def get(self, user_id, job_id):
user_id = str(user_id)
is_mechanic = self.current_user_is_mechanic()
if is_mechanic:
mechanic_id = current_identity._get_current_object().id
else:
mechanic_id = None
if (user_id != current_identity._get_current_object().id) and (
not mechanic_id):
abort(401, description="Unauthorized, not a mechanic or owner")
args = self.reqparse.parse_args()
quote_id = args.get('quote_id')
if quote_id:
quote = self.quotesDAO.find_quote(quote_id=quote_id,
job_id=job_id,
mechanic_id=mechanic_id)
if quote:
return quote.as_dict()
abort(401)
else:
quotes_list = self.quotesDAO.find_quotes(user_id=user_id,
job_id=job_id,
mechanic_id=mechanic_id)
return jsonify([i.as_dict() for i in quotes_list])
def put(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
args = self.reqparse.parse_args()
if not args.get('updated_values'):
abort(400)
#new_values = {str(k): str(v) for k, v in args['updated_values'].items()}
new_values = args.get('updated_values')
if any([
i in new_values for i in
['user_id', 'email_address', 'first_name', 'last_name']
]):
abort(405)
if any([
i not in [
'phone_number', 'address_line', 'city', 'state', 'zipcode'
] for i in new_values
]):
abort(400)
update_successful = self.userDAO.update_user(user_id, new_values)
if not update_successful:
abort(401)
user = self.userDAO.find_user(user_id)
if not user:
abort(404)
return user.as_dict()
def put(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
args = self.reqparse.parse_args()
job_data = args.get('job')
job_id = args.get('job_id')
logging.debug('Current job_data is' + str(job_data))
logging.debug('Current job_id is ' + str(job_id))
if not job_data:
logging.debug('Job data missing.')
abort(401, description='Job data field is missing')
if not job_data.get('updated_values'):
logging.debug('"updated_values" field is missing.')
abort(401, description='updated_values field is missing.')
if not job_id:
logging.debug('Could not find a job of that given id.')
abort(404)
# updated_values = {str(k): str(v) for k, v in job_data['updated_values'].items()}
updated_values = job_data.get('updated_values')
update_successful = self.jobsDAO.update_job(user_id, job_id,
updated_values)
if not update_successful:
abort(404)
job = self.jobsDAO.find_job(user_id, job_id)
if not job:
logging.debug('Job not found')
abort(404)
return job.as_dict()
def post(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
args = self.reqparse.parse_args()
logging.debug('Current args are ... ' + str(args))
token_inserted = args.get('tokenData')
# if there is a problem with the inserted job format
if not token_inserted:
logging.debug('"tokenData" key missing in inserted token.')
abort(401)
logging.debug("Token inserted is " + str(token_inserted))
if not len(
[i for i in token_inserted.keys() if i in ['user_id', 'fcmtoken']
]) == 2:
logging.debug('tokenData missing a few parameters ...')
abort(401)
if not self.tokenDAO.find_user(user_id):
logging.debug('User not found, adding new token')
insertion_successful = self.tokenDAO.insert_token(
user_id, token_inserted['fcmtoken'])
if not insertion_successful:
abort(401)
return Token(user_id, token_inserted['fcmtoken']).as_dict()
else:
# update token for existing user
logging.debug('Updating token for existing user : '******'fcmtoken'])
if not update_successful:
abort(401)
return Token(user_id, token_inserted['fcmtoken']).as_dict()
abort(405)
def current_user_is_mechanic(self):
mechanic_id = current_identity._get_current_object().id
mechanic = self.mechanicDAO.find_mechanic(mechanic_id)
if mechanic is None:
return False
else:
return True
def put(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
args = self.reqparse.parse_args()
if not args.get('updated_values'):
logging.debug('Cannot find updated values.')
abort(
400,
description=
'The request is missing a few fields. Please check your request body once again.'
)
#new_values = {str(k): (str(v) if type(v) == str else v) for k, v in args['updated_values'].items()}
new_values = args.get('updated_values')
if any([i == 'user_id' for i in new_values]):
logging.debug('"user_id" not provided by mechanic.')
abort(
405,
description='The request was sent in without a "user_id" field.'
)
if not all([(len(i) == 5 and i.isdigit())
for i in new_values['serving_zipcodes']]):
logging.debug(
'"serving_zipcodes" may not have properly formatted zipcodes inserted.'
)
abort(
400,
description=
'The request was sent in with invalid zipcodes in the "serving_zipcodes" field.'
)
if any([
i not in [
'phone_number', 'address_line', 'city', 'state', 'zipcode',
'rate', 'rating', 'reviews', 'serving_zipcodes'
] for i in new_values
]):
logging.debug('Mechanic has not added a few fields.')
abort(
400,
description=
'The request is missing a few fields. Please check your request body once again.'
