Merge branch 'feature/lockbar' into develop
This commit is contained in:
commit
caee854c48
|
@ -16,7 +16,7 @@ userController = uc.UserController()
|
|||
|
||||
|
||||
@baruser.route("/bar")
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _bar(**kwargs):
|
||||
""" Main function for Baruser
|
||||
|
||||
|
@ -55,7 +55,7 @@ def _bar(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/baradd", methods=['POST'])
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _baradd(**kwargs):
|
||||
""" Function for Baruser to add amount
|
||||
|
||||
|
@ -84,7 +84,7 @@ def _baradd(**kwargs):
|
|||
else:
|
||||
type = 'amount'
|
||||
dic = user.toJSON()
|
||||
dic['amount'] = abs(all)
|
||||
dic['amount'] = all
|
||||
dic['type'] = type
|
||||
debug.debug("return {{ {} }}".format(dic))
|
||||
creditL.info("{} Baruser {} {} fügt {} {} {} € Schulden hinzu.".format(
|
||||
|
@ -96,7 +96,7 @@ def _baradd(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/barGetUsers")
|
||||
@login_required(groups=[BAR, MONEY])
|
||||
@login_required(groups=[BAR, MONEY], bar=True)
|
||||
def _getUsers(**kwargs):
|
||||
""" Get Users without amount
|
||||
|
||||
|
@ -118,7 +118,7 @@ def _getUsers(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/bar/storno", methods=['POST'])
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _storno(**kwargs):
|
||||
""" Function for Baruser to storno amount
|
||||
|
||||
|
@ -147,7 +147,7 @@ def _storno(**kwargs):
|
|||
else:
|
||||
type = 'amount'
|
||||
dic = user.toJSON()
|
||||
dic['amount'] = abs(all)
|
||||
dic['amount'] = all
|
||||
dic['type'] = type
|
||||
debug.debug("return {{ {} }}".format(dic))
|
||||
creditL.info("{} Baruser {} {} storniert {} € von {} {}".format(
|
||||
|
@ -159,7 +159,7 @@ def _storno(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/barGetUser", methods=['POST'])
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _getUser(**kwargs):
|
||||
debug.info("/barGetUser")
|
||||
try:
|
||||
|
@ -183,7 +183,7 @@ def _getUser(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/search", methods=['GET'])
|
||||
@login_required(groups=[BAR, MONEY, USER, VORSTAND])
|
||||
@login_required(groups=[BAR, MONEY, USER, VORSTAND], bar=True)
|
||||
def _search(**kwargs):
|
||||
debug.info("/search")
|
||||
try:
|
||||
|
@ -197,3 +197,15 @@ def _search(**kwargs):
|
|||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
@baruser.route("/bar/lock", methods=['GET', 'POST'])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _lockbar(**kwargs):
|
||||
|
||||
debug.info('/bar/lock')
|
||||
accToken = kwargs['accToken']
|
||||
if request.method == "POST":
|
||||
data = request.get_json()
|
||||
accToken.lock_bar = data['value']
|
||||
debug.debug('return {{ "value": {} }}'.format(accToken.lock_bar))
|
||||
return jsonify({'value': accToken.lock_bar})
|
||||
|
|
|
@ -68,11 +68,10 @@ class LDAPController(metaclass=Singleton):
|
|||
try:
|
||||
retVal = []
|
||||
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['gidNumber'])
|
||||
response = self.ldap.connection.response
|
||||
main_group_number = self.ldap.connection.response[0]['attributes']['gidNumber']
|
||||
debug.debug("main group number is {{ {} }}".format(main_group_number))
|
||||
if main_group_number:
|
||||
group_data = self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn'])
|
||||
self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn'])
|
||||
group_name = self.ldap.connection.response[0]['attributes']['cn'][0]
|
||||
debug.debug("group name is {{ {} }}".format(group_name))
|
||||
if group_name == 'ldap-user':
|
||||
|
|
|
@ -11,10 +11,12 @@ from geruecht.logger import getDebugLogger
|
|||
|
||||
db = dc.DatabaseController()
|
||||
ldap = lc.LDAPController()
|
||||
emailController = ec.EmailController(mailConfig['URL'], mailConfig['user'], mailConfig['passwd'], mailConfig['crypt'], mailConfig['port'], mailConfig['email'])
|
||||
emailController = ec.EmailController(
|
||||
mailConfig['URL'], mailConfig['user'], mailConfig['passwd'], mailConfig['crypt'], mailConfig['port'], mailConfig['email'])
|
||||
|
||||
debug = getDebugLogger()
|
||||
|
||||
|
||||
class UserController(metaclass=Singleton):
|
||||
|
||||
def __init__(self):
|
||||
|
@ -36,7 +38,8 @@ class UserController(metaclass=Singleton):
|
|||
def setStatus(self, name):
|
||||
debug.info("set status of user {{ {} }}".format(name))
|
||||
retVal = db.setStatus(name)
|
||||
debug.debug("settet status of user {{ {} }} is {{ {} }}".format(name, retVal))
|
||||
debug.debug(
|
||||
"settet status of user {{ {} }} is {{ {} }}".format(name, retVal))
|
||||
return retVal
|
||||
|
||||
def deleteStatus(self, status):
