flaschengeist/geruecht/baruser/routes.py

113 lines
3.5 KiB
Python

from flask import Blueprint, request, jsonify
from geruecht import BAR, db, ldapController as ldap, accesTokenController
from datetime import datetime
baruser = Blueprint("baruser", __name__)
@baruser.route("/bar")
def _bar():
""" Main function for Baruser
Returns JSON-file with all Users, who hast amounts in this month.
Returns:
JSON-File with Users, who has amounts in this month
or ERROR 401 Permission Denied
"""
print(request.headers)
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
dic = {}
if accToken:
users = db.getAllUser()
for user in users:
geruecht = None
geruecht = user.getGeruecht()
if geruecht is not None:
month = geruecht.getMonth(datetime.now().month)
amount = month[0] - month[1]
if amount != 0:
if amount >= 0:
type = 'credit'
else:
type = 'amount'
dic[user.cn] = {"username": user.cn,
"firstname": user.firstname,
"lastname": user.lastname,
"amount": abs(month[0] - month[1]),
"type": type
}
return jsonify(dic)
return jsonify({"error": "permission denied"}), 401
@baruser.route("/baradd", methods=['POST'])
def _baradd():
""" Function for Baruser to add amount
This function added to the user with the posted userID the posted amount.
Returns:
JSON-File with userID and the amount
or ERROR 401 Permission Denied
"""
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
userID = data['userId']
amount = int(data['amount'])
user = db.getUser(userID)
if user is None:
groups = ldap.getGroup(userID)
user_data = ldap.getUserData(userID)
user_data['group'] = groups
db.insertUser(user_data)
user = db.getUser(userID)
month = user.addAmount(amount)
amount = abs(month[0] - month[1])
return jsonify({"userId": user.cn, "amount": amount})
return jsonify({"error", "permission denied"}), 401
@baruser.route("/barGetUsers")
def _getUsers():
""" Get Users without amount
This Function returns all Users, who hasn't an amount in this month.
Returns:
JSON-File with Users
or ERROR 401 Permission Denied
"""
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
retVal = {}
if accToken:
retVal = ldap.getAllUser()
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401
@baruser.route("/search", methods=['POST'])
def _search():
token = request.headers.get("Token")
print(token)
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
data = request.get_json()
searchString = data['searchString']
retVal = ldap.searchUser(searchString)
return jsonify(retVal)
return jsonify({"error": "permission denied"}), 401