Merge branch 'feature/ldap' into develop
This commit is contained in:
commit
a052add057
|
|
@ -116,4 +116,7 @@ dmypy.json
|
||||||
.pyre/
|
.pyre/
|
||||||
|
|
||||||
#ide
|
#ide
|
||||||
.idea
|
.idea
|
||||||
|
|
||||||
|
.vscode/
|
||||||
|
*.log
|
||||||
|
|
@ -8,6 +8,11 @@ import logging
|
||||||
from logging.handlers import WatchedFileHandler
|
from logging.handlers import WatchedFileHandler
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
|
MONEY = "moneymaster"
|
||||||
|
GASTRO = "gastro"
|
||||||
|
USER = "user"
|
||||||
|
BAR = "bar"
|
||||||
|
|
||||||
FORMATTER = logging.Formatter("%(asctime)s — %(name)s — %(levelname)s — %(message)s")
|
FORMATTER = logging.Formatter("%(asctime)s — %(name)s — %(levelname)s — %(message)s")
|
||||||
|
|
||||||
logFileHandler = WatchedFileHandler("testlog.log")
|
logFileHandler = WatchedFileHandler("testlog.log")
|
||||||
|
|
@ -29,9 +34,34 @@ def getLogger(logger_name):
|
||||||
LOGGER = getLogger(__name__)
|
LOGGER = getLogger(__name__)
|
||||||
LOGGER.info("Initialize App")
|
LOGGER.info("Initialize App")
|
||||||
|
|
||||||
|
class Singleton(type):
|
||||||
|
_instances = {}
|
||||||
|
def __call__(cls, *args, **kwargs):
|
||||||
|
if cls not in cls._instances:
|
||||||
|
cls._instances[cls] = super(Singleton, cls).__call__(*args, **kwargs)
|
||||||
|
return cls._instances[cls]
|
||||||
|
|
||||||
|
from .controller.databaseController import DatabaseController
|
||||||
|
db = DatabaseController()
|
||||||
|
from .controller.ldapController import LDAPController
|
||||||
|
ldapController = LDAPController()
|
||||||
|
|
||||||
|
def getDatabesController():
|
||||||
|
if db is not None:
|
||||||
|
return db
|
||||||
|
else:
|
||||||
|
return DatabaseController()
|
||||||
|
def getLDAPController():
|
||||||
|
if ldapController is not None:
|
||||||
|
return ldapController
|
||||||
|
else:
|
||||||
|
return LDAPController()
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
from flask import Flask
|
from flask import Flask
|
||||||
from flask_sqlalchemy import SQLAlchemy
|
from flask_sqlalchemy import SQLAlchemy
|
||||||
from flask_bcrypt import Bcrypt
|
|
||||||
from flask_cors import CORS
|
from flask_cors import CORS
|
||||||
from .controller.accesTokenController import AccesTokenController
|
from .controller.accesTokenController import AccesTokenController
|
||||||
|
|
||||||
|
|
@ -41,18 +71,14 @@ app = Flask(__name__)
|
||||||
CORS(app)
|
CORS(app)
|
||||||
# app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
|
# app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
|
||||||
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db'
|
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db'
|
||||||
db = SQLAlchemy(app)
|
#db = SQLAlchemy(app)
|
||||||
bcrypt = Bcrypt(app)
|
|
||||||
accesTokenController = AccesTokenController("GERUECHT")
|
accesTokenController = AccesTokenController("GERUECHT")
|
||||||
accesTokenController.start()
|
accesTokenController.start()
|
||||||
# login_manager = LoginManager(app)
|
# login_manager = LoginManager(app)
|
||||||
# login_manager.login_view = 'login'
|
# login_manager.login_view = 'login'
|
||||||
# login_manager.login_message_category = 'info'
|
# login_manager.login_message_category = 'info'
|
||||||
|
|
||||||
MONEY = "moneymaster"
|
|
||||||
GASTRO = "gastro"
|
|
||||||
USER = "user"
|
|
||||||
BAR = "bar"
|
|
||||||
|
|
||||||
|
|
||||||
from geruecht import routes
|
from geruecht import routes
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
from flask import Blueprint, request, jsonify
|
from flask import Blueprint, request, jsonify
|
||||||
from geruecht import BAR, db
|
from geruecht import BAR, db, ldapController as ldap
|
||||||
from geruecht.routes import verifyAccessToken
|
from geruecht.routes import verifyAccessToken
|
||||||
from geruecht.model.user import User
|
from geruecht.model.user import User
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
|
@ -23,18 +23,23 @@ def _bar():
|
||||||
|
|
||||||
dic = {}
|
dic = {}
|
||||||
if accToken is not None:
|
if accToken is not None:
|
||||||
users = User.query.all()
|
users = db.getAllUser()
|
||||||
for user in users:
|
for user in users:
|
||||||
geruecht = None
|
geruecht = None
|
||||||
geruecht = user.getGeruecht()
|
geruecht = user.getGeruecht()
|
||||||
if geruecht is not None:
|
if geruecht is not None:
|
||||||
month = geruecht.getMonth(datetime.now().month)
|
month = geruecht.getMonth(datetime.now().month)
|
||||||
amount = abs(month[0] - month[1])
|
amount = month[0] - month[1]
|
||||||
if amount != 0:
|
if amount != 0:
|
||||||
dic[user.userID] = {"username": user.username,
|
if amount >= 0:
|
||||||
|
type = 'credit'
|
||||||
|
else:
|
||||||
|
type = 'amount'
|
||||||
|
dic[user.cn] = {"username": user.cn,
|
||||||
"firstname": user.firstname,
|
"firstname": user.firstname,
|
||||||
"lastname": user.lastname,
|
"lastname": user.lastname,
|
||||||
"amount": abs(month[0] - month[1])
|
"amount": abs(month[0] - month[1]),
|
||||||
|
"type": type
|
||||||
}
|
}
|
||||||
return jsonify(dic)
|
return jsonify(dic)
|
||||||
return jsonify({"error": "permission denied"}), 401
|
return jsonify({"error": "permission denied"}), 401
|
||||||
|
|
@ -58,12 +63,18 @@ def _baradd():
|
||||||
userID = data['userId']
|
userID = data['userId']
|
||||||
amount = int(data['amount'])
|
amount = int(data['amount'])
|
||||||
|
|
||||||
user = User.query.filter_by(userID=userID).first()
|
user = db.getUser(userID)
|
||||||
|
if user is None:
|
||||||
|
groups = ldap.getGroup(userID)
|
||||||
|
user_data = ldap.getUserData(userID)
|
||||||
|
user_data['group'] = groups
|
||||||
|
db.insertUser(user_data)
|
||||||
|
user = db.getUser(userID)
|
||||||
month = user.addAmount(amount)
|
month = user.addAmount(amount)
|
||||||
|
|
||||||
amount = abs(month[0] - month[1])
|
amount = abs(month[0] - month[1])
|
||||||
|
|
||||||
return jsonify({"userId": user.userID, "amount": amount})
|
return jsonify({"userId": user.cn, "amount": amount})
|
||||||
return jsonify({"error", "permission denied"}), 401
|
return jsonify({"error", "permission denied"}), 401
|
||||||
|
|
||||||
@baruser.route("/barGetUsers")
|
@baruser.route("/barGetUsers")
|
||||||
|
|
@ -82,34 +93,22 @@ def _getUsers():
|
||||||
|
|
||||||
retVal = {}
|
retVal = {}
|
||||||
if accToken is not None:
|
if accToken is not None:
|
||||||
users = User.query.all()
|
retVal = ldap.getAllUser()
|
||||||
for user in users:
|
|
||||||
month = user.getGeruecht().getMonth()
|
|
||||||
if month == 0:
|
|
||||||
retVal[user.userID] = {user.toJSON()}
|
|
||||||
return jsonify(retVal)
|
return jsonify(retVal)
|
||||||
return jsonify({"error": "permission denied"}), 401
|
return jsonify({"error": "permission denied"}), 401
|
||||||
|
|
||||||
@baruser.route("/barGetUser", methods=['POST'])
|
@baruser.route("/search", methods=['POST'])
|
||||||
def _getUser():
|
def _search():
|
||||||
""" Get specified User
|
|
||||||
|
|
||||||
This function returns the user with posted userID and them amount and credit.