|
||||
|
@ -50,15 +53,19 @@ class UserController(metaclass=Singleton):
|
|||
return retVal
|
||||
|
||||
def updateStatusOfUser(self, username, status):
|
||||
debug.info("update status {{ {} }} of user {{ {} }}".format(status, username))
|
||||
debug.info("update status {{ {} }} of user {{ {} }}".format(
|
||||
status, username))
|
||||
retVal = db.updateStatusOfUser(username, status)
|
||||
debug.debug("updatet status of user {{ {} }} is {{ {} }}".format(username, retVal))
|
||||
debug.debug(
|
||||
"updatet status of user {{ {} }} is {{ {} }}".format(username, retVal))
|
||||
return retVal
|
||||
|
||||
def updateVotingOfUser(self, username, voting):
|
||||
debug.info("update voting {{ {} }} of user {{ {} }}".format(voting, username))
|
||||
debug.info("update voting {{ {} }} of user {{ {} }}".format(
|
||||
voting, username))
|
||||
retVal = db.updateVotingOfUser(username, voting)
|
||||
debug.debug("updatet voting of user {{ {} }} is {{ {} }}".format(username, retVal))
|
||||
debug.debug(
|
||||
"updatet voting of user {{ {} }} is {{ {} }}".format(username, retVal))
|
||||
return retVal
|
||||
|
||||
def deleteDrinkType(self, type):
|
||||
|
@ -106,49 +113,61 @@ class UserController(metaclass=Singleton):
|
|||
return list
|
||||
|
||||
def setTransactJob(self, from_user, to_user, date):
|
||||
debug.info("set transact job from {{ {} }} to {{ {} }} on {{ {} }}".format(from_user, to_user, date))
|
||||
debug.info("set transact job from {{ {} }} to {{ {} }} on {{ {} }}".format(
|
||||
from_user, to_user, date))
|
||||
jobtransact = db.setTransactJob(from_user, to_user, date.date())
|
||||
debug.debug("transact job is {{ {} }}".format(jobtransact))
|
||||
debug.info("send mail with transact job to user")
|
||||
emailController.sendMail(jobtransact['to_user'], 'jobtransact', jobtransact)
|
||||
emailController.sendMail(
|
||||
jobtransact['to_user'], 'jobtransact', jobtransact)
|
||||
return jobtransact
|
||||
|
||||
def getTransactJobFromUser(self, user, date):
|
||||
debug.info("get transact job from user {{ {} }} on {{ {} }}".format(user, date))
|
||||
debug.info(
|
||||
"get transact job from user {{ {} }} on {{ {} }}".format(user, date))
|
||||
retVal = db.getTransactJobFromUser(user, date.date())
|
||||
debug.debug("transact job from user {{ {} }} is {{ {} }}".format(user, retVal))
|
||||
debug.debug(
|
||||
"transact job from user {{ {} }} is {{ {} }}".format(user, retVal))
|
||||
return retVal
|
||||
|
||||
def getAllTransactJobFromUser(self, user, date):
|
||||
debug.info("get all transact job from user {{ {} }} start on {{ {} }}".format(user, date))
|
||||
debug.info(
|
||||
"get all transact job from user {{ {} }} start on {{ {} }}".format(user, date))
|
||||
retVal = db.getAllTransactJobFromUser(user, date.date())
|
||||
debug.debug("all transact job are {{ {} }}".format(retVal))
|
||||
return retVal
|
||||
|
||||
def getAllTransactJobToUser(self, user, date):
|
||||
debug.info("get all transact job from to_user {{ {} }} start on {{ {} }}".format(user, date))
|
||||
debug.info(
|
||||
"get all transact job from to_user {{ {} }} start on {{ {} }}".format(user, date))
|
||||
retVal = db.getAllTransactJobToUser(user, date.date())
|
||||
debug.debug("all transact job are {{ {} }}".format(retVal))
|
||||
return retVal
|
||||
|
||||
def getTransactJob(self, from_user, to_user, date):
|
||||
debug.info("get transact job from user {{ {} }} to user {{ {} }} on {{ {} }}".format(from_user, to_user, date))
|
||||
debug.info("get transact job from user {{ {} }} to user {{ {} }} on {{ {} }}".format(
|
||||
from_user, to_user, date))
|
||||
retVal = db.getTransactJob(from_user, to_user, date.date())
|
||||
debug.debug("transact job is {{ {} }}".format(retVal))
|
||||
return retVal
|
||||
|
||||
def deleteTransactJob(self, from_user, to_user, date):
|
||||
debug.info("delete transact job from user {{ {} }} to user {{ {} }} on {{ {} }}".format(from_user, to_user, date))
|
||||
debug.info("delete transact job from user {{ {} }} to user {{ {} }} on {{ {} }}".format(
|
||||
from_user, to_user, date))
|
||||
transactJob = self.getTransactJob(from_user, to_user, date)
|
||||
debug.debug("transact job is {{ {} }}".format(transactJob))
|
||||
if transactJob['answerd']:
|
||||
debug.warning("transactjob {{ {} }} can not delete because is answerd")
|
||||
raise TansactJobIsAnswerdException("TransactJob is already answerd")
|
||||
debug.warning(
|
||||
"transactjob {{ {} }} can not delete because is answerd")
|
||||
raise TansactJobIsAnswerdException(
|
||||
"TransactJob is already answerd")
|
||||
db.deleteTransactJob(from_user, to_user, date.date())
|
||||
|
||||
