Fixed plugin detection. Added dummy user plugin. Nothing works atm

This commit is contained in:
Ferdinand Thiessen 2020-08-20 17:19:16 +02:00
parent 246bd90ebd
commit 1bac2e857f
10 changed files with 1080 additions and 611 deletions

BIN
flaschengeist/.app.py.swo Normal file

Binary file not shown.

View File

@ -48,7 +48,7 @@ import pkg_resources
discovered_plugins = { discovered_plugins = {
entry_point.name: entry_point.load() entry_point.name: entry_point.load()
for entry_point for entry_point
in pkg_resources.iter_entry_points('geruecht.plugins') in pkg_resources.iter_entry_points('flaschengeist.plugins')
} }
#from geruecht import routes #from geruecht import routes
@ -60,9 +60,9 @@ discovered_plugins = {
#from geruecht.registration_route import registration #from geruecht.registration_route import registration
DEBUG.info("Registrate bluebrints") DEBUG.info("Registrate bluebrints")
for k, v in discovered_plugins: for name in discovered_plugins:
DEBUG("Register %s" % k) DEBUG.info("Register %s" % name)
app.register_blueprint(v()) app.register_blueprint(discovered_plugins[name]())
#app.register_blueprint(baruser) #app.register_blueprint(baruser)
#app.register_blueprint(finanzer) #app.register_blueprint(finanzer)

View File

View File

@ -1,216 +0,0 @@
from geruecht import app
from geruecht.logger import getDebugLogger
from geruecht.decorator import login_required
from geruecht.exceptions import PermissionDenied
import geruecht.controller.accesTokenController as ac
import geruecht.controller.mainController as mc
from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN
from flask import request, jsonify
accesTokenController = ac.AccesTokenController()
mainController = mc.MainController()
debug = getDebugLogger()
@app.route("/valid", methods=['POST'])
@login_required(bar=True)
def _valid(**kwargs):
debug.info('/valid')
try:
accToken = kwargs['accToken']
data = request.get_json()
mainController.validateUser(accToken.user.uid, data['password'])
debug.debug('return {{ "ok": "ok" }}')
return jsonify({"ok": "ok"})
except Exception as err:
debug.warning("exception in valide.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/pricelist", methods=['GET'])
def _getPricelist():
try:
debug.info("get pricelist")
retVal = mainController.getPricelist()
debug.info("return pricelist {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get pricelist.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/drinkTypes', methods=['GET'])
def getTypes():
try:
debug.info("get drinktypes")
retVal = mainController.getAllDrinkTypes()
debug.info("return drinktypes {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get drinktypes.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/getAllStatus', methods=['GET'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
def _getAllStatus(**kwargs):
try:
debug.info("get all status for users")
retVal = mainController.getAllStatus()
debug.info("return all status for users {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get all status for users.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/getStatus', methods=['POST'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
def _getStatus(**kwargs):
try:
debug.info("get status from user")
data = request.get_json()
name = data['name']
debug.info("get status from user {{ {} }}".format(name))
retVal = mainController.getStatus(name)
debug.info(
"return status from user {{ {} }} : {{ {} }}".format(name, retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get status from user.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/getUsers', methods=['GET'])
@login_required(groups=[USER], bar=True)
def _getUsers(**kwargs):
try:
extern = True
if 'extern' in request.args:
extern = not bool(int(request.args['extern']))
debug.info("get all users from database")
users = mainController.getAllUsersfromDB(extern=extern)
debug.debug("users are {{ {} }}".format(users))
retVal = [user.toJSON() for user in users]
debug.info("return all users from database {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning(
"exception in get all users from database.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/getLifeTime", methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _getLifeTime(**kwargs):
try:
debug.info("get lifetime of accesstoken")
if 'accToken' in kwargs:
accToken = kwargs['accToken']
debug.debug("accessToken is {{ {} }}".format(accToken))
retVal = {"value": accToken.lifetime,
"group": accToken.user.toJSON()['group'],
"lock_bar": accToken.lock_bar}
debug.info(
"return get lifetime from accesstoken {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.info("exception in get lifetime of accesstoken.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/saveLifeTime", methods=['POST'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _saveLifeTime(**kwargs):
try:
debug.info("save lifetime for accessToken")
if 'accToken' in kwargs:
accToken = kwargs['accToken']
debug.debug("accessToken is {{ {} }}".format(accToken))
data = request.get_json()
lifetime = data['value']
debug.debug("lifetime is {{ {} }}".format(lifetime))
debug.info("set lifetime {{ {} }} to accesstoken {{ {} }}".format(
lifetime, accToken))
accToken.lifetime = lifetime
debug.info("update accesstoken timestamp")
accToken = accesTokenController.updateAccessToken(accToken)
accToken = accesTokenController.validateAccessToken(accToken.token, [USER, EXTERN])
retVal = {"value": accToken.lifetime,
"group": accToken.user.toJSON()['group']}
debug.info(
"return save lifetime for accessToken {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning(
"exception in save lifetime for accesstoken.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/passwordReset", methods=['POST'])
def _passwordReset():
try:
debug.info('password reset')
data = request.get_json()
mail = mainController.resetPassword(data)
index = mail.find('@')
for i in range(index):
if i == 0:
continue
mail = mail.replace(mail[i], "*", 1)
return jsonify({"ok": "ok", "mail": mail})
except Exception as err:
debug.warning("excetpion in password reset", exc_info=True)
return jsonify({"error": str(err)}), 409
@app.route("/logout", methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _logout(**kwargs):
try:
debug.info("logout user")
if 'accToken' in kwargs:
accToken = kwargs['accToken']
debug.debug("accesstoken is {{ {} }}".format(accToken))
debug.info("delete accesstoken")
accesTokenController.deleteAccessToken(accToken)
debug.info("return ok logout user")
return jsonify({"ok": "ok"})
except Exception as err:
debug.warning("exception in logout user.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/login", methods=['POST'])
def _login():
""" Login User
Nothing to say.
Login in User and create an AccessToken for the User.
Returns:
A JSON-File with createt Token or Errors
"""
debug.info("Start log in.")
data = request.get_json()
username = data['username']
password = data['password']
debug.debug("username is {{ {} }}".format(username))
try:
user_agent = request.user_agent
debug.info("search {{ {} }} in database".format(username))
user = mainController.loginUser(username, password)
debug.debug("user is {{ {} }}".format(user))
token = accesTokenController.createAccesToken(user, user_agent=user_agent)
debug.debug("accesstoken is {{ {} }}".format(token))
debug.info("validate accesstoken")
dic = accesTokenController.validateAccessToken(
token, [USER, EXTERN]).user.toJSON()
dic["token"] = token
dic["accessToken"] = token
debug.info("User {{ {} }} success login.".format(username))
debug.info("return login {{ {} }}".format(dic))
return jsonify(dic)
except PermissionDenied as err:
debug.warning("permission denied exception in logout", exc_info=True)
return jsonify({"error": str(err)}), 401
except Exception as err:
debug.warning("exception in logout.", exc_info=True)
return jsonify({"error": "permission denied"}), 401