)
mechanic = self.mechanicDAO.find_mechanic(user_id)
if mechanic is None:
insertion_successful = self.mechanicDAO.insert_mechanic(user_id)
if not insertion_successful:
logging.debug('Could not insert mechanic data')
abort(401)
update_successful = self.mechanicDAO.update_mechanic(
user_id, new_values)
if not update_successful:
abort(401)
mechanic = self.mechanicDAO.find_mechanic(user_id)
if not mechanic:
abort(401)
return mechanic.as_dict()
def get(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
token_data = self.tokenDAO.find_token(user_id)
if token_data:
return token_data.as_dict()
abort(401)
def get(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
user = self.userDAO.find_user(user_id)
if not user:
abort(404)
return user.as_dict()
def delete(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
delete_successful = self.userDAO.delete_one(user_id)
if not delete_successful:
abort(404)
return {'success': "User has been deleted successfully."}
def get(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
mechanic = self.mechanicDAO.find_mechanic(user_id)
if mechanic is None:
abort(404,
description=
"The mechanic you are searching for probably doesn't exist")
return mechanic.as_dict()
def create_game_session():
try:
_jwt_required(None)
except:
pass
identity = None
token = None
_current_identity = current_identity._get_current_object()
if _current_identity is None or _current_identity[0] == 'session':
recaptcha_token = request.json.get('recaptcha')
if recaptcha_token is None:
return make_response(jsonify(ok=False,
error='Recaptcha missing'),
400)
if not is_human(recaptcha_token):
return make_response(jsonify(ok=False,
error='Bad recaptcha'),
400)
category = _get_random_category()
category_id = category.id
else:
category_id = request.json.get('category_id') if request.json is not None else None
user_or_session, identity = _current_identity
collection_id = request.json.get('collection_id') if request.json is not None else None
cursor = _create_cursor(0,
collection_id=collection_id,
category_id=category_id)
game_session = Session(id=str(uuid4()),
game_type='gender',
user_id=identity,
cursor=cursor)
db.session.add(game_session)
db.session.commit()
db.session.refresh(game_session)
if identity is None:
iat = datetime.utcnow()
token = jwt.encode(dict(sub='session:{}'.format(game_session.id),
iat=iat,
nbf=iat + timedelta(seconds=5),
exp=iat + timedelta(minutes=10)
),
JWT_SECRET, algorithm='HS256').decode()
return make_response(jsonify(ok=True,
session=game_session,
token=token),
201)
def forward_request_to_service(request, service, endpoint):
"""Forward incoming request to a Service and then returns the result."""
url = "{}{}".format(service.host, endpoint)
request_method = getattr(requests, request.method.lower())
headers = dict(request.headers)
if current_identity._get_current_object() is not None:
headers['User-Id'] = str(current_identity['id'])
params = request.args
resp = request_method(url, params=params, json=request.json,
headers=headers)
return resp.text, resp.status_code
def delete(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
args = self.reqparse.parse_args()
job_id = args.get('job_id')
if not job_id:
logging.debug('Cannot find job_id')
abort(404)
delete_successful = self.jobsDAO.delete_one(user_id, job_id)
if not delete_successful:
return jsonify({"failure": "Job not found."})
return jsonify({"success": "Job deleted succesfully."})
def delete(self, user_id, job_id):
user_id = str(user_id)
is_mechanic = self.current_user_is_mechanic()
if is_mechanic:
mechanic_id = current_identity._get_current_object().id
else:
abort(401, description="Unauthorized, not a mechanic")
args = self.reqparse.parse_args()
quote_id = args.get('quote_id')
if quote_id:
delete_successful = self.quotesDAO.delete_one(
quote_id, job_id, mechanic_id)
else:
delete_successful = self.quotesDAO.delete_quotes(
job_id, mechanic_id)
if delete_successful:
return jsonify({"success": "Quote/s deleted succesfully."})
else:
return jsonify({"failure": "Quote/s not found."})
def get(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
args = self.reqparse.parse_args()
job_id = args.get('job_id')
if job_id:
job = self.jobsDAO.find_job(user_id=user_id, job_id=job_id)
if job:
return job.as_dict()
abort(401)
else:
mechanic = self.mechanicDAO.find_mechanic(user_id)
if mechanic is None:
jobs_list = self.jobsDAO.find_job(user_id=user_id)
