def get_user(user_id: str, password: str = None):
"""
Returns the User with the given user_id
First it's checked in the DB (doesn't check the password)
If not found there, a query to the ldap is used to gather the information.
If the password is correct, the data will be retrieved and added to the DB.
:param user_id: student number or employee identification
:param password: the user password
:return: User object
"""
# Check if it's an employee
employee_access = EmployeeDataAccess(get_db())
try:
employee = employee_access.get_employee(user_id)
return User(user_id, employee.name,
'admin' if employee.is_admin else 'employee', False)
except:
pass
# Check if it's a student
student_access = StudentDataAccess(get_db())
try:
student = student_access.get_student(user_id)
return User(user_id, student.name, 'student', False)
except:
pass
if password is None:
return None
return new_person(user_id, password)
def update_employee(data):
"""
Handles update of employee.
:param data: data object with new data
:return: Json with success/failure status and error message
"""
try:
if "is_admin" not in data:
data[
"is_admin"] = "TRUE" if current_user.role == "admin" else "FALSE"
if not data['research_group']:
data['research_group'] = None
dao = EmployeeDataAccess(get_db())
employee = Employee(data["key"], data["name"], data["email"],
data["office"], data["extra_info"],
data["picture_location"], data["research_group"],
data["title"] if data["title"] else None,
data["is_external"], data['is_admin'],
data['is_active'])
dao.update_employee(employee)
return jsonify({'success': True}), 200, {
'ContentType': 'application/json'
}
except Exception as e:
return jsonify({
'success': False,
"message": str(e)
}), 400, {
'ContentType': 'application/json'
}
def add_employee(data):
"""
Handles addition of employee.
:param data: data object to be added
:return: Json with success/failure status and error message
"""
try:
if not data['research_group']:
data['research_group'] = None
dao = EmployeeDataAccess(get_db())
picture = get_random_picture_location()
employee = Employee(data["name"], data["name"], data["email"],
data["office"], data.get("extra_info"), picture,
data["research_group"],
data["title"] if data.get("title") else None,
data["is_external"], False, True)
dao.add_employee(employee)
return jsonify({'success': True}), 200, {
'ContentType': 'application/json'
}
except Exception as e:
return jsonify({
'success': False,
"message": str(e)
}), 400, {
'ContentType': 'application/json'
}
def get_employee_data(name):
"""
Fetches all data of a certain employee.
:param name: employee name
:return: Json containing employee data
"""
employee = EmployeeDataAccess(get_db()).get_employee_by_name(name)
return jsonify(employee.to_dict())
def give_random_pictures():
employeedata = EmployeeDataAccess(get_db())
all_employees = employeedata.get_employees(False)
for f in all_employees:
if f.picture_location is None:
f.picture_location = get_random_picture_location()
employeedata.update_employee(f)
return
def add_employee(project, guidance, name):
"""
Adds an employee in the database.
:param project: project id
:param guidance: guidance type
:param name: employee name
"""
try:
employee_access = EmployeeDataAccess(get_db())
employee = employee_access.get_employee_by_name(name)
guide = Guide(employee.e_id, project, guidance)
GuideDataAccess(get_db()).add_guide(guide)
except:
pass
def add_registration():
"""
Handles the POST request to '/project-editor'.
:return: Json with success/failure status.
"""
if current_user.is_authenticated and current_user.role == "student":
try:
project_id = request.form['data']
type = request.form['type']
registration = Registration(current_user.user_id, project_id, type,
"Pending")
RegistrationDataAccess(get_db()).add_registration(registration)
project = ProjectDataAccess(get_db()).get_project(
project_id, False)
if not project.is_active:
raise Exception()
msg = f"You registered for project {project.title}!\n" \
f"You'll be notified when one of the supervisors changes your registration status.\n" \
f"Best of luck!"
send_mail(current_user.user_id + "@ad.ua.ac.be",
"ESP Registration", msg)
msg_employees = f"Student {current_user.name} ({current_user.user_id}) has registered for your project {project.title}.\n" \
f"To change the registration status please visit the ESP site." \
guides = GuideDataAccess(
get_db()).get_guides_for_project(project_id)
employee_access = EmployeeDataAccess(get_db())
guides_with_info = [
employee_access.get_employee(x.employee) for x in guides
]
for guide in guides_with_info:
if guide.email:
send_mail(guide.email, "ESP Registration", msg_employees)
return jsonify({'success': True}), 200, {
'ContentType': 'application/json'
}
except Exception as e:
return jsonify({
'success': False,
"message": "Failed to add a new registration!"
