flaschengeist/geruecht/baruser/routes.py

from flask import Blueprint, request, jsonify
from geruecht import BAR, db, ldapController as ldap
from geruecht.routes import verifyAccessToken
from geruecht.model.user import User
from datetime import datetime

baruser = Blueprint("baruser", __name__)

@baruser.route("/bar")
def _bar():
    """ Main function for Baruser

        Returns JSON-file with all Users, who hast amounts in this month.

        Returns:
            JSON-File with Users, who has amounts in this month
            or ERROR 401 Permission Denied
    """
    print(request.headers)
    token = request.headers.get("Token")
    print(token)
    accToken = verifyAccessToken(token, BAR)

    dic = {}
    if accToken is not None:
        users = db.getAllUser()
        for user in users:
            geruecht = None
            geruecht = user.getGeruecht()
            if geruecht is not None:
                month = geruecht.getMonth(datetime.now().month)
                amount = month[0] - month[1]
                if amount != 0:
                    if amount >= 0:
                        type = 'credit'
                    else:
                        type = 'amount'
                    dic[user.cn] = {"username": user.cn,
                                        "firstname": user.firstname,
                                        "lastname": user.lastname,
                                        "amount": abs(month[0] - month[1]),
                                        "type": type
                                        }
        return jsonify(dic)
    return jsonify({"error": "permission denied"}), 401

@baruser.route("/baradd", methods=['POST'])
def _baradd():
    """ Function for Baruser to add amount

        This function added to the user with the posted userID the posted amount.

        Returns:
            JSON-File with userID and the amount
            or ERROR 401 Permission Denied
    """
    token = request.headers.get("Token")
    print(token)
    accToken = verifyAccessToken(token, BAR)

    if accToken is not None:
        data = request.get_json()
        userID = data['userId']
        amount = int(data['amount'])

        user = db.getUser(userID)
        if user is None:
            groups = ldap.getGroup(userID)
            user_data = ldap.getUserData(userID)
            user_data['group'] = groups
            db.insertUser(user_data)
            user = db.getUser(userID)
        month = user.addAmount(amount)

        amount = abs(month[0] - month[1])

        return jsonify({"userId": user.cn, "amount": amount})
    return jsonify({"error", "permission denied"}), 401

@baruser.route("/barGetUsers")
def _getUsers():
    """ Get Users without amount

        This Function returns all Users, who hasn't an amount in this month.

        Returns:
            JSON-File with Users
            or ERROR 401 Permission Denied
    """
    token = request.headers.get("Token")
    print(token)
    accToken = verifyAccessToken(token, BAR)

    retVal = {}
    if accToken is not None:
        retVal = ldap.getAllUser()
        return jsonify(retVal)
    return jsonify({"error": "permission denied"}), 401

@baruser.route("/search", methods=['POST'])
def _search():
    token = request.headers.get("Token")
    print(token)
    accToken = verifyAccessToken(token, BAR)

    if accToken is not None:
        data = request.get_json()

        searchString = data['searchString']

        retVal = ldap.searchUser(searchString)

        return jsonify(retVal)
    return jsonify({"error": "permission denied"}), 401