def login(): try: kwargs = request.body_params.dict() exist_user = EmployeeModel.find_by_identity(kwargs["email"]) if exist_user is None: return jsonify(error="wrong email or password"), 401 if not exist_user.authenticate(kwargs["password"]): return jsonify(error="wrong email or password"), 401 if not has_access(exist_user.role, ["admin"]): return jsonify(error="Access denied"), 403 # Create the tokens we will be sending back to the user access_token = create_access_token( identity=exist_user, additional_claims={"role": exist_user.role.id}) refresh_token = create_refresh_token( identity=exist_user, additional_claims={"role": exist_user.role.id}) AdminRespUser.update_forward_refs() admin_dto = AdminRespUser.from_orm(exist_user).dict() resp = jsonify(user=admin_dto, accessToken=access_token, refreshToken=refresh_token), 200 return resp except Exception as e: print(e) return jsonify(error="Admin login error"), 500
def edit_consumer(customer_id): try: kwargs = request.body_params.dict() exists_customer = CustomerModel.get_by_id(customer_id) if exists_customer is None: return jsonify(error="Customer not found"), 400 exists_customer.email = kwargs.get("email") or exists_customer.email exists_customer.first_name = kwargs.get( "first_name") or exists_customer.first_name exists_customer.last_name = kwargs.get( "last_name") or exists_customer.last_name exists_customer.telephone = kwargs.get( "telephone") or exists_customer.telephone exists_customer.city = kwargs.get("city") or exists_customer.city exists_customer.country = kwargs.get( "country") or exists_customer.country exists_customer.is_active = kwargs.get( "is_active") or exists_customer.is_active exists_customer.save() user_dto = AdminRespUser.from_orm(exists_customer).dict() return jsonify(customer=user_dto), 200 except Exception as e: print(e) return jsonify(error="Staff edit error"), 500
def customer(customer_id): try: user = CustomerModel.get_by_id(customer_id) if user is None: return jsonify(error="User not found"), 400 AdminRespUser.update_forward_refs() user_dto = AdminRespUser.from_orm(user).dict() resp = jsonify(user=user_dto), 200 return resp except Exception as e: print(e) return jsonify(error="User error"), 500
def add_employee(): try: kwargs = request.body_params.dict() exists_user = EmployeeModel.verify_for_signup(kwargs.get("email"), kwargs.get("telephone")) if exists_user: return jsonify(error="Account already exits"), 400 # TODO check if service is right # services = [ServiceModel.get_by_id(service) for service in kwargs.get("services")] role_id: str = RoleModel.find_by_identity("staff").id employee = EmployeeModel(**kwargs, role_id=role_id) employee.save() dto = AdminRespUser.from_orm(employee).dict() return jsonify(user=dto), 200 except Exception as e: print(e) return jsonify(error="Error adding employee"), 500
def delete_customer(customer_id): try: customer = CustomerModel.get_by_id(customer_id) if customer is None: return jsonify(error="Customer not found"), 400 if customer.role == "admin": return jsonify(error="Access denied"), 403 customer.is_active = False customer.save() dto = AdminRespUser.from_orm(customer).dict() return jsonify(customer=dto), 200 except Exception as e: return jsonify(error="Staff delete error"), 500
def delete_employee(employee_id): try: employee = EmployeeModel.get_by_id(employee_id) if employee is None: return jsonify(error="Employee not found"), 400 if employee.role == "admin": return jsonify(error="Access denied"), 403 employee.is_active = False employee.save() dto = AdminRespUser.from_orm(employee).dict() return jsonify(employee=dto), 200 except Exception as e: return jsonify(error="Staff delete error"), 500
def edit_employee(employee_id): try: kwargs = request.body_params.dict() exists_employee = EmployeeModel.get_by_id(employee_id) if exists_employee is None: return jsonify(error="Employee not found"), 400 if kwargs.get("services") is not None: services = [ ServiceModel.get_by_id(service) for service in kwargs.get("services") ] exists_employee.services.extend(services) exists_employee.email = kwargs.get("email") or exists_employee.email exists_employee.first_name = kwargs.get( "first_name") or exists_employee.first_name exists_employee.last_name = kwargs.get( "last_name") or exists_employee.last_name exists_employee.telephone = kwargs.get( "telephone") or exists_employee.telephone exists_employee.city = kwargs.get("city") or exists_employee.city exists_employee.country = kwargs.get( "country") or exists_employee.country exists_employee.is_active = kwargs.get( "is_active") or exists_employee.is_active exists_employee.save() services = exists_employee.services.all() user_dto = AdminRespUser.from_orm(exists_employee).dict() services_dto = [ AdminRespServiceSchema.from_orm(service).dict() for service in services ] return jsonify(employee={ "user": user_dto, "services": services_dto }), 200 except Exception as e: print(e) return jsonify(error="Staff edit error"), 500
def get_employee(employee_id): try: staff = EmployeeModel.get_by_id(employee_id) if staff is None: return jsonify(error="Employee not found"), 400 services = staff.services.all() user_dto = AdminRespUser.from_orm(staff).dict() services_dto = [ AdminRespServiceSchema.from_orm(service).dict() for service in services ] return jsonify(employee={ "user": user_dto, "services": services_dto }), 200 except Exception as e: print(e) return jsonify(error="Staff error"), 500