View File

@ -0,0 +1,413 @@
from flask import Blueprint, request, jsonify
#from geruecht.decorator import login_required
#import geruecht.controller.mainController as mc
#import geruecht.controller.accesTokenController as ac
#from geruecht.model import USER
#from datetime import datetime, time, date
#from geruecht.exceptions import DayLocked
#from geruecht.logger import getDebugLogger, getCreditLogger, getJobsLogger
#from geruecht.model.accessToken import AccessToken
user = Blueprint("user", __name__)
#mainController = mc.MainController()
#accesTokenController = ac.AccesTokenController()
debug = getDebugLogger()
#creditL = getCreditLogger()
#jobL = getJobsLogger()
#@user.route("/user/main")
#@login_required(groups=[USER])
#def _main(**kwargs):
# debug.info("/user/main")
# try:
# if 'accToken' in kwargs:
# accToken = kwargs['accToken']
# accToken.user = mainController.getUser(accToken.user.uid)
# retVal = accToken.user.toJSON()
# retVal['creditList'] = {credit.year: credit.toJSON()
# for credit in accToken.user.geruechte}
# debug.debug("return {{ {} }}".format(retVal))
# return jsonify(retVal)
# except Exception:
# debug.debug("exception", exc_info=True)
# return jsonify("error", "something went wrong"), 500
#@user.route("/user/addAmount", methods=['POST'])
#@login_required(groups=[USER])
#def _addAmount(**kwargs):
# debug.info("/user/addAmount")
# try:
# if 'accToken' in kwargs:
# accToken = kwargs['accToken']
# data = request.get_json()
# amount = int(data['amount'])
# date = datetime.now()
# mainController.addAmount(
# accToken.user.uid, amount, year=date.year, month=date.month)
# accToken.user = mainController.getUser(accToken.user.uid)
# retVal = accToken.user.toJSON()
# retVal['creditList'] = {credit.year: credit.toJSON()
# for credit in accToken.user.geruechte}
# debug.debug("return {{ {} }}".format(retVal))
# creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format(
# date, accToken.user.firstname, accToken.user.lastname, amount/100))
# return jsonify(retVal)
# except Exception:
# debug.debug("exception", exc_info=True)
# return jsonify({"error": "something went wrong"}), 500
#@user.route("/user/saveConfig", methods=['POST'])
#@login_required(groups=[USER])
#def _saveConfig(**kwargs):
# debug.info("/user/saveConfig")
# try:
# if 'accToken' in kwargs:
# accToken = kwargs['accToken']
# data = request.get_json()
# password = data['acceptedPassword']
# data.pop('acceptedPassword')
# accToken.user = mainController.modifyUser(
# accToken.user, data, password)
# retVal = accToken.user.toJSON()
# retVal['creditList'] = {credit.year: credit.toJSON()
# for credit in accToken.user.geruechte}
# debug.debug("return {{ {} }}".format(retVal))
# return jsonify(retVal)
# except Exception as err:
# debug.debug("exception", exc_info=True)
# return jsonify({"error": str(err)}), 409
#@user.route("/user/jobs", methods=['POST'])
#@login_required(groups=[USER])
#def _getUsers(**kwrags):
# debug.info("/user/jobs")
# try:
# data = request.get_json()
#from_date = data['from_date']
#to_date = data['to_date']
#from_date = datetime(
#from_date['year'], from_date['month'], from_date['day'])
#to_date = datetime(to_date['year'], to_date['month'], to_date['day'])
#lockedDays = mainController.getLockedDays(from_date, to_date)
#retVal = []
#for lockedDay in lockedDays:
#day = datetime.combine(lockedDay['daydate'], time(12))
#retDay = {
#"worker": mainController.getWorker(day),
#"day": {
#"date": {
#"year": day.year,
#"month": day.month,
#"day": day.day
#},
#"locked": lockedDay['locked']
#},
#"jobkinddate": mainController.getJobKindDates(day.date())
#}
#retVal.append(retDay)
#debug.debug("return {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/jobsOnDates", methods=['POST'])
#@login_required(groups=[USER])
#def _getJobsOnDates(**kwargs):
#debug.info("/user/jobsOnDates")
#try:
#data = request.get_json()
#lockedDays = mainController.getLockedDaysFromList(data)
#retVal = []
#for lockedDay in lockedDays:
#day = datetime.combine(lockedDay['daydate'], time(12))
#retDay = {
#"worker": mainController.getWorker(day),
#"day": {
#"date": {
#"year": day.year,
#"month": day.month,
#"day": day.day
#},
#"locked": lockedDay['locked']
#},
#"jobkinddate": mainController.getJobKindDates(day.date())
#}
#retVal.append(retDay)
#debug.debug("return {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/job", methods=['POST'])
#@login_required(groups=[USER])
#def _getUser(**kwargs):
#debug.info("/user/job")
#try:
#data = request.get_json()
#day = data['day']
#month = data['month']
#year = data['year']
#date = datetime(year, month, day, 12)
#lockedDay = mainController.getLockedDay(date)
#if not lockedDay:
#lockedDay = {
#'date': {
#'year': year,
#'month': month,
#'day': day
#},
#'locked': False
#}
#else:
#lockedDay = {
#'date': {
#'year': year,
#'month': month,
#'day': day
#},
#'locked': lockedDay['locked']
#}
#retVal = {
#'worker': mainController.getWorker(date),
#'day': lockedDay
#}
#debug.debug("retrun {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/addJob", methods=['POST'])
#@login_required(groups=[USER])
#def _addUser(**kwargs):
#debug.info("/user/addJob")
#try:
#if 'accToken' in kwargs:
#accToken = kwargs['accToken']
#user = accToken.user
#data = request.get_json()
#day = data['day']
#month = data['month']
#year = data['year']
#date = datetime(year, month, day, 12)
#job_kind = None
#if 'job_kind' in data:
#job_kind = data['job_kind']
#mainController.addWorker(user.uid, date, job_kind=job_kind, userExc=True)
#retVal = mainController.getWorker(date)
#debug.debug("return {{ {} }}".format(retVal))
#jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format(
