Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

fixed set locked_bar in database, 

if user is no bar_user locked_bar is set automaticly to false
This commit is contained in:
Tim Gröger 2020-06-06 13:17:18 +02:00
parent 18785dad91
commit 622bbc546f
4 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
geruecht/baruser/routes.py
View File

@ -1,8 +1,9 @@
from flask import Blueprint, request, jsonify from flask import Blueprint, request, jsonify
import geruecht.controller.ldapController as lc import geruecht.controller.ldapController as lc
import geruecht.controller.mainController as mc import geruecht.controller.mainController as mc
import geruecht.controller.accesTokenController as ac
from datetime import datetime from datetime import datetime
from geruecht.model import BAR, MONEY, USER, VORSTAND from geruecht.model import BAR, MONEY, USER, VORSTAND, EXTERN
from geruecht.decorator import login_required from geruecht.decorator import login_required
from geruecht.logger import getDebugLogger, getCreditLogger from geruecht.logger import getDebugLogger, getCreditLogger
@ -13,6 +14,7 @@ baruser = Blueprint("baruser", __name__)
ldap = lc.LDAPController() ldap = lc.LDAPController()
mainController = mc.MainController() mainController = mc.MainController()
accesTokenController = ac.AccesTokenController()
@baruser.route("/bar") @baruser.route("/bar")
@ -208,6 +210,8 @@ def _lockbar(**kwargs):
if request.method == "POST": if request.method == "POST":
data = request.get_json() data = request.get_json()
accToken.lock_bar = data['value'] accToken.lock_bar = data['value']
accToken = accesTokenController.updateAccessToken(accToken)
accToken = accesTokenController.validateAccessToken(accToken.token, [USER, EXTERN])
debug.debug('return {{ "value": {} }}'.format(accToken.lock_bar)) debug.debug('return {{ "value": {} }}'.format(accToken.lock_bar))
return jsonify({'value': accToken.lock_bar}) return jsonify({'value': accToken.lock_bar})

5
geruecht/controller/accesTokenController.py
View File

@ -39,10 +39,12 @@ class AccesTokenController(metaclass=Singleton):
if BAR not in user.group: if BAR not in user.group:
debug.debug("append bar to user {{ {} }}".format(user)) debug.debug("append bar to user {{ {} }}".format(user))
user.group.append(BAR) user.group.append(BAR)
return True
else: else:
while BAR in user.group: while BAR in user.group:
debug.debug("delete bar from user {{ {} }}".format(user)) debug.debug("delete bar from user {{ {} }}".format(user))
user.group.remove(BAR) user.group.remove(BAR)
return False
debug.debug("user {{ {} }} groups are {{ {} }}".format(user, user.group)) debug.debug("user {{ {} }} groups are {{ {} }}".format(user, user.group))
def validateAccessToken(self, token, group): def validateAccessToken(self, token, group):
@ -66,7 +68,8 @@ class AccesTokenController(metaclass=Singleton):
if now <= endTime: if now <= endTime:
debug.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken)) debug.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken))
if accToken == token: if accToken == token:
self.checkBar(accToken.user) if not self.checkBar(accToken.user):
accToken.lock_bar = False
debug.debug("check if accestoken {{ {} }} has group {{ {} }}".format(accToken, group)) debug.debug("check if accestoken {{ {} }} has group {{ {} }}".format(accToken, group))
if self.isSameGroup(accToken, group): if self.isSameGroup(accToken, group):
accToken.updateTimestamp() accToken.updateTimestamp()

6
geruecht/controller/databaseController/dbAccessTokenController.py
View File

@ -16,7 +16,7 @@ class Base:
raise DatabaseExecption("item as no type int or str. name={}, type={}".format(item, type(item))) raise DatabaseExecption("item as no type int or str. name={}, type={}".format(item, type(item)))
cursor.execute(sql) cursor.execute(sql)
session = cursor.fetchone() session = cursor.fetchone()
retVal = AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], session['timestamp'], browser=session['browser'], platform=session['platform']) if session != None else None retVal = AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], lock_bar=bool(session['lock_bar']),timestamp=session['timestamp'], browser=session['browser'], platform=session['platform']) if session != None else None
return retVal return retVal
except Exception as err: except Exception as err:
traceback.print_exc() traceback.print_exc()
@ -30,7 +30,7 @@ class Base:
sessions = cursor.fetchall() sessions = cursor.fetchall()
retVal = [ retVal = [
AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'],
session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions] lock_bar=bool(session['lock_bar']), timestamp=session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions]
return retVal return retVal
except Exception as err: except Exception as err:
traceback.print_exc() traceback.print_exc()
@ -42,7 +42,7 @@ class Base:
cursor = self.db.connection.cursor() cursor = self.db.connection.cursor()
cursor.execute("select * from session") cursor.execute("select * from session")
sessions = cursor.fetchall() sessions = cursor.fetchall()
retVal = [AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions] retVal = [AccessToken(session['id'], self.getUserById(session['user']), session['token'], session['lifetime'], lock_bar=bool(session['lock_bar']),timestamp=session['timestamp'], browser=session['browser'], platform=session['platform']) for session in sessions]
return retVal return retVal
except Exception as err: except Exception as err:
traceback.print_exc() traceback.print_exc()

4
geruecht/model/accessToken.py
View File

@ -16,7 +16,7 @@ class AccessToken():
user = None user = None
token = None token = None
def __init__(self, id, user, token, lifetime, timestamp=datetime.now(), browser=None, platform=None): def __init__(self, id, user, token, lifetime, lock_bar=False, timestamp=datetime.now(), browser=None, platform=None):
""" Initialize Class AccessToken """ Initialize Class AccessToken
No more to say. No more to say.
@ -32,7 +32,7 @@ class AccessToken():
self.timestamp = timestamp self.timestamp = timestamp
self.lifetime = lifetime self.lifetime = lifetime
self.token = token self.token = token
self.lock_bar = False self.lock_bar = lock_bar
self.browser = browser self.browser = browser
self.platform = platform self.platform = platform
debug.debug("accesstoken is {{ {} }}".format(self)) debug.debug("accesstoken is {{ {} }}".format(self))