flaschengeist/geruecht/baruser/routes.py

from flask import Blueprint, request, jsonify
from geruecht.controller import ldapController as ldap, accesTokenController, userController
from datetime import datetime
from geruecht.model import BAR

baruser = Blueprint("baruser", __name__)

@baruser.route("/bar")
def _bar():
    """ Main function for Baruser

        Returns JSON-file with all Users, who hast amounts in this month.

        Returns:
            JSON-File with Users, who has amounts in this month
            or ERROR 401 Permission Denied
    """
    print(request.headers)
    token = request.headers.get("Token")
    print(token)
    accToken = accesTokenController.validateAccessToken(token, BAR)

    dic = {}
    if accToken:
        users = userController.getAllUsersfromDB()
        for user in users:
            geruecht = None
            geruecht = user.getGeruecht(datetime.now().year)
            if geruecht is not None:
                month = geruecht.getMonth(datetime.now().month)
                amount = month[0] - month[1]
                if amount != 0:
                    if amount >= 0:
                        type = 'credit'
                    else:
                        type = 'amount'
                    dic[user.uid] = {"username": user.uid,
                                        "firstname": user.firstname,
                                        "lastname": user.lastname,
                                        "amount": abs(month[0] - month[1]),
                                        "type": type
                                        }
        return jsonify(dic)
    return jsonify({"error": "permission denied"}), 401

@baruser.route("/baradd", methods=['POST'])
def _baradd():
    """ Function for Baruser to add amount

        This function added to the user with the posted userID the posted amount.

        Returns:
            JSON-File with userID and the amount
            or ERROR 401 Permission Denied
    """
    token = request.headers.get("Token")
    print(token)
    accToken = accesTokenController.validateAccessToken(token, BAR)

    if accToken:
        data = request.get_json()
        userID = data['userId']
        amount = int(data['amount'])

        date = datetime.now()
        userController.addAmount(userID, amount, year=date.year, month=date.month)
        user = userController.getUser(userID)
        month = user.getGeruecht(year=date.year).getMonth(month=date.month)
        amount = abs(month[0] - month[1])

        return jsonify({"userId": user.uid, "amount": amount})
    return jsonify({"error", "permission denied"}), 401

@baruser.route("/barGetUsers")
def _getUsers():
    """ Get Users without amount

        This Function returns all Users, who hasn't an amount in this month.

        Returns:
            JSON-File with Users
            or ERROR 401 Permission Denied
    """
    token = request.headers.get("Token")
    print(token)
    accToken = accesTokenController.validateAccessToken(token, BAR)

    retVal = {}
    if accToken:
        retVal = ldap.getAllUser()
        return jsonify(retVal)
    return jsonify({"error": "permission denied"}), 401

@baruser.route("/search", methods=['POST'])
def _search():
    token = request.headers.get("Token")
    print(token)
    accToken = accesTokenController.validateAccessToken(token, BAR)

    if accToken:
        data = request.get_json()

        searchString = data['searchString']

        retVal = ldap.searchUser(searchString)

        return jsonify(retVal)
    return jsonify({"error": "permission denied"}), 401