def set_version():
results = {}
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면, 에러를 낸다
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
data = json.loads(request.data)
arguments = ["type", "version"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
db = dbo.get_instance()
try:
with db.begin_nested():
new_ver = AppVersion(type=int(data["type"]), version=data["version"])
db.add(new_ver)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def charge_point_begin():
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
arguments = ["how_much"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
session_username = session["token"]["user"]["username"]
user = db.query(Operator). \
filter_by(username=session_username).first()
if not user:
raise abort(404)
for i in xrange(1024):
sha256 = hashlib.sha256(str(random.getrandbits(128))).hexdigest()[:24]
rc_found = db.query(RequestCharge).filter_by(moid=sha256)
if not rc_found:
break
try:
with db.begin_nested():
rc = RequestCharge(user_id=user.id, how_much=data["how_much"], moid=sha256, state=0)
db.add(rc)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def create_office_location():
results = {}
db = dbo.get_instance()
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면, 에러를 낸다
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
data = json.loads(request.data)
arguments = ["name"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
office = OfficeLocation(name=data["name"])
try:
with db.begin_nested():
db.add(office)
db.flush()
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def add_address():
results = {}
session_permission = get_permission()
if not session_permission == 0:
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
data = json.loads(request.data)
arguments = ["parent", "extra", "code"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
db = dbo.get_instance()
regex = re.compile("[^\s]+")
tokens = []
full_address = ""
if data["parent"] == 0:
tokens = regex.findall(data["extra"])
if tokens.__len__() == 0:
raise abort(404)
full_address = " ".join(tokens)
try:
with db.begin_nested():
addr = Address(address=full_address, price_code=data["code"], \
created_at=datetime.datetime.now(), \
updated_at=datetime.datetime.now())
db.add(addr)
db.flush()
parent = None
for i in xrange(tokens.__len__()):
if (tokens.__len__() - 1) == i:
afs = AddressForSearch(addr_id=addr.id, token=tokens[i], \
parent=parent, is_root=False, is_leaf=True)
db.add(afs)
db.flush()
elif i == 0:
afs = AddressForSearch(addr_id=None, token=tokens[i], \
parent=parent, is_root=True, is_leaf=False)
db.add(afs)
db.flush()
parent = afs.id
else:
afs = AddressForSearch(addr_id=None, token=tokens[i], \
parent=parent, is_root=False, is_leaf=False)
db.add(afs)
db.flush()
parent = afs.id
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def destroy_office_location():
results = {}
db = dbo.get_instance()
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면, 에러를 낸다
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
data = json.loads(request.data)
data_keys = data.keys()
arg_type = 0
arg_data = 0
if "name" in data_keys:
arg_type = 1
arg_data = data["name"]
elif "index" in data_keys:
arg_type = 2
arg_data = data["index"]
elif "idx" in data_keys:
arg_type = 2
arg_data = data["idx"]
else:
raise abort(406)
if arg_type == 1:
valid_row_count = db.query(OfficeLocation). \
filter_by(name=arg_data).count()
elif arg_type == 2:
valid_row_count = db.query(OfficeLocation). \
filter_by(id=arg_data).count()
if valid_row_count == 0:
raise abort(404)
if arg_type == 1:
office = db.query(OfficeLocation). \
filter_by(name=arg_data).first()
elif arg_type == 2:
office = db.query(OfficeLocation). \
filter_by(id=arg_data).first()
try:
with db.begin_nested():
db.delete(office)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def add_event():
# 1. 권한을 체크한다. (어드민)
# 2. title, event_start, event_end 의 인자를 검사한다.
# 3. 해당 이벤트에 겹치는 이벤트가 있나 검사한다
# 4. 이벤트를 추가한다
# 5. 방금 추가된 이벤트 정보를 반환한다.
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
# 1. 권한을 체크한다. (어드민)
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면,
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
# 2. title, event_start, event_end 의 인자를 검사한다.
arguments = ["title", "event_start", "event_end"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
# 3. 해당 이벤트에 겹치는 이벤트가 있나 검사한다
ev_start = time.strftime("%Y-%m-%d %H:%M:%S", \
time.localtime(data["event_start"]))
ev_end = time.strftime("%Y-%m-%d %H:%M:%S", \
time.localtime(data["event_end"]))
valid_row_count = db.query(Event). \
filter(or_(and_((Event.event_start <= ev_start), \
(Event.event_end >= ev_start)), \
and_((Event.event_start <= ev_end), \
(Event.event_end >= ev_end)))). \
count()
if valid_row_count > 0:
raise abort(406)
# 4. 이벤트를 추가한다
try:
with db.begin_nested():
ev = Event(title=data["title"], \
event_start=ev_start, \
event_end=ev_end)
db.add(ev)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def delete_address():
results = {}
session_permission = get_permission()
if not session_permission == 0:
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
data = json.loads(request.data)
arguments = ["id"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
db = dbo.get_instance()
afs = db.query(AddressForSearch).filter_by(id=data["id"], is_leaf=True).first()
if not afs:
raise abort(404)
addr = db.query(Address).filter_by(id=afs.addr_id).first()
try:
with db.begin_nested():
if addr:
db.delete(addr)
parent = afs.parent
while(True):
db.delete(afs)
db.flush()
if not parent:
break
afs = db.query(AddressForSearch).filter_by(parent=parent).first()
if afs:
break
else:
afs = db.query(AddressForSearch).filter_by(id=parent).first()
parent = afs.parent
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def write_notification():
results = {}
db = dbo.get_instance()
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면, 에러를 낸다
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
session_user_id = session["token"]["user"]["id"]
data = json.loads(request.data)
# arguments = ["title", "content", "author_id"]
arguments = ["title", "content"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
# author_id 가 실제로 admin 중에 존재하는지 체크를 굳이 하는게 필요함
# 아니면 에러가 날 것임.
# author_id_exist = Admin.query.get(data["author_id"])
# if not author_id_exist:
# valid_row_count = db.query(Admin).\
# filter_by(id=data["author_id"]).count()
# valid_row_count = db.query(Operator).\
# filter_by(id=session_user_id, is_master=True).count()
# if valid_row_count == 0:
# raise abort(401)
notification = Notification(title=data["title"], content=data["content"], \
author_id=session_user_id)
try:
with db.begin_nested():
db.add(notification)
db.flush()
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def update_notification(idx):
results = {}
db = dbo.get_instance()
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면, 에러를 낸다
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
session_user_id = session["token"]["user"]["id"]
data = json.loads(request.data)
# arguments = ["title", "content", "author_id"]
arguments = ["title", "content"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
# 글을 쓴 사람 본인이 맞는지 확인하는 루틴을 넣어야 한다.
valid_row_count = db.query(Notification). \
filter_by(id=idx, author_id=session_user_id).count()
# print valid_row_count
if valid_row_count == 0:
raise abort(401)
notification = db.query(Notification).filter_by(id=idx).first()
if not notification:
raise abort(404)
try:
with db.begin_nested():
db.query(Notification).filter_by(id=notification.id).\
update({key: data[key] for key in data_keys})
db.flush()
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def reset_interest_region():
# 1. 대상 유저와 주소를 입력받는다.
# 2. 권한을 체크한다. (어드민 혹은 본인)
# 3. 해당 유저가 존재하는지 여부를 검사한다
# 4. 해당 유저가 소유한 행을 모두 삭제한다.
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
# 1. 대상 유저와 주소를 입력받는다.
arguments = ["username"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
# 2. 권한을 체크한다. (어드민 혹은 본인)
session_permission = get_permission()
session_username = session["token"]["user"]["username"]
if not session_permission == 0:
# 마스터가 아니라면,
if not session_username == data["username"]:
# 그러면서 본인도 아니라면?
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
# 3. 해당 유저가 존재하는지 여부를 검사한다
user = db.query(Operator). \
filter_by(username=data["username"]).first()
if not user:
raise abort(404)
# 4. 해당 유저가 소유한 행을 모두 삭제한다.
try:
with db.begin_nested():
db.query(InterestAddress).filter_by(operator_id=user.id).delete()
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def charge_point_cancel():
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
arguments = ["idx"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
session_permission = get_permission()
session_user_id = session["token"]["user"]["id"]
# session_username = session["token"]["user"]["username"]
rc = db.query(RequestCharge).filter_by(id=data["idx"]).first()
if not rc:
raise abort(404)
if session_permission == 0:
# 프리패스
pass
else:
if not (rc.user_id == session_user_id):
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
try:
with db.begin_nested():
db.query(RequestCharge).filter_by(id=rc.id).\
update({RequestCharge.state: 2, \
RequestCharge.processed_at: datetime.datetime.now()})
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def delete_event():
# 1. 권한을 체크한다. (어드민)
# 2. idx 의 인자를 검사한다.
# 3. 해당 이벤트가 존재하나 검사한다.
# 4. 이벤트를 삭제한다
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
# 1. 권한을 체크한다. (어드민)
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면,
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
# 2. idx 의 인자를 검사한다.
arguments = ["idx"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
# 3. 해당 이벤트가 존재하나 검사한다.
ev = db.query(Event).filter_by(id=data["idx"]).first()
if not ev:
raise abort(404)
# 4. 이벤트를 삭제한다
try:
with db.begin_nested():
db.delete(ev)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def destroy_notification(idx):
results = {}
db = dbo.get_instance()
# notification = Notification.query.get(idx)
# if not notification:
valid_row_count = db.query(Notification). \
filter_by(id=idx).count()
if valid_row_count == 0:
raise abort(404)
# notification = Notification.query.get(idx)
notification = db.query(Notification). \
filter_by(id=idx).first()
try:
with db.begin_nested():
db.delete(notification)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def withdraw_point_end():
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
arguments = ["id"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
session_permission = get_permission()
session_user_id = session["token"]["user"]["id"]
if not session_permission == 0:
# 마스터가 아니라면,
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
# 출금 요청 객체를 받아온다음.
rw = db.query(RequestWithdraw). \
filter_by(id=data["id"]).first()
if not rw:
raise abort(404)
try:
with db.begin_nested():
# is_active 를 False 로 변경
db.query(RequestWithdraw).filter_by(id=data["id"]). \
update({RequestWithdraw.is_active: False, \
RequestWithdraw.processed_at: \
datetime.datetime.now()})
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def withdraw_point_begin():
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
arguments = ["money"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
session_permission = get_permission()
session_username = session["token"]["user"]["username"]
if session_permission == 0:
# 마스터라면, 대상 유저명을 필요로 한다.
if "username" not in data_keys:
# 유저이름이 없다면
raise abort(404)
else:
# 덮어쓰기 한다
session_username = data["username"]
else:
# 마스터가 아니라면 무조껀 자기 자신만 지정된다
pass
user = db.query(Operator). \
filter_by(username=session_username).first()
if not user:
raise abort(404)
if user.point < data["money"]:
return jsonify({"reason_text": "Not Enough Point", \
"reason_code": 4}), 401
try:
with db.begin_nested():
# 새로운 포인트를 계산하고
new_point = user.point - data["money"]
db.query(Operator). \
filter_by(username=session_username). \
update({Operator.point: new_point})
# 출금 요청 객체를 만들어서 Insert 한다.
rw = RequestWithdraw(user_id=user.id, \
how_much=data["money"])
db.add(rw)
db.flush()
# 포인트가 감소되었다는 로그를 남기기 위해 Point 객체를 생성
# 감소(0), 출금(3)
p = Point(user_id=user.id, type=0,
reason=3, withdraw_id=rw.id, \
how_much=data["money"])
db.add(p)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def withdraw_point_cancel():
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
arguments = ["id"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
session_permission = get_permission()
session_user_id = session["token"]["user"]["id"]
session_username = session["token"]["user"]["username"]
# 출금 요청 객체를 받아온다음.
rw = db.query(RequestWithdraw). \
filter_by(id=data["id"], is_active=True).first()
if not rw:
raise abort(404)
if not session_permission == 0:
# 마스터가 아닌데
if rw.user_id == session_user_id:
username = session_username
else:
# 유저 본인도 아니다.
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
else:
# 반면 마스터라면
if "username" not in data_keys:
# 유저이름이 없다면 404 에러를 낸다.
raise abort(404)
username = data["username"]
user = db.query(Operator). \
filter_by(username=username).first()
if not user:
# 있으면 안되는 일.
# 이런일이 안 일어나게 하기 위해서 유저가 탈퇴할때의
# 프로세스를 철저하게 한다.
raise abort(500)
try:
with db.begin_nested():
# Point 객체를 만들어서 Insert 한다.
# 증가(1), 출금취소(6)
p = Point(user_id=rw.user_id, type=1,
reason=6, withdraw_id=rw.id, \
how_much=rw.how_much)
db.add(p)
# is_active 를 False 로 변경
db.query(RequestWithdraw).filter_by(id=data["id"]). \
update({RequestWithdraw.is_active: False, \
RequestWithdraw.processed_at: \
datetime.datetime.now()})
# 입금을 요청했던 유저에게 포인트를 되돌려 준다.
new_point = user.point + rw.how_much
db.query(Operator). \
filter_by(username=username). \
update({Operator.point: new_point})
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
users = db.query(Operator).all()
if users:
uuids = map(lambda x : x.uuid, users)
message = dict(type="NOTIFICATION_CREATE_MASTER_ALL", title=notification.title, \
content=notification.content, \
reg_date=unicode((time.mktime(notification.created_at.timetuple()))))
android_push.apply_async(args = [uuids, message])
results["notification"] = notification.serialize(exclude=["author"])
try:
db.commit()
except Exception, e:
print "EXCEPTION OCCUR DURING COMMIT : {0}".format(str(e))
dbo.abort()
db.rollback()
return jsonify(results), 200
# 구현완료
@notification_blueprint.route("/notification/update/<int:idx>/", methods=["PUT"])
@login_required
def update_notification(idx):
results = {}
db = dbo.get_instance()
session_permission = get_permission()
if not session_permission == 0:
# 마스터가 아니라면, 에러를 낸다
def delete_interest_region():
# 1. 대상 유저와 주소를 입력받는다.
# 2. 권한을 체크한다. (어드민 혹은 본인)
# 3. 해당 유저가 존재하는지 여부를 검사한다
# 4. 입력된 어드레스를 단어들로 쪼갠다
# 5. 입력된 어드레스가 존재하는지 찾는다
# 6. 입력된 유저, 어드레스가 일치하는 행을 삭제한다.
# 7. 특정된 유저를 기준으로 해당하는 항목을 가져온다.
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
# 1. 대상 유저와 주소를 입력받는다.
arguments = ["username"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
# 2. 권한을 체크한다. (어드민 혹은 본인)
session_permission = get_permission()
session_username = session["token"]["user"]["username"]
if not session_permission == 0:
# 마스터가 아니라면,
if not session_username == data["username"]:
# 그러면서 본인도 아니라면?
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
# 3. 해당 유저가 존재하는지 여부를 검사한다
user = db.query(Operator). \
filter_by(username=data["username"]).first()
if not user:
raise abort(404)
# 4. 입력된 어드레스를 단어들로 쪼갠다
if data.has_key("addr_id"):
addr = db.query(Address). \
filter_by(id=data["addr_id"]).first()
elif data.has_key("address"):
address = data["address"]
address = unicode(address.replace("+", " "))
addr_words = re.findall("[^\s]+", address)
if addr_words.__len__() == 0:
raise abort(400)
# 5. 입력된 어드레스가 존재하는지 찾는다
addr = db.query(Address)
for word in addr_words:
addr = addr.filter(Address.address. \
like("%" + word + "%"))
addr = addr.first()
else:
raise abort(400)
if not addr:
raise abort(500)
ia = db.query(InterestAddress)
ia = ia.filter_by(operator_id=user.id, address_id=addr.id).first()
# for word in addr_words:
# ia = ia.filter(InterestAddress.address. \
# like("%" + word + "%"))
# ia = ia.filter_by(address_id=addr.id)
# ia = ia.first()
if not ia:
raise abort(404)
# 6. 입력된 유저, 어드레스가 일치하는 행을 삭제한다.
try:
ia_id = ia.id
ia_address_id = ia.address_id
with db.begin_nested():
db.delete(ia)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
def add_interest_region():
# 1. 대상 유저와 주소를 입력받는다.
# 2. 권한을 체크한다. (어드민 혹은 본인)
# 3. 해당 유저가 존재하는지 여부를 검사한다
# 4. 들어온 afs_id 를 통해 AddressForSearch 인자를 얻어온 후
# 해당 행이 is_leaf 나 is_root 인가를 본다.
# 5. 특정된 유저를 기준으로 해당하는 항목을 가져온다.
results = {}
db = dbo.get_instance()
data = json.loads(request.data)
# 1. 대상 유저와 주소를 입력받는다.
arguments = ["username", "afs_id"]
data_keys = data.keys()
for argument in arguments:
if argument not in data_keys:
raise abort(400)
# 2. 권한을 체크한다. (어드민 혹은 본인)
session_permission = get_permission()
session_username = session["token"]["user"]["username"]
if not session_permission == 0:
# 마스터가 아니라면,
if not session_username == data["username"]:
# 그러면서 본인도 아니라면?
return jsonify({"reason_text": "Permission Denied", \
"reason_code": 2}), 401
# 3. 해당 유저가 존재하는지 여부를 검사한다
user = db.query(Operator). \
filter_by(username=data["username"]).first()
if not user:
raise abort(404)
# 4. 들어온 afs_id 를 통해 AddressForSearch 인자를 얻어온 후
# 해당 행이 is_leaf 나 is_root 인가를 본다.
afs = db.query(AddressForSearch).filter_by(id=data["afs_id"]).first()
if not afs:
raise abort(404)
addrs = []
if afs.is_root:
raise abort(403)
elif afs.is_leaf:
addr = db.query(Address).filter_by(id=afs.addr_id).first()
if addr:
addrs.append(addr)
else:
stack = []
stack.append(afs)
current_afs = None
while True:
if stack.__len__() == 0:
break
current_afs = stack.pop()
if current_afs.is_leaf:
addr = db.query(Address).filter_by(id=current_afs.addr_id).first()
if addr:
addrs.append(addr)
else:
for afs_sub in db.query(AddressForSearch).filter_by(parent=current_afs.id).all():
stack.append(afs_sub)
if addrs.__len__() > 0:
try:
with db.begin_nested():
for addr in addrs:
ia = db.query(InterestAddress).filter_by(operator_id=user.id, \
address_id=addr.id).first()
if not ia:
ia = InterestAddress(operator_id=user.id, address_id=addr.id)
db.add(ia)
except Exception, e:
print str(e)
dbo.abort()
raise abort(500)
try:
db.commit()
except Exception, e:
print "EXCEPTION OCCUR DURING COMMIT : {0}".format(str(e))
dbo.abort()
db.rollback()