}), 400, {
'ContentType': 'application/json'
}
def new_person(user_id, password):
"""
Person is added to the DB with the data retrieved from LDAP
:param user_id: student number or employee identification
:param password: the user password
:return: None if nothing found, else the new User
"""
# Make a search request to LDAP
person = search_person(user_id, password)
if person is None:
return None
if 'student' in person['distinguishedName'].value.lower():
# Make new student
name = person['displayName'].value
student = Student(name, user_id)
StudentDataAccess(get_db()).add_student(student)
return User(user_id, name, 'student', False)
else:
# Make new employee
name = person['displayName'].value
email = person['mail'].value
office = person['physicalDeliveryOfficeName'].value
picture = get_random_picture_location()
employee = Employee(user_id, name, email, office, None, picture, None,
None, False, False, True)
EmployeeDataAccess(get_db()).add_employee(employee)
return User(user_id, name, 'employee', True)
def get_edit_profile_data(name):
try:
employee = EmployeeDataAccess(get_db()).get_employee_by_name(name)
research_groups = ResearchGroupDataAccess(
get_db()).get_research_groups(False)
return jsonify({
"employee": employee.to_dict(),
"groups": [obj.to_dict() for obj in research_groups]
})
except:
return jsonify({
'success':
False,
"message":
"Employee name from LDAP not found in database"
}), 400, {
'ContentType': 'application/json'
}
def activation(data):
"""
Handles activation of objects.
:param data: data object with to be activated data
:return: Json with success/failure status and error message
"""
activate = data.get("activate")
obj_type = data.get("object")
if obj_type == "employees":
dao = EmployeeDataAccess(get_db())
elif obj_type == "groups":
dao = ResearchGroupDataAccess(get_db())
elif obj_type == "tags":
dao = TagDataAccess(get_db())
elif obj_type == "types":
dao = TypeDataAccess(get_db())
else:
return jsonify({
'success': False,
"message": "Object type incorrect"
}), 400, {
'ContentType': 'application/json'
}
try:
for elem in data["items"]:
if obj_type == "tags":
dao.remove_tag(elem)
else:
dao.set_active(elem, activate)
return jsonify({'success': True}), 200, {
'ContentType': 'application/json'
}
except Exception as e:
return jsonify({
'success': False,
"message": str(e)
}), 400, {
'ContentType': 'application/json'
}
def update_multiple_employees(data):
"""
Handles update of multiple employees' data.
:param data: data object with new data
:return: Json with success/failure status and error message
"""
try:
dao = EmployeeDataAccess(get_db())
for employee in data["items"]:
dao.update_research_group(employee, data["research-group"])
return jsonify({'success': True}), 200, {
'ContentType': 'application/json'
}
except Exception as e:
return jsonify({
'success': False,
"message": str(e)
}), 400, {
'ContentType': 'application/json'
}
def employee_authorized_for_project(employee_name, project_id):
"""
Checks if an employee has authorisation over a certain project.
:param employee_name: employee name
:param project_id: project id
:return: Boolean
"""
employee = EmployeeDataAccess(get_db()).get_employee_by_name(employee_name)
guides = GuideDataAccess(get_db()).get_guides_for_project(project_id)
for guide in guides:
if guide.employee == employee.e_id:
return True
project = ProjectDataAccess(get_db()).get_project(project_id, False)
return employee.research_group == project.research_group
def get_projects_page_additional_data():
"""
Handles the GET request to '/projects-page-additional'.
