Beispiel #1
0
    def post(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('group_name', required=True)
        parser.add_argument('username', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            groups = manage.list_records(upper=True, type='groups')
            if (args['group_name'].upper() not in groups):
                if (args['username'].upper()
                        in manage.list_records(upper=True)):
                    mycursor.execute(
                        'INSERT INTO `Grupy` (`group_name`,`group_leader`) VALUES (\'{}\',\'{}\');'
                        .format(args['group_name'],
                                manage.username_to_id(args['username'])))
                    mydb.commit()
                    #add leader to group
                    manage.add_member(args['username'], args['group_name'])
                    return {
                        "message": "Utworzono grupe",
                        "group_name": args['group_name'],
                        "group_leader": args['username']
                    }
                else:
                    return {"message": "Uzytkownik nie istnieje"}
            else:
                return {"message": "Grupa juz istnieje"}

        else:
            return {"message": "Niepoprawny access token"}
Beispiel #2
0
    def post(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('username', required=True)
        parser.add_argument('password', required=True)
        parser.add_argument('email', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            for login in manage.list_records():
                if (login == args['username']):
                    return {'message': 'Uzytkownik juz istnieje'}

            if (args['email'] in manage.list_records(type='email')):
                return {'message': 'Email jest juz zajety'}

            password = manage.hash_password(args['password'])

            mycursor.execute(
                'INSERT INTO `Konta` (`username`, `password`,`email`) VALUES (\'{}\', \'{}\',\'{}\');'
                .format(args['username'], password, args['email']))
            mydb.commit()
            return {'message': 'Zarejestrowano'}
        else:
            return {'message': 'Niepoprawny access token'}
Beispiel #3
0
    def post(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('group_name', required=True)
        parser.add_argument('username', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            groups = manage.list_records(upper=True, type='groups')
            if (args['group_name'].upper() in groups):
                if (args['username'].upper()
                        in manage.list_records(upper=True)):

                    manage.add_member(args['username'], args['group_name'])

                    return {
                        "message": "Dodano do grupy",
                        "group_name": args['group_name'],
                        "username": args['username']
                    }
                else:
                    return {"message": "Uzytkownik nie istnieje"}
            else:
                return {"message": "Grupa juz istnieje"}

        else:
            return {"message": "Niepoprawny access token"}
Beispiel #4
0
    def get(self):
        mydb, mycursor = manage.connect_to_db()

        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('username', required=False)
        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            if (args['username'] == None):
                data = manage.list_records()
            else:
                mycursor.execute(
                    'SELECT username,password,email FROM Konta where username=\'{}\''
                    .format(args['username']))
                data = {}
                for x in mycursor:
                    data.update(x)
                if (data == {}):
                    return {'message': 'Uzytkownik nie istnieje'}

            return data
        else:
            return {'message': 'Niepoprawny access token'}
Beispiel #5
0
    def post(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('username', required=True)
        parser.add_argument('password', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            if (args['username'] not in manage.list_records()):
                return {"message": "Błędna nazwa użytkownika lub hasło"}
            mycursor.execute(
                'SELECT password FROM `Konta` WHERE username = \'{}\''.format(
                    args['username']))
            for x in mycursor:
                user_password = x['password']
            password = manage.hash_password(args['password'])
            if (user_password == password):
                return {'password': user_password == password}
            else:
                return {'message': "Błędna nazwa użytkownika lub hasło"}

        else:
            return {"message": "Niepoprawny access token"}
Beispiel #6
0
    def get(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('username', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            if (args['username'] not in manage.list_records()):
                return {"message": "Uzytkownik nie istnieje"}
            mycursor.execute(
                'SELECT invitations FROM Konta where username = \'{}\''.format(
                    args['username']))
            for x in mycursor:
                data = x
            data = manage.convert_data(data, users='invitations')

            inv = []
            for x in data['invitations']:
                inv.append(x)

            output = []
            for x in inv:
                output.append(manage.id_to_username(x))
            return output
        else:
            return {"message": "Niepoprawny access token"}
Beispiel #7
0
    def post(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('username', required=True)
        parser.add_argument('friend', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            users = manage.list_records(upper=True)
            if (args['username'].upper() in users
                    and args['friend'].upper() in users):
                manage.add_friend(args['username'], args['friend'])
                manage.add_friend(args['friend'], args['username'])
                return {
                    "message": "Dodano znajomego",
                    "username": args['username'],
                    "friend": args['friend']
                }
            else:
                return {"message": "Nie znaleziono uzytkownika"}

        else:
            return {"message": "Niepoprawny access token"}
Beispiel #8
0
    def delete(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('username', required=True)
        parser.add_argument('friend', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):
            if (args['username'] not in manage.list_records()
                    or args['friend'] not in manage.list_records()):
                return {"message": "Uzytkownik nie istnieje"}
            friend = manage.username_to_id(args['friend'])
            username = manage.username_to_id(args['username'])

            status = manage.remove_friend(friend, username)
            status = manage.remove_friend(username, friend)

            return status

        else:
            return {"message": "Niepoprawny access token"}
Beispiel #9
0
    def post(self):
        mydb, mycursor = manage.connect_to_db()
        parser = reqparse.RequestParser()

        parser.add_argument('token', required=True)
        parser.add_argument('type', required=True)
        parser.add_argument('username', required=True)
        parser.add_argument('new', required=True)
        parser.add_argument('password', required=True)

        args = parser.parse_args()

        if (manage.check_token(args['token'])):

            if (args['username'] not in manage.list_records()):
                return {'message': 'Uzytkownik nie istnieje'}

            if (manage.hash_password(args['password']) != manage.get_password(
                    args['username'])):
                return {'message': 'Niepoprawne hasło'}

            if (args['type'] == 'username'):
                for login in manage.list_records():
                    if (login == args['new']):
                        return {'message': 'Nazwa jest zajęta'}
                mycursor.execute(
                    'SELECT id FROM Konta WHERE username = \'{}\''.format(
                        args['username']))
                for x in mycursor:
                    user_id = x
                mycursor.execute(
                    'UPDATE `Konta` SET username = \'{}\' WHERE id = \'{}\''.
                    format(args['new'], user_id['id']))
                mydb.commit()
                return {
                    'message': 'Zmieniono nazwe uzytkownika',
                    'id:': user_id['id']
                }

            if (args['type'] == 'password'):
                mycursor.execute(
                    'UPDATE `Konta` SET password = \'{}\' WHERE username = \'{}\''
                    .format(manage.hash_password(args['new']),
                            args['username']))
                mydb.commit()
                return {
                    'message': 'Zmieniono haslo uzytkownika',
                    'username:'******'username']
                }

            if (args['type'] == 'email'):
                if (args['new'].upper() in manage.list_records(type='email',
                                                               upper=True)):
                    return {'message': 'Email jest juz zajety'}
                mycursor.execute(
                    'UPDATE `Konta` SET email = \'{}\' WHERE username = \'{}\''
                    .format(args['new'], args['username']))
                mydb.commit()
                return {
                    'message': 'Zmieniono email uzytkownika',
                    'username:'******'username']
                }
        else:
            return {'message': 'Niepoprawny access token'}