#user.firstname, user.lastname, date.date()))
#return jsonify(retVal)
#except DayLocked as err:
#debug.debug("exception", exc_info=True)
#return jsonify({'error': str(err)}), 403
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({'error': str(err)}), 409
#@user.route("/user/deleteJob", methods=['POST'])
#@login_required(groups=[USER])
#def _deletJob(**kwargs):
#debug.info("/user/deleteJob")
#try:
#if 'accToken' in kwargs:
#accToken = kwargs['accToken']
#user = accToken.user
#data = request.get_json()
#day = data['day']
#month = data['month']
#year = data['year']
#date = datetime(year, month, day, 12)
#mainController.deleteWorker(user.uid, date, True)
#retVal = mainController.getWorker(date)
#debug.debug("return ok")
#jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format(
#user.firstname, user.lastname, date.date()))
#return jsonify(retVal)
#except DayLocked as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 403
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 409
#@user.route("/user/storno", methods=['POST'])
#@login_required(groups=[USER])
#def _storno(**kwargs):
#""" Function for Baruser to storno amount
#This function added to the user with the posted userID the posted amount.
#Returns:
#JSON-File with userID and the amount
#or ERROR 401 Permission Denied
#"""
#debug.info("/user/storno")
#try:
#if 'accToken' in kwargs:
#accToken = kwargs['accToken']
#user = accToken.user
#data = request.get_json()
#amount = int(data['amount'])
#date = datetime.now()
#mainController.addCredit(
#user.uid, amount, year=date.year, month=date.month)
#accToken.user = mainController.getUser(accToken.user.uid)
#retVal = accToken.user.toJSON()
#retVal['creditList'] = {credit.year: credit.toJSON()
#for credit in accToken.user.geruechte}
#debug.debug("return {{ {} }}".format(retVal))
#creditL.info("{} {} {} storniert {} €".format(
#date, user.firstname, user.lastname, amount/100))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/getJobInvites", methods=['POST'])
#@login_required(groups=[USER])
#def _getJobInvites(**kwargs):
#try:
#debug.info("/user/getJobInvites")
#from_user = None
#to_user = None
#on_date = None
#data = request.get_json()
#if 'from_user' in data:
#from_user = data['from_user']
#if 'to_user' in data:
#to_user = data['to_user']
#on_date = date(data['date']['year'], data['date']['month'], data['date']['day'])
#retVal = mainController.getJobInvites(from_user, to_user, on_date)
#debug.debug("return {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/JobInvites", methods=['PUT', 'POST'])
#@login_required(groups=[USER])
#def _JobInvites(**kwargs):
#try:
#debug.info("/user/JobInvites")
#data = request.get_json()
#if request.method == 'PUT':
#mainController.setJobInvites(data)
#retVal = mainController.getJobInvites(kwargs['accToken'].user.toJSON(), None, datetime.now().date())
#debug.debug("return {{ {} }}".format(retVal))
#if request.method == 'POST':
#retVal = mainController.updateJobInvites(data)
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/deleteJobInvite", methods=['POST'])
#@login_required(groups=[USER])
#def _deleteJobInvite(**kwargs):
#try:
#debug.info("/user/deleteJobInvite")
#data = request.get_json()
#mainController.deleteJobInvite(data)
#retVal = mainController.getJobInvites(data['from_user'], None, datetime.now().date())
#debug.debug("return {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/getJobRequests", methods=['POST'])
#@login_required(groups=[USER])
#def _getJobRequests(**kwargs):
#try:
#debug.info("/user/getJobRequests")
#from_user = None
#to_user = None
#on_date = None
#data = request.get_json()
#if 'from_user' in data:
#from_user = data['from_user']
#if 'to_user' in data:
#to_user = data['to_user']
#on_date = date(data['date']['year'], data['date']['month'], data['date']['day'])
#retVal = mainController.getJobRequests(from_user, to_user, on_date)
#debug.debug("return {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/JobRequests", methods=['PUT', 'POST'])
#@login_required(groups=[USER])
#def _JobRequests(**kwargs):
#try:
#debug.info("/user/JobRequests")
#data = request.get_json()
#if request.method == 'PUT':
#mainController.setJobRequests(data)
#retVal = mainController.getJobRequests(kwargs['accToken'].user.toJSON(), None, datetime.now().date())
#debug.debug("return {{ {} }}".format(retVal))
#if request.method == 'POST':
#data['on_date'] = date(data['on_date']['year'], data['on_date']['month'], data['on_date']['day'])
#retVal = mainController.updateJobRequests(data)
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/deleteJobRequest", methods=['POST'])
#@login_required(groups=[USER])
#def _deleteJobRequest(**kwargs):
#try:
#debug.info("/user/deleteJobRequest")
#data = request.get_json()
#mainController.deleteJobRequest(data)
#retVal = mainController.getJobRequests(data['from_user'], None, datetime.now().date())
#debug.debug("return {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500
#@user.route("/user/getAccessTokens", methods=['GET', 'POST'])
#@login_required(groups=[USER])
#def _getAccessTokens(**kwargs):
#try:
#debug.info("/user/getAccessTokens")
#if request.method == 'POST':
#data = request.get_json()
#delAccToken = AccessToken(data['id'], kwargs['accToken'].user, None, None, None)
#accesTokenController.deleteAccessToken(delAccToken)
#tokens = accesTokenController.getAccessTokensFromUser(kwargs['accToken'].user)
#retVal = []
#for token in tokens:
#retVal.append(token.toJSON())
#debug.debug("return {{ {} }}".format(retVal))
#return jsonify(retVal)
#except Exception as err:
#debug.debug("exception", exc_info=True)
#return jsonify({"error": str(err)}), 500

View File

@ -0,0 +1,413 @@
from flask import Blueprint, request, jsonify
from geruecht.decorator import login_required
import geruecht.controller.mainController as mc
import geruecht.controller.accesTokenController as ac
from geruecht.model import USER
from datetime import datetime, time, date
from geruecht.exceptions import DayLocked
from geruecht.logger import getDebugLogger, getCreditLogger, getJobsLogger
from geruecht.model.accessToken import AccessToken
user = Blueprint("user", __name__)
mainController = mc.MainController()
accesTokenController = ac.AccesTokenController()
debug = getDebugLogger()
creditL = getCreditLogger()
jobL = getJobsLogger()
@user.route("/user/main")
@login_required(groups=[USER])
def _main(**kwargs):
debug.info("/user/main")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
accToken.user = mainController.getUser(accToken.user.uid)
retVal = accToken.user.toJSON()
retVal['creditList'] = {credit.year: credit.toJSON()
for credit in accToken.user.geruechte}
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception:
debug.debug("exception", exc_info=True)
return jsonify("error", "something went wrong"), 500
@user.route("/user/addAmount", methods=['POST'])
@login_required(groups=[USER])
def _addAmount(**kwargs):
debug.info("/user/addAmount")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
data = request.get_json()
amount = int(data['amount'])
date = datetime.now()
mainController.addAmount(
accToken.user.uid, amount, year=date.year, month=date.month)
accToken.user = mainController.getUser(accToken.user.uid)
retVal = accToken.user.toJSON()
retVal['creditList'] = {credit.year: credit.toJSON()
for credit in accToken.user.geruechte}
debug.debug("return {{ {} }}".format(retVal))
creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format(
date, accToken.user.firstname, accToken.user.lastname, amount/100))
return jsonify(retVal)
except Exception:
debug.debug("exception", exc_info=True)
return jsonify({"error": "something went wrong"}), 500
@user.route("/user/saveConfig", methods=['POST'])
@login_required(groups=[USER])
def _saveConfig(**kwargs):
debug.info("/user/saveConfig")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
data = request.get_json()
password = data['acceptedPassword']
data.pop('acceptedPassword')
accToken.user = mainController.modifyUser(
accToken.user, data, password)
retVal = accToken.user.toJSON()
retVal['creditList'] = {credit.year: credit.toJSON()
for credit in accToken.user.geruechte}
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 409
@user.route("/user/jobs", methods=['POST'])
@login_required(groups=[USER])
def _getUsers(**kwrags):
debug.info("/user/jobs")
try:
data = request.get_json()
from_date = data['from_date']
to_date = data['to_date']
from_date = datetime(
from_date['year'], from_date['month'], from_date['day'])
to_date = datetime(to_date['year'], to_date['month'], to_date['day'])
lockedDays = mainController.getLockedDays(from_date, to_date)
retVal = []
for lockedDay in lockedDays:
day = datetime.combine(lockedDay['daydate'], time(12))
retDay = {
"worker": mainController.getWorker(day),
"day": {
"date": {
"year": day.year,
"month": day.month,
"day": day.day
},
"locked": lockedDay['locked']
},
"jobkinddate": mainController.getJobKindDates(day.date())
}
retVal.append(retDay)
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/jobsOnDates", methods=['POST'])
@login_required(groups=[USER])
def _getJobsOnDates(**kwargs):
debug.info("/user/jobsOnDates")
try:
data = request.get_json()
lockedDays = mainController.getLockedDaysFromList(data)
retVal = []
for lockedDay in lockedDays:
day = datetime.combine(lockedDay['daydate'], time(12))
retDay = {
"worker": mainController.getWorker(day),
"day": {
"date": {
"year": day.year,
"month": day.month,
"day": day.day
},
"locked": lockedDay['locked']
},
"jobkinddate": mainController.getJobKindDates(day.date())
}
retVal.append(retDay)
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/job", methods=['POST'])
@login_required(groups=[USER])
def _getUser(**kwargs):
debug.info("/user/job")
try:
data = request.get_json()
day = data['day']
month = data['month']
year = data['year']
date = datetime(year, month, day, 12)
lockedDay = mainController.getLockedDay(date)
if not lockedDay:
lockedDay = {
'date': {
'year': year,
'month': month,
'day': day
},
'locked': False
}
else:
lockedDay = {
'date': {
'year': year,
'month': month,
'day': day
},
'locked': lockedDay['locked']
}
retVal = {
'worker': mainController.getWorker(date),
'day': lockedDay
}
debug.debug("retrun {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/addJob", methods=['POST'])
@login_required(groups=[USER])
def _addUser(**kwargs):
debug.info("/user/addJob")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
user = accToken.user
data = request.get_json()
day = data['day']
month = data['month']
year = data['year']
date = datetime(year, month, day, 12)
job_kind = None
if 'job_kind' in data:
job_kind = data['job_kind']
mainController.addWorker(user.uid, date, job_kind=job_kind, userExc=True)
retVal = mainController.getWorker(date)
debug.debug("return {{ {} }}".format(retVal))
jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format(
user.firstname, user.lastname, date.date()))
return jsonify(retVal)
except DayLocked as err:
debug.debug("exception", exc_info=True)
return jsonify({'error': str(err)}), 403
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({'error': str(err)}), 409
@user.route("/user/deleteJob", methods=['POST'])
@login_required(groups=[USER])
def _deletJob(**kwargs):
debug.info("/user/deleteJob")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
user = accToken.user
data = request.get_json()
day = data['day']
month = data['month']
year = data['year']
date = datetime(year, month, day, 12)
mainController.deleteWorker(user.uid, date, True)
retVal = mainController.getWorker(date)
debug.debug("return ok")
jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format(
user.firstname, user.lastname, date.date()))
return jsonify(retVal)
