Merge branch 'feature/ldap' into develop
This commit is contained in:
commit
a052add057
|
@ -117,3 +117,6 @@ dmypy.json
|
|||
|
||||
#ide
|
||||
.idea
|
||||
|
||||
.vscode/
|
||||
*.log
|
|
@ -8,6 +8,11 @@ import logging
|
|||
from logging.handlers import WatchedFileHandler
|
||||
import sys
|
||||
|
||||
MONEY = "moneymaster"
|
||||
GASTRO = "gastro"
|
||||
USER = "user"
|
||||
BAR = "bar"
|
||||
|
||||
FORMATTER = logging.Formatter("%(asctime)s — %(name)s — %(levelname)s — %(message)s")
|
||||
|
||||
logFileHandler = WatchedFileHandler("testlog.log")
|
||||
|
@ -29,9 +34,34 @@ def getLogger(logger_name):
|
|||
LOGGER = getLogger(__name__)
|
||||
LOGGER.info("Initialize App")
|
||||
|
||||
class Singleton(type):
|
||||
_instances = {}
|
||||
def __call__(cls, *args, **kwargs):
|
||||
if cls not in cls._instances:
|
||||
cls._instances[cls] = super(Singleton, cls).__call__(*args, **kwargs)
|
||||
return cls._instances[cls]
|
||||
|
||||
from .controller.databaseController import DatabaseController
|
||||
db = DatabaseController()
|
||||
from .controller.ldapController import LDAPController
|
||||
ldapController = LDAPController()
|
||||
|
||||
def getDatabesController():
|
||||
if db is not None:
|
||||
return db
|
||||
else:
|
||||
return DatabaseController()
|
||||
def getLDAPController():
|
||||
if ldapController is not None:
|
||||
return ldapController
|
||||
else:
|
||||
return LDAPController()
|
||||
|
||||
|
||||
|
||||
|
||||
from flask import Flask
|
||||
from flask_sqlalchemy import SQLAlchemy
|
||||
from flask_bcrypt import Bcrypt
|
||||
from flask_cors import CORS
|
||||
from .controller.accesTokenController import AccesTokenController
|
||||
|
||||
|
@ -41,18 +71,14 @@ app = Flask(__name__)
|
|||
CORS(app)
|
||||
# app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
|
||||
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db'
|
||||
db = SQLAlchemy(app)
|
||||
bcrypt = Bcrypt(app)
|
||||
#db = SQLAlchemy(app)
|
||||
accesTokenController = AccesTokenController("GERUECHT")
|
||||
accesTokenController.start()
|
||||
# login_manager = LoginManager(app)
|
||||
# login_manager.login_view = 'login'
|
||||
# login_manager.login_message_category = 'info'
|
||||
|
||||
MONEY = "moneymaster"
|
||||
GASTRO = "gastro"
|
||||
USER = "user"
|
||||
BAR = "bar"
|
||||
|
||||
|
||||
|
||||
from geruecht import routes
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
from flask import Blueprint, request, jsonify
|
||||
from geruecht import BAR, db
|
||||
from geruecht import BAR, db, ldapController as ldap
|
||||
from geruecht.routes import verifyAccessToken
|
||||
from geruecht.model.user import User
|
||||
from datetime import datetime
|
||||
|
@ -23,18 +23,23 @@ def _bar():
|
|||
|
||||
dic = {}
|
||||
if accToken is not None:
|
||||
users = User.query.all()
|
||||
users = db.getAllUser()
|
||||
for user in users:
|
||||
geruecht = None
|
||||
geruecht = user.getGeruecht()
|
||||
if geruecht is not None:
|
||||
month = geruecht.getMonth(datetime.now().month)
|
||||
amount = abs(month[0] - month[1])
|
||||
amount = month[0] - month[1]
|
||||
if amount != 0:
|
||||
dic[user.userID] = {"username": user.username,
|
||||
if amount >= 0:
|
||||
type = 'credit'
|
||||
else:
|
||||
type = 'amount'
|
||||
dic[user.cn] = {"username": user.cn,
|
||||
"firstname": user.firstname,
|
||||
"lastname": user.lastname,
|
||||
"amount": abs(month[0] - month[1])
|
||||
"amount": abs(month[0] - month[1]),
|
||||
"type": type
|
||||
}
|
||||
return jsonify(dic)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
@ -58,12 +63,18 @@ def _baradd():
|
|||
userID = data['userId']
|
||||
amount = int(data['amount'])
|
||||
|
||||
user = User.query.filter_by(userID=userID).first()
|
||||
user = db.getUser(userID)
|
||||
if user is None:
|
||||
groups = ldap.getGroup(userID)
|
||||
user_data = ldap.getUserData(userID)
|
||||
user_data['group'] = groups
|
||||
db.insertUser(user_data)
|
||||
user = db.getUser(userID)
|
||||
month = user.addAmount(amount)
|
||||
|
||||
amount = abs(month[0] - month[1])
|
||||
|
||||
return jsonify({"userId": user.userID, "amount": amount})
|
||||
return jsonify({"userId": user.cn, "amount": amount})
|
||||
return jsonify({"error", "permission denied"}), 401
|
||||
|
||||
@baruser.route("/barGetUsers")
|
||||
|
@ -82,34 +93,22 @@ def _getUsers():
|
|||
|
||||
retVal = {}
|
||||
if accToken is not None:
|
||||
users = User.query.all()
|
||||
for user in users:
|
||||
month = user.getGeruecht().getMonth()
|
||||
if month == 0:
|
||||
retVal[user.userID] = {user.toJSON()}
|
||||
retVal = ldap.getAllUser()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@baruser.route("/barGetUser", methods=['POST'])
|
||||
def _getUser():
|
||||
""" Get specified User
|
||||
|
||||
This function returns the user with posted userID and them amount and credit.
|
||||
|
||||
Returns:
|
||||
JSON-File with userID, amount and credit
|
||||
or ERROR 401 Permission Denied
|
||||
"""
|
||||
@baruser.route("/search", methods=['POST'])
|
||||
def _search():
|
||||
token = request.headers.get("Token")
|
||||
print(token)
|
||||
accToken = verifyAccessToken(token, BAR)
|
||||
|
||||
if accToken is not None:
|
||||
data = request.get_json()
|
||||
userID = data['userId']
|
||||
|
||||
user = User.query.filter_by(userID=userID)
|
||||
month = user.getGeruecht().getMonth()
|
||||
searchString = data['searchString']
|
||||
|
||||
return jsonify({"userId": user.userID, "amount": month[1], "credit": month[0]})
|
||||
retVal = ldap.searchUser(searchString)
|
||||
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
|
|
@ -6,8 +6,9 @@ from threading import Thread
|
|||
import hashlib
|
||||
import logging
|
||||
from logging.handlers import WatchedFileHandler
|
||||
from geruecht import Singleton
|
||||
|
||||
class AccesTokenController(Thread):
|
||||
class AccesTokenController(Thread, metaclass=Singleton):
|
||||
""" Control all createt AccesToken
|
||||
|
||||
This Class create, delete, find and manage AccesToken.
|
||||
|
@ -16,12 +17,6 @@ class AccesTokenController(Thread):
|
|||
tokenList: List of currents AccessToken
|
||||
lifetime: Variable for the Lifetime of one AccessToken in seconds.
|
||||
"""
|
||||
class __OnlyOne:
|
||||
def __init__(self, arg):
|
||||
self.val = arg
|
||||
|
||||
def __str__(self):
|
||||
return repr(self) + self.val
|
||||
instance = None
|
||||
tokenList = None
|
||||
lifetime = 60
|
||||
|
@ -32,10 +27,6 @@ class AccesTokenController(Thread):
|
|||
Initialize Thread and set tokenList empty.
|
||||
"""
|
||||
LOGGER.info("Initialize AccessTokenController")
|
||||
if not AccesTokenController.instance:
|
||||
AccesTokenController.instance = AccesTokenController.__OnlyOne(arg)
|
||||
else:
|
||||
AccesTokenController.instance.val = arg
|
||||
|
||||
LOGGER.debug("Build Logger for VerificationThread")
|
||||
|
||||
|
@ -87,7 +78,7 @@ class AccesTokenController(Thread):
|
|||
"""
|
||||
LOGGER.info("Create AccessToken")
|
||||
now = datetime.ctime(datetime.now())
|
||||
token = hashlib.md5((now + user.password).encode('utf-8')).hexdigest()
|
||||
token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
|
||||
accToken = AccessToken(user, token)
|
||||
LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
|
||||
self.tokenList.append(accToken)
|
||||
|
@ -108,24 +99,27 @@ class AccesTokenController(Thread):
|
|||
"""
|
||||
print("controll if", accToken, "hase group", group)
|
||||
LOGGER.debug("Check if AccessToken {} has group {}".format(accToken, group))
|
||||
return True if accToken.user.group == group else False
|
||||
return True if group in accToken.user.group else False
|
||||
|
||||
def run(self):
|
||||
""" Starting Controll-Thread
|
||||
|
||||
Verify that the AccesToken are not out of date. If one AccessToken out of date it will be deletet from tokenList.
|
||||
"""
|
||||
valid_time=7200
|
||||
LOGGER.info("Start Thread for verification that the AccessToken are not out of date.")
