def voucher_delete_user(user_inst):
"""
Handles DELETE for resource <base>/api/voucher/user .
:return: json data of projects
"""
id_voucheruser = request.headers.get('id')
if not id_voucheruser:
return jsonify({'error': 'missing id'}), 400
try:
check_params_int([id_voucheruser])
except ValueError:
return jsonify({"error": "bad argument"}), 400
session = DB_SESSION()
voucher = session.query(VoucherUser)
try:
voucher = voucher.filter(
VoucherUser.idVoucherUser == id_voucheruser).filter(
VoucherUser.id_user == user_inst.idUser).one()
except NoResultFound:
return jsonify({'error': 'No voucher found'}), 404
voucher.usedVoucher = True
session.commit()
return jsonify({'status': 'Gutschein wurde eingelöst'}), 201
def institutions_get(session):
"""
Handles GET for resource <base>/api/institutions .
:return: json data of institutions
"""
id_institution = request.args.get('id')
radius = request.args.get('radius')
latitude = request.args.get('latitude')
longitude = request.args.get('longitude')
name_institution = request.args.get('name')
has_vouchers = request.args.get('has_vouchers')
username = request.args.get('username')
try:
check_params_int([id_institution, radius, has_vouchers])
# pylint: disable=unbalanced-tuple-unpacking
radius, latitude, longitude = check_params_float([radius, latitude, longitude])
except ValueError:
return jsonify({"error": "bad argument"}), 400
if None in [radius, latitude, longitude] and any([radius, latitude, longitude]):
return jsonify({"error": "bad geo argument"}), 400
results = session.query(Institution).join(Institution.user)
json_data = []
if username:
results = results.filter(User.usernameUser == username)
if id_institution:
results = results.filter(Institution.idInstitution == id_institution)
if name_institution:
results = results.filter(Institution.nameInstitution.ilike("%" + name_institution + "%"))
if has_vouchers is not None:
if int(has_vouchers) == 1:
results = results.filter(Institution.vouchers.any())
else:
results = results.filter(~Institution.vouchers.any())
for result in results:
result: Institution = result
if radius and latitude and longitude and \
distance.distance((latitude, longitude), (result.latitude, result.longitude)).km > radius:
continue
json_data.append({
"id": result.idInstitution,
"name": result.nameInstitution,
"webpage": result.webpageInstitution,
"address": result.addressInstitution,
"picturePath": result.picPathInstitution,
"longitude": result.longitude,
"latitude": result.latitude,
"publickey": result.publickeyInstitution,
"description": result.descriptionInstitution,
"short": result.shortDescription,
"username": result.user.usernameUser,
})
return jsonify(json_data)
def voucher_post_institution(session, user_inst):
"""
Handles POST for resource <base>/api/voucher/institution .
:return: json data result (success or failure)
"""
institution_id = request.headers.get('idInstitution')
voucher_price = request.headers.get('price')
voucher_description = request.headers.get('subject')
voucher_title = request.headers.get('title')
voucher_valid_time = request.headers.get('validTime', default=2 * 31536000)
if None in [
voucher_title, voucher_description, voucher_price, institution_id
]:
return jsonify({'error': 'Missing parameter'}), 400
if "" in [voucher_title, voucher_description]:
return jsonify({'error': "Empty parameter"}), 400
if len(voucher_price) > DEC_LEN:
return jsonify({'error': "Price to big"}), 400
if len(voucher_title) > DEC_LEN:
return jsonify({'error': "title too long"}), 400
try:
check_params_int([voucher_price, voucher_valid_time, institution_id])
except ValueError:
return jsonify({"error": "bad argument"}), 400
if int(voucher_valid_time) > 788923150:
return jsonify({'error':
"valid time can not be bigger than 25 Years"}), 400
res = session.query(Institution).filter(
Institution.idInstitution == institution_id).one_or_none()
if res is None:
return jsonify({'status': 'Institution does not exist'}), 400
# check if user is owner
owner = session.query(Institution)
owner = owner.filter(Institution.user_id == user_inst.idUser,
Institution.idInstitution == institution_id).first()
if owner is None:
return jsonify({'error': 'no permission'}), 403
voucher_inst = Voucher(
titleVoucher=voucher_title,
descriptionVoucher=voucher_description,
priceVoucher=int(voucher_price),
validTime=voucher_valid_time,
institution_id=institution_id,
)
session.add(voucher_inst)
session.commit()
return jsonify({'status': 'Voucher registered'}), 200
def projects_get(session):
"""
Handles GET for resource <base>/api/projects .
:return: json data of projects
"""
id_project = request.args.get('id')
id_institution = request.args.get('idinstitution')
radius = request.args.get('radius', type=int)
latitude = request.args.get('latitude', type=float)
longitude = request.args.get('longitude', type=float)
name_project = request.args.get('name')
username = request.args.get('username')
try:
check_params_int([id_project, id_institution])
except ValueError:
return jsonify({"error": "bad argument"}), 400
if None in [radius, latitude, longitude] and any(
[radius, latitude, longitude]):
return jsonify({"error": "bad geo argument"}), 400
results = session.query(Project).join(Project.institution).join(
Institution.user)
if id_project:
results = results.filter(Project.idProject == id_project)
if id_institution:
results = results.filter(Project.institution_id == id_institution)
if name_project:
results = results.filter(
Project.nameProject.ilike("%" + name_project + "%"))
if username:
results = results.filter(User.usernameUser == username)
json_data = []
for result in results:
if radius and latitude and longitude and \
distance.distance((latitude, longitude), (result.institution.latitude, result.institution.longitude)) \
.km > radius:
continue
json_data.append({
'id': result.idProject,
'name': result.nameProject,
'webpage': result.webpageProject,
'idinstitution': result.institution_id,
'picturePath': result.picPathProject,
'description': result.descriptionProject,
'short': result.shortDescription,
'latitude': result.latitude,
'longitude': result.longitude,
'until': result.until,
})
return jsonify(json_data)
def projects_post(user_inst): # pylint:disable=unused-argument
"""
Handles POST for resource <base>/api/projects .
:return: "{'status': 'ok'}", 200
"""
name = request.headers.get('name')
webpage = request.headers.get('webpage')
id_institution = request.headers.get('idInstitution')
goal = request.headers.get('goal')
required_votes = request.headers.get('requiredVotes')
until = request.headers.get('until')
milestones = request.headers.get('milestones', default="[]")
description = request.headers.get('description')
if None in [name, goal, required_votes, until]:
return jsonify({'error': 'Missing parameter'}), 403
try:
check_params_int([id_institution, goal, required_votes, until])
except ValueError:
return jsonify({"error": "bad argument"}), 400
session = DB_SESSION()
if id_institution and session.query(Institution).get(
id_institution) is None:
return jsonify({'error': 'Institution not found'}), 400
if webpage and not validators.url(webpage):
return jsonify({'error': 'webpage is not a valid url'}), 400
project_inst = Project(nameProject=name,
webpageProject=webpage,
smartcontract_id=1,
institution_id=id_institution,
descriptionProject=description
# ToDo: add user as project owner
)
try:
milestones_inst: List[Milestone] = []
for milestone in json.loads(milestones):
milestones_inst.append(
Milestone(
goalMilestone=milestone['goal'],
requiredVotesMilestone=milestone['requiredVotes'],
currentVotesMilestone=0,
untilBlockMilestone=milestone['until'],
))
except (KeyError, json.JSONDecodeError):
return jsonify({'status': 'invalid json'}), 400
project_inst.milestones.extend(milestones_inst)
session.add_all(milestones_inst)
session.add(project_inst)
session.commit()
return jsonify({'status': 'ok', 'id': project_inst.idProject}), 201
def voucher_post(session, user):
"""
Handles POST for resource <base>/api/voucher/user .
