def delete(self):
is_user = False
try:
if g.user:
is_user = True
except:
pass
data = CustomerDelete.parser.parse_args()
error_validation = validators.delete_validator(**data)
if error_validation['error validation']:
return error_validation
if is_user:
user = g.user
position = PositionModel.find_by_id(user.position_id)
if position.name != 'admin' or not user.verify_password(
data['password']):
return {
'message':
"You are not privileged to delete customer's account!"
}, 400
customer = CustomerModel.find_by_username(data['username'])
if customer:
log = LogModel("remove customer '{}'".format(data['username']),
g.user.username, auth.admin)
customer.delete_from_db()
log.save_to_db()
return {'message': "Customer's account deleted."}
return {
'message':
"Customer '{}' account does not exist.".format(
data['username'])
}
else:
customer = g.customer
if customer.username != data['username']:
return {
'message':
'You can not delete your account because you have typed wrong username!'
}, 400
if not customer.verify_password(data['password']):
return {
'message':
'You can not delete your account because you have typed wrong password!'
}, 400
log = LogModel("remove customer '{}'".format(data['username']),
g.customer.username, auth.customer)
customer.delete_from_db()
log.save_to_db()
return {'message': 'Your account is deleted.'}
def authenticate(username, password):
user = UserModel.find_by_username(username)
customer = CustomerModel.find_by_username(username)
print('authXXX')
if user and user.verify_password(password):
print('USER-auth')
return user
elif customer and customer.verify_password(password):
print('CUSTOMER-auth')
return customer
def get(self, username):
if not Item.is_user():
return {'message': 'You are not privileged to continue!'}, 400
else:
guest = UserModel.find_by_username(username) or CustomerModel.find_by_username(username)
if not guest:
return {'message': "Guest '{}' not found.".format(username)}, 404
if Item.is_admin():
return {'items': [item.json() for item in ItemModel.query.filter_by(reserved_by=guest.username)]}
return {'items': [item.short_json() for item in ItemModel.query.filter_by(reserved_by=guest.username)]}
def post(self):
try:
user = g.user
except:
return {'message': "You are not privileged to continue!"}, 400
data = UserRegister.parser.parse_args()
error_validation = validators.user_register_validator(**data)
if error_validation['error validation']:
return error_validation
position = PositionModel.find_by_id(user.position_id)
print(position)
if position.name != 'admin':
return {
'message': "You are not privileged to create user's account!"
}, 400
if UserModel.find_by_username(data['username']):
return {
"message": "A user with that username already exists."
}, 400
if CustomerModel.find_by_username(data['username']):
return {
"message": "A customer with that username already exists."
}, 400
user = UserModel(**data)
# user.save_to_db()
log = LogModel("add user '{}'".format(data['username']),
g.user.username, auth.admin)
try:
user.save_to_db()
log.save_to_db()
except:
return {
'message': 'An error occurred inserting the user.'
}, 500 # Internal Server Error
# return {'user': user.fake_json()}, 201
# return {'users': [user.short_json() for user in UserModel.query.all()]}, 201
return {"message": "User created successfully."}, 201
def get(self, customer_name):
try:
if g.customer:
return {'message': 'You are not privileged to continue!'}, 400
except:
pass
# position = PositionModel.find_by_id(g.user.position_id)
# if position.name != 'admin':
# return {'message': "You are not privileged to check user details!"}, 400
customer = CustomerModel.find_by_username(customer_name)
if customer:
return customer.json()
return {
'message': "Customer '{}' not found.".format(customer_name)
}, 404
def post(self):
data = CustomerRegister.parser.parse_args()
error_validation = validators.customer_register_validator(**data)
if error_validation['error validation']:
return error_validation
if CustomerModel.find_by_username(
data['username']) or UserModel.find_by_username(
data['username']):
return {
"message": "An account with that username already exists"
}, 400
customer = CustomerModel(
**data) # CustomerModel(data['username'], data['password'] ...)
customer.save_to_db()
# return {'customer': customer.fake_json()}, 201
# return {'customers': [customer.short_json() for customer in CustomerModel.query.all()]}, 201
return {"message": "Account created successfully."}, 201