|
||||
while True:
|
||||
self.LOGGER.debug("Name: {}".format(self.getName()))
|
||||
self.LOGGER.debug("Start to iterate through List of current Tokens")
|
||||
for accToken in self.tokenList:
|
||||
|
||||
self.LOGGER.debug("Check if AccessToken {} is out of date".format(accToken))
|
||||
if (datetime.now() - accToken.timestamp).seconds > 7200:
|
||||
if (datetime.now() - accToken.timestamp).seconds > valid_time:
|
||||
print("delete", accToken)
|
||||
self.LOGGER.info("Delete AccessToken {} from List of current Tokens".format(accToken))
|
||||
self.tokenList.remove(accToken)
|
||||
else:
|
||||
self.LOGGER.debug("AccessToken {} is up to date. {} seconds left".format(accToken, 7200 - (datetime.now() - accToken.timestamp).seconds))
|
||||
self.LOGGER.debug("AccessToken {} is up to date. {} seconds left".format(accToken, valid_time - (datetime.now() - accToken.timestamp).seconds))
|
||||
self.LOGGER.debug("List of current Tokens: {}".format(self.tokenList))
|
||||
self.LOGGER.info("Wait 10 Seconds")
|
||||
time.sleep(10)
|
||||
|
|
|
@ -0,0 +1,161 @@
|
|||
import pymysql
|
||||
from geruecht import Singleton
|
||||
from geruecht.model.user import User
|
||||
from geruecht.model.creditList import CreditList
|
||||
from datetime import datetime
|
||||
|
||||
class DatabaseController(metaclass=Singleton):
|
||||
'''
|
||||
DatabaesController
|
||||
|
||||
Connect to the Database and execute sql-executions
|
||||
'''
|
||||
|
||||
def __init__(self, url='192.168.5.108', user='wu5', password='E1n$tein', database='geruecht'):
|
||||
self.url = url
|
||||
self.user = user
|
||||
self.password = password
|
||||
self.database = database
|
||||
self.connect()
|
||||
|
||||
|
||||
def connect(self):
|
||||
try:
|
||||
self.db = pymysql.connect(self.url, self.user, self.password, self.database, cursorclass=pymysql.cursors.DictCursor)
|
||||
except Exception as err:
|
||||
raise err
|
||||
|
||||
def getAllUser(self):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("select * from user")
|
||||
data = cursor.fetchall()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
raise err
|
||||
|
||||
if data:
|
||||
return [User(value) for value in data]
|
||||
|
||||
def getUser(self, username):
|
||||
self.connect()
|
||||
retVal = None
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("select * from user where cn='{}'".format(username))
|
||||
data = cursor.fetchone()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
raise err
|
||||
if data:
|
||||
retVal = User(data)
|
||||
|
||||
return retVal
|
||||
|
||||
def _convertGroupToString(self, groups):
|
||||
retVal = ''
|
||||
for group in groups:
|
||||
if len(retVal) != 0:
|
||||
retVal += ','
|
||||
retVal += group
|
||||
return retVal
|
||||
|
||||
def insertUser(self, data):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
groups = self._convertGroupToString(data['group'])
|
||||
try:
|
||||
cursor.execute("insert into user (cn, dn, firstname, lastname, gruppe) VALUES ('{}','{}','{}','{}','{}')".format(
|
||||
data['cn'], data['dn'], data['givenName'], data['sn'], groups))
|
||||
self.db.commit()
|
||||
except Exception as err:
|
||||
self.db.rollback()
|
||||
self.db.close()
|
||||
raise err
|
||||
self.db.close()
|
||||
|
||||
def updateUser(self, data):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
groups = self._convertGroupToString(data['group'])
|
||||
try:
|
||||
cursor.execute("update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}' where cn='{}'".format(
|
||||
data['dn'], data['givenName'], data['sn'], groups, data['cn']))
|
||||
self.db.commit()
|
||||
except Exception as err:
|
||||
self.db.rollback()
|
||||
self.db.close()
|
||||
print(err.__traceback__)
|
||||
raise err
|
||||
|
||||
self.db.close()
|
||||
|
||||
def getCreditListFromUser(self, user, **kwargs):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
if 'year' in kwargs:
|
||||
sql = "select * from creditList where user_id={} and year_date={}".format(user.id, kwargs['year'])
|
||||
else:
|
||||
sql = "select * from creditList where user_id={}".format(user.id)
|
||||
cursor.execute(sql)
|
||||
data = cursor.fetchall()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
self.db.close()
|
||||
raise err
|
||||
if len(data) == 1:
|
||||
return [CreditList(data[0])]
|
||||
else:
|