:return: json data of projects
"""
id_voucher = request.headers.get('idVoucher')
if not id_voucher:
return jsonify({'error': 'missing id'}), 400
try:
check_params_int([id_voucher])
except ValueError:
return jsonify({"error": "bad argument"}), 400
try:
voucher = session.query(Voucher).filter(
Voucher.idVoucher == id_voucher).one()
balance = WEB3.eth.getBalance(user.publickeyUser)
if balance < int(voucher.priceVoucher): # ToDo: gas-cost?
return jsonify({'error': 'not enough balance'}), 406
if not voucher.available:
return jsonify({'error': 'voucher not available'}), 406
association = VoucherUser(
usedVoucher=False,
expires_unixtime=(datetime.now() + timedelta(0, 2 * 31536000)),
voucher=voucher,
user=user)
inst: Institution = session.query(Institution).filter(
Institution.idInstitution == voucher.institution_id).one()
transaction = {
'nonce': WEB3.eth.getTransactionCount(user.publickeyUser),
'to': inst.publickeyInstitution,
'value': int(voucher.priceVoucher),
'gas': 200000,
'gasPrice': WEB3.toWei('50', 'gwei')
}
signed_transaction = WEB3.eth.account.sign_transaction(
transaction, user.privatekeyUser)
WEB3.eth.sendRawTransaction(signed_transaction.rawTransaction)
association.redeem_id = add_voucher(
user, inst, voucher.titleVoucher,
abs(association.expires_unixtime - datetime.now()).days)
session.add(voucher)
session.add(association)
session.commit()
except InvalidAddress:
return jsonify({'error': 'given publickey is not valid'}), 400
except NoResultFound:
return jsonify({'error': 'Voucher doesnt exist'}), 404
return jsonify({'status': 'voucher bought'}), 200
def donations_post(session, user_inst):
"""
Handles POST for resource <base>/api/donations .
:return: "{'status': 'Spende wurde verbucht'}", 201
"""
idproject = request.headers.get('idproject', default=None)
amount = request.headers.get('amount', default=None)
vote_enabled = request.headers.get('voteEnabled', default=None)
if None in [idproject, amount, vote_enabled]:
return jsonify({'error': 'Missing parameter'}), 400
try:
check_params_int([idproject, amount, vote_enabled])
except ValueError:
return jsonify({"error": "bad argument"}), 400
results: Project = session.query(Project).get(idproject)
if results is None:
return jsonify({'error': 'Project not found'}), 400
if int(amount) <= 0:
return jsonify({'error': 'amount cant be 0 or less'}), 400
balance = WEB3.eth.getBalance(user_inst.publickeyUser)
if balance < int(amount): # ToDo: gas-cost?
return jsonify({'error': 'not enough balance'}), 406
try:
# Add Donation
donate_check = project_donate_check(results, user_inst, int(amount),
bool(int(vote_enabled)))
if donate_check:
return jsonify({'error': 'sc error: ' + donate_check}), 400
milestone_sc_index = project_donate(results, user_inst, int(amount),
bool(int(vote_enabled)))
# if this line fails, we have inconsitent data in the database!
milestone = session.query(Milestone).filter(Milestone.project_id == int(idproject)).\
filter(Milestone.milestone_sc_id == milestone_sc_index).one()
donations_inst = Donation(
amountDonation=int(amount),
user=user_inst,
milestone=milestone,
voteDonation=bool(int(vote_enabled)),
)
session.add(donations_inst)
session.commit()
return jsonify({'status': 'Spende wurde verbucht'}), 201
finally:
session.rollback()
session.close()
def voucher_get_user():
"""
Handles GET for resource <base>/api/voucher/user .
:return: json data of projects
"""
id_voucheruser = request.args.get('id')
id_voucher = request.args.get('idVoucher')
id_user = request.args.get('idUser')
id_institution = request.args.get('idInstitution')
used = request.args.get('used')
expired = request.args.get('expired')
try:
check_params_int([id_voucher, id_user, id_institution, used, expired])
except ValueError:
return jsonify({"error": "bad argument"}), 400
session = DB_SESSION()
results = session.query(Voucher, VoucherUser).join(
Voucher, VoucherUser.id_voucher == Voucher.idVoucher)
if id_voucheruser is not None:
results = results.filter(VoucherUser.idVoucherUser == id_voucheruser)
if id_voucher is not None:
results = results.filter(Voucher.idVoucher == id_voucher)
if id_user is not None:
results = results.filter(VoucherUser.id_user == id_user)
if id_institution is not None:
results = results.filter(Voucher.institution_id == id_institution)
if used is not None:
results = results.filter(VoucherUser.usedVoucher.is_(used))
if expired is not None:
if int(expired) >= 1:
results = results.filter(
VoucherUser.expires_unixtime < datetime.now())
else:
results = results.filter(
VoucherUser.expires_unixtime >= datetime.now())
json_data = []
for vouch, vuser in results:
json_data.append({
"id": vuser.idVoucherUser,
"userid": vuser.id_user,
"idvoucher": vuser.id_voucher,
"idinstitution": vouch.institution_id,
"titel": vouch.titleVoucher,
"description": vouch.descriptionVoucher,
"used": vuser.usedVoucher,
"untilTime": vuser.expires_unixtime.timestamp(),
"price": vouch.priceVoucher,
})
return jsonify(json_data), 200
def institutions_get():
"""
Handles GET for resource <base>/api/institutions .
:return: json data of institutions
"""
id_institution = request.args.get('id', type=int)
radius = request.args.get('radius', type=int)
latitude = request.args.get('latitude', type=float)
longitude = request.args.get('longitude', type=float)
name_institution = request.args.get('name')
has_vouchers = request.args.get('has_vouchers')
try:
check_params_int([id_institution, radius, has_vouchers])
except ValueError:
return jsonify({"error": "bad argument"}), 400
if None in [radius, latitude, longitude] and any(
[radius, latitude, longitude]):
return jsonify({"error": "bad geo argument"}), 400
session = DB_SESSION()
results = session.query(Institution)
json_data = []
if id_institution:
results = results.filter(Institution.idInstitution == id_institution)
if name_institution:
results = results.filter(
Institution.nameInstitution.ilike("%" + name_institution + "%"))
if has_vouchers is not None:
if int(has_vouchers) == 1:
results = results.filter(Institution.vouchers.any())
else:
results = results.filter(~Institution.vouchers.any())
for result in results:
if radius and latitude and longitude and \
distance.distance((latitude, longitude), (result.latitude, result.longitude)).km > radius:
continue
json_data.append({
"id": result.idInstitution,
"name": result.nameInstitution,
"webpage": result.webpageInstitution,
"address": result.addressInstitution,
"picturePath": result.picPathInstitution,
"longitude": result.longitude,
"latitude": result.latitude,
"publickey": result.publickeyInstitution,
"description": result.descriptionInstitution
})
return jsonify(json_data)
def donations_get(session):
"""
Handles GET for resource <base>/api/donations .
:return: json data of projects
"""
id_donation = request.args.get('id')
minamount_donation = request.args.get('minamount')
maxamount_donation = request.args.get('maxamount')
iduser_user = request.args.get('iduser')
idmilestone_milestone = request.args.get('idmilestone')
idproject_project = request.args.get('idproject')
try:
check_params_int([
id_donation, minamount_donation, maxamount_donation, iduser_user,
idmilestone_milestone, idproject_project
])
except ValueError:
return jsonify({"error": "bad argument"}), 400
results = session.query(Donation, Project)
results = results.join(Milestone, Donation.milestone).join(Project)
if id_donation:
results = results.filter(Donation.idDonation == id_donation)
if minamount_donation:
results = results.filter(Donation.amountDonation >= minamount_donation)
if maxamount_donation:
results = results.filter(Donation.amountDonation <= maxamount_donation)
if iduser_user:
results = results.filter(Donation.user_id == iduser_user)
if idmilestone_milestone:
results = results.filter(
Donation.milestone_id == idmilestone_milestone)
if idproject_project:
results = results.filter(Milestone.project_id == idproject_project)
json_data = []
for donation, project in results:
json_data.append({
'id': donation.idDonation,
'amount': donation.amountDonation,
'userid': donation.user_id,
'milestoneid': donation.milestone_id,
'projectid': project.idProject,
'projectname': project.nameProject,
'projectpic': project.picPathProject,
'voted': donation.voted,
'timeofdonation': donation.timeOfDonation,
'voteEnabled': donation.voteDonation,
})
return jsonify(json_data)
def voucher_post_institution(user_inst): # pylint:disable=unused-argument
"""
Handles POST for resource <base>/api/voucher/institution .
:return: json data result (success or failure)
"""
institution_id = request.headers.get('idInstitution', default=None)
voucher_price = request.headers.get('price', default=None)
voucher_description = request.headers.get('subject', default=None)
voucher_title = request.headers.get('title', default=None)
voucher_valid_time = request.headers.get('validTime', default=2 * 31536000)
if None in [
voucher_title, voucher_description, voucher_price, institution_id
]:
return jsonify({'error': 'Missing parameter'}), 400
if "" in [voucher_title, voucher_description]:
return jsonify({'error': "Empty parameter"}), 400
try:
check_params_int([voucher_price, voucher_valid_time, institution_id])
except ValueError:
return jsonify({"error": "bad argument"}), 400
session = DB_SESSION()
# ToDo: check institution_owner = user_inst
res = session.query(Institution).filter(
Institution.idInstitution == institution_id).one_or_none()
if res is None:
return jsonify({'status': 'Institution does not exist'}), 400
voucher_inst = Voucher(
titleVoucher=voucher_title,
descriptionVoucher=voucher_description,
priceVoucher=voucher_price,
validTime=voucher_valid_time,
institution_id=institution_id,
)
# ToDo Blockchain
session.add(voucher_inst)
session.commit()
return jsonify({'status': 'Voucher registered'}), 200
def voucher_patch_institution():
"""
Handles PATCH for resource <base>/api/vouchers/institutions.
:return: "{'status': 'ok'}", 200
"""
inst_id = request.headers.get('idInstitution', default=None)
voucher_id = request.headers.get('idVoucher', default=None)
voucher_price = request.headers.get('priceVoucher', default=None)
voucher_available = request.headers.get('availableVoucher', default=None)
voucher_valid_time = request.headers.get('validTimeVoucher', default=None)
if None in [inst_id, voucher_id]:
return jsonify({'error': 'Missing parameter'}), 400
try:
check_params_int([voucher_id, inst_id, voucher_valid_time])
except ValueError:
return jsonify({"error": "bad argument"}), 400
session = DB_SESSION()
voucher = session.query(Voucher).filter(
Voucher.idVoucher == voucher_id).one_or_none()
if voucher is None:
return jsonify({'error': 'voucher does not exist'}), 400
if int(voucher.institution_id) != int(inst_id):
return jsonify({"error":
"voucher does not belong to institution"}), 400
if voucher_valid_time:
if int(voucher_valid_time) < int(voucher.validTime):
return jsonify(
{'error':
'new validTime has to be bigger than the old one'}), 400
voucher.validTime = voucher_valid_time
if voucher_price:
voucher.priceVoucher = voucher_price
if voucher_available:
voucher.available = voucher_available
session.commit()
return jsonify({'status': 'Voucher wurde bearbeitet'}), 201
def milestones_vote(session, user_inst: User):
"""
Vote for milestone.
:return: "{'status': 'ok'}", 200
"""
donation_id = request.headers.get('id')
vote = request.headers.get('vote') # 1 = positive, 0 = negative
if None in [donation_id, vote]:
return jsonify({'error': 'Missing parameter'}), 400
try:
donation_id, vote = check_params_int([donation_id, vote]) # noqa
except ValueError:
return jsonify({"error": "bad argument"}), 400
donation: Donation = session.query(Donation).filter(
Donation.idDonation == donation_id).one_or_none()
if donation is None:
return jsonify({"error": "donation not found"}), 404
if not donation.voteDonation:
return jsonify({"error": "didn't register to vote"}), 400
if donation.user_id != user_inst.idUser:
return jsonify({"error": "unauthorized user"}), 401
if donation.voted is not None:
return jsonify({"error": "already voted"}), 400
vote_check = project_donate_vote_check(session, user_inst,
0 if vote else 1, donation)
if vote_check:
return jsonify({'error': 'sc error: ' + vote_check}), 400
donation.milestone.currentVotesMilestone += 1 if vote else (-1)
tx_receipt = project_donate_vote(user_inst, 0 if vote else 1, donation)
if tx_receipt.status != 1:
raise RuntimeError("SC Call failed!")
voted = 1 if vote else (-1)
donations_milestone = session.query(Donation).join(Donation.milestone)\
.filter(Donation.user == user_inst).\
filter(Milestone.milestone_sc_id == donation.milestone.milestone_sc_id) # noqa
for don in donations_milestone:
don.voted = voted
session.add(don)
session.commit()
return jsonify({'status': 'ok'}), 200
def voucher_get():
"""
Handles GET for resource <base>/api/voucher/institution .
:return: json data of projects
"""
id_voucher = request.args.get('id')
id_institution = request.args.get('idInstitution')
available = request.args.get('available')
try:
check_params_int([id_voucher, id_institution, available])
except ValueError:
return jsonify({"error": "bad argument"}), 400
session = DB_SESSION()
results = session.query(Voucher)
if id_voucher is not None:
results = results.filter(Voucher.idVoucher == id_voucher)
if id_institution is not None:
results = results.filter(Voucher.institution_id == id_institution)
if available is not None:
results = results.filter(Voucher.available.is_(bool(int(available))))
json_data = []
for voucher in results:
json_data.append({
'id': voucher.idVoucher,
'amount': len(voucher.users),
'institutionid': voucher.institution_id,
'institutionName': voucher.institution.nameInstitution,
'subject': voucher.descriptionVoucher,
'title': voucher.titleVoucher,
'validTime': voucher.validTime,
'available': voucher.available,
'price': voucher.priceVoucher,
"picturePath": voucher.institution.picPathInstitution,
})
return jsonify(json_data), 200
def voucher_delete_user(session, user_inst):
"""
Handles DELETE for resource <base>/api/voucher/user .
:return: json data of projects
"""
id_voucheruser = request.headers.get('id')
if not id_voucheruser:
return jsonify({'error': 'missing id'}), 400
try:
check_params_int([id_voucheruser])
except ValueError:
return jsonify({"error": "bad argument"}), 400
voucher_user = session.query(VoucherUser)
try:
voucher_user = voucher_user.filter(
VoucherUser.idVoucherUser == id_voucheruser).filter(
VoucherUser.id_user == user_inst.idUser).one()
institution = session.query(Institution).filter(
Institution.idInstitution ==
voucher_user.voucher.institution_id).one()
err = redeem_voucher_check(user_inst, voucher_user,
institution.scAddress)
if err:
return jsonify({'error': 'milestone error: ' + err}), 400
redeem_voucher(user_inst, voucher_user, institution.scAddress)
except NoResultFound:
return jsonify({'error': 'No voucher found'}), 404
voucher_user.usedVoucher = True
session.commit()
return jsonify({'status': 'Gutschein wurde eingelöst'}), 201
def institutions_patch(session, user_inst): # pylint:disable=too-many-branches
"""
Handles PATCH for resource <base>/api/institutions .
:return: json response
"""
institution_id = request.headers.get('id')
name = request.headers.get('name')
webpage = request.headers.get('webpage')
address = request.headers.get('address')
description = request.headers.get('description')
short = request.headers.get('short')
latitude = request.headers.get('latitude')
longitude = request.headers.get('longitude')
if institution_id is None:
return jsonify({'error': 'Missing parameter'}), 400
try:
check_params_int([institution_id])
check_params_float([latitude, longitude])
except ValueError:
return jsonify({"error": "bad argument"}), 400
if None in [latitude, longitude] and any([latitude, longitude]):
return jsonify({"error": "bad geo argument"}), 400
try:
if name: # check if name is already taken
if session.query(Institution).filter(Institution.nameInstitution == name).one_or_none():
return jsonify({'error': 'name already exists'}), 400
institution = session.query(Institution).get(institution_id)
if institution is None:
return jsonify({'error': 'Institution does not exist'}), 404
# check user permission
owner = session.query(Institution)
owner = owner.filter(Institution.user == user_inst, Institution.idInstitution == institution_id).one_or_none()
if owner is None:
return jsonify({'error': 'no permission'}), 403
if name:
institution.nameInstitution = name
if address:
institution.addressInstitution = address
if webpage:
institution.webpageInstitution = webpage
if description:
if(len(description)%4) == 0:
try:
description = b64decode(description).decode("latin-1")
except TypeError:
return jsonify({"error": "bad base64 encoding"}), 400
institution.descriptionInstitution = description
else:
return jsonify({"error": "Invalid base64-encoded string"}), 400
if short:
institution.shortDescription = short
if latitude and longitude:
institution.latitude = latitude
institution.longitude = longitude
session.commit()
return jsonify({'status': 'Institution wurde bearbeitet'}), 201
finally:
session.rollback()
session.close()
def projects_post(session, user_inst: User): # pylint:disable=unused-argument, too-many-locals, too-many-branches
"""
Handles POST for resource <base>/api/projects .
:return: "{'status': 'ok'}", 200
"""
name = request.headers.get('name')
webpage = request.headers.get('webpage')
id_institution = request.headers.get('idInstitution')
goal_raw = request.headers.get('goal')
until_raw = request.headers.get('until')
milestones = request.headers.get('milestones', default="[]")
description = request.headers.get('description')
latitude = request.headers.get('latitude')
longitude = request.headers.get('longitude')
short = request.headers.get('short')
if None in [name, goal_raw, until_raw, id_institution, description, short]:
return jsonify({'error': 'Missing parameter'}), 403
try:
id_institution, goal, until = check_params_int(
[id_institution, goal_raw, until_raw]) # noqa
except ValueError:
return jsonify({"error": "bad argument"}), 400
if (len(description) % 4) == 0:
try:
description = b64decode(description).decode("latin-1") # noqa
except TypeError:
return jsonify({"error": "bad base64 encoding"}), 400
else:
return jsonify({"error": "Invalid base64-encoded string"}), 400
if id_institution and session.query(Institution).get(
id_institution) is None:
return jsonify({'error': 'Institution not found'}), 400
if webpage and not validators.url(webpage):
return jsonify({'error': 'webpage is not a valid url'}), 400
if until < int(time.time()):
return jsonify({'error': 'until value is in the past'}), 400
if until > 2**64:
return "until value is not a valid date... or is it after the 04.12.219250468 15:30:07 already?!"
result = session.query(Institution)\
.filter(Institution.idInstitution == id_institution).filter(Institution.user == user_inst).one_or_none()
if result is None:
return jsonify({
'error':
'User has no permission to create projects for this institution'
}), 403
project_inst = Project(nameProject=name,
webpageProject=webpage,
institution_id=id_institution,
descriptionProject=description,
latitude=latitude,
longitude=longitude,
until=until,
goal=goal,
shortDescription=short)
try:
milestones_json = json.loads(milestones)
for milestone in milestones_json:
mile_check = project_add_milestone_check(project_inst, user_inst,
milestone['name'],
int(milestone['goal']),
int(milestone['until']))
if mile_check:
return jsonify({'error':
'milestone error: ' + mile_check}), 400
ctor_check = project_constructor_check(user_inst,
str(str(description)[0:32]),
goal)
if ctor_check:
return jsonify({'error': 'sc error: ' + ctor_check}), 400
project_inst.scAddress = project_constructor(
user_inst, str(str(description)[0:32]), goal)
session.add(project_inst)
for milestone in milestones_json:
sc_id = project_add_milestone(project_inst, user_inst,
milestone['name'],
int(milestone['goal']),
int(milestone['until']))
milestones_inst = Milestone(
nameMilestone=milestone['name'],
goalMilestone=int(milestone['goal']),
untilBlockMilestone=milestone['until'],
milestone_sc_id=sc_id,
)
project_inst.milestones.append(milestones_inst)
session.add(project_inst)
session.add(milestones_inst)
session.commit()
return jsonify({'status': 'ok', 'id': project_inst.idProject}), 201
except (ValueError, KeyError, json.JSONDecodeError):
return jsonify({'error': 'invalid json'}), 400
finally:
session.rollback()
def voucher_post(user):
"""
Handles POST for resource <base>/api/voucher/user .
:return: json data of projects
"""
id_voucher = request.headers.get('idVoucher')
if not id_voucher:
return jsonify({'error': 'missing id'}), 400
try:
check_params_int([id_voucher])
except ValueError:
return jsonify({"error": "bad argument"}), 400
session = DB_SESSION()
try:
voucher = session.query(Voucher).filter(
Voucher.idVoucher == id_voucher).one()
balance = WEB3.eth.getBalance(user.publickeyUser)
if balance < voucher.priceVoucher: # ToDo: gas-cost?
return jsonify({'error': 'not enough balance'}), 406
if not voucher.available:
return jsonify({'error': 'voucher not available'}), 406
association = VoucherUser(
usedVoucher=False,
expires_unixtime=(datetime.now() + timedelta(0, 2 * 31536000)),
voucher=voucher,
user=user)
inst: Institution = session.query(Institution).filter(
Institution.idInstitution == voucher.institution_id).one()
transaction = {
'nonce': WEB3.eth.getTransactionCount(user.publickeyUser),
'to': inst.publickeyInstitution,
'value': voucher.priceVoucher,
'gas': 200000,
'gasPrice': WEB3.toWei('50', 'gwei')
}
signed_transaction = WEB3.eth.account.sign_transaction(
transaction, user.privatekeyUser)
WEB3.eth.sendRawTransaction(signed_transaction.rawTransaction)
cfg_parser: configparser.ConfigParser = configparser.ConfigParser()
cfg_parser.read("backend_config.ini")
voucher_sc = WEB3.eth.contract(
address=WEB3.toChecksumAddress(cfg_parser["Voucher"]["ADDRESS"]),
abi=json.loads(cfg_parser["Voucher"]["ABI"]))
transaction = voucher_sc.functions.addVoucher(user.publickeyUser,
WEB3.toBytes(text=voucher.titleVoucher),
666) \
.buildTransaction({'nonce': WEB3.eth.getTransactionCount(user.publickeyUser)})
signed_transaction = WEB3.eth.account.sign_transaction(
transaction, user.privatekeyUser)
WEB3.eth.sendRawTransaction(signed_transaction.rawTransaction)
session.add(voucher)
session.add(association)
session.commit()
except InvalidAddress:
return jsonify({'error': 'given publickey is not valid'}), 400
except NoResultFound:
return jsonify({'error': 'Voucher doesnt exist'}), 404
return jsonify({'status': 'voucher bought'}), 200
def voucher_patch_institution(session, user_inst):
"""
Handles PATCH for resource <base>/api/vouchers/institutions.
:return: "{'status': 'ok'}", 200
"""
inst_id = request.headers.get('idInstitution', default=None)
voucher_id = request.headers.get('idVoucher', default=None)
voucher_price = request.headers.get('priceVoucher', default=None)
voucher_available = request.headers.get('availableVoucher', default=None)
voucher_valid_time = request.headers.get('validTimeVoucher', default=None)
if None in [inst_id, voucher_id]:
return jsonify({'error': 'Missing parameter'}), 400
if voucher_price is not None and len(voucher_price) > DEC_LEN:
return jsonify({'error': 'Price to big'}), 400
try:
check_params_int([
voucher_id, inst_id, voucher_valid_time, voucher_available,
voucher_price
])
except ValueError:
return jsonify({"error": "bad argument"}), 400
if voucher_available not in ['0', '1']:
return jsonify({"error": "bad availability argument"}), 400
voucher = session.query(Voucher).filter(
Voucher.idVoucher == voucher_id).one_or_none()
if voucher is None:
return jsonify({'error': 'voucher does not exist'}), 400
if int(voucher.institution_id) != int(inst_id):
return jsonify({"error":
"voucher does not belong to institution"}), 400
if int(voucher_valid_time) > 788923150:
return jsonify({'error':
"valid time can not be bigger than 25 Years"}), 400
if voucher_valid_time:
if int(voucher_valid_time) < int(voucher.validTime):
return jsonify(
{'error':
'new validTime has to be bigger than the old one'}), 400
voucher.validTime = voucher_valid_time
if voucher_price:
voucher.priceVoucher = int(voucher_price)
if voucher_available:
voucher.available = voucher_available == '1'
# check if user is owner
owner = session.query(Institution)
owner = owner.filter(Institution.user_id == user_inst.idUser,
Institution.idInstitution == inst_id).first()
if owner is None:
return jsonify({'error': 'no permission'}), 403
session.commit()
return jsonify({'status': 'Voucher wurde bearbeitet'}), 201