def answerdTransactJob(self, from_user, to_user, date, answer):
|
||||
debug.info("answer transact job from user {{ {} }} to user {{ {} }} on {{ {} }} with answer {{ {} }}".format(from_user, to_user, date, answer))
|
||||
transactJob = db.updateTransactJob(from_user, to_user, date.date(), answer)
|
||||
debug.info("answer transact job from user {{ {} }} to user {{ {} }} on {{ {} }} with answer {{ {} }}".format(
|
||||
from_user, to_user, date, answer))
|
||||
transactJob = db.updateTransactJob(
|
||||
from_user, to_user, date.date(), answer)
|
||||
debug.debug("transactjob is {{ {} }}".format(transactJob))
|
||||
if answer:
|
||||
debug.info("add worker on date {{ {} }}".format(date))
|
||||
|
@ -156,11 +175,26 @@ class UserController(metaclass=Singleton):
|
|||
return transactJob
|
||||
|
||||
def setLockedDay(self, date, locked, hard=False):
|
||||
debug.info("set day locked on {{ {} }} with state {{ {} }}".format(date, locked))
|
||||
debug.info(
|
||||
"set day locked on {{ {} }} with state {{ {} }}".format(date, locked))
|
||||
retVal = db.setLockedDay(date.date(), locked, hard)
|
||||
debug.debug("seted day locked is {{ {} }}".format(retVal))
|
||||
return retVal
|
||||
|
||||
def getLockedDays(self, from_date, to_date):
|
||||
debug.info("get locked days from {{ {} }} to {{ {} }}".format(
|
||||
from_date.date(), to_date.date()))
|
||||
oneDay = timedelta(1)
|
||||
delta = to_date.date() - from_date.date()
|
||||
retVal = []
|
||||
startdate = from_date - oneDay
|
||||
for _ in range(delta.days + 1):
|
||||
startdate += oneDay
|
||||
lockday = self.getLockedDay(startdate)
|
||||
retVal.append(lockday)
|
||||
debug.debug("lock days are {{ {} }}".format(retVal))
|
||||
return retVal
|
||||
|
||||
def getLockedDay(self, date):
|
||||
debug.info("get locked day on {{ {} }}".format(date))
|
||||
now = datetime.now()
|
||||
|
@ -173,33 +207,37 @@ class UserController(metaclass=Singleton):
|
|||
oldMonth = True
|
||||
break
|
||||
debug.debug("oldMonth is {{ {} }}".format(oldMonth))
|
||||
lockedYear = date.year
|
||||
lockedMonth = date.month if date.month < now.month else now.month - 1 if oldMonth else now.month
|
||||
daysInMonth = calendar.monthrange(lockedYear, lockedMonth)[1]
|
||||
startDay = 1
|
||||
debug.debug("calculate start day of month")
|
||||
lockedYear = now.year
|
||||
lockedMonth = now.month if now.month < now.month else now.month - \
|
||||
1 if oldMonth else now.month
|
||||
endDay = 1
|
||||
debug.debug("calculate end day of month")
|
||||
lockedYear = lockedYear if lockedMonth != 12 else (lockedYear + 1)
|
||||
lockedMonth = (lockedMonth + 1) if lockedMonth != 12 else 1
|
||||
for i in range(1, 8):
|
||||
if datetime(lockedYear, lockedMonth, i).weekday() == 2:
|
||||
startDay = i
|
||||
break
|
||||
debug.debug("start day of month is {{ {} }}".format(startDay))
|
||||
debug.debug("check if date should be locked")
|
||||
if lockedYear <= now.year and lockedMonth <= now.month:
|
||||
for i in range(startDay, daysInMonth + 1):
|
||||
debug.debug("lock day {{ {} }}".format(datetime(lockedYear, lockedMonth, i)))
|
||||
self.setLockedDay(datetime(lockedYear, lockedMonth, i), True)
|
||||
for i in range(1, 8):
|
||||
nextMonth = datetime(lockedYear, lockedMonth + 1, i)
|
||||
nextMonth = datetime(lockedYear, lockedMonth, i)
|
||||
if nextMonth.weekday() == 2:
|
||||
endDay = i
|
||||
break
|
||||
debug.debug("lock day {{ {} }}".format(datetime(lockedYear, lockedMonth, i)))
|
||||
self.setLockedDay(nextMonth, True)
|
||||
|
||||
monthLockedEndDate = datetime(
|
||||
lockedYear, lockedMonth, endDay) - timedelta(1)
|
||||
debug.debug("get lock day from database")
|
||||
retVal = db.getLockedDay(date.date())
|
||||
if not retVal:
|
||||
debug.debug(
|
||||
"lock day not exists, retVal is {{ {} }}".format(retVal))
|
||||
if date.date() <= monthLockedEndDate.date():
|
||||
debug.debug("lock day {{ {} }}".format(date.date()))
|
||||
self.setLockedDay(date, True)
|
||||
retVal = db.getLockedDay(date.date())
|
||||
else:
|
||||
retVal = {"daydate": date.date(), "locked": False}
|
||||
debug.debug("locked day is {{ {} }}".format(retVal))
|
||||
return retVal
|
||||
|
||||
def getWorker(self, date, username=None):
|
||||
debug.info("get worker on {{ {} }}".format(username, date))
|
||||
debug.info("get worker {{ {} }} on {{ {} }}".format(username, date))
|
||||
if (username):
|
||||
user = self.getUser(username)
|
||||
debug.debug("user is {{ {} }}".format(user))
|
||||
|
@ -230,7 +268,8 @@ class UserController(metaclass=Singleton):
|
|||
return retVal
|
||||
|
||||
def deleteWorker(self, username, date, userExc=False):
|
||||
debug.info("delete worker {{ {} }} on date {{ {} }}".format(username, date))
|
||||
debug.info(
|
||||
"delete worker {{ {} }} on date {{ {} }}".format(username, date))
|
||||
user = self.getUser(username)
|
||||
debug.debug("user is {{ {} }}".format(user))
|
||||
if userExc:
|
||||
|
@ -238,9 +277,11 @@ class UserController(metaclass=Singleton):
|
|||
lockedDay = self.getLockedDay(date)
|
||||
if lockedDay:
|
||||
if lockedDay['locked']:
|
||||
debug.debug("day is locked, check if accepted transact job exists")
|
||||
debug.debug(
|
||||
"day is locked, check if accepted transact job exists")
|
||||
transactJobs = self.getTransactJobFromUser(user, date)
|
||||
debug.debug("transact job is {{ {} }}".format(transactJobs))
|
||||
debug.debug(
|
||||
"transact job is {{ {} }}".format(transactJobs))
|
||||
found = False
|
||||
for job in transactJobs:
|
||||
if job['accepted'] and job['answerd']:
|
||||
|
@ -249,11 +290,13 @@ class UserController(metaclass=Singleton):
|
|||
break
|
||||
if not found:
|
||||
debug.debug("no accepted transact job found")
|
||||
raise DayLocked("Day is locked. You can't delete the Job")
|
||||
raise DayLocked(
|
||||
"Day is locked. You can't delete the Job")
|
||||
db.deleteWorker(user, date)
|
||||
|
||||
def lockUser(self, username, locked):
|
||||
debug.info("lock user {{ {} }} for credit with status {{ {} }}".format(username, locked))
|
||||
debug.info("lock user {{ {} }} for credit with status {{ {} }}".format(
|
||||
username, locked))
|
||||
user = self.getUser(username)
|
||||
debug.debug("user is {{ {} }}".format(user))
|
||||
user.updateData({'locked': locked})
|
||||
|
@ -263,7 +306,8 @@ class UserController(metaclass=Singleton):
|
|||
return retVal
|
||||
|
||||
def updateConfig(self, username, data):
|
||||
debug.info("update config of user {{ {} }} with config {{ {} }}".format(username, data))
|
||||
debug.info(
|
||||
"update config of user {{ {} }} with config {{ {} }}".format(username, data))
|
||||
user = self.getUser(username)
|
||||
debug.debug("user is {{ {} }}".format(user))
|
||||
user.updateData(data)
|
||||
|
@ -290,26 +334,30 @@ class UserController(metaclass=Singleton):
|
|||
credit = user.getGeruecht(year=datetime.now().year).getSchulden()
|
||||
limit = -1*user.limit
|
||||
if credit <= limit:
|
||||
debug.debug("credit {{ {} }} is more than user limit {{ {} }}".format(credit, limit))
|
||||
debug.debug(
|
||||
"credit {{ {} }} is more than user limit {{ {} }}".format(credit, limit))
|
||||
debug.debug("lock user")
|
||||
user.updateData({'locked': True})
|
||||
debug.debug("send mail to user")
|
||||
emailController.sendMail(user)
|
||||
else:
|
||||
debug.debug("cretid {{ {} }} is less than user limit {{ {} }}".format(credit, limit))
|
||||
debug.debug(
|
||||
"cretid {{ {} }} is less than user limit {{ {} }}".format(credit, limit))
|
||||
debug.debug("unlock user")
|
||||
user.updateData({'locked': False})
|
||||
db.updateUser(user)
|
||||
|
||||
def addAmount(self, username, amount, year, month, finanzer=False):
|
||||
debug.info("add amount {{ {} }} to user {{ {} }} no month {{ {} }}, year {{ {} }}".format(amount, username, month, year))
|
||||
debug.info("add amount {{ {} }} to user {{ {} }} no month {{ {} }}, year {{ {} }}".format(
|
||||
amount, username, month, year))
|
||||
user = self.getUser(username)
|
||||
debug.debug("user is {{ {} }}".format(user))
|
||||
if user.uid == 'extern':
|
||||
debug.debug("user is extern user, so exit add amount")
|
||||
return
|
||||
if not user.locked or finanzer:
|
||||
debug.debug("user is not locked {{ {} }} or is finanzer execution {{ {} }}".format(user.locked, finanzer))
|
||||
debug.debug("user is not locked {{ {} }} or is finanzer execution {{ {} }}".format(
|
||||
user.locked, finanzer))
|
||||
user.addAmount(amount, year=year, month=month)
|
||||
creditLists = user.updateGeruecht()
|
||||
debug.debug("creditList is {{ {} }}".format(creditLists))
|
||||
|
@ -323,7 +371,8 @@ class UserController(metaclass=Singleton):
|
|||
return retVal
|
||||
|
||||
def addCredit(self, username, credit, year, month):
|
||||
debug.info("add credit {{ {} }} to user {{ {} }} on month {{ {} }}, year {{ {} }}".format(credit, username, month, year))
|
||||
debug.info("add credit {{ {} }} to user {{ {} }} on month {{ {} }}, year {{ {} }}".format(
|
||||
credit, username, month, year))
|
||||
user = self.getUser(username)
|
||||
debug.debug("user is {{ {} }}".format(user))
|
||||
if user.uid == 'extern':
|
||||
|
@ -362,18 +411,19 @@ class UserController(metaclass=Singleton):
|
|||
date = datetime.now()
|
||||
zero = date.replace(hour=0, minute=0, second=0, microsecond=0)
|
||||
end = zero + timedelta(hours=12)
|
