Beispiel #1
0
def get_list_items_for_ue():
    list_items = []
    if request.method == 'POST':
        ue = request.form.get('ue')
        if ue:
            list_items = get_items(ue)
            print('items for ue', list_items)
    return list_items
def add_user(current_user_id, current_user_type):
    connection = None
    try:
        if current_user_type != 'admin':
            raise Exception('Unauthorized')

        data = AddUser().load(request.get_json(force=True))

        username, email, user_type = data['username'], data['email'], data[
            'user_type']
        del data['username']
        del data['user_type']

        if data.get('options', None):
            options = data['options']
            del data['options']
        else:
            options = {}

        connection = mysql.connect()

        if user_type == 'manager':
            reporting_to = options['reporting_to']
            if reporting_to:
                with connection.cursor() as cur:
                    admin_query = "SELECT id FROM AdminInfo WHERE id = %s"
                    cur.execute(admin_query, reporting_to)

                    admin_id = cur.fetchall()

                    if not admin_id:
                        raise Exception('Reporting to: Not an Admin')

        if user_type == 'staff':
            reporting_to = options['reporting_to']
            if reporting_to:
                with connection.cursor() as cur:
                    manager_query = "SELECT id FROM ManagerInfo WHERE id = %s"
                    cur.execute(manager_query, reporting_to)

                    manager_id = cur.fetchall()

                    if not manager_id:
                        raise Exception('Reporting to: Not a Manager')

        keys, values = get_items(data)

        with connection.cursor() as cur:
            if options.get('is_primary', None):
                # dont insert another primary user if one is already present
                primary_users = "SELECT count(id) FROM AdminInfo where is_primary=true"
                cur.execute(primary_users)
                primary_user_count = cur.fetchall()[0][0]
                if primary_user_count:
                    raise Exception('Primary user already exists')

            detail_query = "INSERT INTO EmployeeDetails (" + keys + ") VALUES (" + generate_placeholders(
                len(values)) + ")"
            cur.execute(detail_query, values)

            cur.execute("SELECT id FROM EmployeeDetails WHERE email=%s",
                        (email))
            user_id = cur.fetchall()[0][0]
            password = generate_password()
            print(password)
            pw_hash = bcrypt.generate_password_hash(password)
            login_query = "INSERT INTO EmployeeLogin VALUES (" + generate_placeholders(
                4) + ")"
            cur.execute(login_query, (user_id, username, pw_hash, user_type))

            if user_type == 'admin':
                options['id'] = user_id
                keys, values = get_items(options)

                role_query = "INSERT INTO AdminInfo (" + keys + ") VALUES (" + generate_placeholders(
                    len(values)) + ")"
                cur.execute(role_query, values)

            elif user_type == 'manager':
                options['id'] = user_id
                options['added_by'] = current_user_id
                keys, values = get_items(options)

                role_query = "INSERT INTO ManagerInfo (" + keys + ") VALUES (" + generate_placeholders(
                    len(values)) + ")"
                cur.execute(role_query, values)

            elif user_type == 'staff':
                options['id'] = user_id
                options['added_by'] = current_user_id
                keys, values = get_items(options)

                role_query = "INSERT INTO StaffInfo (" + keys + ") VALUES (" + generate_placeholders(
                    len(values)) + ")"
                cur.execute(role_query, values)

        connection.commit()
        return jsonify({'message': 'User Created'}), 201

    except ValidationError as err:
        return jsonify({'message': err.messages}), 400

    except Exception as err:
        if connection:
            connection.rollback()
        if str(err) == 'Primary user already exists' or str(
                err) == 'Reporting to: Not an Admin' or str(
                    err) == 'Reporting to: Not a Manager':
            return jsonify({'message': str(err)}), 400
        elif str(err) == 'Unauthorized':
            return jsonify({'message': str(err)}), 401
        print("Unexpected error:", err)
        return jsonify({'message': 'Cannot process request'}), 500

    finally:
        if connection:
            connection.close()