||||
return [CreditList(value) for value in data]
|
||||
|
||||
def createCreditList(self, user_id, year=datetime.now().year):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("insert into creditList (year_date, user_id) values ({},{})".format(year, user_id))
|
||||
self.db.commit()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
self.db.close()
|
||||
raise err
|
||||
|
||||
def updateCreditList(self, creditlist):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("select * from creditList where user_id={} and year_date={}".format(creditlist.user_id, creditlist.year))
|
||||
data = cursor.fetchall()
|
||||
self.db.close()
|
||||
if len(data) == 0:
|
||||
self.createCreditList(creditlist.user_id, creditlist.year)
|
||||
sql = "update creditList set jan_guthaben={}, jan_schulden={},feb_guthaben={}, feb_schulden={}, maer_guthaben={}, maer_schulden={}, apr_guthaben={}, apr_schulden={}, mai_guthaben={}, mai_schulden={}, jun_guthaben={}, jun_schulden={}, jul_guthaben={}, jul_schulden={}, aug_guthaben={}, aug_schulden={},sep_guthaben={}, sep_schulden={},okt_guthaben={}, okt_schulden={}, nov_guthaben={}, nov_schulden={}, dez_guthaben={}, dez_schulden={}, last_schulden={} where year_date={} and user_id={}".format(creditlist.jan_guthaben, creditlist.jan_schulden,
|
||||
creditlist.feb_guthaben, creditlist.feb_schulden,
|
||||
creditlist.maer_guthaben, creditlist.maer_schulden,
|
||||
creditlist.apr_guthaben, creditlist.apr_schulden,
|
||||
creditlist.mai_guthaben, creditlist.mai_schulden,
|
||||
creditlist.jun_guthaben, creditlist.jun_schulden,
|
||||
creditlist.jul_guthaben, creditlist.jul_schulden,
|
||||
creditlist.aug_guthaben, creditlist.aug_schulden,
|
||||
creditlist.sep_guthaben, creditlist.sep_schulden,
|
||||
creditlist.okt_guthaben, creditlist.okt_schulden,
|
||||
creditlist.nov_guthaben, creditlist.nov_schulden,
|
||||
creditlist.dez_guthaben, creditlist.dez_schulden,
|
||||
creditlist.last_schulden, creditlist.year, creditlist.user_id)
|
||||
print(sql)
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
cursor.execute(sql)
|
||||
self.db.commit()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
self.db.rollback()
|
||||
self.db.close()
|
||||
raise err
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
db = DatabaseController()
|
||||
user = db.getUser('jhille')
|
||||
db.getCreditListFromUser(user, year=2018)
|
|
@ -0,0 +1,124 @@
|
|||
import ldap
|
||||
from geruecht import MONEY, USER, GASTRO, BAR, Singleton
|
||||
|
||||
class LDAPController(metaclass=Singleton):
|
||||
'''
|
||||
Authentification over LDAP. Create Account on-the-fly
|
||||
'''
|
||||
|
||||
def __init__(self, url="ldap://192.168.5.108", dn='dc=ldap,dc=example,dc=local'):
|
||||
self.url = url
|
||||
self.dn = dn
|
||||
self.connect()
|
||||
|
||||
def connect(self):
|
||||
try:
|
||||
self.client = ldap.initialize(self.url, bytes_mode=False)
|
||||
except Exception as err:
|
||||
raise err
|
||||
|
||||
def login(self, username, password):
|
||||
self.connect()
|
||||
try:
|
||||
self.client.bind_s("cn={},ou=user,{}".format(username, self.dn), password)
|
||||
self.client.unbind_s()
|
||||
except:
|
||||
self.client.unbind_s()
|
||||
raise Exception("Invalid Password or Username")
|
||||
|
||||
def getUserData(self, username):
|
||||
self.connect()
|
||||
search_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'cn={}'.format(username), ['cn', 'givenName', 'sn'])
|
||||
retVal = search_data[0][1]
|
||||
for k,v in retVal.items():
|
||||
retVal[k] = v[0].decode('utf-8')
|
||||
retVal['dn'] = self.dn
|
||||
return retVal
|
||||
|
||||
|
||||
def getGroup(self, username):
|
||||
retVal = []
|
||||
self.connect()
|
||||
main_group_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'cn={}'.format(username), ['gidNumber'])
|
||||
if main_group_data:
|
||||
main_group_number = main_group_data[0][1]['gidNumber'][0].decode('utf-8')
|
||||
group_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'gidNumber={}'.format(main_group_number), ['cn'])
|
||||
if group_data:
|
||||
group_name = group_data[0][1]['cn'][0].decode('utf-8')
|
||||
if group_name == 'ldap-user':
|
||||
retVal.append(USER)
|
||||
|
||||
groups_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'memberUID={}'.format(username), ['cn'])
|
||||
for data in groups_data:
|
||||
print(data[1]['cn'][0].decode('utf-8'))
|
||||
group_name = data[1]['cn'][0].decode('utf-8')
|
||||
if group_name == 'finanzer':
|
||||
retVal.append(MONEY)
|
||||
elif group_name == 'gastro':
|
||||
retVal.append(GASTRO)
|
||||
elif group_name == 'bar':
|
||||
retVal.append(BAR)
|
||||
return retVal
|
||||
|
||||
def __isUserInList(self, list, username):
|
||||
help_list = []
|
||||
for user in list:
|
||||
help_list.append(user['username'])
|
||||
if username in help_list:
|
||||
return True
|
||||
return False
|
||||
|
||||
def getAllUser(self):
|
||||
self.connect()
|
||||
retVal = []
|
||||
data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, attrlist=['cn', 'givenName', 'sn'])
|
||||
for user in data:
|
||||
if 'cn' in user[1]:
|
||||
username = user[1]['cn'][0].decode('utf-8')
|
||||
firstname = user[1]['givenName'][0].decode('utf-8')
|
||||
lastname = user[1]['sn'][0].decode('utf-8')
|
||||
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
||||
return retVal
|
||||
|
||||
def searchUser(self, searchString):
|
||||
self.connect()
|
||||
|
||||
name = searchString.split(" ")
|
||||
|
||||
for i in range(len(name)):
|
||||
name[i] = "*"+name[i]+"*"
|
||||
|
||||
|
||||
print(name)
|
||||
|
||||
name_result = []
|
||||
|
||||
if len(name) == 1:
|
||||
if name[0] == "**":
|
||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE,
|
||||
attrlist=['cn', 'givenName', 'sn']))
|
||||
else:
|
||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn']))
|
||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),['cn', 'givenName', 'sn']))
|
||||
else:
|
||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE,
|
||||
'givenName={}'.format(name[1]), ['cn', 'givenName', 'sn']))
|
||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[1]),
|
||||
['cn', 'givenName', 'sn']))
|
||||
retVal = []
|
||||
|
||||
for names in name_result:
|
||||
for user in names:
|
||||
if 'cn' in user[1]:
|
||||
username = user[1]['cn'][0].decode('utf-8')
|
||||
if not self.__isUserInList(retVal, username):
|
||||
firstname = user[1]['givenName'][0].decode('utf-8')
|
||||
lastname = user[1]['sn'][0].decode('utf-8')
|
||||
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
||||
|
||||
return retVal
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
a = LDAPController()
|
||||
a.getUserData('jhille')
|
|
@ -1,9 +1,8 @@
|
|||
from flask import Blueprint, request, jsonify
|
||||
from geruecht.finanzer import LOGGER
|
||||
from datetime import datetime
|
||||
from geruecht import MONEY
|
||||
from geruecht import MONEY, db
|
||||
from geruecht.routes import verifyAccessToken
|
||||
from geruecht.model.user import User
|
||||
|
||||
finanzer = Blueprint("finanzer", __name__)
|
||||
|
||||
|
@ -24,11 +23,13 @@ def _getFinanzer():
|
|||
accToken = verifyAccessToken(token, MONEY)
|
||||
if accToken is not None:
|
||||
LOGGER.debug("Get all Useres")
|
||||
users = User.query.all()
|
||||
users = db.getAllUser()
|
||||
dic = {}
|
||||
for user in users:
|
||||
LOGGER.debug("Add User {} to ReturnValue".format(user))
|
||||
dic[user.userID] = user.toJSON()
|
||||
dic[user.cn] = user.toJSON()
|
||||
creditList = db.getCreditListFromUser(user)
|
||||
dic[user.cn]['creditList'] = {credit.year: credit.toJSON() for credit in creditList}
|
||||
LOGGER.debug("ReturnValue is {}".format(dic))
|
||||
LOGGER.info("Send main for Finanzer")
|
||||
return jsonify(dic)
|
||||
|
@ -56,13 +57,13 @@ def _getFinanzerYear():
|
|||
LOGGER.debug("Get data {}".format(data))
|
||||
userID = data['userId']
|
||||
LOGGER.debug("UserID is {}".format(userID))
|
||||
user = User.query.filter_by(userID=userID).first()
|
||||
user = db.getUser(userID)
|
||||
LOGGER.debug("User is {}".format(user))
|
||||
dic[user.userID] = {}
|
||||
dic[user.cn] = {}
|
||||
LOGGER.debug("Build ReturnValue")
|
||||
for geruecht in user.geruechte:
|
||||
LOGGER.debug("Add Geruecht {} to ReturnValue".format(geruecht))
|
||||
dic[user.userID][geruecht.year] = geruecht.toJSON()
|
||||
dic[user.cn][geruecht.year] = geruecht.toJSON()
|
||||
LOGGER.debug("ReturnValue is {}".format(dic))
|
||||
LOGGER.info("Send Geruechte from User {}".format(user))
|
||||
return jsonify(dic)
|
||||
|
@ -103,7 +104,7 @@ def _addAmount():
|
|||
LOGGER.error("KeyError in month. Month is set to default.")
|
||||
month = datetime.now().month
|
||||
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
||||
user = User.query.filter_by(userID=userID).first()
|
||||
user = db.getUser(userID)
|
||||
LOGGER.debug("User is {}".format(user))
|
||||
LOGGER.debug("Add amount to User {} in year {} and month {}".format(user, year, month))
|
||||
user.addAmount(amount, year=year, month=month)
|
||||
|
@ -131,7 +132,9 @@ def _addCredit():
|
|||
accToken = verifyAccessToken(token, MONEY)
|
||||
|
||||
if accToken is not None:
|
||||
|
||||
data = request.get_json()
|
||||
print(data)
|
||||
LOGGER.debug("Get data {}".format(data))
|
||||
userID = data['userId']
|
||||
credit = int(data['credit'])
|
||||
|
@ -149,7 +152,7 @@ def _addCredit():
|
|||
month = datetime.now().month
|
||||
|
||||
LOGGER.debug("Year is {} and Month is {}".format(year, month))
|
||||
user = User.query.filter_by(userID=userID).first()
|
||||
user = db.getUser(userID)
|
||||
LOGGER.debug("User is {}".format(user))
|
||||
LOGGER.debug("Add credit to User {} in year {} and month {}".format(user, year, month))
|
||||
user.addCredit(credit, year=year, month=month)
|
||||
|
|
|
@ -1,10 +1,40 @@
|
|||
from geruecht import db
|
||||
from datetime import datetime
|
||||
from geruecht import getLogger
|
||||
import geruecht
|
||||
|
||||
LOGGER = getLogger(__name__)
|
||||
def create_empty_data():
|
||||
empty_data = {'id': 0,
|
||||
'jan_guthaben': 0,
|
||||
'jan_schulden': 0,
|
||||
'feb_guthaben': 0,
|
||||
'feb_schulden': 0,
|
||||
'maer_guthaben': 0,
|
||||
'maer_schulden': 0,
|
||||
'apr_guthaben': 0,
|
||||
'apr_schulden': 0,
|
||||
'mai_guthaben': 0,
|
||||
'mai_schulden': 0,
|
||||
'jun_guthaben': 0,
|
||||
'jun_schulden': 0,
|
||||
'jul_guthaben': 0,
|
||||
'jul_schulden': 0,
|
||||
'aug_guthaben': 0,
|
||||
'aug_schulden': 0,
|
||||
'sep_guthaben': 0,
|
||||
'sep_schulden': 0,
|
||||
'okt_guthaben': 0,
|
||||
'okt_schulden': 0,
|
||||
'nov_guthaben': 0,
|
||||
'nov_schulden': 0,
|
||||
'dez_guthaben': 0,
|
||||
'dez_schulden': 0,
|
||||
'last_schulden': 0,
|
||||
'year_date': datetime.now().year,
|
||||
'user_id': 0}
|
||||
return empty_data
|
||||
|
||||
class CreditList(db.Model):
|
||||
class CreditList():
|
||||
""" DataBase Object Credit List:
|
||||
|
||||
Attributes:
|
||||
|
@ -16,50 +46,53 @@ class CreditList(db.Model):
|
|||
year: Year of all Credits and Debts.
|
||||
user_id: id from the User.
|
||||
"""
|
||||
LOGGER.debug("Initialize Geruecht")
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
def __init__(self, data):
|
||||
LOGGER.debug("Initialize Geruecht")
|
||||
self.id = int(data['id'])
|
||||
|
||||
jan_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
jan_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.jan_guthaben = int(data['jan_guthaben'])
|
||||
self.jan_schulden = int(data['jan_schulden'])
|
||||
|
||||
feb_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
feb_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.feb_guthaben = int(data['feb_guthaben'])
|
||||
self.feb_schulden = int(data['feb_schulden'])
|
||||
|
||||
maer_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
maer_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.maer_guthaben = int(data['maer_guthaben'])
|
||||
self.maer_schulden = int(data['maer_schulden'])
|
||||
|
||||
apr_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
apr_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.apr_guthaben = int(data['apr_guthaben'])
|
||||
self.apr_schulden = int(data['apr_schulden'])
|
||||
|
||||
mai_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
mai_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.mai_guthaben = int(data['mai_guthaben'])
|
||||
self.mai_schulden = int(data['mai_schulden'])
|
||||
|
||||
jun_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
jun_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.jun_guthaben = int(data['jun_guthaben'])
|
||||
self.jun_schulden = int(data['jun_schulden'])
|
||||
|
||||
jul_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
jul_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.jul_guthaben = int(data['jul_guthaben'])
|
||||
self.jul_schulden = int(data['jul_schulden'])
|
||||
|
||||
aug_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
aug_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.aug_guthaben = int(data['aug_guthaben'])
|
||||
self.aug_schulden = int(data['aug_schulden'])
|
||||
|
||||
sep_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
sep_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.sep_guthaben = int(data['sep_guthaben'])
|
||||
self.sep_schulden = int(data['sep_schulden'])
|
||||
|
||||
okt_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
okt_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.okt_guthaben = int(data['okt_guthaben'])
|
||||
self.okt_schulden = int(data['okt_schulden'])
|
||||
|
||||
nov_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
nov_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.nov_guthaben = int(data['nov_guthaben'])
|
||||
self.nov_schulden = int(data['nov_schulden'])
|
||||
|
||||
dez_guthaben = db.Column(db.Integer, nullable=False, default=0)
|
||||
dez_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.dez_guthaben = int(data['dez_guthaben'])
|
||||
self.dez_schulden = int(data['dez_schulden'])
|
||||
|
||||
last_schulden = db.Column(db.Integer, nullable=False, default=0)
|
||||
self.last_schulden = int(data['last_schulden'])
