def post(self):
if request.json is not None:
return errors.InvalidBody()
requiredArgs = ['firstName', 'lastName', 'directoryId']
nullableArgs = ['uid']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(requiredArgs, parser, required=True)
parser = addToParser(nullableArgs, parser)
args = parser.parse_args()
# -- Check Unique Constraints -- #
if not isUnique('directoryId', args['directoryId'], 'people', db):
return errors.DuplicateDID()
if args['uid'] is not None and not isUnique('uid', args['uid'],
'students', db):
return errors.DuplicateUID()
# -- Add to People Table -- #
query = '''
INSERT INTO people (firstName, lastName, directoryId) VALUES (:fn,:ln,:d);
'''
db.session.execute(
query, {
'fn': args['firstName'],
'ln': args['lastName'],
'd': args['directoryId']
})
person = db.session.execute(
"SELECT * FROM people WHERE directoryId = :d;", {
'd': args['directoryId']
}).fetchone()
personId = person['personId']
# -- Add to Student Table -- #
query = '''
INSERT INTO students (uid, personId) VALUES (:uid,:pid);
'''
db.session.execute(query, {'uid': args['uid'], 'pid': personId})
# -- Return as a join of the 2 Tables -- #
response = db.session.execute(
'SELECT studentId, firstName, lastName, directoryId, uid FROM people t1 JOIN students t2 ON t1.personId = t2.personID WHERE t1.directoryId = :d;',
{'d': args['directoryId']})
db.session.commit()
return make_response(json.dumps([dict(r) for r in response][0]), 200)
def post(self):
if request.json is not None:
return errors.InvalidBody()
# Add a group to the Groups table
requiredArgs = ['name', 'className']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(requiredArgs, parser, required=True)
args = parser.parse_args()
# -- Check Unique Constraints -- #
if not isUnique('name', args['name'], 'groups', db):
return errors.DuplicateGroup()
if isUnique('className', args['className'], 'classes', db):
return errors.NoClass()
# -- Add group to table -- #
query = 'INSERT INTO groups (name, classId) VALUES (:n, (SELECT classId FROM classes WHERE className=:cname));'
db.session.execute(query, {
'n': args['name'],
'cname': args['className']
})
response = db.session.execute('SELECT groupId, name, className, watch, groupHealth, groupScore FROM groups t1 JOIN classes t2 ON t1.classID = t2.classID WHERE name = :n;',{'n':args['name']})
db.session.commit()
result = [dict(r) for r in response][0]
return make_response(json.dumps(result), 200)
def put(self, name):
if request.json is not None:
return errors.InvalidBody()
requiredArgs = ['groupHealth']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(requiredArgs, parser, required = True)
parser = addToParser(requiredArgs, parser)
args = parser.parse_args()
if isUnique('name', name, 'groups', db):
return errors.NoGroup()
if not args['groupHealth'].isnumeric() or int(args['groupHealth']) > 3 or int(args['groupHealth']) < 1:
return errors.InvalidHealth()
db.session.execute("UPDATE groups SET groupHealth = :newVal WHERE name = :n;" , {'n' : name, 'newVal' : args['groupHealth']})
db.session.commit()
return make_response('', 204)
def get(self):
if request.json is not None:
return errors.InvalidBody()
requiredArgs = ['key', 'directoryId']
parser = reqparse.RequestParser(bundle_errors=False)
parser = addToParser(requiredArgs, parser, required=True)
args = parser.parse_args()
if args['key'] != os.getenv('JWT_SECRET_KEY'):
return errors.InvalidSecret()
# ---- Admin Auth --- #
response = db.session.execute("SELECT * FROM admin WHERE id = :did", {
"did": args['directoryId']
}).fetchone()
if response is not None:
priv = response['privileges']
identity = {"directoryId": args['directoryId'], "privilege": priv}
expires = datetime.timedelta(days=1)
access_token = create_access_token(identity=identity,
expires_delta=expires)
return make_response(jsonify(access_token=access_token), 200)
# ---- Student Auth ---- #
if isUnique('directoryId', args['directoryId'], 'people', db):
return errors.NoAuth()
response = db.session.execute(
'SELECT * FROM people WHERE directoryId = :d;',
{'d': args['directoryId']})
result = [dict(r) for r in response]
personId = result[0]['personId']
if isUnique('personId', personId, 'students', db):
return errors.NoAuth()
priv = 'student'
identity = {"directoryId": args['directoryId'], "privilege": priv}
expires = datetime.timedelta(days=1)
access_token = create_access_token(identity=identity,
expires_delta=expires)
return make_response(jsonify(access_token=access_token), 200)
def delete(self):
if request.json is not None:
return errors.InvalidBody()
# Delete a class from the classes table
requiredArgs = ['className']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(requiredArgs, parser, required=True)
args = parser.parse_args()
# Checks to see if a class with className exists.
if isUnique('className', args['className'], 'classes', db):
return errors.NoClass()
#Delete from surveys
query = """DELETE FROM surveys
WHERE classId = (SELECT classId FROM classes WHERE className = :c);
"""
response = db.session.execute(query, {"c": args['className']})
#Delete from survey History
query = """DELETE FROM surveyHistory
WHERE classId = (SELECT classId FROM classes WHERE className = :c);
"""
response = db.session.execute(query, {"c": args['className']})
#Delete from teams
query = "DELETE FROM student_teams WHERE groupId IN (SELECT groupId FROM groups WHERE classId=(SELECT classId FROM classes WHERE className=:cname));"
db.session.execute(query, {'cname': args['className']})
#Delete from groups and classes
query = """DELETE FROM groups WHERE classId=(SELECT classId from classes WHERE className=:cname);
DELETE FROM classes WHERE className=:cname;
"""
db.session.execute(query, {'cname': args['className']})
db.session.commit()
return make_response('', 204)
def post(self, directoryId):
if request.json is not None:
return errors.InvalidBody()
nullableArgs = ['uid']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(nullableArgs, parser)
args = parser.parse_args()
if isUnique('directoryId', directoryId, 'people', db):
return errors.NoPerson()
if args['uid'] is not None and not isUnique('uid', args['uid'],
'students', db):
return errors.DuplicateUID()
if args['uid'] is not None and not args['uid'].isnumeric():
return errors.NotNumeric()
person = db.session.execute(
"SELECT * FROM people WHERE directoryId = :did;", {
'did': directoryId
}).fetchone()
personId = person['personId']
if not isUnique('personId', personId, 'students', db):
return errors.DuplicateDID()
query = "INSERT INTO students (uid, personId) VALUES (:uid, :personId);"
db.session.execute(query, {'uid': args['uid'], 'personId': personId})
db.session.commit()
response = db.session.execute(
'SELECT studentId, firstName, lastName, directoryId, uid FROM people t1 JOIN students t2 ON t1.personId = t2.personID WHERE t1.directoryId = :d;',
{'d': directoryId})
return make_response(json.dumps([dict(r) for r in response][0]), 200)
def delete(self):
if request.json is not None:
return errors.InvalidBody()
# Delete a class from the classes table
requiredArgs = ['name']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(requiredArgs, parser, required=True)
args = parser.parse_args()
if isUnique('name', args['name'], 'groups', db):
return errors.NoGroup()
query = "DELETE FROM slackData WHERE groupId IN (SELECT groupId FROM groups WHERE name = :name);"
db.session.execute(query, {'name':args['name']})
query = "DELETE FROM student_teams WHERE groupId IN (SELECT groupId FROM groups WHERE name = :name);"
db.session.execute(query, {'name':args['name']})
query= "DELETE FROM groups WHERE name = :name;"
db.session.execute(query, {'name':args['name']})
db.session.commit()
return make_response('', 204)
def post(self):
if request.json is not None:
return errors.InvalidBody()
requiredArgs = ['className']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(requiredArgs, parser, required=True)
args = parser.parse_args()
if not isUnique('className', args['className'], 'classes', db):
return errors.DuplicateClass()
# -- Add to Classes -- #
query = '''
INSERT INTO classes (className) VALUES (:n);
'''
db.session.execute(query, {
'n': args['className'],
})
db.session.commit()
response = db.session.execute(
'SELECT * FROM classes WHERE className = :n;',
{'n': args['className']})
# -- Create Survey -- #
query = "INSERT INTO surveys (classId) VALUES (:c);"
db.session.execute(query,
{'c': [dict(r) for r in response][0]['classId']})
db.session.commit()
response = db.session.execute(
'SELECT * FROM classes WHERE className = :n;',
{'n': args['className']})
return make_response(json.dumps([dict(r) for r in response][0]), 200)
def put(self):
if request.json is not None:
return errors.InvalidBody()
requiredArgs = ['slack', 'grades', 'lateness', 'survey', 'lastView']
parser = reqparse.RequestParser(bundle_errors=True)
parser = addToParser(requiredArgs, parser, required=True)
args = parser.parse_args()
for param in requiredArgs:
if not args[param].replace('.','',1).isdigit():
return errors.NotNumeric()
query = """
UPDATE weights SET
slack = :slack,
grades = :grades,
lateness = :lateness,
survey = :survey,
lastView = :lastView
WHERE id = 'main';
"""
response = db.session.execute(query, {
'slack':args['slack'],
'grades':args['grades'],
'lateness':args['lateness'],
'survey':args['survey'],
'lastView':args['lastView']
})
query = "SELECT slack, grades, lateness, survey, lastView FROM weights WHERE id = 'main';"
response = db.session.execute(query)
db.session.commit()
return make_response(json.dumps([dict(r) for r in response][0]), 200)