else:
jobs_list = self.jobsDAO.find_job(
zipcodes=mechanic.serving_zipcodes)
return jsonify([i.as_dict() for i in jobs_list])
def post(self, user_id, job_id):
user_id = str(user_id)
if user_id == current_identity._get_current_object().id:
f = request.files.get('imagefile')
if not f:
abort(401)
if f.filename == '':
abort(401)
content_type = f.content_type
# with tempfile.NamedTemporaryFile() as fp:
# f.save(fp.name)
# fp.seek(0, 0)
image_data = Binary(f.stream.read())
update_result = self.jobsDAO.update_images(user_id, job_id,
image_data, f.filename,
content_type)
if update_result:
result = self.jobsDAO.find_job(user_id, job_id)
return jsonify(results=result.__dict__)
else:
abort(401)
def get(self, user_id, job_id):
user_id = str(user_id)
if user_id == current_identity._get_current_object().id:
args = self.reqparse.parse_args()
picture_id = args.get('picture_id')
if picture_id:
image_data = self.jobsDAO.get_image(user_id, job_id,
picture_id)
if image_data:
pil_image = Image.open(
io.BytesIO(image_data)).convert('RGB')
temp_img_io = io.BytesIO()
pil_image.save(temp_img_io, 'JPEG', quality=70)
temp_img_io.seek(0)
return send_file(temp_img_io, mimetype='image/jpeg')
else:
abort(401)
else:
abort(401)
else:
abort(401)
def post(self, user_id):
user_id = str(user_id)
if user_id != current_identity._get_current_object().id:
abort(401)
args = self.reqparse.parse_args()
job_inserted = args.get('job')
# if there is a problem with the inserted job format
if not job_inserted:
logging.debug('"job" key missing in inserted job.')
abort(400)
if not all(
list(
map(job_inserted.get, [
'make', 'model', 'year', 'options', 'summary',
'description', 'status', 'address_line', 'city',
'state', 'zipcode'
]))):
logging.debug('Job missing a few parameters.')
abort(400)
if not type(job_inserted['options']) is dict:
logging.debug('"options" field is not dict')
abort(400)
insertion_successful, job_id = self.jobsDAO.insert_job(
user_id, job_inserted['make'], job_inserted['model'],
job_inserted['year'], job_inserted['options'],
job_inserted['summary'], job_inserted['description'],
JobStatus.submitted.name, job_inserted['address_line'],
job_inserted['city'], job_inserted['state'],
job_inserted['zipcode'])
if not insertion_successful:
abort(500)
job = self.jobsDAO.find_job(user_id, job_id)
if not job:
abort(404)
self.send_notifications(job_inserted)
return job.as_dict()
def post(self, user_id, job_id):
user_id = str(user_id)
if not self.current_user_is_mechanic():
abort(401, description="User is not a mechanic")
else:
mechanic_id = current_identity._get_current_object().id
job = self.jobsDAO.find_job(user_id=user_id, job_id=job_id)
if job:
job = job.as_dict()
else:
abort(404, description='Job not found')
args = self.reqparse.parse_args()
quote_details = args.get('quote')
if not quote_details:
logging.debug('"quote" key missing in inserted job.')
abort(400)
if not all(list(map(quote_details.get, ['labor_cost', 'part_cost']))):
logging.debug('Quote missing a few parameters')
abort(400)
if not type(quote_details['labor_cost']) is dict:
logging.debug('"labor_cost" field is not dict')
abort(400)
else:
labor_cost = quote_details['labor_cost']
if not type(quote_details['part_cost']) is dict:
logging.debug('"labor_cost" field is not dict')
abort(400)
else:
part_cost = quote_details['part_cost']
if 'onsite_service_charges' in quote_details:
onsite_service_charges = quote_details['onsite_service_charges']
else:
onsite_service_charges = 0
if 'comments' in quote_details:
comments = quote_details['comments']
else:
comments = None
insertion_successful, quote_id = self.quotesDAO.insert_quote(
job_id, user_id, mechanic_id, labor_cost, part_cost,
onsite_service_charges, comments, QuoteStatus.submitted.name)
if not insertion_successful:
abort(500)
quote_inserted = self.quotesDAO.find_quote(quote_id, job_id,
mechanic_id)
if not quote_inserted:
abort(404)
number_of_quotes = self.quotesDAO.getNumberOfQuotes(job_id, user_id)
self.jobsDAO.update_job(
user_id, job_id, {
"status": JobStatus.quotes_available.name,
"number_of_quotes": number_of_quotes
})
self.send_notifications(user_id) ## TODO find why it is failing
return quote_inserted.as_dict()
def is_anonymous(view, view_args, view_kwargs, *args, **kwargs):
if current_identity._get_current_object() is not None:
raise ForbiddenException('Anonymous access is required',
{'source': 'id'})