|
||||
|
||||
year = db.Column(db.Integer, nullable=False, default=datetime.now().year)
|
||||
self.year = int(data['year_date'])
|
||||
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
self.user_id = int(data['user_id'])
|
||||
|
||||
self.db = geruecht.getDatabesController()
|
||||
|
||||
def getSchulden(self):
|
||||
""" Get Schulden
|
||||
|
@ -185,7 +218,8 @@ class CreditList(db.Model):
|
|||
self.dez_schulden += amount
|
||||
retValue = (self.dez_guthaben, self.dez_schulden)
|
||||
|
||||
db.session.commit()
|
||||
#db.session.commit()
|
||||
self.db.updateCreditList(self)
|
||||
LOGGER.debug("Credit and Amount is {}".format(retValue))
|
||||
return retValue
|
||||
|
||||
|
@ -239,8 +273,8 @@ class CreditList(db.Model):
|
|||
elif month == 12:
|
||||
self.dez_guthaben += credit
|
||||
retValue = (self.dez_guthaben, self.dez_schulden)
|
||||
|
||||
db.session.commit()
|
||||
self.db.updateCreditList(self)
|
||||
#db.session.commit()
|
||||
LOGGER.debug("Credit and Amount is {}".format(retValue))
|
||||
return retValue
|
||||
|
||||
|
@ -287,6 +321,7 @@ class CreditList(db.Model):
|
|||
"dez": {
|
||||
"credit": self.dez_guthaben,
|
||||
"depts": self.dez_schulden},
|
||||
"last": self.last_schulden
|
||||
}
|
||||
return dic
|
||||
|
||||
|
|
|
@ -1,10 +1,12 @@
|
|||
from geruecht import db, bcrypt, getLogger
|
||||
from geruecht.model.creditList import CreditList
|
||||
from geruecht import getLogger
|
||||
import geruecht
|
||||
from geruecht.model.creditList import CreditList, create_empty_data
|
||||
from datetime import datetime
|
||||
|
||||
LOGGER = getLogger(__name__)
|
||||
|
||||
class User(db.Model):
|
||||
|
||||
class User():
|
||||
""" Database Object for User
|
||||
|
||||
Table for all safed User
|
||||
|
@ -18,15 +20,28 @@ class User(db.Model):
|
|||
group: Which group is the User? moneymaster, gastro, user or bar?
|
||||
password: salted hashed password for the User.
|
||||
"""
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
userID = db.Column(db.String, nullable=False, unique=True)
|
||||
username = db.Column(db.String, nullable=False, unique=True)
|
||||
firstname = db.Column(db.String, nullable=False)
|
||||
lastname = db.Column(db.String, nullable=False)
|
||||
group = db.Column(db.String, nullable=False)
|
||||
password = db.Column(db.String, nullable=False)
|
||||
def __init__(self, data):
|
||||
self.id = int(data['id'])
|
||||
self.cn = data['cn']
|
||||
self.dn = data['dn']
|
||||
self.firstname = data['firstname']
|
||||
self.lastname = data['lastname']
|
||||
self.group = data['gruppe']
|
||||
if type(data['gruppe']) == list:
|
||||
self.group = data['gruppe']
|
||||
elif type(data['gruppe']) == str:
|
||||
self.group = data['gruppe'].split(',')
|
||||
|
||||
geruechte = db.relationship('CreditList', backref='user', lazy=True)
|
||||
self.db = geruecht.getDatabesController()
|
||||
self.ldap = geruecht.getLDAPController()
|
||||
self.geruechte = []
|
||||
geruechte = self.db.getCreditListFromUser(self)
|
||||
if type(geruechte) == list:
|
||||
self.geruechte = geruechte
|
||||
elif type(geruechte) == CreditList:
|
||||
self.geruechte.append(geruechte)
|
||||
self.updateGeruecht()
|
||||
#geruechte = db.relationship('CreditList', backref='user', lazy=True)
|
||||
|
||||
def createGeruecht(self, amount=0, year=datetime.now().year):
|
||||
""" Create Geruecht
|
||||
|
@ -42,10 +57,14 @@ class User(db.Model):
|
|||
the created geruecht
|
||||
"""
|
||||
LOGGER.debug("Create Geruecht for user {} in year {}".format(self, year))
|
||||
credit = CreditList(user_id=self.id, last_schulden=amount, year=year)
|
||||
db.session.add(credit)
|
||||
db.session.commit()
|
||||
credit = CreditList.query.filter_by(year=year, user_id=self.id).first()
|
||||
data = create_empty_data()
|
||||
data['user_id'] = self.id
|
||||
data['last_schulden'] = amount
|
||||
data['year_date'] = year
|
||||
credit = CreditList(data)
|
||||
self.geruechte.append(credit)
|
||||
self.db.updateCreditList(credit)
|
||||
credit = self.db.getCreditListFromUser(self, year=year)
|
||||
LOGGER.debug("Created Geruecht {}".format(credit))
|
||||
return credit
|
||||
|
||||
|
@ -72,7 +91,7 @@ class User(db.Model):
|
|||
|
||||
self.updateGeruecht()
|
||||
|
||||
return geruecht
|
||||
return self.getGeruecht(year=year)
|
||||
|
||||
def addAmount(self, amount, year=datetime.now().year, month=datetime.now().month):
|
||||
""" Add Amount
|
||||
|
@ -92,8 +111,7 @@ class User(db.Model):
|
|||
geruecht = self.getGeruecht(year=year)
|
||||
retVal = geruecht.addAmount(amount, month=month)
|
||||
|
||||
db.session.add(geruecht)
|
||||
db.session.commit()
|
||||
self.db.updateCreditList(geruecht)
|
||||
|
||||
self.updateGeruecht()
|
||||
|
||||
|
@ -117,8 +135,7 @@ class User(db.Model):
|
|||
geruecht = self.getGeruecht(year=year)
|
||||
retVal = geruecht.addCredit(credit, month=month)
|
||||
|
||||
db.session.add(geruecht)
|
||||
db.session.commit()
|
||||
self.db.updateCreditList(geruecht)
|
||||
|
||||
self.updateGeruecht()
|
||||
|
||||
|
@ -137,8 +154,7 @@ class User(db.Model):
|
|||
geruecht.last_schulden = 0
|
||||
if index != 0:
|
||||
geruecht.last_schulden = (self.geruechte[index - 1].getSchulden() * -1)
|
||||
|
||||
db.session.commit()
|
||||
self.db.updateCreditList(geruecht)
|
||||
|
||||
def sortYear(self, geruecht):
|
||||
""" Sort Year
|
||||
|
@ -161,14 +177,21 @@ class User(db.Model):
|
|||
A Dic with static Attributes.
