def update_book(book_id, delta, price, des, type_id_list, token=None):
if token is None or not is_admin(token):
return abort(403)
book = Book.objects(id=book_id).first()
if book is None:
return {'message': 'This book does not exist.'}
remaining = book.remaining
if des is None:
des = ""
book.update(
price=price,
remaining=remaining+delta,
description=des,
)
del book.type[:]
if type_id_list is not None:
for i in type_id_list:
try:
term = Type.objects(id=i).first()
except ValidationError:
continue
if term is None:
continue
book.type.append(term)
book.save()
return {
'success': 1,
'id': book_id,
}
def create_account(username, password, confirm, role, nickname, token=None):
if token is None or not is_admin(token):
return abort(403)
if password != confirm:
return {
"message": "password not conformity"
}
if Account.objects(username=username).first() is not None:
return {
"message": "username has been register"
}
if str(role) == '1':
role = 'admin'
else:
role = 'stuff'
account = Account(
username=username,
nickname=nickname,
password=Account.create_password(password),
role=role,
).save()
token = Token(
user_id=str(account.id),
token=create_token(),
).save()
return {
'id': account.id,
'success': 1,
'token': token.token
}
def update_account(account_id,
nickname,
des,
old_password,
new_password,
confirm,
token=None):
if token is None or not (is_admin(token) or is_self(account_id, token)):
return abort(403)
account = Account.objects(id=account_id).first()
if account is None or account.username == 'root':
return abort(403)
if des is None:
des = ""
password = account.password
if new_password or confirm:
if new_password == confirm:
if Account.check_password(account, old_password):
password = Account.create_password(new_password)
else:
return {'success': 0, 'message': 'wrong password'}
else:
return {'success': 0, 'message': 'pwd != confirm'}
account.update(
nickname=nickname,
description=des,
password=password,
)
account.save()
return {
'success': 1,
'id': account_id,
'message': 'user\'s profile update successfully!'
}
def update_book(book_id, delta, price, des, type_id_list, token=None):
if token is None or not is_admin(token):
return abort(403)
book = Book.objects(id=book_id).first()
if book is None:
return {'message': 'This book does not exist.'}
remaining = book.remaining
if des is None:
des = ""
book.update(
price=price,
remaining=remaining + delta,
description=des,
)
del book.type[:]
if type_id_list is not None:
for i in type_id_list:
try:
term = Type.objects(id=i).first()
except ValidationError:
continue
if term is None:
continue
book.type.append(term)
book.save()
return {
'success': 1,
'id': book_id,
}
def update_account(account_id, nickname, des, old_password, new_password, confirm, token=None):
if token is None or not (is_admin(token) or is_self(account_id, token)):
return abort(403)
account = Account.objects(id=account_id).first()
if account is None or account.username == 'root':
return abort(403)
if des is None:
des = ""
password = account.password
if new_password or confirm:
if new_password == confirm:
if Account.check_password(account, old_password):
password = Account.create_password(new_password)
else:
return {
'success': 0,
'message': 'wrong password'
}
else:
return {
'success': 0,
'message': 'pwd != confirm'
}
account.update(
nickname=nickname,
description=des,
password=password,
)
account.save()
return {
'success': 1,
'id': account_id,
'message': 'user\'s profile update successfully!'