||||
startdatetime = date.replace(hour=12, minute=0, second=0, microsecond=0)
|
||||
startdatetime = date.replace(
|
||||
hour=12, minute=0, second=0, microsecond=0)
|
||||
if date > zero and end > date:
|
||||
startdatetime = startdatetime - timedelta(days=1)
|
||||
enddatetime = startdatetime + timedelta(days=1)
|
||||
debug.debug("startdatetime is {{ {} }} and enddatetime is {{ {} }}".format(startdatetime, end))
|
||||
debug.debug("startdatetime is {{ {} }} and enddatetime is {{ {} }}".format(
|
||||
startdatetime, end))
|
||||
result = False
|
||||
if date >= startdatetime and date < enddatetime:
|
||||
result = db.getWorker(user, startdatetime)
|
||||
debug.debug("worker is {{ {} }}".format(result))
|
||||
return True if result else False
|
||||
|
||||
|
||||
def getUser(self, username):
|
||||
debug.info("get user {{ {} }}".format(username))
|
||||
user = db.getUser(username)
|
||||
|
@ -428,7 +478,8 @@ class UserController(metaclass=Singleton):
|
|||
return retVal
|
||||
|
||||
def modifyUser(self, user, ldap_conn, attributes):
|
||||
debug.info("modify user {{ {} }} with attributes {{ {} }} with ldap_conn {{ {} }}".format(user, attributes, ldap_conn))
|
||||
debug.info("modify user {{ {} }} with attributes {{ {} }} with ldap_conn {{ {} }}".format(
|
||||
user, attributes, ldap_conn))
|
||||
try:
|
||||
if 'username' in attributes:
|
||||
debug.debug("change username, so change first in database")
|
||||
|
@ -443,7 +494,8 @@ class UserController(metaclass=Singleton):
|
|||
debug.debug("user is {{ {} }}".format(retVal))
|
||||
return retVal
|
||||
except UsernameExistLDAP as err:
|
||||
debug.debug("username exists on ldap, rechange username on database", exc_info=True)
|
||||
debug.debug(
|
||||
"username exists on ldap, rechange username on database", exc_info=True)
|
||||
db.changeUsername(user, user.uid)
|
||||
raise Exception(err)
|
||||
except LDAPExcetpion as err:
|
||||
|
@ -453,6 +505,10 @@ class UserController(metaclass=Singleton):
|
|||
except Exception as err:
|
||||
raise Exception(err)
|
||||
|
||||
def validateUser(self, username, password):
|
||||
debug.info("validate user {{ {} }}".format(username))
|
||||
ldap.login(username, password)
|
||||
|
||||
def loginUser(self, username, password):
|
||||
debug.info("login user {{ {} }}".format(username))
|
||||
try:
|
||||
|
|
|
@ -5,12 +5,15 @@ DEBUG = getDebugLogger()
|
|||
|
||||
def login_required(**kwargs):
|
||||
import geruecht.controller.accesTokenController as ac
|
||||
from geruecht.model import BAR, USER, MONEY, GASTRO
|
||||
from geruecht.model import BAR, USER, MONEY, GASTRO, VORSTAND, EXTERN
|
||||
from flask import request, jsonify
|
||||
accessController = ac.AccesTokenController()
|
||||
groups = [USER, BAR, GASTRO, MONEY]
|
||||
groups = [USER, BAR, GASTRO, MONEY, VORSTAND, EXTERN]
|
||||
bar = False
|
||||
if "groups" in kwargs:
|
||||
groups = kwargs["groups"]
|
||||
if "bar" in kwargs:
|
||||
bar = kwargs["bar"]
|
||||
DEBUG.debug("groups are {{ {} }}".format(groups))
|
||||
|
||||
def real_decorator(func):
|
||||
|
@ -23,6 +26,9 @@ def login_required(**kwargs):
|
|||
kwargs['accToken'] = accToken
|
||||
if accToken:
|
||||
DEBUG.debug("token {{ {} }} is valid".format(token))
|
||||
if accToken.lock_bar and not bar:
|
||||
return jsonify({"error": "error",
|
||||
"message": "permission forbidden"}), 403
|
||||
return func(*args, **kwargs)
|
||||
else:
|
||||
DEBUG.warning("token {{ {} }} is not valid".format(token))
|
||||
|
|
|
@ -33,6 +33,7 @@ class AccessToken():
|
|||
self.lifetime = lifetime
|
||||
self.token = token
|
||||
self.ldap_conn = ldap_conn
|
||||
self.lock_bar = False
|
||||
debug.debug("accesstoken is {{ {} }}".format(self))
|
||||
|
||||
def updateTimestamp(self):
|
||||
|
|
|
@ -12,6 +12,19 @@ userController = uc.UserController()
|
|||
|
||||
debug = getDebugLogger()
|
||||
|
||||
@app.route("/valid", methods=['POST'])
|
||||
@login_required(bar=True)
|
||||
def _valid(**kwargs):
|
||||
debug.info('/valid')
|
||||
try:
|
||||
accToken = kwargs['accToken']
|
||||
data = request.get_json()
|
||||
userController.validateUser(accToken.user.uid, data['password'])
|
||||
debug.debug('return {{ "ok": "ok" }}')
|
||||
return jsonify({"ok": "ok"})
|
||||
except Exception as err:
|
||||
debug.warning("exception in valide.", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
@app.route("/pricelist", methods=['GET'])
|
||||
def _getPricelist():
|
||||
|
@ -38,7 +51,7 @@ def getTypes():
|
|||
|
||||
|
||||
@app.route('/getAllStatus', methods=['GET'])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
|
||||
def _getAllStatus(**kwargs):
|
||||
try:
|
||||
