Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

finished ##213

This commit is contained in:
Tim Gröger 2020-03-04 21:11:41 +01:00
parent 068da1e57b
commit abe081c589
7 changed files with 47 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
geruecht/baruser/routes.py
View File

@ -2,7 +2,7 @@ from flask import Blueprint, request, jsonify
import geruecht.controller.ldapController as lc
import geruecht.controller.userController as uc
from datetime import datetime
from geruecht.model import BAR, MONEY, USER
from geruecht.model import BAR, MONEY, USER, VORSTAND
from geruecht.decorator import login_required
baruser = Blueprint("baruser", __name__)
@ -143,11 +143,12 @@ def _getUser(**kwargs):
retVal['type'] = type
return jsonify(retVal)
@baruser.route("/search", methods=['POST'])
@login_required(groups=[BAR, MONEY, USER])
@baruser.route("/search", methods=['GET'])
@login_required(groups=[BAR, MONEY, USER,VORSTAND])
def _search(**kwargs):
data = request.get_json()
searchString = data['searchString']
retVal = ldap.searchUser(searchString)
retVal = ldap.getAllUser()
for user in retVal:
if user['username'] == 'extern':
retVal.remove(user)
break
return jsonify(retVal)

4
geruecht/controller/databaseController.py
View File

@ -18,7 +18,7 @@ class DatabaseController(metaclass=Singleton):
def __init__(self):
self.db = db
def getAllUser(self):
def getAllUser(self, extern=False):
try:
cursor = self.db.connection.cursor()
cursor.execute("select * from user")
@ -27,6 +27,8 @@ class DatabaseController(metaclass=Singleton):
if data:
retVal = []
for value in data:
if extern and value['uid'] == 'extern':
continue
user = User(value)
creditLists = self.getCreditListFromUser(user)
user.initGeruechte(creditLists)

7
geruecht/controller/ldapController.py
View File

@ -1,7 +1,7 @@
from geruecht import ldap
from ldap3 import SUBTREE, MODIFY_REPLACE, HASHED_SALTED_MD5
from ldap3.utils.hashed import hashed
from geruecht.model import MONEY, USER, GASTRO, BAR
from geruecht.model import MONEY, USER, GASTRO, BAR, VORSTAND, EXTERN
from geruecht.exceptions import PermissionDenied
from . import Singleton
from geruecht.exceptions import UsernameExistLDAP, LDAPExcetpion
@ -59,6 +59,8 @@ class LDAPController(metaclass=Singleton):
group_name = self.ldap.connection.response[0]['attributes']['cn'][0]
if group_name == 'ldap-user':
retVal.append(USER)
if group_name == 'extern':
retVal.append(EXTERN)
self.ldap.connection.search('ou=group,{}'.format(self.dn), '(memberUID={})'.format(username), SUBTREE, attributes=['cn'])
groups_data = self.ldap.connection.response
@ -70,6 +72,8 @@ class LDAPController(metaclass=Singleton):
retVal.append(GASTRO)
elif group_name == 'bar':
retVal.append(BAR)
elif group_name == 'vorstand':
retVal.append(VORSTAND)
return retVal
except Exception as err:
traceback.print_exc()
@ -84,7 +88,6 @@ class LDAPController(metaclass=Singleton):
def getAllUser(self):
retVal = []
self.ldap.connection.search()
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid=*)', SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
data = self.ldap.connection.response
for user in data:

6
geruecht/controller/userController.py
View File

@ -187,6 +187,8 @@ class UserController(metaclass=Singleton):
def addAmount(self, username, amount, year, month, finanzer=False):
user = self.getUser(username)
if user.uid == 'extern':
return
if not user.locked or finanzer:
user.addAmount(amount, year=year, month=month)
creditLists = user.updateGeruecht()
@ -197,6 +199,8 @@ class UserController(metaclass=Singleton):
def addCredit(self, username, credit, year, month):
user = self.getUser(username)
if user.uid == 'extern':
return
user.addCredit(credit, year=year, month=month)
creditLists = user.updateGeruecht()
for creditList in creditLists:
@ -212,7 +216,7 @@ class UserController(metaclass=Singleton):
except:
pass
self.__updateGeruechte(user)
return db.getAllUser()
return db.getAllUser(extern=True)
def checkBarUser(self, user):
date = datetime.now()

2
geruecht/model/__init__.py
View File

@ -1,4 +1,6 @@
MONEY = "moneymaster"
VORSTAND = "vorstand"
EXTERN = "extern"
GASTRO = "gastro"
USER = "user"
BAR = "bar"

