diff --git a/geruecht/baruser/routes.py b/geruecht/baruser/routes.py index 706b938..8653305 100644 --- a/geruecht/baruser/routes.py +++ b/geruecht/baruser/routes.py @@ -2,7 +2,7 @@ from flask import Blueprint, request, jsonify import geruecht.controller.ldapController as lc import geruecht.controller.userController as uc from datetime import datetime -from geruecht.model import BAR, MONEY, USER +from geruecht.model import BAR, MONEY, USER, VORSTAND from geruecht.decorator import login_required baruser = Blueprint("baruser", __name__) @@ -143,11 +143,12 @@ def _getUser(**kwargs): retVal['type'] = type return jsonify(retVal) - -@baruser.route("/search", methods=['POST']) -@login_required(groups=[BAR, MONEY, USER]) +@baruser.route("/search", methods=['GET']) +@login_required(groups=[BAR, MONEY, USER,VORSTAND]) def _search(**kwargs): - data = request.get_json() - searchString = data['searchString'] - retVal = ldap.searchUser(searchString) + retVal = ldap.getAllUser() + for user in retVal: + if user['username'] == 'extern': + retVal.remove(user) + break return jsonify(retVal) diff --git a/geruecht/controller/databaseController.py b/geruecht/controller/databaseController.py index b54f846..d2d1fdb 100644 --- a/geruecht/controller/databaseController.py +++ b/geruecht/controller/databaseController.py @@ -18,7 +18,7 @@ class DatabaseController(metaclass=Singleton): def __init__(self): self.db = db - def getAllUser(self): + def getAllUser(self, extern=False): try: cursor = self.db.connection.cursor() cursor.execute("select * from user") @@ -27,6 +27,8 @@ class DatabaseController(metaclass=Singleton): if data: retVal = [] for value in data: + if extern and value['uid'] == 'extern': + continue user = User(value) creditLists = self.getCreditListFromUser(user) user.initGeruechte(creditLists) diff --git a/geruecht/controller/ldapController.py b/geruecht/controller/ldapController.py index 2e09d9b..b79ea56 100644 --- a/geruecht/controller/ldapController.py +++ b/geruecht/controller/ldapController.py @@ -1,7 +1,7 @@ from geruecht import ldap from ldap3 import SUBTREE, MODIFY_REPLACE, HASHED_SALTED_MD5 from ldap3.utils.hashed import hashed -from geruecht.model import MONEY, USER, GASTRO, BAR +from geruecht.model import MONEY, USER, GASTRO, BAR, VORSTAND, EXTERN from geruecht.exceptions import PermissionDenied from . import Singleton from geruecht.exceptions import UsernameExistLDAP, LDAPExcetpion @@ -59,6 +59,8 @@ class LDAPController(metaclass=Singleton): group_name = self.ldap.connection.response[0]['attributes']['cn'][0] if group_name == 'ldap-user': retVal.append(USER) + if group_name == 'extern': + retVal.append(EXTERN) self.ldap.connection.search('ou=group,{}'.format(self.dn), '(memberUID={})'.format(username), SUBTREE, attributes=['cn']) groups_data = self.ldap.connection.response @@ -70,6 +72,8 @@ class LDAPController(metaclass=Singleton): retVal.append(GASTRO) elif group_name == 'bar': retVal.append(BAR) + elif group_name == 'vorstand': + retVal.append(VORSTAND) return retVal except Exception as err: traceback.print_exc() @@ -84,7 +88,6 @@ class LDAPController(metaclass=Singleton): def getAllUser(self): retVal = [] - self.ldap.connection.search() self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid=*)', SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail']) data = self.ldap.connection.response for user in data: diff --git a/geruecht/controller/userController.py b/geruecht/controller/userController.py index 497b2bb..8f9ae5c 100644 --- a/geruecht/controller/userController.py +++ b/geruecht/controller/userController.py @@ -187,6 +187,8 @@ class UserController(metaclass=Singleton): def addAmount(self, username, amount, year, month, finanzer=False): user = self.getUser(username) + if user.uid == 'extern': + return if not user.locked or finanzer: user.addAmount(amount, year=year, month=month) creditLists = user.updateGeruecht() @@ -197,6 +199,8 @@ class UserController(metaclass=Singleton): def addCredit(self, username, credit, year, month): user = self.getUser(username) + if user.uid == 'extern': + return user.addCredit(credit, year=year, month=month) creditLists = user.updateGeruecht() for creditList in creditLists: @@ -212,7 +216,7 @@ class UserController(metaclass=Singleton): except: pass self.__updateGeruechte(user) - return db.getAllUser() + return db.getAllUser(extern=True) def checkBarUser(self, user): date = datetime.now() diff --git a/geruecht/model/__init__.py b/geruecht/model/__init__.py index a0d2bbb..065f441 100644 --- a/geruecht/model/__init__.py +++ b/geruecht/model/__init__.py @@ -1,4 +1,6 @@ MONEY = "moneymaster" +VORSTAND = "vorstand" +EXTERN = "extern" GASTRO = "gastro" USER = "user" BAR = "bar" \ No newline at end of file diff --git a/geruecht/routes.py b/geruecht/routes.py index 785327e..4fedfcd 100644 --- a/geruecht/routes.py +++ b/geruecht/routes.py @@ -3,7 +3,7 @@ from geruecht.decorator import login_required from geruecht.exceptions import PermissionDenied import geruecht.controller.accesTokenController as ac import geruecht.controller.userController as uc -from geruecht.model import MONEY, BAR, USER, GASTRO +from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN from flask import request, jsonify accesTokenController = ac.AccesTokenController() @@ -48,7 +48,7 @@ def getTypes(): return jsonify({"error": str(err)}), 500 @app.route('/getAllStatus', methods=['GET']) -@login_required(groups=[USER, MONEY, GASTRO, BAR]) +@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND]) def _getAllStatus(**kwargs): try: retVal = userController.getAllStatus() @@ -57,7 +57,7 @@ def _getAllStatus(**kwargs): return jsonify({"error": str(err)}), 500 @app.route('/getStatus', methods=['POST']) -@login_required(groups=[USER, MONEY, GASTRO, BAR]) +@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND]) def _getStatus(**kwargs): try: data = request.get_json() @@ -68,7 +68,7 @@ def _getStatus(**kwargs): return jsonify({"error": str(err)}), 500 @app.route('/getUsers', methods=['GET']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _getUsers(**kwargs): try: users = userController.getAllUsersfromDB() @@ -98,14 +98,14 @@ def _login(): user, ldap_conn = userController.loginUser(username, password) user.password = password token = accesTokenController.createAccesToken(user, ldap_conn) - dic = accesTokenController.validateAccessToken(token, [USER]).user.toJSON() + dic = accesTokenController.validateAccessToken(token, [USER, EXTERN]).user.toJSON() dic["token"] = token dic["accessToken"] = token LOGGER.info("User {} success login.".format(username)) return jsonify(dic) except PermissionDenied as err: return jsonify({"error": str(err)}), 401 - except Exception: + except Exception as err: return jsonify({"error": "permission denied"}), 401 LOGGER.info("User {} does not exist.".format(username)) return jsonify({"error": "wrong username"}), 401 diff --git a/geruecht/vorstand/routes.py b/geruecht/vorstand/routes.py index 2dd9c29..c83bff3 100644 --- a/geruecht/vorstand/routes.py +++ b/geruecht/vorstand/routes.py @@ -1,15 +1,17 @@ from flask import Blueprint, request, jsonify from datetime import datetime import geruecht.controller.userController as uc +import geruecht.controller.ldapController as lc from geruecht.decorator import login_required -from geruecht.model import MONEY, GASTRO +from geruecht.model import MONEY, GASTRO, VORSTAND import time vorstand = Blueprint("vorstand", __name__) userController = uc.UserController() +ldap= lc.LDAPController() @vorstand.route('/um/setStatus', methods=['POST']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _setStatus(**kwargs): try: data = request.get_json() @@ -20,7 +22,7 @@ def _setStatus(**kwargs): return jsonify({"error": str(err)}), 500 @vorstand.route('/um/updateStatus', methods=['POST']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _updateStatus(**kwargs): try: data = request.get_json() @@ -30,7 +32,7 @@ def _updateStatus(**kwargs): return jsonify({"error": str(err)}), 500 @vorstand.route('/um/deleteStatus', methods=['POST']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _deleteStatus(**kwargs): try: data = request.get_json() @@ -40,7 +42,7 @@ def _deleteStatus(**kwargs): return jsonify({"error": str(err)}), 409 @vorstand.route('/um/updateStatusUser', methods=['POST']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _updateStatusUser(**kwargs): try: data = request.get_json() @@ -52,7 +54,7 @@ def _updateStatusUser(**kwargs): return jsonify({"error": str(err)}), 500 @vorstand.route('/um/updateVoting', methods=['POST']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _updateVoting(**kwargs): try: data = request.get_json() @@ -64,7 +66,7 @@ def _updateVoting(**kwargs): return jsonify({"error": str(err)}), 500 @vorstand.route("/sm/addUser", methods=['POST', 'GET']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _addUser(**kwargs): if request.method == 'GET': @@ -81,7 +83,7 @@ def _addUser(**kwargs): return jsonify(retVal) @vorstand.route("/sm/getUser", methods=['POST']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _getUser(**kwargs): data = request.get_json() day = data['day'] @@ -127,7 +129,7 @@ def _deletUser(**kwargs): return jsonify({"ok": "ok"}) @vorstand.route("/sm/lockDay", methods=['POST']) -@login_required(groups=[MONEY, GASTRO]) +@login_required(groups=[MONEY, GASTRO, VORSTAND]) def _lockDay(**kwargs): try: data = request.get_json() @@ -158,4 +160,10 @@ def _lockDay(**kwargs): print(retVal) return jsonify(retVal) except Exception as err: - return jsonify({'error': err}), 409 \ No newline at end of file + return jsonify({'error': err}), 409 + +@vorstand.route("/sm/searchWithExtern", methods=['GET']) +@login_required(groups=[VORSTAND]) +def _search(**kwargs): + retVal = ldap.getAllUser() + return jsonify(retVal) \ No newline at end of file