flaschengeist/geruecht/baruser/routes.py

122 lines
4.0 KiB
Python

from flask import Blueprint, request, jsonify
from geruecht.controller import ldapController as ldap, accesTokenController, userController
from datetime import datetime
from geruecht.model import BAR, MONEY
baruser = Blueprint("baruser", __name__)
@baruser.route("/bar")
def _bar():
""" Main function for Baruser
Returns JSON-file with all Users, who hast amounts in this month.
Returns:
JSON-File with Users, who has amounts in this month
or ERROR 401 Permission Denied
"""
print(request.headers)
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
dic = {}
if accToken:
users = userController.getAllUsersfromDB()
for user in users:
geruecht = None
geruecht = user.getGeruecht(datetime.now().year)
if geruecht is not None:
month = geruecht.getMonth(datetime.now().month)
amount = month[0] - month[1]
if amount != 0:
if amount >= 0:
type = 'credit'
else:
type = 'amount'
dic[user.uid] = {"username": user.uid,
"firstname": user.firstname,
"lastname": user.lastname,
"amount": abs(month[0] - month[1]),
"locked": user.locked,
"type": type
}
return jsonify(dic)
return jsonify({"error": "permission denied"}), 401
@baruser.route("/baradd", methods=['POST'])
def _baradd():
""" Function for Baruser to add amount
This function added to the user with the posted userID the posted amount.
Returns:
JSON-File with userID and the amount
or ERROR 401 Permission Denied
"""
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
userID = data['userId']
amount = int(data['amount'])
date = datetime.now()
userController.addAmount(userID, amount, year=date.year, month=date.month)
user = userController.getUser(userID)
month = user.getGeruecht(year=date.year).getMonth(month=date.month)
amount = abs(month[0] - month[1])
return jsonify({"userId": user.uid, "amount": amount, 'locked': user.locked})
return jsonify({"error", "permission denied"}), 401
@baruser.route("/barGetUsers")
def _getUsers():
""" Get Users without amount
This Function returns all Users, who hasn't an amount in this month.
Returns:
JSON-File with Users
or ERROR 401 Permission Denied
"""
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
retVal = {}
if accToken:
retVal = ldap.getAllUser()
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401
@baruser.route("/barGetUser", methods=['POST'])
def _getUser():
token = request.headers.get("Token")
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
username = data['userId']
retVal = userController.getUser(username).toJSON()
return jsonify(retVal)
return jsonify("error", "permission denied"), 401
@baruser.route("/search", methods=['POST'])
def _search():
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
accToken2 = accesTokenController.validateAccessToken(token, MONEY)
if accToken or accToken2:
data = request.get_json()
searchString = data['searchString']
retVal = ldap.searchUser(searchString)
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401