|
|
||||||
|
|
||||||
Returns:
|
|
||||||
JSON-File with userID, amount and credit
|
|
||||||
or ERROR 401 Permission Denied
|
|
||||||
"""
|
|
||||||
token = request.headers.get("Token")
|
token = request.headers.get("Token")
|
||||||
print(token)
|
print(token)
|
||||||
accToken = verifyAccessToken(token, BAR)
|
accToken = verifyAccessToken(token, BAR)
|
||||||
|
|
||||||
if accToken is not None:
|
if accToken is not None:
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
userID = data['userId']
|
|
||||||
|
|
||||||
user = User.query.filter_by(userID=userID)
|
searchString = data['searchString']
|
||||||
month = user.getGeruecht().getMonth()
|
|
||||||
|
|
||||||
return jsonify({"userId": user.userID, "amount": month[1], "credit": month[0]})
|
retVal = ldap.searchUser(searchString)
|
||||||
|
|
||||||
|
return jsonify(retVal)
|
||||||
return jsonify({"error": "permission denied"}), 401
|
return jsonify({"error": "permission denied"}), 401
|
||||||
|
|
|
||||||
|
|
@ -6,8 +6,9 @@ from threading import Thread
|
||||||
import hashlib
|
import hashlib
|
||||||
import logging
|
import logging
|
||||||
from logging.handlers import WatchedFileHandler
|
from logging.handlers import WatchedFileHandler
|
||||||
|
from geruecht import Singleton
|
||||||
|
|
||||||
class AccesTokenController(Thread):
|
class AccesTokenController(Thread, metaclass=Singleton):
|
||||||
""" Control all createt AccesToken
|
""" Control all createt AccesToken
|
||||||
|
|
||||||
This Class create, delete, find and manage AccesToken.
|
This Class create, delete, find and manage AccesToken.
|
||||||
|
|
@ -16,12 +17,6 @@ class AccesTokenController(Thread):
|
||||||
tokenList: List of currents AccessToken
|
tokenList: List of currents AccessToken
|
||||||
lifetime: Variable for the Lifetime of one AccessToken in seconds.
|
lifetime: Variable for the Lifetime of one AccessToken in seconds.
|
||||||
"""
|
"""
|
||||||
class __OnlyOne:
|
|
||||||
def __init__(self, arg):
|
|
||||||
self.val = arg
|
|
||||||
|
|
||||||
def __str__(self):
|
|
||||||
return repr(self) + self.val
|
|
||||||
instance = None
|
instance = None
|
||||||
tokenList = None
|
tokenList = None
|
||||||
lifetime = 60
|
lifetime = 60
|
||||||
|
|
@ -32,10 +27,6 @@ class AccesTokenController(Thread):
|
||||||
Initialize Thread and set tokenList empty.
|
Initialize Thread and set tokenList empty.
|
||||||
"""
|
"""
|
||||||
LOGGER.info("Initialize AccessTokenController")
|
LOGGER.info("Initialize AccessTokenController")
|
||||||
if not AccesTokenController.instance:
|
|
||||||
AccesTokenController.instance = AccesTokenController.__OnlyOne(arg)
|
|
||||||
else:
|
|
||||||
AccesTokenController.instance.val = arg
|
|
||||||
|
|
||||||
LOGGER.debug("Build Logger for VerificationThread")
|
LOGGER.debug("Build Logger for VerificationThread")
|
||||||
|
|
||||||
|
|
@ -87,7 +78,7 @@ class AccesTokenController(Thread):
|
||||||
"""
|
"""
|
||||||
LOGGER.info("Create AccessToken")
|
LOGGER.info("Create AccessToken")
|
||||||
now = datetime.ctime(datetime.now())
|
now = datetime.ctime(datetime.now())
|
||||||
token = hashlib.md5((now + user.password).encode('utf-8')).hexdigest()
|
token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
|
||||||
accToken = AccessToken(user, token)
|
accToken = AccessToken(user, token)
|
||||||
LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
|
LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
|
||||||
self.tokenList.append(accToken)
|
self.tokenList.append(accToken)
|
||||||
|
|
@ -108,24 +99,27 @@ class AccesTokenController(Thread):
|
||||||
"""
|
"""
|
||||||
print("controll if", accToken, "hase group", group)
|
print("controll if", accToken, "hase group", group)
|
||||||
LOGGER.debug("Check if AccessToken {} has group {}".format(accToken, group))
|
LOGGER.debug("Check if AccessToken {} has group {}".format(accToken, group))
|
||||||
return True if accToken.user.group == group else False
|
return True if group in accToken.user.group else False
|
||||||
|
|
||||||
def run(self):
|
def run(self):
|
||||||
""" Starting Controll-Thread
|
""" Starting Controll-Thread
|
||||||
|
|
||||||
Verify that the AccesToken are not out of date. If one AccessToken out of date it will be deletet from tokenList.
|
Verify that the AccesToken are not out of date. If one AccessToken out of date it will be deletet from tokenList.
|
||||||
"""
|
"""
|
||||||
|
valid_time=7200
|
||||||
LOGGER.info("Start Thread for verification that the AccessToken are not out of date.")
