from flask import Blueprint, request, jsonify import geruecht.controller as gc import geruecht.controller.ldapController as lc import geruecht.controller.accesTokenController as ac import geruecht.controller.userController as uc from datetime import datetime from geruecht.model import BAR, MONEY baruser = Blueprint("baruser", __name__) ldap= lc.LDAPController(gc.ldapConfig['URL'], gc.ldapConfig['dn']) accesTokenController = ac.AccesTokenController() userController = uc.UserController() @baruser.route("/bar") def _bar(): """ Main function for Baruser Returns JSON-file with all Users, who hast amounts in this month. Returns: JSON-File with Users, who has amounts in this month or ERROR 401 Permission Denied """ print(request.headers) token = request.headers.get("Token") print(token) accToken = accesTokenController.validateAccessToken(token, [BAR]) dic = {} if accToken: users = userController.getAllUsersfromDB() for user in users: geruecht = None geruecht = user.getGeruecht(datetime.now().year) if geruecht is not None: month = geruecht.getMonth(datetime.now().month) amount = month[0] - month[1] all = geruecht.getSchulden() if all != 0: if all >= 0: type = 'credit' else: type = 'amount' dic[user.uid] = {"username": user.uid, "firstname": user.firstname, "lastname": user.lastname, "amount": abs(all), "locked": user.locked, "type": type } return jsonify(dic) return jsonify({"error": "permission denied"}), 401 @baruser.route("/baradd", methods=['POST']) def _baradd(): """ Function for Baruser to add amount This function added to the user with the posted userID the posted amount. Returns: JSON-File with userID and the amount or ERROR 401 Permission Denied """ token = request.headers.get("Token") print(token) accToken = accesTokenController.validateAccessToken(token, [BAR]) if accToken: data = request.get_json() userID = data['userId'] amount = int(data['amount']) date = datetime.now() userController.addAmount(userID, amount, year=date.year, month=date.month) user = userController.getUser(userID) geruecht = user.getGeruecht(year=date.year) month = geruecht.getMonth(month=date.month) amount = abs(month[0] - month[1]) all = geruecht.getSchulden() if all >= 0: type = 'credit' else: type = 'amount' dic = user.toJSON() dic['amount'] = abs(all) dic['type'] = type return jsonify(dic) return jsonify({"error", "permission denied"}), 401 @baruser.route("/barGetUsers") def _getUsers(): """ Get Users without amount This Function returns all Users, who hasn't an amount in this month. Returns: JSON-File with Users or ERROR 401 Permission Denied """ token = request.headers.get("Token") print(token) accToken = accesTokenController.validateAccessToken(token, [BAR]) retVal = {} if accToken: retVal = ldap.getAllUser() return jsonify(retVal) return jsonify({"error": "permission denied"}), 401 @baruser.route("/barGetUser", methods=['POST']) def _getUser(): token = request.headers.get("Token") accToken = accesTokenController.validateAccessToken(token, [BAR]) if accToken: data = request.get_json() username = data['userId'] user = userController.getUser(username) amount = user.getGeruecht(datetime.now().year).getSchulden() if amount >= 0: type = 'credit' else: type = 'amount' retVal = user.toJSON() retVal['amount'] = amount retVal['type'] = type return jsonify(retVal) return jsonify("error", "permission denied"), 401 @baruser.route("/search", methods=['POST']) def _search(): token = request.headers.get("Token") print(token) accToken = accesTokenController.validateAccessToken(token, [BAR, MONEY]) if accToken: data = request.get_json() searchString = data['searchString'] retVal = ldap.searchUser(searchString) return jsonify(retVal) return jsonify({"error": "permission denied"}), 401