def signup_user(): data = request.get_json() firstName = data.get('firstname') lastName = data.get('lastname') otherNames = data.get('othernames') email = data.get('email') phoneNumber = data.get('phonenumber') userName = data.get('username') userPassword = data.get('password') if not firstName or not lastName or not\ otherNames or not email or not phoneNumber or not \ userName or not userPassword: return jsonify({ 'status': 400, 'error': 'A required field is either missing or empty' }), 400 if not validateUser.validate_names(firstName) or not \ validateUser.validate_names(lastName) or not \ validateUser.validate_names(otherNames) or not \ validateUser.validate_names(userName): return jsonify({ 'status': 400, 'error': 'Name must be a string and must not contain spaces' }), 400 if not validateUser.validate_phoneNumber(phoneNumber): return jsonify({ 'status': 400, 'error': 'Only numbers are allowed for the phonenumber field' }), 400 if not validate_email(email): return jsonify({'status': 400, 'error': 'Invalid email'}), 400 if not validateUser.validate_password(userPassword): return jsonify({ 'status': 400, 'error': 'Password must be atleast 8 characters and should have atleast one number and one capital letter' }), 400 user = User(firstName, lastName, otherNames, email, phoneNumber, userName, generate_password_hash(userPassword)) if db_handler().select_one_record('user_table', 'useremail', email): return jsonify({ 'status': 400, 'error': 'User account already exists' }), 400 user = db_handler().add_user(user.firstname, user.lastname, user.othernames, user.username, user.email, user.phoneNumber, user.password, user.registered, user.isAdmin) data.pop('password') return jsonify({ 'status': 201, 'data': data, 'message': 'Your Account was created successfuly' }), 201
def edit_location_of_incident(incident_id, record_type): data = request.get_json() location = data.get('location') try: incident_Id = int(incident_id) except: return jsonify({ 'status': 400, 'error': 'incident_id must be a valid number' }), 400 if not location: return jsonify({ 'status': 400, 'error': 'location field is empty or missing' }), 400 if not validateIncident.validate_location(location): return jsonify({ 'status': 400, 'error': 'Location field only takes in a list of valid Lat and Long cordinates' }), 400 redflag_data_fetch = db_handler().select_one_incident( 'incident_table', 'incidentid', incident_Id, record_type) if not redflag_data_fetch: return jsonify({ 'status': 200, 'message': 'incident record not found' }), 200 if redflag_data_fetch[7] != 'Draft': return jsonify({ 'status': 400, 'error': 'You cannot change the location while the incident status is not Draft' }), 400 db_handler().update_incident_record_location(incident_Id, location[0], location[1], record_type) incident_record_type = redflag_data_fetch[3] redflag_data_fetch = db_handler().select_one_incident( 'incident_table', 'incidentid', incident_Id, record_type) data_dict = { "incidentid": redflag_data_fetch[0], "createdon": redflag_data_fetch[1], "createdby": redflag_data_fetch[2], "record_type": redflag_data_fetch[3], "incident_location": redflag_data_fetch[4], "comment": redflag_data_fetch[6], "status": redflag_data_fetch[7] } return jsonify({ 'status': 200, 'data': data_dict, 'message': f"Updated {incident_record_type} record's location" }), 200
def edit_comment_of_incident(incident_id, record_type): info = request.get_json() comment = info.get('comment') try: incident_Id = int(incident_id) except: return jsonify({ 'status': 400, 'error': 'incident_id must be a valid number' }), 400 if not comment: return jsonify({ 'status': 400, 'error': 'comment field is empty or missing' }), 400 if not validateIncident.validate_comment(comment): return jsonify({ 'status': 400, 'error': 'comment must be a string' }), 400 incident_result = db_handler().select_one_incident('incident_table', 'incidentid', int(incident_Id), record_type) if not incident_result: return jsonify({ 'status': 200, 'message': 'incident record not found' }), 200 if incident_result[7] != 'Draft': return jsonify({ 'status': 400, 'error': 'You cannot change the location while the incident status is not Draft' }), 400 db_handler().update_incident_record('comment', incident_Id, comment, record_type) returned_type = incident_result[3] incident_result = db_handler().select_one_incident('incident_table', 'incidentid', incident_Id, record_type) redflag_dict = { "incidentid": incident_result[0], "createdon": incident_result[1], "createdby": incident_result[2], "record_type": incident_result[3], "incident_location": incident_result[4], "comment": incident_result[6], "status": incident_result[7] } return jsonify({ 'status': 200, 'data': redflag_dict, 'message': f"Updated {returned_type} record's comment" }), 200
def edit_incident_location(incident_id, record_type): data = request.get_json() location = data.get('location') try: incident_Id = int(incident_id) except: return jsonify({ 'status': 400, 'message': 'incident id must be an integer' }), 400 if not location: return jsonify({ 'status': 400, 'message': 'location field is empty or missing' }), 400 if not incident.validate_location(location): return jsonify({ 'status': 400, 'error': 'Location field only takes in a list of valid Lat and Long cordinates' }), 400 redflag_data_saved = db_handler().select_one_incident( 'incidentTable', 'incident_id', incident_Id, record_type) if not redflag_data_saved: return jsonify({'status': 400, 'error': 'incident is not found'}), 400 if redflag_data_saved[7] != 'Draft': return jsonify({ 'status': 400, 'error': 'you can not change location if the incident status is not draft' }), 400 db_handler().update_incident_record_location(incident_Id, location[0], location[1], record_type) incident_record_type = redflag_data_saved[3] redflag_data_saved = db_handler().select_one_incident( 'incidentTable', 'incident_id', incident_Id, record_type) data_dict = { "incidentid": redflag_data_saved[0], "createdon": redflag_data_saved[1], "createdby": redflag_data_saved[2], "record_type": redflag_data_saved[3], "incident_location": redflag_data_saved[4], 'comment': redflag_data_saved[6], 'status': redflag_data_saved[7] } return jsonify({ 'status': 200, 'data': data_dict, 'message': f"updated {incident_record_type} successfully" }), 200
def create_incident(current_user): info = request.get_json() incident_type = info.get('incident_type') location = info.get('location') comment = info.get('comment') if not incident_type or not location or not comment: return jsonify({ 'status': 400, 'error': 'A field is missing or empty' }), 400 if not incident.validate_recordType(incident_type): return jsonify({ 'status': 400, 'error': 'Incident type must either be a red-flag or intervention' }), 400 if not incident.validate_comment(comment): return jsonify({ 'status': 400, 'error': 'comment must be a string' }), 400 if not incident.validate_location(location): return jsonify({ 'status': 400, 'error': 'location must be a lat and long format' }), 400 inciden = Incident(current_user[0], incident_type, location, comment) db_handler().add_incident_record(inciden.createdOn, inciden.createdBy, inciden.record_type, inciden.location[0], inciden.location[1], inciden.comment, inciden.status) data_dict = { "createdon": inciden.createdOn, "record_type": inciden.record_type, "incident_location": inciden.location, "comment": inciden.comment, "status": inciden.status } return jsonify({ 'status': 201, 'data': data_dict, 'message': f'created {incident_type} record successfully' }), 201
def change_status(incident_id, record_type): status_data = request.get_json() status = status_data.get('status') try: incident_Id = int(incident_id) except: return jsonify({ 'status': 400, 'error': 'incident_id must be a valid number' }), 400 if not status: return jsonify({ 'status': 400, 'error': 'status field is either empty or missing' }), 400 if not validateIncident.validate_status(status): return jsonify({ 'status': 400, 'error': 'status must a string and must be under investigation or rejected or resolved' }), 400 incident_record_data = db_handler().select_one_incident( 'incident_table', 'incidentid', incident_Id, record_type) if not incident_record_data: return jsonify({ 'status': 200, 'message': 'incident record not found' }), 200 db_handler().update_incident_record('incident_status', incident_Id, status, record_type) incident_record_data = db_handler().select_one_incident( 'incident_table', 'incidentid', incident_Id, record_type) data_dict = { "incidentid": incident_record_data[0], "createdon": incident_record_data[1], "createdby": incident_record_data[2], "record_type": incident_record_data[3], "incident_location": incident_record_data[4], "comment": incident_record_data[6], "status": incident_record_data[7] } return jsonify({ 'status': 200, 'data': data_dict, 'message': f"{incident_record_data[3]} record's status was successfuly updated" }), 200
def post_incident(current_user): details = request.get_json() incident_type = details.get('incident_type') location = details.get('location') comment = details.get('comment') # video = details.get('video') if not incident_type or not location or not comment: return jsonify({ 'status': 400, 'error': 'A required field is either missing or empty' }), 400 if not validateIncident.validate_type(incident_type): return jsonify({ 'status': 400, 'error': 'type must a string and must be red-flag or intervention' }), 400 if not validateIncident.validate_location(location): return jsonify({ 'status': 400, 'error': 'Location field only takes in a list of valid Lat and Long cordinates' }), 400 if not validateIncident.validate_comment(comment): return jsonify({ 'status': 400, 'error': 'comment must be a string' }), 400 incident = Incident(current_user[0], incident_type, location, comment) db_handler().add_incident_record(incident.createdOn, incident.createdBy, incident.record_type, incident.location[0], incident.location[1], incident.comment, incident.status) data_dict = { "createdon": incident.createdOn, "record_type": incident.record_type, "incident_location": incident.location, "comment": incident.comment, "status": incident.status } return jsonify({ 'status': 201, 'data': data_dict, 'message': f'created {incident_type} record successfuly' }), 201
def get_an_incident(incident_id, record_type): try: incidentId = int(incident_id) except: return jsonify({ 'status': 200, 'message': 'incident id must be an integer' }), 200 fetched_data = db_handler().select_one_incident('incidentTable', 'incident_id', incidentId, record_type) if not fetched_data: return jsonify({ 'status': 200, 'message': 'incident is not found' }), 200 data_dict = { "incidentid": fetched_data[0], "createdon": fetched_data[1], "createdby": fetched_data[2], "record_type": fetched_data[3], "incident_location": fetched_data[4], "comment": fetched_data[6], "status": fetched_data[7] } return jsonify({'status': 200, 'data': data_dict}), 200
def fetch_an_incident(incident_id, record_type): try: incidentId = int(incident_id) except: return jsonify({ 'status': 400, 'error': 'incident_id must be a valid number' }), 400 record_data = db_handler().select_one_incident('incident_table', 'incidentid', incidentId, record_type) if not record_data: return jsonify({ 'status': 200, 'message': 'Incident record not found' }), 200 data_dict = { "incidentid": record_data[0], "createdon": record_data[1], "createdby": record_data[2], "record_type": record_data[3], "incident_location": record_data[4], "comment": record_data[6], "status": record_data[7] } return jsonify({'data': data_dict, 'status': 200}), 200
def change_status_of_incident(incident_id, record_type): info = request.get_json() status = info.get('status') try: incident_Id = int(incident_id) except: return jsonify({ 'status': 400, 'error': 'incident is must be a valid integer' }), 400 if not status: return jsonify({ 'status': 400, 'error': 'status field is missing or not found' }), 400 if not incident.validate_status(status): return jsonify({ 'status': 400, 'error': 'status must be s string' }), 400 incident_to_update = db_handler().select_one_incident( 'incidentTable', 'incident_id', incident_Id, record_type) if not incident_to_update: return jsonify({'status': 200, 'error': 'incident not found'}), 200 db_handler().update_incident_record('status', incident_Id, status, record_type) incident_to_update = db_handler().select_one_incident( 'incidentTable', 'incident_id', incident_Id, record_type) incident_to = incident_to_update[3] data_dict = { 'incidentId': incident_to_update[0], 'createdon': incident_to_update[1], 'createdby': incident_to_update[2], 'record_type': incident_to_update[3], 'location': incident_to_update[4], 'comment': incident_to_update[6], 'status': incident_to_update[7] } return jsonify({ 'status': 200, 'data': data_dict, 'message': f"updated {incident_to} status" }), 200