debug.info("get all status for users")
|
||||
|
@ -51,7 +64,7 @@ def _getAllStatus(**kwargs):
|
|||
|
||||
|
||||
@app.route('/getStatus', methods=['POST'])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
|
||||
def _getStatus(**kwargs):
|
||||
try:
|
||||
debug.info("get status from user")
|
||||
|
@ -68,7 +81,7 @@ def _getStatus(**kwargs):
|
|||
|
||||
|
||||
@app.route('/getUsers', methods=['GET'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND], bar=True)
|
||||
def _getUsers(**kwargs):
|
||||
try:
|
||||
debug.info("get all users from database")
|
||||
|
@ -84,7 +97,7 @@ def _getUsers(**kwargs):
|
|||
|
||||
|
||||
@app.route("/getLifeTime", methods=['GET'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
||||
def _getLifeTime(**kwargs):
|
||||
try:
|
||||
debug.info("get lifetime of accesstoken")
|
||||
|
@ -101,7 +114,7 @@ def _getLifeTime(**kwargs):
|
|||
|
||||
|
||||
@app.route("/saveLifeTime", methods=['POST'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
||||
def _saveLifeTime(**kwargs):
|
||||
try:
|
||||
debug.info("save lifetime for accessToken")
|
||||
|
@ -127,7 +140,7 @@ def _saveLifeTime(**kwargs):
|
|||
|
||||
|
||||
@app.route("/logout", methods=['GET'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
||||
def _logout(**kwargs):
|
||||
try:
|
||||
debug.info("logout user")
|
||||
|
|
|
@ -2,7 +2,7 @@ from flask import Blueprint, request, jsonify
|
|||
from geruecht.decorator import login_required
|
||||
import geruecht.controller.userController as uc
|
||||
from geruecht.model import USER
|
||||
from datetime import datetime
|
||||
from datetime import datetime, time
|
||||
from geruecht.exceptions import DayLocked
|
||||
from geruecht.logger import getDebugLogger, getCreditLogger, getJobsLogger
|
||||
|
||||
|
@ -14,6 +14,7 @@ debug = getDebugLogger()
|
|||
creditL = getCreditLogger()
|
||||
jobL = getJobsLogger()
|
||||
|
||||
|
||||
@user.route("/user/main")
|
||||
@login_required(groups=[USER])
|
||||
def _main(**kwargs):
|
||||
|
@ -23,13 +24,15 @@ def _main(**kwargs):
|
|||
accToken = kwargs['accToken']
|
||||
accToken.user = userController.getUser(accToken.user.uid)
|
||||
retVal = accToken.user.toJSON()
|
||||
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||
retVal['creditList'] = {credit.year: credit.toJSON()
|
||||
for credit in accToken.user.geruechte}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
return jsonify(retVal)
|
||||
except Exception:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify("error", "something went wrong"), 500
|
||||
|
||||
|
||||
@user.route("/user/addAmount", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _addAmount(**kwargs):
|
||||
|
@ -40,17 +43,21 @@ def _addAmount(**kwargs):
|
|||
data = request.get_json()
|
||||
amount = int(data['amount'])
|
||||
date = datetime.now()
|
||||
userController.addAmount(accToken.user.uid, amount, year=date.year, month=date.month)
|
||||
userController.addAmount(
|
||||
accToken.user.uid, amount, year=date.year, month=date.month)
|
||||
accToken.user = userController.getUser(accToken.user.uid)
|
||||
retVal = accToken.user.toJSON()
|
||||
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||
retVal['creditList'] = {credit.year: credit.toJSON()
|
||||
for credit in accToken.user.geruechte}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format(date, accToken.user.firstname, accToken.user.lastname, amount/100))
|
||||
creditL.info("{} {} {} fügt sich selbst {} € Schulden hinzu".format(
|
||||
date, accToken.user.firstname, accToken.user.lastname, amount/100))
|
||||
return jsonify(retVal)
|
||||
except Exception:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": "something went wrong"}), 500
|
||||
|
||||
|
||||
@user.route("/user/saveConfig", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _saveConfig(**kwargs):
|
||||
|
@ -59,15 +66,53 @@ def _saveConfig(**kwargs):
|
|||
if 'accToken' in kwargs:
|
||||
accToken = kwargs['accToken']
|
||||
data = request.get_json()
|
||||
accToken.user = userController.modifyUser(accToken.user, accToken.ldap_conn, data)
|
||||
accToken.user = userController.modifyUser(
|
||||
accToken.user, accToken.ldap_conn, data)
|
||||
retVal = accToken.user.toJSON()
|
||||
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||
retVal['creditList'] = {credit.year: credit.toJSON()
|
||||
for credit in accToken.user.geruechte}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/jobs", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _getUsers(**kwrags):
|
||||
debug.info("/user/jobs")
|
||||
try:
|
||||
data = request.get_json()
|
||||
from_date = data['from_date']
|
||||
to_date = data['to_date']
|
||||
