fixed set locked_bar in database,

if user is no bar_user locked_bar is set automaticly to false
2020-06-06 13:17:18 +02:00 · 2020-06-06 13:17:18 +02:00 · 622bbc546f
parent 18785dad91
commit 622bbc546f
4 changed files with 14 additions and 7 deletions
--- a/geruecht/baruser/routes.py
+++ b/geruecht/baruser/routes.py
@ -1,8 +1,9 @@
 from flask import Blueprint, request, jsonify
 import geruecht.controller.ldapController as lc
 import geruecht.controller.mainController as mc
+import geruecht.controller.accesTokenController as ac
 from datetime import datetime
-from geruecht.model import BAR, MONEY, USER, VORSTAND
+from geruecht.model import BAR, MONEY, USER, VORSTAND, EXTERN
 from geruecht.decorator import login_required
 from geruecht.logger import getDebugLogger, getCreditLogger

@ -13,6 +14,7 @@ baruser = Blueprint("baruser", __name__)

 ldap = lc.LDAPController()
 mainController = mc.MainController()
+accesTokenController = ac.AccesTokenController()


@baruser.route("/bar")
@ -208,6 +210,8 @@ def _lockbar(**kwargs):
    if request.method == "POST":
        data = request.get_json()
        accToken.lock_bar = data['value']
+        accToken = accesTokenController.updateAccessToken(accToken)
+        accToken = accesTokenController.validateAccessToken(accToken.token, [USER, EXTERN])
    debug.debug('return {{ "value": {} }}'.format(accToken.lock_bar))
    return jsonify({'value': accToken.lock_bar})

--- a/geruecht/controller/accesTokenController.py
+++ b/geruecht/controller/accesTokenController.py
@ -39,10 +39,12 @@ class AccesTokenController(metaclass=Singleton):
            if BAR not in user.group:
                debug.debug("append bar to user {{ {} }}".format(user))
                user.group.append(BAR)
+            return True
        else:
            while BAR in user.group:
                debug.debug("delete bar from user {{ {} }}".format(user))
                user.group.remove(BAR)
+                return False
        debug.debug("user {{ {} }} groups are {{ {} }}".format(user, user.group))

    def validateAccessToken(self, token, group):
@ -66,7 +68,8 @@ class AccesTokenController(metaclass=Singleton):
            if now <= endTime:
                debug.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken))
                if accToken == token:
-                    self.checkBar(accToken.user)
+                    if not self.checkBar(accToken.user):
+                        accToken.lock_bar = False
                    debug.debug("check if accestoken {{ {} }} has group {{ {} }}".format(accToken, group))
                    if self.isSameGroup(accToken, group):
                        accToken.updateTimestamp()
--- a/geruecht/controller/databaseController/dbAccessTokenController.py
+++ b/geruecht/controller/databaseController/dbAccessTokenController.py
@ -16,7 +16,7 @@ class Base:
                raise DatabaseExecption("item as no type int or str. name={}, type={}".format(item, type(item)))
            cursor.execute(sql)
            session = cursor.fetchone()
-            retVal = AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], session['timestamp'], browser=session['browser'], platform=session['platform']) if session != None else None
+            retVal = AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], lock_bar=bool(session['lock_bar']),timestamp=session['timestamp'], browser=session['browser'], platform=session['platform']) if session != None else None
            return retVal
        except Exception as err:
            traceback.print_exc()
@ -30,7 +30,7 @@ class Base:
            sessions = cursor.fetchall()
            retVal = [
                AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'],
-                            session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions]
+                            lock_bar=bool(session['lock_bar']), timestamp=session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions]
            return retVal
        except Exception as err:
            traceback.print_exc()
@ -42,7 +42,7 @@ class Base:
            cursor = self.db.connection.cursor()
            cursor.execute("select * from session")
            sessions = cursor.fetchall()
-            retVal = [AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions]
+            retVal = [AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], lock_bar=bool(session['lock_bar']),timestamp=session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions]
            return retVal
        except Exception as err:
            traceback.print_exc()
--- a/geruecht/model/accessToken.py
+++ b/geruecht/model/accessToken.py
@ -16,7 +16,7 @@ class AccessToken():
    user = None
    token = None

-    def __init__(self, id, user, token, lifetime, timestamp=datetime.now(), browser=None, platform=None):
+    def __init__(self, id, user, token, lifetime, lock_bar=False, timestamp=datetime.now(), browser=None, platform=None):
        """ Initialize Class AccessToken

            No more to say.
@ -32,7 +32,7 @@ class AccessToken():
        self.timestamp = timestamp
        self.lifetime = lifetime
        self.token = token
-        self.lock_bar = False
+        self.lock_bar = lock_bar
        self.browser = browser
        self.platform = platform
        debug.debug("accesstoken is {{ {} }}".format(self))