diff --git a/geruecht/baruser/routes.py b/geruecht/baruser/routes.py index 3002613..98c7df5 100644 --- a/geruecht/baruser/routes.py +++ b/geruecht/baruser/routes.py @@ -84,7 +84,7 @@ def _baradd(**kwargs): else: type = 'amount' dic = user.toJSON() - dic['amount'] = abs(all) + dic['amount'] = all dic['type'] = type debug.debug("return {{ {} }}".format(dic)) creditL.info("{} Baruser {} {} fügt {} {} {} € Schulden hinzu.".format( @@ -147,7 +147,7 @@ def _storno(**kwargs): else: type = 'amount' dic = user.toJSON() - dic['amount'] = abs(all) + dic['amount'] = all dic['type'] = type debug.debug("return {{ {} }}".format(dic)) creditL.info("{} Baruser {} {} storniert {} € von {} {}".format( @@ -183,7 +183,7 @@ def _getUser(**kwargs): @baruser.route("/search", methods=['GET']) -@login_required(groups=[BAR, MONEY, USER, VORSTAND]) +@login_required(groups=[BAR, MONEY, USER, VORSTAND], bar=True) def _search(**kwargs): debug.info("/search") try: @@ -198,12 +198,14 @@ def _search(**kwargs): debug.debug("exception", exc_info=True) return jsonify({"error": str(err)}), 500 -@baruser.route("/bar/lock", methods=['POST']) +@baruser.route("/bar/lock", methods=['GET', 'POST']) @login_required(groups=[BAR], bar=True) def _lockbar(**kwargs): + debug.info('/bar/lock') - data = request.get_json() accToken = kwargs['accToken'] - accToken.lock_bar = [data['value']] + if request.method == "POST": + data = request.get_json() + accToken.lock_bar = data['value'] debug.debug('return {{ "value": {} }}'.format(accToken.lock_bar)) return jsonify({'value': accToken.lock_bar}) diff --git a/geruecht/routes.py b/geruecht/routes.py index b3b6d88..fec35b2 100644 --- a/geruecht/routes.py +++ b/geruecht/routes.py @@ -19,7 +19,7 @@ def _valid(**kwargs): try: accToken = kwargs['accToken'] data = request.get_json() - userController.validateUser(accToken.user.username, data['password']) + userController.validateUser(accToken.user.uid, data['password']) debug.debug('return {{ "ok": "ok" }}') return jsonify({"ok": "ok"}) except Exception as err: