Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

update to lock user and if bar user add a locked user, he see it

This commit is contained in:
Tim Gröger 2019-12-29 17:55:21 +01:00
parent 5607ec72f7
commit 92c2c95a34
5 changed files with 77 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
geruecht/baruser/routes.py
View File

@ -38,6 +38,7 @@ def _bar():
"firstname": user.firstname, "firstname": user.firstname,
"lastname": user.lastname, "lastname": user.lastname,
"amount": abs(month[0] - month[1]), "amount": abs(month[0] - month[1]),
"locked": user.locked,
"type": type "type": type
} }
return jsonify(dic) return jsonify(dic)
@ -68,7 +69,7 @@ def _baradd():
month = user.getGeruecht(year=date.year).getMonth(month=date.month) month = user.getGeruecht(year=date.year).getMonth(month=date.month)
amount = abs(month[0] - month[1]) amount = abs(month[0] - month[1])
return jsonify({"userId": user.uid, "amount": amount}) return jsonify({"userId": user.uid, "amount": amount, 'locked': user.locked})
return jsonify({"error", "permission denied"}), 401 return jsonify({"error", "permission denied"}), 401
@baruser.route("/barGetUsers") @baruser.route("/barGetUsers")
@ -91,6 +92,17 @@ def _getUsers():
return jsonify(retVal) return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401 return jsonify({"error": "permission denied"}), 401
@baruser.route("/barGetUser", methods=['POST'])
def _getUser():
token = request.headers.get("Token")
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
username = data['userId']
retVal = userController.getUser(username).toJSON()
return jsonify(retVal)
return jsonify("error", "permission denied"), 401
@baruser.route("/search", methods=['POST']) @baruser.route("/search", methods=['POST'])
def _search(): def _search():
token = request.headers.get("Token") token = request.headers.get("Token")

10
geruecht/controller/databaseController.py
View File

@ -74,8 +74,8 @@ class DatabaseController(metaclass=Singleton):
cursor = self.db.cursor() cursor = self.db.cursor()
groups = self._convertGroupToString(user.group) groups = self._convertGroupToString(user.group)
try: try:
cursor.execute("insert into user (uid, dn, firstname, lastname, gruppe, limit, locked, autoLock) VALUES ('{}','{}','{}','{}','{}',{},{},{})".format( cursor.execute("insert into user (uid, dn, firstname, lastname, gruppe, lockLimit, locked, autoLock) VALUES ('{}','{}','{}','{}','{}',{},{},{})".format(
user.uid, user.dn, user.firstname, user.lastname, groups)) user.uid, user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock))
self.db.commit() self.db.commit()
except Exception as err: except Exception as err:
self.db.rollback() self.db.rollback()
@ -88,8 +88,10 @@ class DatabaseController(metaclass=Singleton):
cursor = self.db.cursor() cursor = self.db.cursor()
groups = self._convertGroupToString(user.group) groups = self._convertGroupToString(user.group)
try: try:
cursor.execute("update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}, limit={}, locked={}, autoLock={}' where uid='{}'".format( sql = "update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}', lockLimit={}, locked={}, autoLock={} where uid='{}'".format(
user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock, user.uid)) user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock, user.uid)
print(sql)
cursor.execute(sql)
self.db.commit() self.db.commit()
except Exception as err: except Exception as err:
self.db.rollback() self.db.rollback()

29
geruecht/controller/userController.py
View File

@ -1,24 +1,41 @@
from . import LOGGER, Singleton, db, ldapController as ldap from . import LOGGER, Singleton, db, ldapController as ldap
from geruecht.model.user import User from geruecht.model.user import User
from geruecht.exceptions import PermissionDenied from geruecht.exceptions import PermissionDenied
from datetime import datetime
class UserController(metaclass=Singleton): class UserController(metaclass=Singleton):
def __init__(self): def __init__(self):
pass pass
def lockUser(self, username, locked):
user = self.getUser(username)
user.updateData({'locked': locked})
db.updateUser(user)
return self.getUser(username)
def updateConfig(self, username, data): def updateConfig(self, username, data):
user = self.getUser(username) user = self.getUser(username)
user.updateData(data) user.updateData(data)
db.updateUser(user) db.updateUser(user)
return self.getUser(username) return self.getUser(username)
def addAmount(self, username, amount, year, month): def autoLock(self, user):
if user.autoLock:
if user.getGeruecht(year=datetime.now().year).getSchulden() <= (-1*user.limit):
user.updateData({'locked': True})
else:
user.updateData({'locked': False})
db.updateUser(user)
def addAmount(self, username, amount, year, month, finanzer=False):
user = self.getUser(username) user = self.getUser(username)
user.addAmount(amount, year=year, month=month) if not user.locked or finanzer:
creditLists = user.updateGeruecht() user.addAmount(amount, year=year, month=month)
for creditList in creditLists: creditLists = user.updateGeruecht()
db.updateCreditList(creditList) for creditList in creditLists:
db.updateCreditList(creditList)
self.autoLock(user)
return user.getGeruecht(year) return user.getGeruecht(year)
def addCredit(self, username, credit, year, month): def addCredit(self, username, credit, year, month):
@ -27,6 +44,7 @@ class UserController(metaclass=Singleton):
creditLists = user.updateGeruecht() creditLists = user.updateGeruecht()
for creditList in creditLists: for creditList in creditLists:
db.updateCreditList(creditList) db.updateCreditList(creditList)
self.autoLock(user)
return user.getGeruecht(year) return user.getGeruecht(year)
def getAllUsersfromDB(self): def getAllUsersfromDB(self):
@ -36,6 +54,7 @@ class UserController(metaclass=Singleton):
user = db.getUser(username) user = db.getUser(username)
groups = ldap.getGroup(username) groups = ldap.getGroup(username)
user_data = ldap.getUserData(username) user_data = ldap.getUserData(username)
user_data['gruppe'] = groups
user_data['group'] = groups user_data['group'] = groups
if user is None: if user is None:
user = User(user_data) user = User(user_data)

29
geruecht/finanzer/routes.py
View File

@ -69,7 +69,7 @@ def _addAmount():
LOGGER.error("KeyError in month. Month is set to default.") LOGGER.error("KeyError in month. Month is set to default.")
month = datetime.now().month month = datetime.now().month
LOGGER.debug("Year is {} and Month is {}".format(year, month)) LOGGER.debug("Year is {} and Month is {}".format(year, month))
userController.addAmount(userID, amount, year=year, month=month) userController.addAmount(userID, amount, year=year, month=month, finanzer=True)
retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte} retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte}
LOGGER.info("Send updated Geruecht") LOGGER.info("Send updated Geruecht")
return jsonify(retVal) return jsonify(retVal)
@ -120,3 +120,30 @@ def _addCredit():
return jsonify(retVal) return jsonify(retVal)
LOGGER.info("Permission Denied") LOGGER.info("Permission Denied")
return jsonify({"error": "permission denied"}), 401 return jsonify({"error": "permission denied"}), 401
@finanzer.route("/finanzerLock", methods=['POST'])
def _finanzerLock():
token = request.headers.get("Token")
accToken = accesTokenController.validateAccessToken(token, MONEY)
if accToken:
data = request.get_json()
username = data['userId']
locked = bool(data['locked'])
retVal = userController.lockUser(username, locked).toJSON()
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401
@finanzer.route("/finanzerSetConfig", methods=['POST'])
def _finanzerSetConfig():
token = request.headers.get("Token")
accToken = accesTokenController.validateAccessToken(token, MONEY)
if accToken:
data = request.get_json()
username = data['userId']
autoLock = bool(data['autoLock'])
limit = int(data['limit'])
retVal = userController.updateConfig(username, {'lockLimit': limit, 'autoLock': autoLock}).toJSON()
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401

11
geruecht/model/user.py
View File

@ -20,14 +20,15 @@ class User():
password: salted hashed password for the User. password: salted hashed password for the User.
""" """
def __init__(self, data): def __init__(self, data):
self.id = int(data['id']) if 'id' in data:
self.id = int(data['id'])
self.uid = data['uid'] self.uid = data['uid']
self.dn = data['dn'] self.dn = data['dn']
self.firstname = data['firstname'] self.firstname = data['firstname']
self.lastname = data['lastname'] self.lastname = data['lastname']
self.group = data['gruppe'] self.group = data['gruppe']
if 'limit' in data: if 'lockLimit' in data:
self.limit = data['limit'] self.limit = int(data['lockLimit'])
else: else:
self.limit = 4200 self.limit = 4200
if 'locked' in data: if 'locked' in data:
@ -54,8 +55,8 @@ class User():
self.lastname = data['lastname'] self.lastname = data['lastname']
if 'gruppe' in data: if 'gruppe' in data:
self.group = data['gruppe'] self.group = data['gruppe']
if 'limit' in data: if 'lockLimit' in data:
self.limit = data['limit'] self.limit = int(data['lockLimit'])
if 'locked' in data: if 'locked' in data:
self.locked = bool(data['locked']) self.locked = bool(data['locked'])
if 'autoLock' in data: if 'autoLock' in data: