def update():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'administrativo_update')):
abort(401)
else:
post_data = request.get_json()
#Form validation
form = forms.ValidateLessonWithId.from_json(
post_data, skip_unknown_keys=False)
if not form.validate():
response_object = {
'status':
'error',
'message':
'Verifica los campos obligatorios y no ingreses valores no permitidos.'
}
else:
Lesson.db = get_db()
if Lesson.lesson_exists_not_self(post_data):
response_object = {
'status': 'warning',
'message': 'La clase que quieres crear ya existe.'
}
else:
Lesson.update(post_data)
response_object = {
'status': 'success',
'message': 'Actualizaste la clase correctamente.'
}
return jsonify(response_object)
def update():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'instrumento_update')):
abort(401)
else:
post_data = request.form
form = forms.ValidateInstrument(post_data, skip_unknown_keys=True)
if not form.validate():
response_object = {'status': 'warning', 'message': 'Verifica los campos obligatorios y no ingreses nombres no permitidos.'}
else:
file = request.files['image']
Instrument.db = get_db()
if file: # and allowed_file(file.filename):
newfile = file.read()
Instrument.update_with_image(post_data, newfile)
else:
Instrument.update(post_data)
response_object = {'status': 'success', 'message': 'Se actualizó el instrumento'}
return jsonify(response_object)
def get(id_data):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'usuario_show')):
abort(401)
else:
#Retorno de data
User.db = get_db()
user = User.get(id_data)
roles = user_roles(user['user_id'])
return_user = {
'active': user['active'],
'email': user['email'],
'google_user': user['google_user'],
'lastname': user['lastname'],
'name': user['name'],
'user_id': user['user_id'],
'username': user['username'],
'is_admin': roles['is_admin'],
'is_teacher': roles['is_teacher'],
'is_preceptor': roles['is_preceptor']
}
return jsonify(return_user)
def create():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'instrumento_new')):
abort(401)
else:
form = forms.ValidateInstrument(request.form, skip_unknown_keys=True)
if form.validate():
file = request.files['image']
if file: # and allowed_file(file.filename):
# filename = new_file_name(file)
# file.save(os.path.abspath(UPLOAD_FOLDER+filename))
# # file.save(os.path.abspath(UPLOAD_FOLDER2+filename))
# Instrument.db = get_db()
# Instrument.create(request.form, filename)
newfile = file.read()
Instrument.db = get_db()
Instrument.create(request.form, newfile)
response_object = {'status': 'success', 'message': 'Se agregó el nuevo instrumento'}
else:
response_object = {'status': 'warning', 'message': 'Debes subir una imagen para el instrumento.'}
else:
response_object = {'status': 'warning', 'message': 'Verifica los campos obligatorios y no ingreses nombres no permitidos.'}
return jsonify(response_object)
def remove_student():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'asistencia_destroy')):
abort(401)
else:
post_data = request.get_json()
#Form validation
form = forms.ValidateLessonStudent.from_json(
post_data, skip_unknown_keys=False)
if not form.validate():
response_object = {
'status':
'error',
'message':
'Verifica los campos obligatorios y no ingreses valores no permitidos.'
}
else:
Lesson.db = get_db()
Lesson.remove_student(post_data)
response_object = {
'status': 'success',
'message': 'Desasignaste el estudiante correctamente.'
}
return jsonify(response_object)
def remove():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'horario_destroy')):
abort(401)
else:
post_data = request.get_json()
#Form validation
form = forms.ValidateScheduleId.from_json(post_data,
skip_unknown_keys=True)
if not form.validate():
response_object = {
'status':
'error',
'message':
'Verifica los campos obligatorios y no ingreses valores no permitidos.'
}
else:
Schedule.db = get_db()
Schedule.remove(post_data['schedule_id'])
response_object = {
'status': 'success',
'message': 'Eliminaste el horario correctamente.'
}
return jsonify(response_object)
def getFormData():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'estudiante_index')):
abort(401)
else:
Neighborhood.db = get_db()
Level.db = get_db()
Gender.db = get_db()
School.db = get_db()
DocumentType.db = get_db()
Location.db = get_db()
ResponsableType.db = get_db()
response_json = {
'neighborhoods': Neighborhood.all(),
'levels': Level.all(),
'genders': Gender.all(),
'schools': School.all(),
'document_types': DocumentType.all(),
'locations': Location.all(),
'responsable_types': ResponsableType.all(),
}
return response_json
def update():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
User.db = get_db()
if (not User.has_permission(session['id'],'usuario_update')):
abort(401)
else:
post_data = request.get_json() #Obtención de información
errors = [] #Errores
#Chequeo username
if User.find_by_username_not_self(post_data):
errors.append({'name': 'username', 'message': 'El nombre de usuario ingresado ya existe'})
#Chequeo email
if User.find_by_email_not_self(post_data):
errors.append({'name': 'email', 'message': 'El email ingresado ya existe'})
form = forms.ValidateUserWithOutPassword.from_json(post_data, skip_unknown_keys=True)
if (form.validate() and len(errors) == 0):
User.update(post_data)
new_user = User.find_by_email(post_data['email'])
update_roles(new_user['user_id'], post_data)
response_object = {'status': 'success', 'message': 'Se actualizó el nuevo usuario'}
else:
if (not form.validate()):
err = {'name': 'fields', 'message': 'Verifica los campos obligatorios y no ingreses nombres no permitidos.'}
errors.append(err)
response_object = errors
return jsonify(response_object)
def update():
#Auth check
auth.authenticated_or_401()
if request.method == 'POST':
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'configuration_all')):
abort(401)
else:
#Chequea el metodo y valida el formulario
post_data = request.get_json()
form = forms.ValidateConfiguration.from_json(
post_data, skip_unknown_keys=False)
if not form.validate():
response_object = {
'status':
'warning',
'message':
'Informacion inválida, solo puede ingresarse un titulo(máximo 255 char), email(máximo 255 char) y descripción(máximo 1000 char)'
}
else:
Configuration.db = get_db()
Configuration.update(post_data)
response_object = {
'status':
'success',
'message':
'Se actualizó la información del sitio correctamente'
}
return jsonify(response_object)
def create():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'administrativo_new')):
abort(401)
else:
post_data = request.get_json()
#Form validation
form = forms.ValidateWorkshop.from_json(post_data,
skip_unknown_keys=True)
if not form.validate():
response_object = {
'status':
'warning',
'message':
'Verifica los campos obligatorios y no ingreses valores no permitidos.'
}
else:
Workshop.db = get_db()
if Workshop.workshop_exists(post_data):
response_object = {
'status': 'warning',
'message': 'El taller ya existe.'
}
else:
Workshop.create(post_data)
response_object = {
'status': 'success',
'message': 'Creaste el taller correctamente.'
}
return jsonify(response_object)
def has_role():
#Auth check
auth.authenticated_or_401()
#User routes
User.db = get_db()
roles_object = {'status': True}
if not User.has_roles(session['id']):
roles_object = {'status': False}
return jsonify(roles_object)
def get_image(instrument_id):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'instrumento_show')):
abort(401)
else:
Instrument.db = get_db()
return Instrument.get_image(instrument_id)['image']
def all():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'instrumento_index')):
abort(401)
else:
Instrument.db = get_db()
return jsonify(Instrument.all())
def routes():
def get_routes():
user_routes = []
#Cargado de información
nucleos = {'name': 'Núcleos', 'url': '/cores', 'icon': 'fas fa-map-marker-alt'}
user_routes.append(nucleos)
if (User.has_permission(session['id'],'estudiante_index')):
new = {'name': 'Estudiantes', 'url': '/students', 'icon': 'fas fa-user-graduate'}
user_routes.append(new)
if (User.has_permission(session['id'],'docente_index')):
new = {'name': 'Docentes', 'url': '/teachers', 'icon': 'fas fa-user'}
user_routes.append(new)
if (User.has_permission(session['id'],'instrumento_index')):
new = {'name': 'Instrumentos', 'url': '/instruments', 'icon': 'fas fa-guitar'}
user_routes.append(new)
if (User.has_permission(session['id'],'administrativo_index')):
new = {'name': 'Ciclos lectivos', 'url': '/cycles', 'icon': 'far fa-calendar-alt'}
user_routes.append(new)
new = {'name': 'Talleres', 'url': '/workshops', 'icon': 'fas fa-school'}
user_routes.append(new)
new = {'name': 'Talleres asignados', 'url': '/cycle_workshops', 'icon': 'fas fa-school'}
user_routes.append(new)
if (User.has_permission(session['id'],'horario_index')):
new = {'name': 'Clases', 'url': '/lessons', 'icon': 'fas fa-chalkboard-teacher'}
user_routes.append(new)
if (User.has_permission(session['id'],'asistencia_index')):
new = {'name': 'Asistencia', 'url': '/assistances', 'icon': 'fas fa-user-plus'}
user_routes.append(new)
if (User.has_permission(session['id'],'usuario_index')):
new = {'name': 'Usuarios', 'url': '/users', 'icon': 'fas fa-user-friends'}
user_routes.append(new)
if (User.has_permission(session['id'],'configuration_all')):
new = {'name': 'Administrativo', 'url': '/configuration', 'icon': 'fas fa-cog'}
user_routes.append(new)
return user_routes
#Auth check
auth.authenticated_or_401()
#Listado de rutas
routes = []
User.db = get_db()
if (not User.has_roles(session['id'])):
return jsonify(routes)
else:
routes = get_routes()
#Returning data
return jsonify(routes)
def get(lesson_id):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'horario_show')):
abort(401)
else:
Lesson.db = get_db()
return jsonify(Lesson.get(lesson_id))
def all():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (User.has_permission(session['id'],'estudiante_index')):
Student.db = get_db()
return jsonify(Student.all_reduced())
else:
abort(401)
def all_cycle_workshop():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'administrativo_index')):
abort(401)
else:
CycleWorkshop.db = get_db()
return jsonify(CycleWorkshop.all())
def get_assistances(lesson_id):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'administrativo_index')):
abort(401)
else:
Assistance.db = get_db()
return jsonify(Assistance.all(lesson_id))
def get_schedules(lesson_id):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'horario_index')):
abort(401)
else:
Schedule.db = get_db()
return jsonify(Schedule.all(lesson_id))
def get(cycle_id):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'administrativo_show')):
abort(401)
else:
Cycle.db = get_db()
return jsonify(Cycle.get(cycle_id))
def students(lesson_id):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'asistencia_index')):
abort(401)
else:
Student.db = get_db()
return jsonify(Student.all_by_lesson(lesson_id))
def all():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'docente_index')):
abort(401)
else:
Teacher.db = get_db()
return jsonify(Teacher.all_reduced())
def get(id_data):
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'estudiante_show')):
abort(401)
else:
Teacher.db = get_db()
return jsonify(Teacher.get(id_data))
def getFormData():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'administrativo_index')):
abort(401)
else:
Semester.db = get_db()
response_json = {'semesters': Semester.all()}
return response_json
def getFormData():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'instrumento_index')):
abort(401)
else:
InstrumentType.db = get_db()
response_json = {'instrument_types': InstrumentType.all()}
return response_json
def permissions():
#Auth check
auth.authenticated_or_401()
#Listado de rutas
user_permissions = []
User.db = get_db()
if (not User.has_roles(session['id'])):
return jsonify(user_permissions)
else:
user_permissions = User.permissions(session['id'])
#Returning data
return jsonify(user_permissions)
def students_for_assistance():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'],'asistencia_new')):
abort(401)
else:
post_data = request.get_json()
Lesson.db = get_db()
return jsonify(Lesson.students_for_assistance(post_data))
def delete():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (User.has_permission(session['id'],'estudiante_destroy')):
abort(401)
else:
Student.db = get_db()
Student.delete(request.get_json()['student_id'])
response_object = {'status': 'success', 'message': 'Se eliminó el estudiante'}
return jsonify(response_object)
def getFormData():
#Auth check
auth.authenticated_or_401()
#Chequea permiso
User.db = get_db()
if (not User.has_permission(session['id'], 'horario_index')):
abort(401)
else:
Core.db = get_db()
Day.db = get_db()
response_json = {'cores': Core.all(), 'days': Day.all()}
return response_json
def update_user_status():
#Auth check
auth.authenticated_or_401()
if request.method == "POST":
User.db = get_db()
#Chequea permiso
if (User.has_permission(session['id'],'usuario_update')):
#Valida campos
if (request.form['active'] == '0' or request.form['active'] == '1'):
User.update_user_status(request.form)
return {'status': 'success', 'message': 'Se actualizó el estado del usuario'}
else:
abort(401)