|
LOGGER.info("Start Thread for verification that the AccessToken are not out of date.")
|
||||||
while True:
|
while True:
|
||||||
|
self.LOGGER.debug("Name: {}".format(self.getName()))
|
||||||
self.LOGGER.debug("Start to iterate through List of current Tokens")
|
self.LOGGER.debug("Start to iterate through List of current Tokens")
|
||||||
for accToken in self.tokenList:
|
for accToken in self.tokenList:
|
||||||
|
|
||||||
self.LOGGER.debug("Check if AccessToken {} is out of date".format(accToken))
|
self.LOGGER.debug("Check if AccessToken {} is out of date".format(accToken))
|
||||||
if (datetime.now() - accToken.timestamp).seconds > 7200:
|
if (datetime.now() - accToken.timestamp).seconds > valid_time:
|
||||||
print("delete", accToken)
|
print("delete", accToken)
|
||||||
self.LOGGER.info("Delete AccessToken {} from List of current Tokens".format(accToken))
|
self.LOGGER.info("Delete AccessToken {} from List of current Tokens".format(accToken))
|
||||||
self.tokenList.remove(accToken)
|
self.tokenList.remove(accToken)
|
||||||
else:
|
else:
|
||||||
self.LOGGER.debug("AccessToken {} is up to date. {} seconds left".format(accToken, 7200 - (datetime.now() - accToken.timestamp).seconds))
|
self.LOGGER.debug("AccessToken {} is up to date. {} seconds left".format(accToken, valid_time - (datetime.now() - accToken.timestamp).seconds))
|
||||||
self.LOGGER.debug("List of current Tokens: {}".format(self.tokenList))
|
self.LOGGER.debug("List of current Tokens: {}".format(self.tokenList))
|
||||||
self.LOGGER.info("Wait 10 Seconds")
|
self.LOGGER.info("Wait 10 Seconds")
|
||||||
time.sleep(10)
|
time.sleep(10)
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,161 @@
|
||||||
|
import pymysql
|
||||||
|
from geruecht import Singleton
|
||||||
|
from geruecht.model.user import User
|
||||||
|
from geruecht.model.creditList import CreditList
|
||||||
|
from datetime import datetime
|
||||||
|
|
||||||
|
class DatabaseController(metaclass=Singleton):
|
||||||
|
'''
|
||||||
|
DatabaesController
|
||||||
|
|
||||||
|
Connect to the Database and execute sql-executions
|
||||||
|
'''
|
||||||
|
|
||||||
|
def __init__(self, url='192.168.5.108', user='wu5', password='E1n$tein', database='geruecht'):
|
||||||
|
self.url = url
|
||||||
|
self.user = user
|
||||||
|
self.password = password
|
||||||
|
self.database = database
|
||||||
|
self.connect()
|
||||||
|
|
||||||
|
|
||||||
|
def connect(self):
|
||||||
|
try:
|
||||||
|
self.db = pymysql.connect(self.url, self.user, self.password, self.database, cursorclass=pymysql.cursors.DictCursor)
|
||||||
|
except Exception as err:
|
||||||
|
raise err
|
||||||
|
|
||||||
|
def getAllUser(self):
|
||||||
|
self.connect()
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
try:
|
||||||
|
cursor.execute("select * from user")
|
||||||
|
data = cursor.fetchall()
|
||||||
|
self.db.close()
|
||||||
|
except Exception as err:
|
||||||
|
raise err
|
||||||
|
|
||||||
|
if data:
|
||||||
|
return [User(value) for value in data]
|
||||||
|
|
||||||
|
def getUser(self, username):
|
||||||
|
self.connect()
|
||||||
|
retVal = None
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
try:
|
||||||
|
cursor.execute("select * from user where cn='{}'".format(username))
|
||||||
|
data = cursor.fetchone()
|
||||||
|
self.db.close()
|
||||||
|
except Exception as err:
|
||||||
|
raise err
|
||||||
|
if data:
|
||||||
|
retVal = User(data)
|
||||||
|
|
||||||
|
return retVal
|
||||||
|
|
||||||
|
def _convertGroupToString(self, groups):
|
||||||
|
retVal = ''
|
||||||
|
for group in groups:
|
||||||
|
if len(retVal) != 0:
|
||||||
|
retVal += ','
|
||||||
|
retVal += group
|
||||||
|
return retVal
|
||||||
|
|
||||||
|
def insertUser(self, data):
|
||||||
|
self.connect()
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
groups = self._convertGroupToString(data['group'])
|
||||||
|
try:
|
||||||
|
cursor.execute("insert into user (cn, dn, firstname, lastname, gruppe) VALUES ('{}','{}','{}','{}','{}')".format(
|
||||||
|
data['cn'], data['dn'], data['givenName'], data['sn'], groups))
|
||||||
|
self.db.commit()
|
||||||
|
except Exception as err:
|
||||||
|
self.db.rollback()
|
||||||
|
self.db.close()
|
||||||
|
raise err
|
||||||
|
self.db.close()
|
||||||
|
|
||||||
|
def updateUser(self, data):
|
||||||
|
self.connect()
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
groups = self._convertGroupToString(data['group'])
|
||||||
|
try:
|
||||||
|
cursor.execute("update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}' where cn='{}'".format(
|
||||||
|
data['dn'], data['givenName'], data['sn'], groups, data['cn']))
|
||||||
|
self.db.commit()
|
||||||
|
except Exception as err:
|
||||||
|
self.db.rollback()
|
||||||
|
self.db.close()
|
||||||
|
print(err.__traceback__)
|
||||||
|
raise err
|
||||||
|
|
||||||
|
self.db.close()
|
||||||
|
|
||||||
|
def getCreditListFromUser(self, user, **kwargs):
|
||||||
|
self.connect()
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
try:
|
||||||
|
if 'year' in kwargs:
|
||||||
|
sql = "select * from creditList where user_id={} and year_date={}".format(user.id, kwargs['year'])
|
||||||
|
else:
|
||||||
|
sql = "select * from creditList where user_id={}".format(user.id)
|
||||||
|
cursor.execute(sql)
|
||||||
|
data = cursor.fetchall()
|
||||||
|
self.db.close()
|
||||||
|
except Exception as err:
|
||||||
|
self.db.close()
|
||||||
|
raise err
|
||||||
|
if len(data) == 1:
|
||||||
|
return [CreditList(data[0])]
|
||||||
|
else:
|
||||||
|
return [CreditList(value) for value in data]
|
||||||
|
|
||||||
|
def createCreditList(self, user_id, year=datetime.now().year):
|
||||||
|
self.connect()
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
try:
|
||||||
|
cursor.execute("insert into creditList (year_date, user_id) values ({},{})".format(year, user_id))
|
||||||
|
self.db.commit()
|
||||||
|
self.db.close()
|
||||||
|
except Exception as err:
|
||||||
|
self.db.close()
|
||||||
|
raise err
|
||||||
|
|
||||||
|
def updateCreditList(self, creditlist):
|
||||||
|
self.connect()
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
try:
|
||||||
|
cursor.execute("select * from creditList where user_id={} and year_date={}".format(creditlist.user_id, creditlist.year))
|
||||||
|
data = cursor.fetchall()
|
||||||
|
self.db.close()
|
||||||
|
if len(data) == 0:
|
||||||
|
self.createCreditList(creditlist.user_id, creditlist.year)
|
||||||
|
sql = "update creditList set jan_guthaben={}, jan_schulden={},feb_guthaben={}, feb_schulden={}, maer_guthaben={}, maer_schulden={}, apr_guthaben={}, apr_schulden={}, mai_guthaben={}, mai_schulden={}, jun_guthaben={}, jun_schulden={}, jul_guthaben={}, jul_schulden={}, aug_guthaben={}, aug_schulden={},sep_guthaben={}, sep_schulden={},okt_guthaben={}, okt_schulden={}, nov_guthaben={}, nov_schulden={}, dez_guthaben={}, dez_schulden={}, last_schulden={} where year_date={} and user_id={}".format(creditlist.jan_guthaben, creditlist.jan_schulden,
|
||||||
|
creditlist.feb_guthaben, creditlist.feb_schulden,
|
||||||
|
creditlist.maer_guthaben, creditlist.maer_schulden,
|
||||||
|
creditlist.apr_guthaben, creditlist.apr_schulden,
|
||||||
|
creditlist.mai_guthaben, creditlist.mai_schulden,
|
||||||
|
creditlist.jun_guthaben, creditlist.jun_schulden,
|
||||||
|
creditlist.jul_guthaben, creditlist.jul_schulden,
|
||||||
|
creditlist.aug_guthaben, creditlist.aug_schulden,
|
||||||
|
creditlist.sep_guthaben, creditlist.sep_schulden,
|
||||||
|
creditlist.okt_guthaben, creditlist.okt_schulden,
|
||||||
|
creditlist.nov_guthaben, creditlist.nov_schulden,
|
||||||
|
creditlist.dez_guthaben, creditlist.dez_schulden,
|
||||||
|
creditlist.last_schulden, creditlist.year, creditlist.user_id)
|
||||||
|
print(sql)
|
||||||
|
self.connect()
|
||||||
|
cursor = self.db.cursor()
|
||||||
|
cursor.execute(sql)
|
||||||
|
self.db.commit()
|
||||||
|
self.db.close()
|
||||||
|
except Exception as err:
|
||||||
|
self.db.rollback()
|
||||||
|
self.db.close()
|
||||||
|
raise err
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
db = DatabaseController()
|
||||||
|
user = db.getUser('jhille')
|
||||||
|
db.getCreditListFromUser(user, year=2018)
|
||||||
|
|
@ -0,0 +1,124 @@
|
||||||
|
import ldap
|
||||||
|
from geruecht import MONEY, USER, GASTRO, BAR, Singleton
|
||||||
|
|
||||||
|
class LDAPController(metaclass=Singleton):
|
||||||
|
'''
|
||||||
|
Authentification over LDAP. Create Account on-the-fly
|
||||||
|
'''
|
||||||
|
|
||||||
|
def __init__(self, url="ldap://192.168.5.108", dn='dc=ldap,dc=example,dc=local'):
|
||||||
|
self.url = url
|
||||||
|
self.dn = dn
|
||||||
|
self.connect()
|
||||||
|
|
||||||
|
def connect(self):
|
||||||
|
try:
|
||||||
|
self.client = ldap.initialize(self.url, bytes_mode=False)
|
||||||
|
except Exception as err:
|
||||||
|
raise err
|
||||||
|
|
||||||
|
def login(self, username, password):
|
||||||
|
self.connect()
|
||||||
|
try:
|
||||||
|
self.client.bind_s("cn={},ou=user,{}".format(username, self.dn), password)
|
||||||
|
self.client.unbind_s()
|
||||||
|
except:
|
||||||
|
self.client.unbind_s()
|
||||||
|
raise Exception("Invalid Password or Username")
|
||||||
|
|
||||||
|
def getUserData(self, username):
|
||||||
|
self.connect()
|
||||||
|
search_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'cn={}'.format(username), ['cn', 'givenName', 'sn'])
|
||||||
|
retVal = search_data[0][1]
|
||||||
|
for k,v in retVal.items():
|
||||||
|
retVal[k] = v[0].decode('utf-8')
|
||||||
|
retVal['dn'] = self.dn
|
||||||
|
return retVal
|
||||||
|
|
||||||
|
|
||||||
|
def getGroup(self, username):
|
||||||
|
retVal = []
|
||||||
|
self.connect()
|
||||||
|
main_group_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'cn={}'.format(username), ['gidNumber'])
|
||||||
|
if main_group_data:
|
||||||
|
main_group_number = main_group_data[0][1]['gidNumber'][0].decode('utf-8')
|
||||||
|
group_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'gidNumber={}'.format(main_group_number), ['cn'])
|
||||||
|
if group_data:
|
||||||
|
group_name = group_data[0][1]['cn'][0].decode('utf-8')
|
||||||
|
if group_name == 'ldap-user':
|
||||||
|
retVal.append(USER)
|
||||||
|
|
||||||
|
groups_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'memberUID={}'.format(username), ['cn'])
|
||||||
|
for data in groups_data:
|
||||||
|
print(data[1]['cn'][0].decode('utf-8'))
|
||||||
|
group_name = data[1]['cn'][0].decode('utf-8')
|
||||||
|
if group_name == 'finanzer':
|
||||||
|
retVal.append(MONEY)
|
||||||
|
elif group_name == 'gastro':
|
||||||
|
retVal.append(GASTRO)
|
||||||
|
elif group_name == 'bar':
|
||||||
|
retVal.append(BAR)
|
||||||
|
return retVal
|
||||||
|
|
||||||
|
def __isUserInList(self, list, username):
|
||||||
|
help_list = []
|
||||||
|
for user in list:
|
||||||
|
help_list.append(user['username'])
|
||||||
|
if username in help_list:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
def getAllUser(self):
|
||||||
|
self.connect()
|
||||||
|
retVal = []
|
||||||
|
data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, attrlist=['cn', 'givenName', 'sn'])
|
||||||
|
for user in data:
|
||||||
|
if 'cn' in user[1]:
|
||||||
|
username = user[1]['cn'][0].decode('utf-8')
|
||||||
|
firstname = user[1]['givenName'][0].decode('utf-8')
|
||||||
|
lastname = user[1]['sn'][0].decode('utf-8')
|
||||||
|
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
||||||
|
return retVal
|
||||||
|
|
||||||
|
def searchUser(self, searchString):
|
||||||
|
self.connect()
|
||||||
|
|
||||||
|
name = searchString.split(" ")
|
||||||
|
|
||||||
|
for i in range(len(name)):
|
||||||
|
name[i] = "*"+name[i]+"*"
|
||||||
|
|
||||||
|
|
||||||
|
print(name)
|
||||||
|
|
||||||
|
name_result = []
|
||||||
|
|
||||||
|
if len(name) == 1:
|
||||||
|
if name[0] == "**":
|
||||||
|
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE,
|
||||||
|
attrlist=['cn', 'givenName', 'sn']))
|
||||||
|
else:
|
||||||
|
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn']))
|
||||||
|
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),['cn', 'givenName', 'sn']))
|
||||||
|
else:
|
||||||
|
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE,
|
||||||
|
'givenName={}'.format(name[1]), ['cn', 'givenName', 'sn']))
|
||||||
|
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[1]),
|
||||||
|
['cn', 'givenName', 'sn']))
|
||||||
|
retVal = []
|
||||||
|
|
||||||
|
for names in name_result:
|
||||||
|
for user in names:
|
||||||
|
if 'cn' in user[1]:
|
||||||
|
username = user[1]['cn'][0].decode('utf-8')
|
||||||
|
if not self.__isUserInList(retVal, username):
|
||||||
|
firstname = user[1]['givenName'][0].decode('utf-8')
|
||||||
|
lastname = user[1]['sn'][0].decode('utf-8')
|
||||||
|
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
||||||
|
|
||||||
|
return retVal
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
a = LDAPController()
|
||||||
|
a.getUserData('jhille')
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
from flask import Blueprint, request, jsonify
|
from flask import Blueprint, request, jsonify
|
||||||
from geruecht.finanzer import LOGGER
|
from geruecht.finanzer import LOGGER
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
from geruecht import MONEY
|
from geruecht import MONEY, db
|
||||||
from geruecht.routes import verifyAccessToken
|
from geruecht.routes import verifyAccessToken
|
||||||
from geruecht.model.user import User
|
|
||||||
|
|
||||||
finanzer = Blueprint("finanzer", __name__)
|
finanzer = Blueprint("finanzer", __name__)
|
||||||
|
|
||||||
|
|
@ -24,11 +23,13 @@ def _getFinanzer():
|
||||||
accToken = verifyAccessToken(token, MONEY)
|
accToken = verifyAccessToken(token, MONEY)
|
||||||
if accToken is not None:
|
if accToken is not None:
|
||||||
LOGGER.debug("Get all Useres")
|
LOGGER.debug("Get all Useres")
|
||||||
users = User.query.all()
|
users = db.getAllUser()
|
||||||
dic = {}
|
dic = {}
|
||||||
for user in users:
|
for user in users:
|
||||||
LOGGER.debug("Add User {} to ReturnValue".format(user))
|
LOGGER.debug("Add User {} to ReturnValue".format(user))
|
||||||
dic[user.userID] = user.toJSON()
|
dic[user.cn] = user.toJSON()
|
||||||
|
creditList = db.getCreditListFromUser(user)
|
||||||
|
dic[user.cn]['creditList'] = {credit.year: credit.toJSON() for credit in creditList}
|
||||||
LOGGER.debug("ReturnValue is {}".format(dic))
|
LOGGER.debug("ReturnValue is {}".format(dic))
|
||||||
LOGGER.info("Send main for Finanzer")
|
LOGGER.info("Send main for Finanzer")
|
||||||
return jsonify(dic)
|
return jsonify(dic)
|
||||||
|
|
@ -56,13 +57,13 @@ def _getFinanzerYear():
|
||||||
LOGGER.debug("Get data {}".format(data))
|
LOGGER.debug("Get data {}".format(data))
|
||||||
userID = data['userId']
|
userID = data['userId']
|
||||||
LOGGER.debug("UserID is {}".format(userID))
|
LOGGER.debug("UserID is {}".format(userID))
|
||||||
user = User.query.filter_by(userID=userID).first()
|
user = db.getUser(userID)
|
||||||
LOGGER.debug("User is {}".format(user))
|
LOGGER.debug("User is {}".format(user))
|
||||||
dic[user.userID] = {}
|
dic[user.cn] = {}
|
||||||
LOGGER.debug("Build ReturnValue")
|
LOGGER.debug("Build ReturnValue")
|
||||||
for geruecht in user.geruechte:
|
for geruecht in user.geruechte:
|
||||||
LOGGER.debug("Add Geruecht {} to ReturnValue".format(geruecht))
|
LOGGER.debug("Add Geruecht {} to ReturnValue".format(geruecht))
|
||||||
dic[user.userID][geruecht.year] = geruecht.toJSON()
|
dic[user.cn][geruecht.year] = geruecht.toJSON()
|
||||||
LOGGER.debug("ReturnValue is {}".format(dic))
|
LOGGER.debug("ReturnValue is {}".format(dic))
|
||||||
LOGGER.info("Send Geruechte from User {}".format(user))
|
LOGGER.info("Send Geruechte from User {}".format(user))
|
||||||
return jsonify(dic)
|
return jsonify(dic)
|
||||||
|
|
@ -103,7 +104,7 @@ def _addAmount():
|
||||||
LOGGER.error("KeyError in month. Month is set to default.")
|
LOGGER.error("KeyError in month. Month is set to default.")
|
||||||
month = datetime.now().month
|
month = datetime.now().month
|
||||||
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
||||||
user = User.query.filter_by(userID=userID).first()
|
user = db.getUser(userID)
|
||||||
LOGGER.debug("User is {}".format(user))
|
LOGGER.debug("User is {}".format(user))
|
||||||
LOGGER.debug("Add amount to User {} in year {} and month {}".format(user, year, month))
|
LOGGER.debug("Add amount to User {} in year {} and month {}".format(user, year, month))
|
||||||
user.addAmount(amount, year=year, month=month)
|
user.addAmount(amount, year=year, month=month)
|
||||||
|
|
@ -131,7 +132,9 @@ def _addCredit():
|
||||||
accToken = verifyAccessToken(token, MONEY)
|
accToken = verifyAccessToken(token, MONEY)
|
||||||
|
|
||||||
if accToken is not None:
|
if accToken is not None:
|
||||||
|
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
|
print(data)
|
||||||
LOGGER.debug("Get data {}".format(data))
|
LOGGER.debug("Get data {}".format(data))
|
||||||
userID = data['userId']
|
userID = data['userId']
|
||||||
credit = int(data['credit'])
|
credit = int(data['credit'])
|
||||||
|
|
@ -149,7 +152,7 @@ def _addCredit():
|
||||||
month = datetime.now().month
|
month = datetime.now().month
|
||||||
|
|
||||||
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
||||||
user = User.query.filter_by(userID=userID).first()
|
user = db.getUser(userID)
|
||||||
LOGGER.debug("User is {}".format(user))
|
LOGGER.debug("User is {}".format(user))
|
||||||
LOGGER.debug("Add credit to User {} in year {} and month {}".format(user, year, month))
|
LOGGER.debug("Add credit to User {} in year {} and month {}".format(user, year, month))
|
||||||
user.addCredit(credit, year=year, month=month)
|
user.addCredit(credit, year=year, month=month)
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,40 @@
|
||||||
from geruecht import db
|
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
from geruecht import getLogger
|
from geruecht import getLogger
|
||||||
|
import geruecht
|
||||||
|
|
||||||
LOGGER = getLogger(__name__)
|
LOGGER = getLogger(__name__)
|
||||||
|
def create_empty_data():
|
||||||
|
empty_data = {'id': 0,
|
||||||
|
'jan_guthaben': 0,
|
||||||
|
'jan_schulden': 0,
|
||||||
|
'feb_guthaben': 0,
|
||||||
|
'feb_schulden': 0,
|
||||||
|
'maer_guthaben': 0,
|
||||||
|
'maer_schulden': 0,
|
||||||
|
'apr_guthaben': 0,
|
||||||
|
'apr_schulden': 0,
|
||||||
|
'mai_guthaben': 0,
|
||||||
|
'mai_schulden': 0,
|
||||||
|
'jun_guthaben': 0,
|
||||||
|
'jun_schulden': 0,
|
||||||
|
'jul_guthaben': 0,
|
||||||
|
'jul_schulden': 0,
|
||||||
|
'aug_guthaben': 0,
|
||||||
|
'aug_schulden': 0,
|
||||||
|
'sep_guthaben': 0,
|
||||||
|
'sep_schulden': 0,
|
||||||
|
'okt_guthaben': 0,
|
||||||
|
'okt_schulden': 0,
|
||||||
|
'nov_guthaben': 0,
|
||||||
|
'nov_schulden': 0,
|
||||||
|
'dez_guthaben': 0,
|
||||||
|
'dez_schulden': 0,
|
||||||
|
'last_schulden': 0,
|
||||||
|
'year_date': datetime.now().year,
|
||||||
|
'user_id': 0}
|
||||||
|
return empty_data
|
||||||
|
|
||||||
class CreditList(db.Model):
|
class CreditList():
|
||||||
""" DataBase Object Credit List:
|
""" DataBase Object Credit List:
|
||||||
|
|
||||||
Attributes:
|
Attributes:
|
||||||
|
|
@ -16,50 +46,53 @@ class CreditList(db.Model):
|
||||||
year: Year of all Credits and Debts.
|
year: Year of all Credits and Debts.
|
||||||
user_id: id from the User.
|
user_id: id from the User.
|
||||||
"""
|
"""
|
||||||
LOGGER.debug("Initialize Geruecht")
|
def __init__(self, data):
|
||||||
id = db.Column(db.Integer, primary_key=True)
|
LOGGER.debug("Initialize Geruecht")
|
||||||
|
self.id = int(data['id'])
|
||||||
|
|
||||||
jan_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.jan_guthaben = int(data['jan_guthaben'])
|
||||||
jan_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.jan_schulden = int(data['jan_schulden'])
|
||||||
|
|
||||||
feb_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.feb_guthaben = int(data['feb_guthaben'])
|
||||||
feb_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.feb_schulden = int(data['feb_schulden'])
|
||||||
|
|
||||||
maer_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.maer_guthaben = int(data['maer_guthaben'])
|
||||||
maer_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.maer_schulden = int(data['maer_schulden'])
|
||||||
|
|
||||||
apr_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.apr_guthaben = int(data['apr_guthaben'])
|
||||||
apr_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.apr_schulden = int(data['apr_schulden'])
|
||||||
|
|
||||||
mai_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.mai_guthaben = int(data['mai_guthaben'])
|
||||||
mai_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.mai_schulden = int(data['mai_schulden'])
|
||||||
|
|
||||||
jun_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.jun_guthaben = int(data['jun_guthaben'])
|
||||||
jun_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.jun_schulden = int(data['jun_schulden'])
|
||||||
|
|
||||||
jul_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.jul_guthaben = int(data['jul_guthaben'])
|
||||||
jul_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.jul_schulden = int(data['jul_schulden'])
|
||||||
|
|
||||||
aug_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.aug_guthaben = int(data['aug_guthaben'])
|
||||||
aug_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.aug_schulden = int(data['aug_schulden'])
|
||||||
|
|
||||||
sep_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.sep_guthaben = int(data['sep_guthaben'])
|
||||||
sep_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.sep_schulden = int(data['sep_schulden'])
|
||||||
|
|
||||||
okt_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.okt_guthaben = int(data['okt_guthaben'])
|
||||||
okt_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.okt_schulden = int(data['okt_schulden'])
|
||||||
|
|
||||||
nov_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.nov_guthaben = int(data['nov_guthaben'])
|
||||||
nov_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.nov_schulden = int(data['nov_schulden'])
|
||||||
|
|
||||||
dez_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
self.dez_guthaben = int(data['dez_guthaben'])
|
||||||
dez_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.dez_schulden = int(data['dez_schulden'])
|
||||||
|
|
||||||
last_schulden = db.Column(db.Integer, nullable=False, default=0)
|
self.last_schulden = int(data['last_schulden'])
|
||||||
|
|
||||||
year = db.Column(db.Integer, nullable=False, default=datetime.now().year)
|
self.year = int(data['year_date'])
|
||||||
|
|
||||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
self.user_id = int(data['user_id'])
|
||||||
|
|
||||||
|
self.db = geruecht.getDatabesController()
|
||||||
|
|
||||||
def getSchulden(self):
|
def getSchulden(self):
|
||||||
""" Get Schulden
|
""" Get Schulden
|
||||||
|
|
@ -185,7 +218,8 @@ class CreditList(db.Model):
|
||||||
self.dez_schulden += amount
|
self.dez_schulden += amount
|
||||||
retValue = (self.dez_guthaben, self.dez_schulden)
|
retValue = (self.dez_guthaben, self.dez_schulden)
|
||||||
|
|
||||||
db.session.commit()
|
#db.session.commit()
|
||||||
|
self.db.updateCreditList(self)
|
||||||
LOGGER.debug("Credit and Amount is {}".format(retValue))
|
LOGGER.debug("Credit and Amount is {}".format(retValue))
|
||||||
return retValue
|
return retValue
|
||||||
|
|
||||||
|
|
@ -239,8 +273,8 @@ class CreditList(db.Model):
|
||||||
elif month == 12:
|
elif month == 12:
|
||||||
self.dez_guthaben += credit
|
self.dez_guthaben += credit
|
||||||
retValue = (self.dez_guthaben, self.dez_schulden)
|
retValue = (self.dez_guthaben, self.dez_schulden)
|
||||||
|
self.db.updateCreditList(self)
|
||||||
db.session.commit()
|
#db.session.commit()
|
||||||
LOGGER.debug("Credit and Amount is {}".format(retValue))
|
LOGGER.debug("Credit and Amount is {}".format(retValue))
|
||||||
return retValue
|
return retValue
|
||||||
|
|
||||||
|
|
@ -287,6 +321,7 @@ class CreditList(db.Model):
|
||||||
"dez": {
|
"dez": {
|
||||||
"credit": self.dez_guthaben,
|
"credit": self.dez_guthaben,
|
||||||
"depts": self.dez_schulden},
|
"depts": self.dez_schulden},
|
||||||
|
"last": self.last_schulden
|
||||||
}
|
}
|
||||||
return dic
|
return dic
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,12 @@
|
||||||
from geruecht import db, bcrypt, getLogger
|
from geruecht import getLogger
|
||||||
from geruecht.model.creditList import CreditList
|
import geruecht
|
||||||
|
from geruecht.model.creditList import CreditList, create_empty_data
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
|
||||||
LOGGER = getLogger(__name__)
|
LOGGER = getLogger(__name__)
|
||||||
|
|
||||||
class User(db.Model):
|
|
||||||
|
class User():
|
||||||
""" Database Object for User
|
""" Database Object for User
|
||||||
|
|
||||||
Table for all safed User
|
Table for all safed User
|
||||||
|
|
@ -18,15 +20,28 @@ class User(db.Model):
|
||||||
group: Which group is the User? moneymaster, gastro, user or bar?
|
group: Which group is the User? moneymaster, gastro, user or bar?
|
||||||
password: salted hashed password for the User.
|
password: salted hashed password for the User.
|
||||||
"""
|
"""
|
||||||
id = db.Column(db.Integer, primary_key=True)
|
def __init__(self, data):
|
||||||
userID = db.Column(db.String, nullable=False, unique=True)
|
self.id = int(data['id'])
|
||||||
username = db.Column(db.String, nullable=False, unique=True)
|
self.cn = data['cn']
|
||||||
firstname = db.Column(db.String, nullable=False)
|
self.dn = data['dn']
|
||||||
lastname = db.Column(db.String, nullable=False)
|
self.firstname = data['firstname']
|
||||||
group = db.Column(db.String, nullable=False)
|
self.lastname = data['lastname']
|
||||||
password = db.Column(db.String, nullable=False)
|
self.group = data['gruppe']
|
||||||
|
if type(data['gruppe']) == list:
|
||||||
|
self.group = data['gruppe']
|
||||||
|
elif type(data['gruppe']) == str:
|
||||||
|
self.group = data['gruppe'].split(',')
|
||||||
|
|
||||||
geruechte = db.relationship('CreditList', backref='user', lazy=True)
|
self.db = geruecht.getDatabesController()
|
||||||
|
self.ldap = geruecht.getLDAPController()
|
||||||
|
self.geruechte = []
|
||||||
|
geruechte = self.db.getCreditListFromUser(self)
|
||||||
|
if type(geruechte) == list:
|
||||||
|
self.geruechte = geruechte
|
||||||
|
elif type(geruechte) == CreditList:
|
||||||
|
self.geruechte.append(geruechte)
|
||||||
|
self.updateGeruecht()
|
||||||
|
#geruechte = db.relationship('CreditList', backref='user', lazy=True)
|
||||||
|
|
||||||
def createGeruecht(self, amount=0, year=datetime.now().year):
|
def createGeruecht(self, amount=0, year=datetime.now().year):
|
||||||
""" Create Geruecht
|
""" Create Geruecht
|
||||||
|
|
@ -42,10 +57,14 @@ class User(db.Model):
|
||||||
the created geruecht
|
the created geruecht
|
||||||
"""
|
"""
|
||||||
LOGGER.debug("Create Geruecht for user {} in year {}".format(self, year))
|
LOGGER.debug("Create Geruecht for user {} in year {}".format(self, year))
|
||||||
credit = CreditList(user_id=self.id, last_schulden=amount, year=year)
|
data = create_empty_data()
|
||||||
db.session.add(credit)
|
data['user_id'] = self.id
|
||||||
db.session.commit()
|
data['last_schulden'] = amount
|
||||||
credit = CreditList.query.filter_by(year=year, user_id=self.id).first()
|
data['year_date'] = year
|
||||||
|
credit = CreditList(data)
|
||||||
|
self.geruechte.append(credit)
|
||||||
|
self.db.updateCreditList(credit)
|
||||||
|
credit = self.db.getCreditListFromUser(self, year=year)
|
||||||
LOGGER.debug("Created Geruecht {}".format(credit))
|
LOGGER.debug("Created Geruecht {}".format(credit))
|
||||||
return credit
|
return credit
|
||||||
|
|
||||||
|
|
@ -72,7 +91,7 @@ class User(db.Model):
|
||||||
|
|
||||||
self.updateGeruecht()
|
self.updateGeruecht()
|
||||||
|
|
||||||
return geruecht
|
return self.getGeruecht(year=year)
|
||||||
|
|
||||||
def addAmount(self, amount, year=datetime.now().year, month=datetime.now().month):
|
def addAmount(self, amount, year=datetime.now().year, month=datetime.now().month):
|
||||||
""" Add Amount
|
""" Add Amount
|
||||||
|
|
@ -92,8 +111,7 @@ class User(db.Model):
|
||||||
geruecht = self.getGeruecht(year=year)
|
geruecht = self.getGeruecht(year=year)
|
||||||
retVal = geruecht.addAmount(amount, month=month)
|
retVal = geruecht.addAmount(amount, month=month)
|
||||||
|
|
||||||
db.session.add(geruecht)
|
self.db.updateCreditList(geruecht)
|
||||||
db.session.commit()
|
|
||||||
|
|
||||||
self.updateGeruecht()
|
self.updateGeruecht()
|
||||||
|
|
||||||
|
|
@ -117,8 +135,7 @@ class User(db.Model):
|
||||||
geruecht = self.getGeruecht(year=year)
|
geruecht = self.getGeruecht(year=year)
|
||||||
retVal = geruecht.addCredit(credit, month=month)
|
retVal = geruecht.addCredit(credit, month=month)
|
||||||
|
|
||||||
db.session.add(geruecht)
|
self.db.updateCreditList(geruecht)
|
||||||
db.session.commit()
|
|
||||||
|
|
||||||
self.updateGeruecht()
|
self.updateGeruecht()
|
||||||
|
|
||||||
|
|
@ -137,8 +154,7 @@ class User(db.Model):
|
||||||
geruecht.last_schulden = 0
|
geruecht.last_schulden = 0
|
||||||
if index != 0:
|
if index != 0:
|
||||||
geruecht.last_schulden = (self.geruechte[index - 1].getSchulden() * -1)
|
geruecht.last_schulden = (self.geruechte[index - 1].getSchulden() * -1)
|
||||||
|
self.db.updateCreditList(geruecht)
|
||||||
db.session.commit()
|
|
||||||
|
|
||||||
def sortYear(self, geruecht):
|
def sortYear(self, geruecht):
|
||||||
""" Sort Year
|
""" Sort Year
|
||||||
|
|
@ -161,14 +177,21 @@ class User(db.Model):
|
||||||
A Dic with static Attributes.
|
A Dic with static Attributes.
|
||||||
"""
|
"""
|
||||||
dic = {
|
dic = {
|
||||||
"userId": self.userID,
|
"userId": self.cn,
|
||||||
"username": self.username,
|
"cn": self.cn,
|
||||||
|
"dn": self.dn,
|
||||||
"firstname": self.firstname,
|
"firstname": self.firstname,
|
||||||
"lastname": self.lastname,
|
"lastname": self.lastname,
|
||||||
"group": self.group,
|
"group": self.group,
|
||||||
|
"username": self.cn
|
||||||
}
|
}
|
||||||
return dic
|
return dic
|
||||||
|
|
||||||
|
def updateUser(self):
|
||||||
|
data = self.ldap.getUserData(self.cn)
|
||||||
|
data['group'] = self.ldap.getGroup(self.cn)
|
||||||
|
self.db.updateUser(data)
|
||||||
|
|
||||||
def login(self, password):
|
def login(self, password):
|
||||||
""" Login for the User
|
""" Login for the User
|
||||||
|
|
||||||
|
|
@ -178,7 +201,14 @@ class User(db.Model):
|
||||||
A Bool. True if the password is correct and False if it isn't.
|
A Bool. True if the password is correct and False if it isn't.
|
||||||
"""
|
"""
|
||||||
LOGGER.debug("Login User {}".format(self))
|
LOGGER.debug("Login User {}".format(self))
|
||||||
return True if bcrypt.check_password_hash(self.password, password) else False
|
try:
|
||||||
|
self.ldap.login(self.cn, password)
|
||||||
|
|
||||||
|
self.updateUser()
|
||||||
|
return True
|
||||||
|
except:
|
||||||
|
return False
|
||||||
|
|
||||||
def __repr__(self):
|
def __repr__(self):
|
||||||
return "User({}, {}, {})".format(self.userID, self.username, self.group)
|
return "User({}, {}, {})".format(self.cn, self.dn, self.group)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,11 @@
|
||||||
from geruecht import app, db, accesTokenController, MONEY, BAR, USER, GASTRO, LOGGER
|
from geruecht import app, db, accesTokenController, MONEY, BAR, USER, GASTRO, LOGGER
|
||||||
|
from geruecht import ldapController as ldap
|
||||||
from geruecht.model.user import User
|
from geruecht.model.user import User
|
||||||
from geruecht.model.creditList import CreditList
|
|
||||||
from geruecht.model.priceList import PriceList
|
|
||||||
from datetime import datetime
|
|
||||||
from flask import request, jsonify
|
from flask import request, jsonify
|
||||||
|
|
||||||
|
def login(user, password):
|
||||||
|
return user.login(password)
|
||||||
|
|
||||||
def verifyAccessToken(token, group):
|
def verifyAccessToken(token, group):
|
||||||
""" Verify Accestoken
|
""" Verify Accestoken
|
||||||
|
|
||||||
|
|
@ -58,18 +59,36 @@ def _login():
|
||||||
"""
|
"""
|
||||||
LOGGER.info("Start log in.")
|
LOGGER.info("Start log in.")
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
|
print(data)
|
||||||
LOGGER.debug("JSON from request: {}".format(data))
|
LOGGER.debug("JSON from request: {}".format(data))
|
||||||
username = data['username']
|
username = data['username']
|
||||||
password = data['password']
|
password = data['password']
|
||||||
|
LOGGER.info("search {} in database".format(username))
|
||||||
|
user = db.getUser(username)
|
||||||
|
if user is None:
|
||||||
|
LOGGER.info("User {} not found. Authenticate over LDAP and create User.")
|
||||||
|
try:
|
||||||
|
ldap.login(username, password)
|
||||||
|
LOGGER.info("Authentification successfull. Search Group")
|
||||||
|
groups = ldap.getGroup(username)
|
||||||
|
LOGGER.info("Get userdata from LDAP")
|
||||||
|
user_data = ldap.getUserData(username)
|
||||||
|
user_data['group'] = groups
|
||||||
|
LOGGER.info('Insert user {} into database')
|
||||||
|
db.insertUser(user_data)
|
||||||
|
|
||||||
|
except Exception as err:
|
||||||
|
return jsonify({"error": str(err)}), 401
|
||||||
LOGGER.info("{} try to log in".format(username))
|
LOGGER.info("{} try to log in".format(username))
|
||||||
user = User.query.filter_by(username=username).first()
|
user = db.getUser(username)
|
||||||
LOGGER.debug("User is {}".format(user))
|
LOGGER.debug("User is {}".format(user))
|
||||||
if user:
|
if user:
|
||||||
LOGGER.debug("Check login for User {}".format(user))
|
LOGGER.debug("Check login for User {}".format(user))
|
||||||
if user.login(password):
|
if login(user, password):
|
||||||
token = accesTokenController.createAccesToken(user)
|
token = accesTokenController.createAccesToken(user)
|
||||||
dic = user.toJSON()
|
dic = user.toJSON()
|
||||||
dic["token"] = token
|
dic["token"] = token
|
||||||
|
dic["accessToken"] = token
|
||||||
LOGGER.info("User {} success login.".format(username))
|
LOGGER.info("User {} success login.".format(username))
|
||||||
return jsonify(dic)
|
return jsonify(dic)
|
||||||
else:
|
else:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue