def cancelBooking():
data = json.loads(request.data)
account = AM.checktoken(data['token'])
#does account exist
if account[0] == False:
return {'code': 'failed', 'message': 'Not logged in.'}
booking = DB.query(
'bookings',
args="WHERE username = \'{u}\' AND bookingID = {bi}".format(
u=account[2], bi=data['bookingID']))
if len(booking) < 1:
return {'code': 'failed', 'message': 'No such booking exists.'}
bookingDate = datetime.strptime(booking[0][4], '%Y-%m-%d')
print(bookingDate)
print(datetime.now())
if datetime.now() >= bookingDate:
return {
'code': 'failed',
'message': 'This date of this booking has already passed.'
}
DB.delete('bookings', 'bookingID = {bi}'.format(bi=data['bookingID']))
DB.delete('transactions', 'bookingID = {bi}'.format(bi=data['bookingID']))
return {'code': 'success', 'message': 'Booking has been cancelled.'}
def createroom():
data = json.loads(request.data)
if AM.checktoken(json.loads(request.data)['token'])[1] != 'admin':
return {
'code': 'failed',
'message': 'Privilege level not high enough.'
}
print(str(data))
if len(
DB.query(
'rooms',
args='WHERE floornumber = {fn} AND roomnumber = {rn}'.format(
fn=data['update']['floornumber'],
rn=data['update']['roomnumber']))) > 0:
return {'code': 'failed', 'message': 'Room already exists.'}
DB.insert('rooms',
(data['update']['floornumber'], data['update']['roomnumber'],
"\'" + data['update']['isVaccant'] + "\'",
"\'" + data['update']['isReady'] + "\'",
"\'" + data['update']['description'] + "\'",
"\'" + data['update']['price'] + "\'"))
DB.insert(
'room_info',
(data['update']['floornumber'], data['update']['roomnumber'], "\'" +
data['update']['bed'] + "\'", "\'" + data['update']['microwave'] +
"\'", "\'" + data['update']['balcony'] + "\'",
"\'" + data['update']['ethernet'] + "\'",
"\'" + data['update']['TV'] + "\'", data['update']['bedamount']))
return {'code': 'success', 'message': 'Room added to DB.'}
def getbookings():
#returns list of bookings
data = json.loads(request.data)
account = AM.checktoken(data['token'])
#does account exist
if account[0] == False:
return {
'code': 'failed',
'message': 'Not logged in.',
'bookings': None
}
return {
'code':
'success',
'message':
'',
'bookings':
json.loads(
DB.genjson(
'bookings',
DB.query(
'bookings',
args='WHERE username = \'{u}\''.format(u=account[2]))))
}
def getClients():
# returns code
data = json.loads(request.data)
account = AM.checktoken(data['token'])
if account[1] != 'agent':
return {
'code': 'failed',
'message': 'This is not an agent account.',
'clients': None
}
return {
'code':
'success',
'message':
'',
'clients':
json.loads(
DB.genjson(
'agent_clients',
DB.query(
'agent_clients',
args='WHERE username = \'{u}\''.format(u=account[2]))))
}
def bookroom():
#room id, token, date
data = json.loads(request.data)
floornumber = data['roomid'][:2]
roomnumber = data['roomid'][2:]
print(str(data))
rows = DB.query(
'bookings',
args='WHERE floornumber = {fn} AND roomnumber = {rn} AND date = \"{d}\"'
.format(fn=floornumber, rn=roomnumber, d=data['date']))
if len(rows) > 0:
return {
'code': 'failed',
'message': 'Room already booked for that date.'
}
userdata = AM.checktoken(data['token'])
if userdata[0] == False:
return {'code': 'failed', 'message': 'Invalid user token.'}
try:
price = DB.query(
'rooms',
columns='price',
args='WHERE floornumber = {fn} AND roomnumber = {rn}'.format(
fn=floornumber, rn=roomnumber))[0][0]
except IndexError as E:
return {'code': 'failed', 'message': 'No such room exists.'}
transID = random.randint(100000, 999999)
bookingID = random.randint(100000, 999999)
while True:
try:
DB.insert('bookings',
(str(bookingID), "\'" + str(floornumber) + "\'",
"\'" + str(roomnumber) + "\'",
"\'" + userdata[2] + "\'", "\'" + data['date'] + "\'",
"\'" + data['customer_name'] + "\'"))
break
except sqlite3.InterfaceError as E:
bookingID = random.randint(100000, 999999)
while True:
try:
DB.insert(
'transactions',
(str(transID), "\'" + userdata[2] + "\'", "\'" + price + "\'",
str(bookingID), "\'" + data['customer_name'] + "\'"))
break
except sqlite3.IntegrityError as E:
transID = random.randint(100000, 999999)
return {
'code': 'success',
'message': 'Room booked.',
'bookingID': bookingID,
'transactionID': transID
}
def approveuser():
data = json.loads(request.data)
username = data['username']
if (AM.checktoken(data['token'])[1] == 'admin'):
row = DB.query('accountrequests',
args='WHERE username = \'{u}\''.format(u=username))
DB.delete('accountrequests',
args='username = \'{u}\''.format(u=username))
DB.insert(
'users',
('\'' + row[0][0] + '\'', '\'' + row[0][1] + '\'', '\'' +
row[0][2] + '\'', '\'user\'', '\'false\'', '(SELECT datetime())'))
return {'code': 'success'}
return {'code': 'failed'}
def setuserpriv():
data = json.loads(request.data)
if (AM.checktoken(data['token'])[1] == 'admin'):
try:
DB.update(
'users',
'SET privilege = \'{p}\' WHERE username = \'{u}\''.format(
u=data['username'], p=data['priv']))
except sqlite3.IntegrityError as e:
return {'code': 'failed', 'message': 'Incorrect privilege level.'}
return {'code': 'success', 'message': 'Done.'}
return {
'code': 'failed',
'message': 'You do not have high enough privilege to do that.'
}
def addClient():
# returns code
data = json.loads(request.data)
account = AM.checktoken(data['token'])
if account[1] != 'agent':
return {'code': 'failed', 'message': 'This is not an agent account.'}
try:
DB.insert('agent_clients',
('\'' + account[2] + '\'', '\'' + data['client_name'] + '\'',
'\'' + data['client_email'] + '\''))
return {'code': 'success', 'message': 'Client added.'}
except sqlite3.IntegrityError as E:
return {'code': 'failed', 'message': 'Client already exists.'}
def deleteRoom():
data = json.loads(request.data)
account = AM.checktoken(data['token'])
if account[1] != 'admin':
return {
'code': 'failed',
'message': 'TYou do not have high enough privilege to do that.'
}
DB.delete(
'rooms', 'floornumber = {fn} AND roomnumber = {rn}'.format(
fn=data['roomid'][:2], rn=data['roomid'][2:]))
DB.delete(
'room_info', 'floornumber = {fn} AND roomnumber = {rn}'.format(
fn=data['roomid'][:2], rn=data['roomid'][2:]))
return {'code': 'success', 'message': 'Room deleted.'}
def banuser():
data = json.loads(request.data)
if (AM.checktoken(data['token'])[1] == 'admin'):
if DB.query('users', 'banned', 'WHERE username = \'{u}\''.format(
u=data['username']))[0][0] == 'false':
DB.update(
'users',
'SET banned = \'true\' WHERE username = \'{u}\''.format(
u=data['username']))
else:
DB.update(
'users',
'SET banned = \'false\' WHERE username = \'{u}\''.format(
u=data['username']))
return {'code': 'success'}
return {'code': 'failed'}
def getreciept():
# returns code, message, reciept
data = json.loads(request.data)
account = AM.checktoken(data['token'])
#does account exist
if account[0] == False:
return {'code': 'failed', 'message': 'Not logged in.', 'reciept': None}
booking = DB.query(
'bookings', args='WHERE bookingID = {bi}'.format(bi=data['bookingID']))
transaction = DB.query(
'transactions',
args='WHERE bookingID = {bi}'.format(bi=data['bookingID']))
#does the booking exist
if len(booking) != 1:
return {
'code': 'failed',
'message': 'No such booking exists.',
'reciept': None
}
#is this the correct account
if booking[0][3] != account[2]:
return {
'code': 'failed',
'message': 'Incorrect account.',
'reciept': None
}
return {
'code':
'success',
'message':
'',
'reciept':
json.loads(
str({
**json.loads(DB.genjson('bookings', booking))[0],
**json.loads(DB.genjson('transactions', transaction))[0]
}).replace('\'', '"'))
}
def removeClient():
# returns code
data = json.loads(request.data)
account = AM.checktoken(data['token'])
print(str(data))
if account[1] != 'agent':
return {'code': 'failed', 'message': 'This is not an agent account.'}
if len(
DB.query('agent_clients',
args="WHERE username = \'{u}\' AND client_email = \'{e}\'"
.format(u=account[2], e=data['client_email']))) != 1:
return {'code': 'failed', 'message': 'Not your client.'}
DB.delete('agent_clients',
'client_email = \'{e}\''.format(e=data['client_email']))
return {'code': 'success', 'message': 'Client removed.'}
def editroom():
data = json.loads(request.data)
if AM.checktoken(json.loads(request.data)['token'])[1] != 'admin':
return {
'code': 'failed',
'message': 'Privilege level not high enough.'
}
if len(
DB.query(
'rooms',
args='WHERE floornumber = {fn} AND roomnumber = {rn}'.format(
fn=data['update']['floornumber'],
rn=data['update']['roomnumber']))) < 1:
return {'code': 'failed', 'message': 'No such room exists.'}
DB.update(
'rooms',
'SET isVaccant = \'{isVaccant}\', isReady = \'{isReady}\', description = \'{description}\', price = \'{price}\' WHERE floornumber = {fn} AND roomnumber = {rn}'
.format(isVaccant=data['update']['isVaccant'],
isReady=data['update']['isReady'],
description=data['update']['description'],
price=data['update']['price'],
fn=data['update']['floornumber'],
rn=data['update']['roomnumber']))
DB.update(
'room_info',
'SET bed = \'{bed}\', microwave =\'{microwave}\', balcony=\'{balcony}\', ethernet=\'{ethernet}\', TV=\'{TV}\', bedamount={bedamount} WHERE floornumber = {fn} AND roomnumber = {rn}'
.format(bed=data['update']['bed'],
microwave=data['update']['microwave'],
balcony=data['update']['balcony'],
ethernet=data['update']['ethernet'],
TV=data['update']['TV'],
bedamount=data['update']['bedamount'],
fn=data['update']['floornumber'],
rn=data['update']['roomnumber']))
return {'code': 'success', 'message': 'Update saved.'}
def getlog():
if AM.checktoken(json.loads(request.data)['token'])[1] == 'admin':
return json.dumps(
DB.genjson('dblog', DB.query('dblog', args='ORDER BY time DESC')))
def filladmin():
tokendata = AM.checktoken(json.loads(request.data)['token'])
if tokendata[0] and tokendata[1] == 'admin':
return render_template("admin.html")
else:
return "Your account, or lack there of, does not have the privilege level to view this page."
def getrooms():
if AM.checktoken(json.loads(request.data)['token'])[1] == 'admin':
return json.dumps(DB.genjson('rooms', DB.query('rooms')))
def getusers():
if AM.checktoken(json.loads(request.data)['token'])[1] == 'admin':
return json.dumps(
DB.genjson('users',
DB.query('users'),
exceptfor=('hashpass', 'salt')))