188 lines
7.4 KiB
Python
188 lines
7.4 KiB
Python
from geruecht import app
|
|
from geruecht.logger import getDebugLogger, getInfoLogger
|
|
from geruecht.decorator import login_required
|
|
from geruecht.exceptions import PermissionDenied
|
|
import geruecht.controller.accesTokenController as ac
|
|
import geruecht.controller.userController as uc
|
|
from geruecht.model import MONEY, BAR, USER, GASTRO, VORSTAND, EXTERN
|
|
from flask import request, jsonify
|
|
|
|
accesTokenController = ac.AccesTokenController()
|
|
userController = uc.UserController()
|
|
|
|
debug = getDebugLogger("MAIN-ROUTE", True)
|
|
info = getInfoLogger("MAIN-ROUTE")
|
|
|
|
def login(user, password):
|
|
return user.login(password)
|
|
|
|
|
|
@app.route("/valid")
|
|
def _valid():
|
|
token = request.headers.get("Token")
|
|
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
|
if accToken:
|
|
return jsonify(accToken.user.toJSON())
|
|
accToken = accesTokenController.validateAccessToken(token, [BAR])
|
|
if accToken:
|
|
return jsonify(accToken.user.toJSON())
|
|
accToken = accesTokenController.validateAccessToken(token, [GASTRO])
|
|
if accToken:
|
|
return jsonify(accToken.user.toJSON())
|
|
accToken = accesTokenController.validateAccessToken(token, [USER])
|
|
if accToken:
|
|
return jsonify(accToken.user.toJSON())
|
|
return jsonify({"error": "permission denied"}), 401
|
|
|
|
@app.route("/pricelist", methods=['GET'])
|
|
def _getPricelist():
|
|
try:
|
|
debug.info("get pricelist")
|
|
retVal = userController.getPricelist()
|
|
debug.info("return pricelist {{}}".format(retVal))
|
|
return jsonify(retVal)
|
|
except Exception as err:
|
|
debug.warning("exception in get pricelist.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route('/drinkTypes', methods=['GET'])
|
|
def getTypes():
|
|
try:
|
|
debug.info("get drinktypes")
|
|
retVal = userController.getAllDrinkTypes()
|
|
debug.info("return drinktypes {{}}".format(retVal))
|
|
return jsonify(retVal)
|
|
except Exception as err:
|
|
debug.warning("exception in get drinktypes.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route('/getAllStatus', methods=['GET'])
|
|
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
|
|
def _getAllStatus(**kwargs):
|
|
try:
|
|
debug.info("get all status for users")
|
|
retVal = userController.getAllStatus()
|
|
debug.info("return all status for users {{}}".format(retVal))
|
|
return jsonify(retVal)
|
|
except Exception as err:
|
|
debug.warning("exception in get all status for users.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route('/getStatus', methods=['POST'])
|
|
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
|
|
def _getStatus(**kwargs):
|
|
try:
|
|
debug.info("get status from user")
|
|
data = request.get_json()
|
|
name = data['name']
|
|
debug.info("get status from user {{}}".format(name))
|
|
retVal = userController.getStatus(name)
|
|
debug.info("return status from user {{}} : {{}}".format(name, retVal))
|
|
return jsonify(retVal)
|
|
except Exception as err:
|
|
debug.warning("exception in get status from user.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route('/getUsers', methods=['GET'])
|
|
@login_required(groups=[MONEY, GASTRO, VORSTAND])
|
|
def _getUsers(**kwargs):
|
|
try:
|
|
debug.info("get all users from database")
|
|
users = userController.getAllUsersfromDB()
|
|
debug.debug("users are {{}}".format(users))
|
|
retVal = [user.toJSON() for user in users]
|
|
debug.info("return all users from database {{}}".format(retVal))
|
|
return jsonify(retVal)
|
|
except Exception as err:
|
|
debug.warning("exception in get all users from database.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route("/getLifeTime", methods=['GET'])
|
|
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
|
def _getLifeTime(**kwargs):
|
|
try:
|
|
debug.info("get lifetime of accesstoken")
|
|
if 'accToken' in kwargs:
|
|
accToken = kwargs['accToken']
|
|
debug.debug("accessToken is {{}}".format(accToken))
|
|
retVal = {"value": accToken.lifetime}
|
|
debug.info("return get lifetime from accesstoken {{}}".format(retVal))
|
|
return jsonify(retVal)
|
|
except Exception as err:
|
|
debug.info("exception in get lifetime of accesstoken.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route("/saveLifeTime", methods=['POST'])
|
|
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
|
def _saveLifeTime(**kwargs):
|
|
try:
|
|
debug.info("save lifetime for accessToken")
|
|
if 'accToken' in kwargs:
|
|
accToken = kwargs['accToken']
|
|
debug.debug("accessToken is {{}}".format(accToken))
|
|
data = request.get_json()
|
|
lifetime = data['value']
|
|
debug.debug("lifetime is {{}}".format(lifetime))
|
|
debug.info("set lifetime {{}} to accesstoken {{}}".format(lifetime, accToken))
|
|
accToken.lifetime = lifetime
|
|
debug.info("update accesstoken timestamp")
|
|
accToken.updateTimestamp()
|
|
retVal = {"value": accToken.lifetime}
|
|
debug.info("return save lifetime for accessToken {{}}".format(retVal))
|
|
return jsonify(retVal)
|
|
except Exception as err:
|
|
debug.warning("exception in save lifetime for accesstoken.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route("/logout", methods=['GET'])
|
|
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
|
def _logout(**kwargs):
|
|
try:
|
|
debug.info("logout user")
|
|
if 'accToken' in kwargs:
|
|
accToken = kwargs['accToken']
|
|
debug.debug("accesstoken is {{}}".format(accToken))
|
|
debug.info("delete accesstoken")
|
|
accesTokenController.deleteAccessToken(accToken)
|
|
debug.info("return ok logout user")
|
|
return jsonify({"ok": "ok"})
|
|
except Exception as err:
|
|
debug.warning("exception in logout user.", exc_info=True)
|
|
return jsonify({"error": str(err)}), 500
|
|
|
|
@app.route("/login", methods=['POST'])
|
|
def _login():
|
|
""" Login User
|
|
|
|
Nothing to say.
|
|
Login in User and create an AccessToken for the User.
|
|
|
|
Returns:
|
|
A JSON-File with createt Token or Errors
|
|
"""
|
|
debug.info("Start log in.")
|
|
data = request.get_json()
|
|
debug.debug("JSON from request: {}".format(data))
|
|
username = data['username']
|
|
password = data['password']
|
|
try:
|
|
debug.info("search {{}} in database".format(username))
|
|
user, ldap_conn = userController.loginUser(username, password)
|
|
debug.debug("user is {{}}".format(user))
|
|
user.password = password
|
|
token = accesTokenController.createAccesToken(user, ldap_conn)
|
|
debug.debug("accesstoken is {{}}".format(token))
|
|
debug.info("validate accesstoken")
|
|
dic = accesTokenController.validateAccessToken(token, [USER, EXTERN]).user.toJSON()
|
|
dic["token"] = token
|
|
dic["accessToken"] = token
|
|
debug.info("User {{}} success login.".format(username))
|
|
debug.info("return login {{}}".format(dic))
|
|
return jsonify(dic)
|
|
except PermissionDenied as err:
|
|
debug.warning("permission denied exception in logout", exc_info=True)
|
|
return jsonify({"error": str(err)}), 401
|
|
except Exception as err:
|
|
debug.warning("exception in logout.", exc_info=True)
|
|
return jsonify({"error": "permission denied"}), 401
|