from_date = datetime(
|
||||
from_date['year'], from_date['month'], from_date['day'])
|
||||
to_date = datetime(to_date['year'], to_date['month'], to_date['day'])
|
||||
lockedDays = userController.getLockedDays(from_date, to_date)
|
||||
retVal = []
|
||||
for lockedDay in lockedDays:
|
||||
day = datetime.combine(lockedDay['daydate'], time(12))
|
||||
retDay = {
|
||||
"worker": userController.getWorker(day),
|
||||
"day": {
|
||||
"date": {
|
||||
"year": day.year,
|
||||
"month": day.month,
|
||||
"day": day.day
|
||||
},
|
||||
"locked": lockedDay['locked']
|
||||
}
|
||||
}
|
||||
retVal.append(retDay)
|
||||
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
|
||||
@user.route("/user/job", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _getUser(**kwargs):
|
||||
|
@ -107,6 +152,7 @@ def _getUser(**kwargs):
|
|||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
|
||||
@user.route("/user/addJob", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _addUser(**kwargs):
|
||||
|
@ -122,7 +168,8 @@ def _addUser(**kwargs):
|
|||
date = datetime(year, month, day, 12)
|
||||
retVal = userController.addWorker(user.uid, date, userExc=True)
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format(user.firstname, user.lastname, date.date()))
|
||||
jobL.info("Mitglied {} {} schreib sich am {} zum Dienst ein.".format(
|
||||
user.firstname, user.lastname, date.date()))
|
||||
return jsonify(retVal)
|
||||
except DayLocked as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
|
@ -131,6 +178,7 @@ def _addUser(**kwargs):
|
|||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({'error': str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/deleteJob", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _deletJob(**kwargs):
|
||||
|
@ -146,7 +194,8 @@ def _deletJob(**kwargs):
|
|||
date = datetime(year, month, day, 12)
|
||||
userController.deleteWorker(user.uid, date, True)
|
||||
debug.debug("return ok")
|
||||
jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format(user.firstname, user.lastname, date.date()))
|
||||
jobL.info("Mitglied {} {} entfernt sich am {} aus dem Dienst".format(
|
||||
user.firstname, user.lastname, date.date()))
|
||||
return jsonify({"ok": "ok"})
|
||||
except DayLocked as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
|
@ -155,6 +204,7 @@ def _deletJob(**kwargs):
|
|||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/transactJob", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _transactJob(**kwargs):
|
||||
|
@ -177,12 +227,14 @@ def _transactJob(**kwargs):
|
|||
retVal['to_user'] = retVal['to_user'].toJSON()
|
||||
retVal['date'] = {'year': year, 'month': month, 'day': day}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
jobL.info("Mitglied {} {} sendet Dienstanfrage an Mitglied {} {} am {}".format(from_userl.firstname, from_userl.lastname, to_userl.firstname, to_userl.lastname, date.date()))
|
||||
jobL.info("Mitglied {} {} sendet Dienstanfrage an Mitglied {} {} am {}".format(
|
||||
from_userl.firstname, from_userl.lastname, to_userl.firstname, to_userl.lastname, date.date()))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/answerTransactJob", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _answer(**kwargs):
|
||||
|
@ -199,19 +251,22 @@ def _answer(**kwargs):
|
|||
username = data['username']
|
||||
date = datetime(year, month, day, 12)
|
||||
from_user = userController.getUser(username)
|
||||
retVal = userController.answerdTransactJob(from_user, user, date, answer)
|
||||
retVal = userController.answerdTransactJob(
|
||||
from_user, user, date, answer)
|
||||
from_userl = retVal['from_user']
|
||||
to_userl = retVal['to_user']
|
||||
retVal['from_user'] = retVal['from_user'].toJSON()
|
||||
retVal['to_user'] = retVal['to_user'].toJSON()
|
||||
retVal['date'] = {'year': year, 'month': month, 'day': day}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
jobL.info("Mitglied {} {} beantwortet Dienstanfrage von {} {} am {} mit {}".format(to_userl.firstname, to_userl.lastname, from_userl.firstname, from_userl.lastname, date.date(), 'JA' if answer else 'NEIN'))
|
||||
jobL.info("Mitglied {} {} beantwortet Dienstanfrage von {} {} am {} mit {}".format(to_userl.firstname,
|
||||
to_userl.lastname, from_userl.firstname, from_userl.lastname, date.date(), 'JA' if answer else 'NEIN'))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/jobRequests", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _requests(**kwargs):
|
||||
|
@ -230,13 +285,15 @@ def _requests(**kwargs):
|
|||
data['from_user'] = data['from_user'].toJSON()
|
||||
data['to_user'] = data['to_user'].toJSON()
|
||||