def edit_redflag_comment(current_user, incident_id): record_data = db_handler().select_one_record('incident_table', 'incidentid', incident_id) if record_data: if int(record_data[2]) != current_user[0]: return jsonify({'status': 403, 'error': 'You can only edit the location of a record you created' }), 403 return edit_comment_of_incident(incident_id, 'red-flag')
def edit_intervention_location(current_user, incident_id): check_record = db_handler().select_one_record('incident_table', 'incidentid', incident_id) if check_record: if int(check_record[2]) != current_user[0]: return jsonify({'status': 403, 'error': 'You can only edit the location of a record you created' }), 403 return edit_location_of_incident(incident_id, 'intervention')
def delete_intervention_record(current_user, incident_id): delete_data = db_handler().select_one_incident('incident_table', 'incidentid', incident_id, 'intervention') if delete_data: if int(delete_data[2]) != current_user[0]: return jsonify({'status': 403, 'error': 'You can only delete a record you created' }), 403 return delete_incident(incident_id, 'intervention')
def change_intervention_location(current_user, incident_id): check_info = db_handler().select_one_record('incidentTable', 'incident_id', incident_id) if int(check_info[2]) != current_user[0]: return jsonify({ 'message': 'You can edit location of an incident you did not create' }) return edit_incident_location(incident_id, 'intervention')
def delete_intervention(current_user, incident_Id): delete = db_handler().select_one_record('incidentTable', 'incident_id', incident_Id) if delete: if int(delete[2]) != current_user[0]: return jsonify({ 'message': 'You can not delete an intervention you did not create' }) return delete_incident(incident_Id, 'intervention')
def delete_incident(incident_id, record_type): try: incident_Id = int(incident_id) except: return jsonify({ 'status': 400, 'error': 'incident_id must be a valid number' }), 400 delete_data = db_handler().select_one_incident('incident_table', 'incidentid', incident_Id, record_type) if not delete_data: return jsonify({ 'status': 200, 'message': 'incident record not found' }), 200 db_handler().delete_incident_record(incident_Id, record_type) return jsonify({ 'status': 200, 'message': f"{delete_data[3]} record has been deleted" }), 200
def change_redflag_comment(current_user, incident_id): check_data = db_handler().select_one_record('incidentTable', 'incident_id', incident_id) if check_data: if int(check_data[2]) != current_user[0]: return jsonify({ 'message': 'You can not edit comment of an incident you did not create' }) return edit_comment_of_incident(incident_id, 'red-flag')
def login_user(user_type): login_info = request.get_json() login_email = login_info.get('email') login_pass = login_info.get('password') if not login_email or not login_email: return jsonify({'status': 400, 'error': 'a field is missing'}), 400 if not validateUser.validate_password(login_pass): return jsonify({ 'status': 400, 'error': 'a password must be 8 characters and above and it must have both numbers and letters' }), 400 if not validate_email(login_email): return jsonify({'status': 400, 'error': 'invalid email'}), 400 user_data = db_handler().select_one_record('user_table', 'email', login_email) if user_data: if user_type == 'admin': if user_data[9] is False: return jsonify({ 'status': 401, 'error': 'you can not login as anormal user here' }), 401 if user_type == 'normal_user': if user_data[9] is True: return jsonify({ 'status': 401, 'error': 'you can not login as an admin from here' }), 401 if user_data[5] == login_email and check_password_hash( user_data[6], login_pass): access_token = encode_token(login_email) return jsonify({ 'status': 200, 'access_token': access_token.decode('UTF-8'), 'message': 'You are successfully logged in' }), 200 return jsonify({'status': 401, 'error': 'wrong email or password'}), 401