12
geruecht/routes.py
View File

@ -3,7 +3,7 @@ from geruecht.decorator import login_required
from geruecht.exceptions import PermissionDenied
import geruecht.controller.accesTokenController as ac
import geruecht.controller.userController as uc
from geruecht.model import MONEY, BAR, USER, GASTRO
from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN
from flask import request, jsonify
accesTokenController = ac.AccesTokenController()
@ -48,7 +48,7 @@ def getTypes():
return jsonify({"error": str(err)}), 500
@app.route('/getAllStatus', methods=['GET'])
@login_required(groups=[USER, MONEY, GASTRO, BAR])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
def _getAllStatus(**kwargs):
try:
retVal = userController.getAllStatus()
@ -57,7 +57,7 @@ def _getAllStatus(**kwargs):
return jsonify({"error": str(err)}), 500
@app.route('/getStatus', methods=['POST'])
@login_required(groups=[USER, MONEY, GASTRO, BAR])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
def _getStatus(**kwargs):
try:
data = request.get_json()
@ -68,7 +68,7 @@ def _getStatus(**kwargs):
return jsonify({"error": str(err)}), 500
@app.route('/getUsers', methods=['GET'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _getUsers(**kwargs):
try:
users = userController.getAllUsersfromDB()
@ -98,14 +98,14 @@ def _login():
user, ldap_conn = userController.loginUser(username, password)
user.password = password
token = accesTokenController.createAccesToken(user, ldap_conn)
dic = accesTokenController.validateAccessToken(token, [USER]).user.toJSON()
dic = accesTokenController.validateAccessToken(token, [USER, EXTERN]).user.toJSON()
dic["token"] = token
dic["accessToken"] = token
LOGGER.info("User {} success login.".format(username))
return jsonify(dic)
except PermissionDenied as err:
return jsonify({"error": str(err)}), 401
except Exception:
except Exception as err:
return jsonify({"error": "permission denied"}), 401
LOGGER.info("User {} does not exist.".format(username))
return jsonify({"error": "wrong username"}), 401

28
geruecht/vorstand/routes.py
View File

@ -1,15 +1,17 @@
from flask import Blueprint, request, jsonify
from datetime import datetime
import geruecht.controller.userController as uc
import geruecht.controller.ldapController as lc
from geruecht.decorator import login_required
from geruecht.model import MONEY, GASTRO
from geruecht.model import MONEY, GASTRO, VORSTAND
import time
vorstand = Blueprint("vorstand", __name__)
userController = uc.UserController()
ldap= lc.LDAPController()
@vorstand.route('/um/setStatus', methods=['POST'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _setStatus(**kwargs):
try:
data = request.get_json()
@ -20,7 +22,7 @@ def _setStatus(**kwargs):
return jsonify({"error": str(err)}), 500
@vorstand.route('/um/updateStatus', methods=['POST'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _updateStatus(**kwargs):
try:
data = request.get_json()
@ -30,7 +32,7 @@ def _updateStatus(**kwargs):
return jsonify({"error": str(err)}), 500
@vorstand.route('/um/deleteStatus', methods=['POST'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _deleteStatus(**kwargs):
try:
data = request.get_json()
@ -40,7 +42,7 @@ def _deleteStatus(**kwargs):
return jsonify({"error": str(err)}), 409
@vorstand.route('/um/updateStatusUser', methods=['POST'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _updateStatusUser(**kwargs):
try:
data = request.get_json()
@ -52,7 +54,7 @@ def _updateStatusUser(**kwargs):
return jsonify({"error": str(err)}), 500
@vorstand.route('/um/updateVoting', methods=['POST'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _updateVoting(**kwargs):
try:
data = request.get_json()
@ -64,7 +66,7 @@ def _updateVoting(**kwargs):
return jsonify({"error": str(err)}), 500
@vorstand.route("/sm/addUser", methods=['POST', 'GET'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _addUser(**kwargs):
if request.method == 'GET':
@ -81,7 +83,7 @@ def _addUser(**kwargs):
return jsonify(retVal)
@vorstand.route("/sm/getUser", methods=['POST'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _getUser(**kwargs):
data = request.get_json()
day = data['day']
@ -127,7 +129,7 @@ def _deletUser(**kwargs):
return jsonify({"ok": "ok"})
@vorstand.route("/sm/lockDay", methods=['POST'])
@login_required(groups=[MONEY, GASTRO])
@login_required(groups=[MONEY, GASTRO, VORSTAND])
def _lockDay(**kwargs):
try:
data = request.get_json()
@ -158,4 +160,10 @@ def _lockDay(**kwargs):
print(retVal)
return jsonify(retVal)
except Exception as err:
return jsonify({'error': err}), 409
return jsonify({'error': err}), 409
@vorstand.route("/sm/searchWithExtern", methods=['GET'])
@login_required(groups=[VORSTAND])
def _search(**kwargs):
retVal = ldap.getAllUser()
return jsonify(retVal)