}
def get_all_accounts(token=None):
if token is None or not is_stuff(token):
return abort(403)
if is_admin(token):
condition = Q(username__ne='root')
else:
condition = Q(username__ne='root') & Q(role='stuff')
accounts = Account.objects(condition)
return accounts
def get_all_accounts(token=None):
if token is None or not is_stuff(token):
return abort(403)
if is_admin(token):
condition = Q(username__ne='root')
else:
condition = Q(username__ne='root') & Q(role='stuff')
accounts = Account.objects(condition)
return accounts
def rm_ref_book2type(type_id, token=None):
if token is None or not is_admin(token):
return abort(403)
the_type = Type.objects(id=type_id).first()
all_books = Book.objects()
for book in all_books:
if the_type in book.type:
book.type.remove(the_type)
book.save()
return {'success': 1}
def get_account_by_id(account_id, token=None):
if token is None or not is_stuff(token):
return abort(403)
condition = Q(id=account_id)
if is_admin(token) and not is_root(token):
condition &= Q(username__ne='root')
elif not is_root(token):
condition = Q(username__ne='root') & Q(role='stuff')
account = Account.objects(condition).first()
return account
def get_account_by_id(account_id, token=None):
if token is None or not is_stuff(token):
return abort(403)
condition = Q(id=account_id)
if is_admin(token) and not is_root(token):
condition &= Q(username__ne='root')
elif not is_root(token):
condition = Q(username__ne='root') & Q(role='stuff')
account = Account.objects(condition).first()
return account
def rm_ref_book2type(type_id, token=None):
if token is None or not is_admin(token):
return abort(403)
the_type = Type.objects(id=type_id).first()
all_books = Book.objects()
for book in all_books:
if the_type in book.type:
book.type.remove(the_type)
book.save()
return {'success': 1}
def rm_book_type(book_type_id, token=None):
if token is None or not is_admin(token):
return abort(403)
book_type = Type.objects(id=book_type_id)
try:
book_type.delete()
except OperationError:
return {"message": "please dereference before delete the type."}
else:
return {'success': 1}
def rm_account(account_id, token=None):
if token is None or not is_admin(token):
return abort(403)
account = Account.objects(id=account_id).first()
if account is None:
return {'message': 'this account has been deleted'}
if account.role == 'admin':
if not is_root(token):
return abort(403)
account.delete()
return {'success': 1}
def rm_account(account_id, token=None):
if token is None or not is_admin(token):
return abort(403)
account = Account.objects(id=account_id).first()
if account is None:
return {'message': 'this account has been deleted'}
if account.role == 'admin':
if not is_root(token):
return abort(403)
account.delete()
return {'success': 1}
def rm_book_type(book_type_id, token=None):
if token is None or not is_admin(token):
return abort(403)
book_type = Type.objects(id=book_type_id)
try:
book_type.delete()
except OperationError:
return {
"message": "please dereference before delete the type."
}
else:
return {'success': 1}
def get_accounts(args, token=None):
if token is None or not is_stuff(token):
return abort(403)
if is_admin(token):
condition = Q(username__ne='root')
else:
condition = Q(username__ne='root') & Q(role='stuff')
if 'username' in args:
condition &= Q(username=args['username'])
if 'nickname' in args:
condition &= Q(nickname=args['nickname'])
accounts = Account.objects(condition)
return accounts
def get_accounts(args, token=None):
if token is None or not is_stuff(token):
return abort(403)
if is_admin(token):
condition = Q(username__ne='root')
else:
condition = Q(username__ne='root') & Q(role='stuff')
if 'username' in args:
condition &= Q(username=args['username'])
if 'nickname' in args:
condition &= Q(nickname=args['nickname'])
accounts = Account.objects(condition)
return accounts
def create_book(name, price, count, description, token=None):
if token is None or not is_admin(token):
return abort(403)
if Book.objects(name=name).first() is not None:
return {'message': 'this book has been existed'}
book = Book(
name=name,
price=price,
remaining=count,
description=description,
)
book = book.save()
return {'success': 1, 'id': book.id}
def create_book(name, price, count, description, token=None):
if token is None or not is_admin(token):
return abort(403)
if Book.objects(name=name).first() is not None:
return {
'message': 'this book has been existed'
}
book = Book(
name=name,
price=price,
remaining=count,
description=description,
)
book = book.save()
return {
'success': 1,
'id': book.id
}
def create_account(username, password, confirm, role, nickname, token=None):
if token is None or not is_admin(token):
return abort(403)
if password != confirm:
return {"message": "password not conformity"}
if Account.objects(username=username).first() is not None:
return {"message": "username has been register"}
if str(role) == '1':
role = 'admin'
else:
role = 'stuff'
account = Account(
username=username,
nickname=nickname,
password=Account.create_password(password),
role=role,
).save()
token = Token(
user_id=str(account.id),
token=create_token(),
).save()
return {'id': account.id, 'success': 1, 'token': token.token}
def get_all_sales_records(token=None):
if token is None or not is_admin(token):
return abort(403)
sales_records = SalesRecord.objects()
return sales_records
def get_all_sales_records(token=None):
if token is None or not is_admin(token):
return abort(403)
sales_records = SalesRecord.objects()
return sales_records
def rm_book(book_id, token=None):
if token is None or not is_admin(token):
return abort(403)
book = Book.objects(id=book_id)
book.delete()
return {'success': 1}
def rm_book(book_id, token=None):
if token is None or not is_admin(token):
return abort(403)
book = Book.objects(id=book_id)
book.delete()
return {'success': 1}