except DayLocked as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 403
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 409
@user.route("/user/storno", methods=['POST'])
@login_required(groups=[USER])
def _storno(**kwargs):
""" Function for Baruser to storno amount
This function added to the user with the posted userID the posted amount.
Returns:
JSON-File with userID and the amount
or ERROR 401 Permission Denied
"""
debug.info("/user/storno")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
user = accToken.user
data = request.get_json()
amount = int(data['amount'])
date = datetime.now()
mainController.addCredit(
user.uid, amount, year=date.year, month=date.month)
accToken.user = mainController.getUser(accToken.user.uid)
retVal = accToken.user.toJSON()
retVal['creditList'] = {credit.year: credit.toJSON()
for credit in accToken.user.geruechte}
debug.debug("return {{ {} }}".format(retVal))
creditL.info("{} {} {} storniert {}".format(
date, user.firstname, user.lastname, amount/100))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/getJobInvites", methods=['POST'])
@login_required(groups=[USER])
def _getJobInvites(**kwargs):
try:
debug.info("/user/getJobInvites")
from_user = None
to_user = None
on_date = None
data = request.get_json()
if 'from_user' in data:
from_user = data['from_user']
if 'to_user' in data:
to_user = data['to_user']
on_date = date(data['date']['year'], data['date']['month'], data['date']['day'])
retVal = mainController.getJobInvites(from_user, to_user, on_date)
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/JobInvites", methods=['PUT', 'POST'])
@login_required(groups=[USER])
def _JobInvites(**kwargs):
try:
debug.info("/user/JobInvites")
data = request.get_json()
if request.method == 'PUT':
mainController.setJobInvites(data)
retVal = mainController.getJobInvites(kwargs['accToken'].user.toJSON(), None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
if request.method == 'POST':
retVal = mainController.updateJobInvites(data)
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/deleteJobInvite", methods=['POST'])
@login_required(groups=[USER])
def _deleteJobInvite(**kwargs):
try:
debug.info("/user/deleteJobInvite")
data = request.get_json()
mainController.deleteJobInvite(data)
retVal = mainController.getJobInvites(data['from_user'], None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/getJobRequests", methods=['POST'])
@login_required(groups=[USER])
def _getJobRequests(**kwargs):
try:
debug.info("/user/getJobRequests")
from_user = None
to_user = None
on_date = None
data = request.get_json()
if 'from_user' in data:
from_user = data['from_user']
if 'to_user' in data:
to_user = data['to_user']
on_date = date(data['date']['year'], data['date']['month'], data['date']['day'])
retVal = mainController.getJobRequests(from_user, to_user, on_date)
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/JobRequests", methods=['PUT', 'POST'])
@login_required(groups=[USER])
def _JobRequests(**kwargs):
try:
debug.info("/user/JobRequests")
data = request.get_json()
if request.method == 'PUT':
mainController.setJobRequests(data)
retVal = mainController.getJobRequests(kwargs['accToken'].user.toJSON(), None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
if request.method == 'POST':
data['on_date'] = date(data['on_date']['year'], data['on_date']['month'], data['on_date']['day'])
retVal = mainController.updateJobRequests(data)
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/deleteJobRequest", methods=['POST'])
@login_required(groups=[USER])
def _deleteJobRequest(**kwargs):
try:
debug.info("/user/deleteJobRequest")
data = request.get_json()
mainController.deleteJobRequest(data)
retVal = mainController.getJobRequests(data['from_user'], None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/getAccessTokens", methods=['GET', 'POST'])
@login_required(groups=[USER])
def _getAccessTokens(**kwargs):
try:
debug.info("/user/getAccessTokens")
if request.method == 'POST':
data = request.get_json()
delAccToken = AccessToken(data['id'], kwargs['accToken'].user, None, None, None)
accesTokenController.deleteAccessToken(delAccToken)
tokens = accesTokenController.getAccessTokensFromUser(kwargs['accToken'].user)
retVal = []
for token in tokens:
retVal.append(token.toJSON())
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500

View File

@ -0,0 +1,56 @@
#######################################
# Plugin: Users #
# Functionality: Allow management #
# of users, login, logout, etc #
#######################################
from flask import Blueprint
from flaschengeist.app import app
def register():
return Blueprint('user', __name__)
#######################################
## Routes ##
#######################################
#dummy
@app.route("/")
def _dummy():
return 'Noch funktioniert hier mal überhaupt nichts!'
@app.route("/login", methods=['POST'])
def _login():
""" Login User
Nothing to say.
Login in User and create an AccessToken for the User.
Returns:
A JSON-File with createt Token or Errors
"""
debug.info("Start log in.")
data = request.get_json()
username = data['username']
password = data['password']
debug.debug("username is {{ {} }}".format(username))
try:
user_agent = request.user_agent
debug.info("search {{ {} }} in database".format(username))
user = mainController.loginUser(username, password)
debug.debug("user is {{ {} }}".format(user))
token = accesTokenController.createAccesToken(user, user_agent=user_agent)
debug.debug("accesstoken is {{ {} }}".format(token))
debug.info("validate accesstoken")
dic = accesTokenController.validateAccessToken(
token, [USER, EXTERN]).user.toJSON()
dic["token"] = token
dic["accessToken"] = token
debug.info("User {{ {} }} success login.".format(username))
debug.info("return login {{ {} }}".format(dic))
return jsonify(dic)
except PermissionDenied as err:
debug.warning("permission denied exception in logout", exc_info=True)
return jsonify({"error": str(err)}), 401
except Exception as err:
debug.warning("exception in logout.", exc_info=True)
return jsonify({"error": "permission denied"}), 401

View File

@ -1,413 +1,216 @@
from flask import Blueprint, request, jsonify from geruecht import app
from geruecht.logger import getDebugLogger
from geruecht.decorator import login_required from geruecht.decorator import login_required
import geruecht.controller.mainController as mc from geruecht.exceptions import PermissionDenied
import geruecht.controller.accesTokenController as ac import geruecht.controller.accesTokenController as ac
from geruecht.model import USER import geruecht.controller.mainController as mc
from datetime import datetime, time, date from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN
from geruecht.exceptions import DayLocked from flask import request, jsonify
from geruecht.logger import getDebugLogger, getCreditLogger, getJobsLogger
from geruecht.model.accessToken import AccessToken
user = Blueprint("user", __name__)
mainController = mc.MainController()
accesTokenController = ac.AccesTokenController() accesTokenController = ac.AccesTokenController()
mainController = mc.MainController()
debug = getDebugLogger() debug = getDebugLogger()
creditL = getCreditLogger()
jobL = getJobsLogger()
@app.route("/valid", methods=['POST'])
@user.route("/user/main") @login_required(bar=True)
@login_required(groups=[USER]) def _valid(**kwargs):
def _main(**kwargs): debug.info('/valid')
debug.info("/user/main")
try: try:
accToken = kwargs['accToken']
data = request.get_json()
mainController.validateUser(accToken.user.uid, data['password'])
debug.debug('return {{ "ok": "ok" }}')
return jsonify({"ok": "ok"})
except Exception as err:
debug.warning("exception in valide.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/pricelist", methods=['GET'])
def _getPricelist():
try:
debug.info("get pricelist")
retVal = mainController.getPricelist()
debug.info("return pricelist {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get pricelist.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/drinkTypes', methods=['GET'])
def getTypes():
try:
debug.info("get drinktypes")
retVal = mainController.getAllDrinkTypes()
debug.info("return drinktypes {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get drinktypes.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/getAllStatus', methods=['GET'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
def _getAllStatus(**kwargs):
try:
debug.info("get all status for users")
retVal = mainController.getAllStatus()
debug.info("return all status for users {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get all status for users.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/getStatus', methods=['POST'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
def _getStatus(**kwargs):
try:
debug.info("get status from user")
data = request.get_json()
name = data['name']
debug.info("get status from user {{ {} }}".format(name))
retVal = mainController.getStatus(name)
debug.info(
"return status from user {{ {} }} : {{ {} }}".format(name, retVal))
return jsonify(retVal)
except Exception as err:
debug.warning("exception in get status from user.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route('/getUsers', methods=['GET'])
@login_required(groups=[USER], bar=True)
def _getUsers(**kwargs):
try:
extern = True
if 'extern' in request.args:
extern = not bool(int(request.args['extern']))
debug.info("get all users from database")
users = mainController.getAllUsersfromDB(extern=extern)
debug.debug("users are {{ {} }}".format(users))
retVal = [user.toJSON() for user in users]
debug.info("return all users from database {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning(
"exception in get all users from database.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/getLifeTime", methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _getLifeTime(**kwargs):
try:
debug.info("get lifetime of accesstoken")
if 'accToken' in kwargs: if 'accToken' in kwargs:
accToken = kwargs['accToken'] accToken = kwargs['accToken']
accToken.user = mainController.getUser(accToken.user.uid) debug.debug("accessToken is {{ {} }}".format(accToken))
retVal = accToken.user.toJSON() retVal = {"value": accToken.lifetime,
retVal['creditList'] = {credit.year: credit.toJSON() "group": accToken.user.toJSON()['group'],
for credit in accToken.user.geruechte} "lock_bar": accToken.lock_bar}
debug.debug("return {{ {} }}".format(retVal)) debug.info(
return jsonify(retVal) "return get lifetime from accesstoken {{ {} }}".format(retVal))
except Exception:
debug.debug("exception", exc_info=True)
return jsonify("error", "something went wrong"), 500
@user.route("/user/addAmount", methods=['POST'])
@login_required(groups=[USER])
def _addAmount(**kwargs):
debug.info("/user/addAmount")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
data = request.get_json()
amount = int(data['amount'])
date = datetime.now()
mainController.addAmount(
accToken.user.uid, amount, year=date.year, month=date.month)
accToken.user = mainController.getUser(accToken.user.uid)
retVal = accToken.user.toJSON()
retVal['creditList'] = {credit.year: credit.toJSON()
for credit in accToken.user.geruechte}
debug.debug("return {{ {} }}".format(retVal))
creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format(
date, accToken.user.firstname, accToken.user.lastname, amount/100))
return jsonify(retVal)
except Exception:
debug.debug("exception", exc_info=True)
return jsonify({"error": "something went wrong"}), 500
@user.route("/user/saveConfig", methods=['POST'])
@login_required(groups=[USER])
def _saveConfig(**kwargs):
debug.info("/user/saveConfig")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
data = request.get_json()
password = data['acceptedPassword']
data.pop('acceptedPassword')
accToken.user = mainController.modifyUser(
accToken.user, data, password)
retVal = accToken.user.toJSON()
retVal['creditList'] = {credit.year: credit.toJSON()
for credit in accToken.user.geruechte}
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal) return jsonify(retVal)
except Exception as err: except Exception as err:
debug.debug("exception", exc_info=True) debug.info("exception in get lifetime of accesstoken.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/saveLifeTime", methods=['POST'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _saveLifeTime(**kwargs):
try:
debug.info("save lifetime for accessToken")
if 'accToken' in kwargs:
accToken = kwargs['accToken']
debug.debug("accessToken is {{ {} }}".format(accToken))
data = request.get_json()
lifetime = data['value']
debug.debug("lifetime is {{ {} }}".format(lifetime))
debug.info("set lifetime {{ {} }} to accesstoken {{ {} }}".format(
lifetime, accToken))
accToken.lifetime = lifetime
debug.info("update accesstoken timestamp")
accToken = accesTokenController.updateAccessToken(accToken)
accToken = accesTokenController.validateAccessToken(accToken.token, [USER, EXTERN])
retVal = {"value": accToken.lifetime,
"group": accToken.user.toJSON()['group']}
debug.info(
"return save lifetime for accessToken {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.warning(
"exception in save lifetime for accesstoken.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/passwordReset", methods=['POST'])
def _passwordReset():
try:
debug.info('password reset')
data = request.get_json()
mail = mainController.resetPassword(data)
index = mail.find('@')
for i in range(index):
if i == 0:
continue
mail = mail.replace(mail[i], "*", 1)
return jsonify({"ok": "ok", "mail": mail})
except Exception as err:
debug.warning("excetpion in password reset", exc_info=True)
return jsonify({"error": str(err)}), 409 return jsonify({"error": str(err)}), 409
@app.route("/logout", methods=['GET'])
@user.route("/user/jobs", methods=['POST']) @login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
@login_required(groups=[USER]) def _logout(**kwargs):
def _getUsers(**kwrags):
debug.info("/user/jobs")
try:
data = request.get_json()
from_date = data['from_date']
to_date = data['to_date']
from_date = datetime(
from_date['year'], from_date['month'], from_date['day'])
to_date = datetime(to_date['year'], to_date['month'], to_date['day'])
lockedDays = mainController.getLockedDays(from_date, to_date)
retVal = []
for lockedDay in lockedDays:
day = datetime.combine(lockedDay['daydate'], time(12))
retDay = {
"worker": mainController.getWorker(day),
"day": {
"date": {
"year": day.year,
"month": day.month,
"day": day.day
},
"locked": lockedDay['locked']
},
"jobkinddate": mainController.getJobKindDates(day.date())
}
retVal.append(retDay)
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/jobsOnDates", methods=['POST'])
@login_required(groups=[USER])
def _getJobsOnDates(**kwargs):
debug.info("/user/jobsOnDates")
try:
data = request.get_json()
lockedDays = mainController.getLockedDaysFromList(data)
retVal = []
for lockedDay in lockedDays:
day = datetime.combine(lockedDay['daydate'], time(12))
retDay = {
"worker": mainController.getWorker(day),
"day": {
"date": {
"year": day.year,
"month": day.month,
"day": day.day
},
"locked": lockedDay['locked']
},
"jobkinddate": mainController.getJobKindDates(day.date())
}
retVal.append(retDay)
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/job", methods=['POST'])
@login_required(groups=[USER])
def _getUser(**kwargs):
debug.info("/user/job")
try:
data = request.get_json()
day = data['day']
month = data['month']
year = data['year']
date = datetime(year, month, day, 12)
lockedDay = mainController.getLockedDay(date)
if not lockedDay:
lockedDay = {
'date': {
'year': year,
'month': month,
'day': day
},
'locked': False
}
else:
lockedDay = {
'date': {
'year': year,
'month': month,
'day': day
},
'locked': lockedDay['locked']
}
retVal = {
'worker': mainController.getWorker(date),
'day': lockedDay
}
debug.debug("retrun {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/addJob", methods=['POST'])
@login_required(groups=[USER])
def _addUser(**kwargs):
debug.info("/user/addJob")
try: try:
debug.info("logout user")
if 'accToken' in kwargs: if 'accToken' in kwargs:
accToken = kwargs['accToken'] accToken = kwargs['accToken']
user = accToken.user debug.debug("accesstoken is {{ {} }}".format(accToken))
data = request.get_json() debug.info("delete accesstoken")
day = data['day'] accesTokenController.deleteAccessToken(accToken)
month = data['month'] debug.info("return ok logout user")
year = data['year'] return jsonify({"ok": "ok"})
date = datetime(year, month, day, 12)
job_kind = None
if 'job_kind' in data:
job_kind = data['job_kind']
mainController.addWorker(user.uid, date, job_kind=job_kind, userExc=True)
retVal = mainController.getWorker(date)
debug.debug("return {{ {} }}".format(retVal))
jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format(
user.firstname, user.lastname, date.date()))
return jsonify(retVal)
except DayLocked as err:
debug.debug("exception", exc_info=True)
return jsonify({'error': str(err)}), 403
except Exception as err: except Exception as err:
debug.debug("exception", exc_info=True) debug.warning("exception in logout user.", exc_info=True)
return jsonify({'error': str(err)}), 409
@user.route("/user/deleteJob", methods=['POST'])
@login_required(groups=[USER])
def _deletJob(**kwargs):
debug.info("/user/deleteJob")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
user = accToken.user
data = request.get_json()
day = data['day']
month = data['month']
year = data['year']
date = datetime(year, month, day, 12)
mainController.deleteWorker(user.uid, date, True)
retVal = mainController.getWorker(date)
debug.debug("return ok")
jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format(
user.firstname, user.lastname, date.date()))
return jsonify(retVal)
except DayLocked as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 403
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 409
@user.route("/user/storno", methods=['POST'])
@login_required(groups=[USER])
def _storno(**kwargs):
""" Function for Baruser to storno amount
This function added to the user with the posted userID the posted amount.
Returns:
JSON-File with userID and the amount
or ERROR 401 Permission Denied
"""
debug.info("/user/storno")
try:
if 'accToken' in kwargs:
accToken = kwargs['accToken']
user = accToken.user
data = request.get_json()
amount = int(data['amount'])
date = datetime.now()
mainController.addCredit(
user.uid, amount, year=date.year, month=date.month)
accToken.user = mainController.getUser(accToken.user.uid)
retVal = accToken.user.toJSON()
retVal['creditList'] = {credit.year: credit.toJSON()
for credit in accToken.user.geruechte}
debug.debug("return {{ {} }}".format(retVal))
creditL.info("{} {} {} storniert {}".format(
date, user.firstname, user.lastname, amount/100))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500 return jsonify({"error": str(err)}), 500
@user.route("/user/getJobInvites", methods=['POST']) @app.route("/login", methods=['POST'])
@login_required(groups=[USER]) def _login():
def _getJobInvites(**kwargs): """ Login User
Nothing to say.
Login in User and create an AccessToken for the User.
Returns:
A JSON-File with createt Token or Errors
"""
debug.info("Start log in.")
data = request.get_json()
username = data['username']
password = data['password']
debug.debug("username is {{ {} }}".format(username))
try: try:
debug.info("/user/getJobInvites") user_agent = request.user_agent
from_user = None debug.info("search {{ {} }} in database".format(username))
to_user = None user = mainController.loginUser(username, password)
on_date = None debug.debug("user is {{ {} }}".format(user))
token = accesTokenController.createAccesToken(user, user_agent=user_agent)
data = request.get_json() debug.debug("accesstoken is {{ {} }}".format(token))
debug.info("validate accesstoken")
if 'from_user' in data: dic = accesTokenController.validateAccessToken(
from_user = data['from_user'] token, [USER, EXTERN]).user.toJSON()
if 'to_user' in data: dic["token"] = token
to_user = data['to_user'] dic["accessToken"] = token
on_date = date(data['date']['year'], data['date']['month'], data['date']['day']) debug.info("User {{ {} }} success login.".format(username))
retVal = mainController.getJobInvites(from_user, to_user, on_date) debug.info("return login {{ {} }}".format(dic))
debug.debug("return {{ {} }}".format(retVal)) return jsonify(dic)
return jsonify(retVal) except PermissionDenied as err:
debug.warning("permission denied exception in logout", exc_info=True)
return jsonify({"error": str(err)}), 401
except Exception as err: except Exception as err:
debug.debug("exception", exc_info=True) debug.warning("exception in logout.", exc_info=True)
return jsonify({"error": str(err)}), 500 return jsonify({"error": "permission denied"}), 401
@user.route("/user/JobInvites", methods=['PUT', 'POST'])
@login_required(groups=[USER])
def _JobInvites(**kwargs):
try:
debug.info("/user/JobInvites")
data = request.get_json()
if request.method == 'PUT':
mainController.setJobInvites(data)
retVal = mainController.getJobInvites(kwargs['accToken'].user.toJSON(), None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
if request.method == 'POST':
retVal = mainController.updateJobInvites(data)
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/deleteJobInvite", methods=['POST'])
@login_required(groups=[USER])
def _deleteJobInvite(**kwargs):
try:
debug.info("/user/deleteJobInvite")
data = request.get_json()
mainController.deleteJobInvite(data)
retVal = mainController.getJobInvites(data['from_user'], None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/getJobRequests", methods=['POST'])
@login_required(groups=[USER])
def _getJobRequests(**kwargs):
try:
debug.info("/user/getJobRequests")
from_user = None
to_user = None
on_date = None
data = request.get_json()
if 'from_user' in data:
from_user = data['from_user']
if 'to_user' in data:
to_user = data['to_user']
on_date = date(data['date']['year'], data['date']['month'], data['date']['day'])
retVal = mainController.getJobRequests(from_user, to_user, on_date)
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/JobRequests", methods=['PUT', 'POST'])
@login_required(groups=[USER])
def _JobRequests(**kwargs):
try:
debug.info("/user/JobRequests")
data = request.get_json()
if request.method == 'PUT':
mainController.setJobRequests(data)
retVal = mainController.getJobRequests(kwargs['accToken'].user.toJSON(), None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
if request.method == 'POST':
data['on_date'] = date(data['on_date']['year'], data['on_date']['month'], data['on_date']['day'])
retVal = mainController.updateJobRequests(data)
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/deleteJobRequest", methods=['POST'])
@login_required(groups=[USER])
def _deleteJobRequest(**kwargs):
try:
debug.info("/user/deleteJobRequest")
data = request.get_json()
mainController.deleteJobRequest(data)
retVal = mainController.getJobRequests(data['from_user'], None, datetime.now().date())
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@user.route("/user/getAccessTokens", methods=['GET', 'POST'])
@login_required(groups=[USER])
def _getAccessTokens(**kwargs):
try:
debug.info("/user/getAccessTokens")
if request.method == 'POST':
data = request.get_json()
delAccToken = AccessToken(data['id'], kwargs['accToken'].user, None, None, None)
accesTokenController.deleteAccessToken(delAccToken)
tokens = accesTokenController.getAccessTokensFromUser(kwargs['accToken'].user)
retVal = []
for token in tokens:
retVal.append(token.toJSON())
debug.debug("return {{ {} }}".format(retVal))
return jsonify(retVal)
except Exception as err:
debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500

View File

@ -13,7 +13,7 @@ setup(
install_requires=['Flask >= 1.0.2', 'PyYAML>=5.3.1', "flask_mysqldb", "flask_ldapconn", "flask_cors"], install_requires=['Flask >= 1.0.2', 'PyYAML>=5.3.1', "flask_mysqldb", "flask_ldapconn", "flask_cors"],
entry_points = { entry_points = {
'flaschengeist.plugins': [ 'flaschengeist.plugins': [
'users = flaschengeist.system.user:register' 'users = flaschengeist.modules.user:register'
] ]
} }
) )