data_date = data['date']
|
||||
data['date'] = {'year': data_date.year, 'month': data_date.month, 'day': data_date.day}
|
||||
data['date'] = {'year': data_date.year,
|
||||
'month': data_date.month, 'day': data_date.day}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/getTransactJobs", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _getTransactJobs(**kwargs):
|
||||
|
@ -255,13 +312,15 @@ def _getTransactJobs(**kwargs):
|
|||
data['from_user'] = data['from_user'].toJSON()
|
||||
data['to_user'] = data['to_user'].toJSON()
|
||||
data_date = data['date']
|
||||
data['date'] = {'year': data_date.year, 'month': data_date.month, 'day': data_date.day}
|
||||
data['date'] = {'year': data_date.year,
|
||||
'month': data_date.month, 'day': data_date.day}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/deleteTransactJob", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _deleteTransactJob(**kwargs):
|
||||
|
@ -279,12 +338,14 @@ def _deleteTransactJob(**kwargs):
|
|||
to_user = userController.getUser(username)
|
||||
userController.deleteTransactJob(from_user, to_user, date)
|
||||
debug.debug("return ok")
|
||||
jobL.info("Mitglied {} {} entfernt Dienstanfrage an {} {} am {}".format(from_user.firstname, from_user.lastname, to_user.firstname, to_user.lastname, date.date()))
|
||||
jobL.info("Mitglied {} {} entfernt Dienstanfrage an {} {} am {}".format(
|
||||
from_user.firstname, from_user.lastname, to_user.firstname, to_user.lastname, date.date()))
|
||||
return jsonify({"ok": "ok"})
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 409
|
||||
|
||||
|
||||
@user.route("/user/storno", methods=['POST'])
|
||||
@login_required(groups=[USER])
|
||||
def _storno(**kwargs):
|
||||
|
@ -306,12 +367,15 @@ def _storno(**kwargs):
|
|||
amount = int(data['amount'])
|
||||
|
||||
date = datetime.now()
|
||||
userController.addCredit(user.uid, amount, year=date.year, month=date.month)
|
||||
userController.addCredit(
|
||||
user.uid, amount, year=date.year, month=date.month)
|
||||
accToken.user = userController.getUser(accToken.user.uid)
|
||||
retVal = accToken.user.toJSON()
|
||||
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||
retVal['creditList'] = {credit.year: credit.toJSON()
|
||||
for credit in accToken.user.geruechte}
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
creditL.info("{} {} {} storniert {} €".format(date, user.firstname, user.lastname, amount/100))
|
||||
creditL.info("{} {} {} storniert {} €".format(
|
||||
date, user.firstname, user.lastname, amount/100))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
from flask import Blueprint, request, jsonify
|
||||
from datetime import datetime
|
||||
from datetime import datetime, time
|
||||
import geruecht.controller.userController as uc
|
||||
import geruecht.controller.ldapController as lc
|
||||
from geruecht.decorator import login_required
|
||||
|
@ -111,6 +111,41 @@ def _addUser(**kwargs):
|
|||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
|
||||
@vorstand.route("/sm/getUsers", methods=['POST'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND])
|
||||
def _getUsers(**kwrags):
|
||||
debug.info("/sm/getUsers")
|
||||
try:
|
||||
data = request.get_json()
|
||||
from_date = data['from_date']
|
||||
to_date = data['to_date']
|
||||
from_date = datetime(
|
||||
from_date['year'], from_date['month'], from_date['day'])
|
||||
to_date = datetime(to_date['year'], to_date['month'], to_date['day'])
|
||||
lockedDays = userController.getLockedDays(from_date, to_date)
|
||||
retVal = []
|
||||
for lockedDay in lockedDays:
|
||||
day = datetime.combine(lockedDay['daydate'], time(12))
|
||||
retDay = {
|
||||
"worker": userController.getWorker(day),
|
||||
"day": {
|
||||
"date": {
|
||||
"year": day.year,
|
||||
"month": day.month,
|
||||
"day": day.day
|
||||
},
|
||||
"locked": lockedDay['locked']
|
||||
}
|
||||
}
|
||||
retVal.append(retDay)
|
||||
|
||||
debug.debug("return {{ {} }}".format(retVal))
|
||||
return jsonify(retVal)
|
||||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
|
||||
@vorstand.route("/sm/getUser", methods=['POST'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND])
|
||||
def _getUser(**kwargs):
|
||||
|
@ -122,16 +157,6 @@ def _getUser(**kwargs):
|
|||
year = data['year']
|
||||
date = datetime(year, month, day, 12)
|
||||
lockedDay = userController.getLockedDay(date)
|
||||
if not lockedDay:
|
||||
lockedDay = {
|
||||
'date': {
|
||||
'year': year,
|
||||
'month': month,
|
||||
'day': day
|
||||
},
|
||||
'locked': False
|
||||
}
|
||||
else:
|
||||
lockedDay = {
|
||||
'date': {
|
||||
'year': year,
|
||||
|
|
Loading…
Reference in New Issue