def inner_func(*args,**kwargs): token = None if 'Authorization' in request.headers: token = request.headers['Authorization'] if not token: return jsonify({'status':401,'error': 'token is invalid or missing'}),401 try: data = jwt.decode(token,app.config['SECRET'], algorithms = ['HS256']) current_user = db_handler().select_one_record('user_table', 'email', data['sub']) except jwt.ExpiredSignatureError: return jsonify({'status': 401,'error':'The token has expired please login again'}),401 except jwt.InvalidTokenError: return jsonify({'status': 401,'error' : 'Invalid token. please login again'}) return f(current_user, *args, **kwargs)
def fetch_all_incidents(record_type): fetched_data = db_handler().select_all_incidents(record_type) if not fetched_data: return jsonify({ 'status': 200, 'message': 'No incidents recorded yet' }), 200 keys = [ "incidentid", "createdon", "createdby", "record_type", "incident_location", "comment", "status" ] incident_records = [] for data in fetched_data: records = [ data[0], data[1], data[2], data[3], data[4], data[6], data[7] ] incident_records.append(dict(zip(keys, records))) return jsonify({'data': incident_records, 'status': 200}), 200
def login_user(user_type): login_info = request.get_json() login_email = login_info.get('email') login_password = login_info.get('password') if not login_email or not login_password: return jsonify({ 'status': 400, 'error': 'email or password cannot be empty' }), 400 if not validate_email(login_email): return jsonify({'status': 400, 'error': 'Invalid email'}), 400 if not validateUser.validate_password(login_password): return jsonify({ 'status': 400, 'error': 'Password must be atleast 8 characters and should have atleast one number and one capital letter' }), 400 user_data = db_handler().select_one_record('user_table', 'useremail', login_email) if user_data: if user_type == "admin": if user_data[9] is False: return jsonify({ 'status': 401, 'error': "You can't login as a normal user from here" }), 401 if user_type == "normal_user": if user_data[9] is True: return jsonify({ 'status': 401, 'error': "You can't login as an admin from here" }), 401 if user_data[5] == login_email and \ check_password_hash(user_data[7], login_password): access_token = encode_token(login_email) return jsonify({ 'status': 200, 'access_token': access_token.decode('UTF-8'), 'message': 'You are now loggedin' }), 200 return jsonify({'status': 401, 'error': 'Wrong email or password'}), 401
def register_user(): data = request.get_json() firstname = data.get('firstname') lastname = data.get('lastname') othername = data.get('othername') username = data.get('username') email = data.get('email') password = data.get('password') phonenumber = data.get('phonenumber') if not firstname or not lastname or not othername or not username \ or not email or not password or not phonenumber: return jsonify({ 'status': 400, 'error': 'A field is missing or not filled in' }), 400 if not validateUser.validate_name(firstname) or not validateUser.validate_name(lastname) \ or not validateUser.validate_name(othername) or not validateUser.validate_name(username): return jsonify({ 'status': 400, 'error': 'All names must be strings and thier must be no space' }), 400 if not validateUser.validate_number(phonenumber): return jsonify({ 'status': 400, 'error': 'phonenumber must be an integer' }), 400 if not validateUser.validate_password(password): return jsonify({ 'status': 400, 'error': 'a password must be 8 characters and above and it must have both numbers and letters' }), 400 if not validate_email(email): return jsonify({'status': 400, 'error': 'invalid email'}), 400 new_user = User(firstname, lastname, othername, username, email, generate_password_hash(password), phonenumber) if db_handler().select_one_record('user_table', 'email', email): return jsonify({ 'status': 200, 'message': 'account already exists try log in' }), 200 # db_handler().add_user('Busolo','Emma','Amos','EmmaAmos','*****@*****.**' # ,generate_password_hash('EmmaAmos123'),25670364,datetime.datetime.now(),True) new_user = db_handler().add_user(new_user.firstname, new_user.lastname, new_user.othername, new_user.username, new_user.email, new_user.password, new_user.phonenumber, new_user.registered, new_user.is_admin) data.pop('password') return jsonify({ 'status': 201, 'message': 'your account has been created successfully' }), 201