update to lock user and if bar user add a locked user, he see it
This commit is contained in:
parent
5607ec72f7
commit
92c2c95a34
|
@ -38,6 +38,7 @@ def _bar():
|
|||
"firstname": user.firstname,
|
||||
"lastname": user.lastname,
|
||||
"amount": abs(month[0] - month[1]),
|
||||
"locked": user.locked,
|
||||
"type": type
|
||||
}
|
||||
return jsonify(dic)
|
||||
|
@ -68,7 +69,7 @@ def _baradd():
|
|||
month = user.getGeruecht(year=date.year).getMonth(month=date.month)
|
||||
amount = abs(month[0] - month[1])
|
||||
|
||||
return jsonify({"userId": user.uid, "amount": amount})
|
||||
return jsonify({"userId": user.uid, "amount": amount, 'locked': user.locked})
|
||||
return jsonify({"error", "permission denied"}), 401
|
||||
|
||||
@baruser.route("/barGetUsers")
|
||||
|
@ -91,6 +92,17 @@ def _getUsers():
|
|||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@baruser.route("/barGetUser", methods=['POST'])
|
||||
def _getUser():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, BAR)
|
||||
if accToken:
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
retVal = userController.getUser(username).toJSON()
|
||||
return jsonify(retVal)
|
||||
return jsonify("error", "permission denied"), 401
|
||||
|
||||
@baruser.route("/search", methods=['POST'])
|
||||
def _search():
|
||||
token = request.headers.get("Token")
|
||||
|
|
|
@ -74,8 +74,8 @@ class DatabaseController(metaclass=Singleton):
|
|||
cursor = self.db.cursor()
|
||||
groups = self._convertGroupToString(user.group)
|
||||
try:
|
||||
cursor.execute("insert into user (uid, dn, firstname, lastname, gruppe, limit, locked, autoLock) VALUES ('{}','{}','{}','{}','{}',{},{},{})".format(
|
||||
user.uid, user.dn, user.firstname, user.lastname, groups))
|
||||
cursor.execute("insert into user (uid, dn, firstname, lastname, gruppe, lockLimit, locked, autoLock) VALUES ('{}','{}','{}','{}','{}',{},{},{})".format(
|
||||
user.uid, user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock))
|
||||
self.db.commit()
|
||||
except Exception as err:
|
||||
self.db.rollback()
|
||||
|
@ -88,8 +88,10 @@ class DatabaseController(metaclass=Singleton):
|
|||
cursor = self.db.cursor()
|
||||
groups = self._convertGroupToString(user.group)
|
||||
try:
|
||||
cursor.execute("update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}, limit={}, locked={}, autoLock={}' where uid='{}'".format(
|
||||
user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock, user.uid))
|
||||
sql = "update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}', lockLimit={}, locked={}, autoLock={} where uid='{}'".format(
|
||||
user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock, user.uid)
|
||||
print(sql)
|
||||
cursor.execute(sql)
|
||||
self.db.commit()
|
||||
except Exception as err:
|
||||
self.db.rollback()
|
||||
|
|
|
@ -1,24 +1,41 @@
|
|||
from . import LOGGER, Singleton, db, ldapController as ldap
|
||||
from geruecht.model.user import User
|
||||
from geruecht.exceptions import PermissionDenied
|
||||
from datetime import datetime
|
||||
|
||||
class UserController(metaclass=Singleton):
|
||||
|
||||
def __init__(self):
|
||||
pass
|
||||
|
||||
def lockUser(self, username, locked):
|
||||
user = self.getUser(username)
|
||||
user.updateData({'locked': locked})
|
||||
db.updateUser(user)
|
||||
return self.getUser(username)
|
||||
|
||||
def updateConfig(self, username, data):
|
||||
user = self.getUser(username)
|
||||
user.updateData(data)
|
||||
db.updateUser(user)
|
||||
return self.getUser(username)
|
||||
|
||||
def addAmount(self, username, amount, year, month):
|
||||
def autoLock(self, user):
|
||||
if user.autoLock:
|
||||
if user.getGeruecht(year=datetime.now().year).getSchulden() <= (-1*user.limit):
