accToken.user - data = request.get_json() - day = data['day'] - month = data['month'] - year = data['year'] - date = datetime(year, month, day, 12) - mainController.deleteWorker(user.uid, date, True) - retVal = mainController.getWorker(date) - debug.debug("return ok") - jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format( - user.firstname, user.lastname, date.date())) - return jsonify(retVal) - except DayLocked as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 403 - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 409 - -@user.route("/user/storno", methods=['POST']) -@login_required(groups=[USER]) -def _storno(**kwargs): - """ Function for Baruser to storno amount - - This function added to the user with the posted userID the posted amount. - - Returns: - JSON-File with userID and the amount - or ERROR 401 Permission Denied - """ - - debug.info("/user/storno") - try: - if 'accToken' in kwargs: - accToken = kwargs['accToken'] - user = accToken.user - data = request.get_json() - amount = int(data['amount']) - - date = datetime.now() - mainController.addCredit( - user.uid, amount, year=date.year, month=date.month) - accToken.user = mainController.getUser(accToken.user.uid) - retVal = accToken.user.toJSON() - retVal['creditList'] = {credit.year: credit.toJSON() - for credit in accToken.user.geruechte} - debug.debug("return {{ {} }}".format(retVal)) - creditL.info("{} {} {} storniert {} €".format( - date, user.firstname, user.lastname, amount/100)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) + debug.warning("exception in logout user.", exc_info=True) return jsonify({"error": str(err)}), 500 -@user.route("/user/getJobInvites", methods=['POST']) -@login_required(groups=[USER]) -def _getJobInvites(**kwargs): +@app.route("/login", methods=['POST']) +def _login(): + """ Login User + + Nothing to say. + Login in User and create an AccessToken for the User. + + Returns: + A JSON-File with createt Token or Errors + """ + debug.info("Start log in.") + data = request.get_json() + username = data['username'] + password = data['password'] + debug.debug("username is {{ {} }}".format(username)) try: - debug.info("/user/getJobInvites") - from_user = None - to_user = None - on_date = None - - data = request.get_json() - - if 'from_user' in data: - from_user = data['from_user'] - if 'to_user' in data: - to_user = data['to_user'] - on_date = date(data['date']['year'], data['date']['month'], data['date']['day']) - retVal = mainController.getJobInvites(from_user, to_user, on_date) - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) + user_agent = request.user_agent + debug.info("search {{ {} }} in database".format(username)) + user = mainController.loginUser(username, password) + debug.debug("user is {{ {} }}".format(user)) + token = accesTokenController.createAccesToken(user, user_agent=user_agent) + debug.debug("accesstoken is {{ {} }}".format(token)) + debug.info("validate accesstoken") + dic = accesTokenController.validateAccessToken( + token, [USER, EXTERN]).user.toJSON() + dic["token"] = token + dic["accessToken"] = token + debug.info("User {{ {} }} success login.".format(username)) + debug.info("return login {{ {} }}".format(dic)) + return jsonify(dic) + except PermissionDenied as err: + debug.warning("permission denied exception in logout", exc_info=True) + return jsonify({"error": str(err)}), 401 except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@user.route("/user/JobInvites", methods=['PUT', 'POST']) -@login_required(groups=[USER]) -def _JobInvites(**kwargs): - try: - debug.info("/user/JobInvites") - data = request.get_json() - if request.method == 'PUT': - mainController.setJobInvites(data) - retVal = mainController.getJobInvites(kwargs['accToken'].user.toJSON(), None, datetime.now().date()) - debug.debug("return {{ {} }}".format(retVal)) - if request.method == 'POST': - retVal = mainController.updateJobInvites(data) - - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@user.route("/user/deleteJobInvite", methods=['POST']) -@login_required(groups=[USER]) -def _deleteJobInvite(**kwargs): - try: - debug.info("/user/deleteJobInvite") - data = request.get_json() - mainController.deleteJobInvite(data) - retVal = mainController.getJobInvites(data['from_user'], None, datetime.now().date()) - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@user.route("/user/getJobRequests", methods=['POST']) -@login_required(groups=[USER]) -def _getJobRequests(**kwargs): - try: - debug.info("/user/getJobRequests") - from_user = None - to_user = None - on_date = None - - data = request.get_json() - - if 'from_user' in data: - from_user = data['from_user'] - if 'to_user' in data: - to_user = data['to_user'] - on_date = date(data['date']['year'], data['date']['month'], data['date']['day']) - retVal = mainController.getJobRequests(from_user, to_user, on_date) - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@user.route("/user/JobRequests", methods=['PUT', 'POST']) -@login_required(groups=[USER]) -def _JobRequests(**kwargs): - try: - debug.info("/user/JobRequests") - data = request.get_json() - if request.method == 'PUT': - mainController.setJobRequests(data) - retVal = mainController.getJobRequests(kwargs['accToken'].user.toJSON(), None, datetime.now().date()) - debug.debug("return {{ {} }}".format(retVal)) - if request.method == 'POST': - data['on_date'] = date(data['on_date']['year'], data['on_date']['month'], data['on_date']['day']) - retVal = mainController.updateJobRequests(data) - - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - -@user.route("/user/deleteJobRequest", methods=['POST']) -@login_required(groups=[USER]) -def _deleteJobRequest(**kwargs): - try: - debug.info("/user/deleteJobRequest") - data = request.get_json() - mainController.deleteJobRequest(data) - retVal = mainController.getJobRequests(data['from_user'], None, datetime.now().date()) - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 - - -@user.route("/user/getAccessTokens", methods=['GET', 'POST']) -@login_required(groups=[USER]) -def _getAccessTokens(**kwargs): - try: - debug.info("/user/getAccessTokens") - if request.method == 'POST': - data = request.get_json() - delAccToken = AccessToken(data['id'], kwargs['accToken'].user, None, None, None) - accesTokenController.deleteAccessToken(delAccToken) - tokens = accesTokenController.getAccessTokensFromUser(kwargs['accToken'].user) - retVal = [] - for token in tokens: - retVal.append(token.toJSON()) - debug.debug("return {{ {} }}".format(retVal)) - return jsonify(retVal) - except Exception as err: - debug.debug("exception", exc_info=True) - return jsonify({"error": str(err)}), 500 + debug.warning("exception in logout.", exc_info=True) + return jsonify({"error": "permission denied"}), 401 diff --git a/flaschengeist/modules/user.py b/flaschengeist/modules/user/user.py similarity index 100% rename from flaschengeist/modules/user.py rename to flaschengeist/modules/user/user.py diff --git a/setup.py b/setup.py index b142102..1575c38 100644 --- a/setup.py +++ b/setup.py @@ -13,7 +13,7 @@ setup( install_requires=['Flask >= 1.0.2', 'PyYAML>=5.3.1', "flask_mysqldb", "flask_ldapconn", "flask_cors"], entry_points = { 'flaschengeist.plugins': [ - 'users = flaschengeist.system.user:register' + 'users = flaschengeist.modules.user:register' ] } )