|
||||
"""
|
||||
dic = {
|
||||
"userId": self.userID,
|
||||
"username": self.username,
|
||||
"userId": self.cn,
|
||||
"cn": self.cn,
|
||||
"dn": self.dn,
|
||||
"firstname": self.firstname,
|
||||
"lastname": self.lastname,
|
||||
"group": self.group,
|
||||
"username": self.cn
|
||||
}
|
||||
return dic
|
||||
|
||||
def updateUser(self):
|
||||
data = self.ldap.getUserData(self.cn)
|
||||
data['group'] = self.ldap.getGroup(self.cn)
|
||||
self.db.updateUser(data)
|
||||
|
||||
def login(self, password):
|
||||
""" Login for the User
|
||||
|
||||
|
@ -178,7 +201,14 @@ class User(db.Model):
|
|||
A Bool. True if the password is correct and False if it isn't.
|
||||
"""
|
||||
LOGGER.debug("Login User {}".format(self))
|
||||
return True if bcrypt.check_password_hash(self.password, password) else False
|
||||
try:
|
||||
self.ldap.login(self.cn, password)
|
||||
|
||||
self.updateUser()
|
||||
return True
|
||||
except:
|
||||
return False
|
||||
|
||||
def __repr__(self):
|
||||
return "User({}, {}, {})".format(self.userID, self.username, self.group)
|
||||
return "User({}, {}, {})".format(self.cn, self.dn, self.group)
|
||||
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
from geruecht import app, db, accesTokenController, MONEY, BAR, USER, GASTRO, LOGGER
|
||||
from geruecht import ldapController as ldap
|
||||
from geruecht.model.user import User
|
||||
from geruecht.model.creditList import CreditList
|
||||
from geruecht.model.priceList import PriceList
|
||||
from datetime import datetime
|
||||
from flask import request, jsonify
|
||||
|
||||
def login(user, password):
|
||||
return user.login(password)
|
||||
|
||||
def verifyAccessToken(token, group):
|
||||
""" Verify Accestoken
|
||||
|
||||
|
@ -58,18 +59,36 @@ def _login():
|
|||
"""
|
||||
LOGGER.info("Start log in.")
|
||||
data = request.get_json()
|
||||
print(data)
|
||||
LOGGER.debug("JSON from request: {}".format(data))
|
||||
username = data['username']
|
||||
password = data['password']
|
||||
LOGGER.info("search {} in database".format(username))
|
||||
user = db.getUser(username)
|
||||
if user is None:
|
||||
LOGGER.info("User {} not found. Authenticate over LDAP and create User.")
|
||||
try:
|
||||
ldap.login(username, password)
|
||||
LOGGER.info("Authentification successfull. Search Group")
|
||||
groups = ldap.getGroup(username)
|
||||
LOGGER.info("Get userdata from LDAP")
|
||||
user_data = ldap.getUserData(username)
|
||||
user_data['group'] = groups
|
||||
LOGGER.info('Insert user {} into database')
|
||||
db.insertUser(user_data)
|
||||
|
||||
except Exception as err:
|
||||
return jsonify({"error": str(err)}), 401
|
||||
LOGGER.info("{} try to log in".format(username))
|
||||
user = User.query.filter_by(username=username).first()
|
||||
user = db.getUser(username)
|
||||
LOGGER.debug("User is {}".format(user))
|
||||
if user:
|
||||
LOGGER.debug("Check login for User {}".format(user))
|
||||
if user.login(password):
|
||||
if login(user, password):
|
||||
token = accesTokenController.createAccesToken(user)
|
||||
dic = user.toJSON()
|
||||
dic["token"] = token
|
||||
dic["accessToken"] = token
|
||||
LOGGER.info("User {} success login.".format(username))
|
||||
return jsonify(dic)
|
||||
else:
|
||||
|
|
Loading…
Reference in New Issue