|
||||
user.updateData({'locked': True})
|
||||
else:
|
||||
user.updateData({'locked': False})
|
||||
db.updateUser(user)
|
||||
|
||||
def addAmount(self, username, amount, year, month, finanzer=False):
|
||||
user = self.getUser(username)
|
||||
if not user.locked or finanzer:
|
||||
user.addAmount(amount, year=year, month=month)
|
||||
creditLists = user.updateGeruecht()
|
||||
for creditList in creditLists:
|
||||
db.updateCreditList(creditList)
|
||||
self.autoLock(user)
|
||||
return user.getGeruecht(year)
|
||||
|
||||
def addCredit(self, username, credit, year, month):
|
||||
|
@ -27,6 +44,7 @@ class UserController(metaclass=Singleton):
|
|||
creditLists = user.updateGeruecht()
|
||||
for creditList in creditLists:
|
||||
db.updateCreditList(creditList)
|
||||
self.autoLock(user)
|
||||
return user.getGeruecht(year)
|
||||
|
||||
def getAllUsersfromDB(self):
|
||||
|
@ -36,6 +54,7 @@ class UserController(metaclass=Singleton):
|
|||
user = db.getUser(username)
|
||||
groups = ldap.getGroup(username)
|
||||
user_data = ldap.getUserData(username)
|
||||
user_data['gruppe'] = groups
|
||||
user_data['group'] = groups
|
||||
if user is None:
|
||||
user = User(user_data)
|
||||
|
|
|
@ -69,7 +69,7 @@ def _addAmount():
|
|||
LOGGER.error("KeyError in month. Month is set to default.")
|
||||
month = datetime.now().month
|
||||
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
||||
userController.addAmount(userID, amount, year=year, month=month)
|
||||
userController.addAmount(userID, amount, year=year, month=month, finanzer=True)
|
||||
retVal = {geruecht.year: geruecht.toJSON() for geruecht in userController.getUser(userID).geruechte}
|
||||
LOGGER.info("Send updated Geruecht")
|
||||
return jsonify(retVal)
|
||||
|
@ -120,3 +120,30 @@ def _addCredit():
|
|||
return jsonify(retVal)
|
||||
LOGGER.info("Permission Denied")
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerLock", methods=['POST'])
|
||||
def _finanzerLock():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, MONEY)
|
||||
|
||||
if accToken:
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
locked = bool(data['locked'])
|
||||
retVal = userController.lockUser(username, locked).toJSON()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerSetConfig", methods=['POST'])
|
||||
def _finanzerSetConfig():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, MONEY)
|
||||
|
||||
if accToken:
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
autoLock = bool(data['autoLock'])
|
||||
limit = int(data['limit'])
|
||||
retVal = userController.updateConfig(username, {'lockLimit': limit, 'autoLock': autoLock}).toJSON()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
|
@ -20,14 +20,15 @@ class User():
|
|||
password: salted hashed password for the User.
|
||||
"""
|
||||
def __init__(self, data):
|
||||
if 'id' in data:
|
||||
self.id = int(data['id'])
|
||||
self.uid = data['uid']
|
||||
self.dn = data['dn']
|
||||
self.firstname = data['firstname']
|
||||
self.lastname = data['lastname']
|
||||
self.group = data['gruppe']
|
||||
if 'limit' in data:
|
||||
self.limit = data['limit']
|
||||
if 'lockLimit' in data:
|
||||
self.limit = int(data['lockLimit'])
|
||||
else:
|
||||
self.limit = 4200
|
||||
if 'locked' in data:
|
||||
|
@ -54,8 +55,8 @@ class User():
|
|||
self.lastname = data['lastname']
|
||||
if 'gruppe' in data:
|
||||
self.group = data['gruppe']
|
||||
if 'limit' in data:
|
||||
self.limit = data['limit']
|
||||
if 'lockLimit' in data:
|
||||
self.limit = int(data['lockLimit'])
|
||||
if 'locked' in data:
|
||||
self.locked = bool(data['locked'])
|
||||
if 'autoLock' in data:
|
||||
|
|
Loading…
Reference in New Issue