:return: Json containing active types, employees and groups.
"""
connection = get_db()
active_only = not session.get("archive")
all_types = TypeDataAccess(connection).get_types(active_only)
employees = EmployeeDataAccess(connection).get_employees(active_only)
groups = ResearchGroupDataAccess(connection).get_group_names(active_only)
result = {
"types": [obj.type_name for obj in all_types],
"employees": [obj.name for obj in employees],
"groups": groups
}
return jsonify(result)
def post_admin_mail():
if not current_user.is_authenticated or current_user.role != 'admin':
return jsonify({'success': False}), 400, {
'ContentType': 'application/json'
}
data = request.get_json()
subject = data['subject']
content = data['content']
receiver = data['receiver']
lists = data['additions']
is_student = receiver == 'students'
if is_student:
possible_receivers = StudentDataAccess(get_db()).get_students()
else:
possible_receivers = EmployeeDataAccess(get_db()).get_employees(False)
sent = 0
for person in possible_receivers:
mail_content = f'Beste {person.name},\n\n{content}'
personal_lists = mail_lists(person, is_student, lists)
mail_content += personal_lists
# Don't send mail if not one list is relevant for this person
if lists and not personal_lists:
continue
receiver_mail = person.student_id + "@ad.ua.ac.be" if is_student else person.email
if receiver_mail is not None:
send_mail(receiver_mail, subject, mail_content)
sent += 1
return jsonify({
'success': True,
'sent': sent
}), 200, {
'ContentType': 'application/json'
}
def manage(data):
"""
Modifies the database.
:param data: object holding all data to be modified in the database.
:return: Json with success/failure status.
"""
for entry in data['entries']:
entry_type = entry['entry_type']
for project in data["projects"]:
try:
if "add-employee" == entry_type:
guidance = entry['guidance']
name = entry['name']
add_employee(project, guidance, name)
elif "remove-employee" == entry_type:
name = entry['name']
employee = EmployeeDataAccess(
get_db()).get_employee_by_name(name)
GuideDataAccess(get_db()).remove_guide(
employee.e_id, project)
elif "add-tag" == entry_type:
tag = entry['tag']
add_tag(project, tag)
elif "remove-tag" == entry_type:
tag = entry['tag']
ProjectDataAccess(get_db()).remove_tag(project, tag)
elif "add-type" == entry_type:
p_type = entry['type']
add_type(project, p_type)
elif "remove-type" == entry_type:
p_type = entry['type']
ProjectDataAccess(get_db()).remove_type(project, p_type)
elif "replace-group" == entry_type:
group = entry['group']
ProjectDataAccess(get_db()).set_research_group(
project, group)
elif "replace-active" == entry_type:
active = entry['active']
ProjectDataAccess(get_db()).set_active(project, active)
else:
return jsonify({
'success': False,
"message": "Missing correct entry_type"
}), 400, {
'ContentType': 'application/json'
}
except Exception as e:
return jsonify({
'success': False,
"message": str(e)
}), 400, {
'ContentType': 'application/json'
}
return jsonify({'success': True}), 200, {'ContentType': 'application/json'}
def project_editor(data):
"""
Modifies an existing project and makes sure that database content is added/removed/updated where necessary.
:param data: data object containing all info for the altered project
:return: Json with success/failure status and the project id.
"""
project_access = ProjectDataAccess(get_db())
guide_access = GuideDataAccess(get_db())
employee_access = EmployeeDataAccess(get_db())
document_access = DocumentDataAccess(get_db())
new_project = data.get('new', False)
nl_data = data['html_content_nl']
en_data = data['html_content_eng']
if new_project:
new_document = document_access.add_document(
Document(None, en_data, nl_data))
document_id = new_document.document_id
else:
document_id = data['description_id']
document_access.update_document(Document(document_id, en_data,
nl_data))
title = data['title']
group = data['research_group']
max_students = data['max_students']
is_active = data['is_active']
if new_project:
project = Project(None, title, max_students, document_id, group,
is_active, None, 0, False)
project = project_access.add_project(project)
p_id = project.project_id
else:
p_id = data['project_id']
project_access.update_project(p_id, title, max_students, group,
is_active)
guide_access.remove_project_guides(p_id)
promotors = data['promotors']
for promotor in promotors:
if promotor != "":
employee_id = employee_access.get_employee_by_name(promotor).e_id
guide = Guide(employee_id, p_id, "Promotor")
guide_access.add_guide(guide)
copromotorlist = data['co-promotors']
for copromotor in copromotorlist:
if copromotor != "":
employee_id = employee_access.get_employee_by_name(copromotor).e_id
guide = Guide(employee_id, p_id, "Co-Promotor")
guide_access.add_guide(guide)
mentorlist = data['mentors']
for mentor in mentorlist:
if mentor != "":
employee_id = employee_access.get_employee_by_name(mentor).e_id
guide = Guide(employee_id, p_id, "Mentor")
guide_access.add_guide(guide)
tags = data['tags']
if not new_project:
project_access.remove_tags(p_id)
tag_access = TagDataAccess(get_db())
for tag in tags:
if tag != "":
try:
tag_access.add_tag(tag)
except:
pass
project_access.add_project_tag(p_id, tag)
types = data['types']
if not new_project:
project_access.remove_types(p_id)
type_access = TypeDataAccess(get_db())
for p_type in types:
try:
mytype = Type(p_type, True)
type_access.add_type(mytype)
except:
pass
project_access.add_type(p_id, p_type)
attachment_access = AttachmentDataAccess(get_db())
if not new_project:
attachment_access.remove_attachments(document_id)
for json_attachment in data['attachments']:
attachment = Attachment(name=json_attachment['name'],
file_location=json_attachment['file_location'],
document_id=document_id)
attachment_access.add_attachment(attachment)
project_access.update_search_index()
return jsonify({
'success': True,
'project_id': p_id
}), 200, {
'ContentType': 'application/json'
}
def get_project(self, project_id, active_only):
"""
Fetches all the data of a given project.
:param project_id: The project ID to fetch info for.
:param active_only: Fetch only active projects.
:return: A list with project objects.
"""
"""Get all the project data"""
cursor = self.dbconnect.get_cursor()
"""Data from project table"""
cursor.execute(
'SELECT project_id, title, max_students, description_id, research_group, is_active, '
'last_updated, view_count, extension_needed, creation_date FROM project'
' WHERE project_id=%s', (project_id, ))
row = cursor.fetchone()
project = Project(row[0], row[1], row[2], row[3], row[4], row[5],
row[6], row[7], row[8], row[9])
"""Types"""
types = list()
for project_type in self.get_project_types(project_id):
if not active_only or project_type.is_active:
types.append(project_type.type_name)
project.types = types
"""Tags"""
project.tags = self.get_project_tags(project_id)
"""Get guides, add employee info"""
guides = GuideDataAccess(
self.dbconnect).get_guides_for_project(project_id)
for guide in guides:
guide.employee = EmployeeDataAccess(self.dbconnect).get_employee(
guide.employee)
project.employees = guides
"""Registrations"""
cursor.execute(
'SELECT student, name, status, type, date FROM project_registration JOIN student s on '
'project_registration.student = s.student_id WHERE project=%s',
(project_id, ))
registrations = list()
for row in cursor:
registrations.append({
"student_nr": row[0],
"name": row[1],
"status": row[2],
"type": row[3],
"last_updated": row[4]
})
project.registrations = registrations
"""Descriptions"""
cursor.execute(
'SELECT html_content_eng, html_content_nl FROM document WHERE document_id = %s',
(project.description_id, ))
row = cursor.fetchone()
project.html_content_eng = row[0]
project.html_content_nl = row[1]
"""Attachments"""
cursor.execute(
'SELECT name, file_location FROM attachment WHERE document_id=%s',
(project.description_id, ))
attachments = list()
for row in cursor:
attachments.append({'name': row[0], 'file_location': row[1]})
project.attachments = attachments
return project