def change_order_status(current_user, id):
if not db.is_admin(current_user.user_id):
return response_message('Unauthorized', 'Not enough access privileges',
401)
request_data = request.get_json()
try:
if not isinstance(request_data['status'], str):
return response_message('error', 'status should be string value',
400)
status = [
'pickup_started', 'rejected', 'in_transit', 'cancelled',
'delivered'
]
if not db.get_parcel_by_value('parcels', 'parcel_id', id):
return jsonify({'message': 'order not found'}), 404
if not request_data['status'] in status:
return jsonify({
'message':
"invalid status,parcels can be cancelled,delivered,in_transit,rejected,pickup_started"
}), 400
db.change_status(request_data['status'], id)
our_user = db.get_user_by_value('users', 'user_id',
db.get_parce_owner_id(id))
sendemail(
our_user[3], 'Order Status Update', 'Hello there ' + our_user[1] +
'\nYour parcels status ' + request_data['status'])
return jsonify({
'message': 'order status updated successfully',
'new_status': request_data['status']
}), 200
except KeyError as e:
return response_message('error', 'status is missing', 400)
def change_user_type(current_user, user_id):
if not db.is_admin(current_user.user_id):
return response_message('unauthorised', 'cant access that', 401)
if db.get_user_by_value('users', 'user_id', user_id) is None:
return response_message('Error', 'User does not exist', 404)
db.update_role(user_id)
return response_message('success', 'User is now admin', 200)
def login_user():
"""
User login if he supplies correct credentials
token is generated and given to a user
"""
try:
if request.content_type != 'application/json':
return response_message('Bad request',
'Content-type must be in json', 400)
request_data = request.get_json()
if not request_data:
return jsonify({"Failed": "Empty request"}), 400
email = request_data['email']
if not validate_email(email):
return response_message('Failed', 'email is invalid', 400)
password = request_data['password']
db_user = db.get_user_by_value('users', 'email', email)
if not db_user[6]:
return response_message(
'Failed', 'email is not verified,please visit your mailbox',
401)
new_user = User(db_user[0], db_user[1], db_user[2], db_user[3],
db_user[4], db_user[6])
passed = check_password_hash(new_user.password, password)
if passed is False:
return response_message('Failed', 'email or password is invalid',
400)
else:
print(222)
payload = {
'exp':
datetime.datetime.utcnow() + datetime.timedelta(days=0, hours=23),
'user_id':
new_user.user_id,
'email':
new_user.email,
'is_admin':
new_user.is_admin
}
token = jwt.encode(payload, 'TRULYS_SECRET', algorithm='HS256')
if token:
return jsonify({
"message": "You have successfully logged in",
"auth_token": token.decode('UTF-8'),
'user_id': new_user.user_id,
'is_admin': new_user.is_admin
}), 200
except Exception as er:
print(er)
return response_message('Failed', 'email or password is invalid', 400)
def get_user_parcels(current_user, id):
if not db.is_admin(current_user.user_id):
if current_user.user_id != id:
return response_message(
'unauthorized operation',
'You do not have permissions to access that', 401)
if not db.get_user_by_value('users', 'user_id', id) is None:
try:
parcel_list = []
for parcel in db.get_user_parcels(id):
parcel_dict = {
"parcel_id": parcel[0],
"user_id": parcel[1],
"pickup_address": parcel[3],
"destination_address": parcel[2],
"sender_email": parcel[5],
"recipient_email": parcel[10],
"recipient_phone_number": parcel[7],
"placed": parcel[18],
"status": parcel[6]
}
parcel_list.append(parcel_dict)
return jsonify({"parcels": parcel_list}), 200
except IndexError as e:
return jsonify({"message": 'User does not exist'}), 404
else:
return jsonify({"message": 'User does not exist'}), 404
def get_parcels(current_user):
if not db.is_admin(current_user.user_id):
return response_message('unauthorized operation',
'Only admin users can view all orders', 401)
all = db.get_all_parcels()
if all:
parcel_list = []
for parcel in all:
parcel_dict = {
"parcel_id": parcel[0],
"user_id": parcel[1],
"pickup_address": parcel[3],
"destination_address": parcel[2],
"sender_email": parcel[5],
"recipient_email": parcel[10],
"recipient_phone_number_number": parcel[7],
"placed": parcel[18],
"status": parcel[6]
}
parcel_list.append(parcel_dict)
return jsonify({"parcels": parcel_list}), 200
return jsonify({
'message': 'No parcel delivery orders posted yet',
'count': len(all)
}), 404
def change_destination(current_user, id):
rdata = request.get_json()
helper = Helper()
if not "destination_address" in rdata:
return jsonify({'message':
'Please add a new destination address'}), 400
newdest = rdata['destination_address']
if db.get_parcel_by_value('parcels', 'parcel_id', id) is None:
return jsonify({"message": "parcel delivery request not found"}), 404
if (helper.get_formatted_address(rdata['destination_address'])) is None:
return jsonify({"message": "destination_address not found"}), 400
# CHECK SAME DESTINATION ADDRESSES
if str(db.get_destination_address(id)).lower() == str(newdest).lower():
return response_message('Forbidden',
'cannot change to the same destination', 403)
if not db.is_order_delivered(id):
if db.is_parcel_owner(id, current_user.user_id):
our_user = db.get_user_by_value('users', 'user_id',
db.get_parce_owner_id(id))
new_lat_lng = helper.get_dest_latlong(newdest)
new_distance = helper.get_distance(new_lat_lng,
db.get_pick_up_latlng(id))
parcel_weight = db.get_parcel_weight(id)
new_price = helper.get_charge(parcel_weight,
new_distance,
quantity=None)
res = db.change_destination(helper.get_formatted_address(newdest),
id, new_lat_lng, new_distance,
new_price)
sendemail(
our_user[3], 'Destination Update',
'Hello there \n New Destination Update for ' +
current_user.username + '\nNew Destination is ' + res)
return jsonify({
'message': 'destination updated successfully',
'new_destination': res
}), 200
else:
return response_message('Forbidden',
'Not authorised to perform operation', 403)
else:
return jsonify({'message': 'order already delivered cant update'}), 403
def change_present_location(current_user, id):
heper = Helper()
if not db.is_admin(current_user.user_id):
return response_message('Unauthorized', 'Not enough access previleges',
401)
request_data = request.get_json()
try:
if not isinstance(request_data['current_location'], str):
return response_message('error',
'current location should be string value',
400)
if not db.get_parcel_by_value('parcels', 'parcel_id', id):
return response_message('error', 'order not found', 404)
if is_should_update(request_data):
cl = heper.get_formatted_address(request_data['current_location'])
if cl is None:
return response_message(
'error', 'current location address does not exist', 400)
db.change_present_location(cl, id)
if heper.get_dest_latlong(
heper.get_formatted_address(
request_data['current_location'])
) == db.get_destination_latlng(id):
db.update_parcel_status('delivered', id)
else:
db.update_parcel_status('in_transit', id)
our_user = db.get_user_by_value('users', 'user_id',
db.get_parce_owner_id(id))
sendemail(
our_user[3], 'Order Update', 'Hello there ' + our_user[1] +
'\nYour parcels location is now ' +
db.get_current_location(id))
return jsonify({
'message': 'current location updated successfully',
'Present Location': db.get_current_location(id)
}), 200
else:
return jsonify(
{'message':
'bad request object, current location missing'}), 400
except KeyError as identifier:
return jsonify({'message': str(identifier) + 'is missing'})
def search_app(current_user):
data = request.get_json()
if not 'query' in data:
return response_message("failed", "please search", 400)
query = data['query']
results = db.search_app(query)
response_data = []
if isinstance(results, str):
return response_message("not_found", results, 404)
print(results)
for result in results:
res_obj = {
"user_id": result[0],
"user_email": result[2],
"user_name": result[1],
}
response_data.append(res_obj)
return jsonify({"message": "found", "data": response_data}), 200
def get_users(current_user):
if not db.is_admin(current_user.user_id):
return response_message('unauthorized operation',
'Only admin users can view all users', 401)
users = Database().get_users()
user_list = []
for user in users:
user_dict = {
"user_id": user[0],
"fullname": user[1],
"username": user[2],
"email": user[3],
"phone_number": user[5],
"is_admin": user[6],
"joined": user[7]
}
user_list.append(user_dict)
return jsonify({"users": user_list}), 200
def get_a_parcel(current_user, id):
"""
return order request details for a specific order
:param id:
:return:
"""
if not db.is_admin(current_user.user_id):
if current_user.user_id != db.get_parce_owner_id(id):
return response_message(
'unauthorized operation',
'You do not have enough permissions to access that', 401)
if db.get_parcel_by_value('parcels', 'parcel_id', id) is None:
return jsonify({"message":
"parcel delivery request order not found"}), 404
results = db.get_parcel_by_value('parcels', 'parcel_id', id)
parcel_dict = {
"parcel_id": results[0],
"user_id": results[1],
"pickup_address": results[3],
"destination_address": results[2],
"sender_email": results[5],
"recipient_email": results[11],
"recipient_phone_number": results[7],
"current_location": results[10],
"recipient fullname": results[12],
"destination_latlng": results[14],
"pickuplat_lng": results[13],
"weight": results[9],
"distance": results[15],
"status": results[6],
"price": results[16],
"created": results[18],
"last_modified": results[17],
"parcel_description": results[4],
"quantity": results[8]
}
return jsonify(parcel_dict), 200
def logout(current_user):
db.invalidate_a_token(get_token())
return response_message('success', 'you have successfully logged out', 200)
def create_user():
"""
User creates an account
User sign up details are added to the data base
"""
if request.content_type != 'application/json':
return response_message('Bad request',
'Content-type must be json type', 400)
request_data = request.get_json()
try:
if not request_data:
return jsonify({"message": "Empty request"}), 400
username = request_data['username']
str(username).replace(" ", "")
email = request_data['email']
fullname = request_data['fullname']
if not fullname:
return response_message('Missing', 'FullName is required', 400)
phone_number = str(request_data['phone_number'])
if len(phone_number) < 10:
return response_message(
'Invalid', 'phone number should be atleast 10 characters long',
400)
if not re.match("[0-9]", phone_number):
return response_message('Invalid',
'phone number should not contain letters',
400)
if not isinstance(fullname, str) or not isinstance(username, str):
return response_message(
'Invalid', 'fullname and username should be of type string',
400)
if len(str(fullname)) < 3 or len(username) < 3:
return response_message(
'Invalid',
'FullName and username should be atleast 3 characters long',
400)
if not username:
return response_message('Missing', 'Username required', 400)
if not validate_email(email):
return response_message('Error', 'Missing or wrong email format',
400)
if not len(request_data['password']) > 5:
return response_message('Failed',
'Ensure password is atleast 6 characters',
400)
if db.get_user_by_value('users', 'email', email):
return response_message(
'Failed', 'User with email ' + email + ' already exists', 409)
if db.get_user_by_value('users', 'username', username):
return response_message('Failed', username + ' is taken', 409)
password = generate_password_hash(request_data['password'])
db.insert_into_user(fullname, username, email, phone_number, password)
url = f"{request.url_root}api/v2/auth/email_verify?token={jwt.encode({'email':email},'TRULYS_SECRET').decode('utf-8')}"
sendemail(
email, 'Welcome to SendIT', 'Hello there ' + fullname +
'Click this link to verify your email\n' + '\n ' + url)
return response_message(
'Success', 'Please visit your email to verify your account', 201)
except KeyError as e:
return jsonify({'Error': str(e) + ' is missing'}), 400
def create_user():
"""
User creates an account
User sign up details are added to the data base
"""
if request.content_type != 'application/json':
return response_message('Bad request',
'Content-type must be json type', 400)
request_data = request.get_json()
try:
if not request_data:
return jsonify({"message": "Empty request"}), 400
username = request_data['username']
str(username).replace(" ", "")
email = request_data['email']
fullname = request_data['fullname']
if not fullname:
return response_message('Missing', 'FullName is required', 400)
phone_number = str(request_data['phone_number'])
if len(phone_number) < 10:
return response_message(
'Invalid', 'phone number should be atleast 10 characters long',
400)
if not re.match("[0-9]", phone_number):
return response_message('Invalid',
'phone number should not contain letters',
400)
if not isinstance(fullname, str) or not isinstance(username, str):
return response_message(
'Invalid', 'fullname and username should be of type string',
400)
if len(str(fullname)) < 3 or len(username) < 3:
return response_message(
'Invalid',
'FullName and username should be atleast 3 characters long',
400)
if not username:
return response_message('Missing', 'Username required', 400)
if not validate_email(email):
return response_message('Error', 'Missing or wrong email format',
400)
if not len(request_data['password']) > 5:
return response_message('Failed',
'Ensure password is atleast 6 characters',
400)
if db.get_user_by_value('users', 'email', email):
return response_message(
'Failed', 'User with email ' + email + ' already exists', 409)
if db.get_user_by_value('users', 'username', username):
return response_message('Failed', username + ' is taken', 409)
password = generate_password_hash(request_data['password'])
db.insert_into_user(fullname, username, email, phone_number, password)
sendemail(
email, 'Welcome to SendIT', 'Hello there ' + fullname +
',\n We want to thank you for joining our platform and we love you\n'
'For any inquiries,you can dm us on twitter or reply to this email\n Have fun \nThe SendIT Team'
)
return response_message('Success',
'User account successfully created, log in',
201)
except KeyError as e:
return jsonify({'Error': str(e) + ' is missing'}), 400
def welcome(current_user):
return response_message("ok", "Welcome to the sendit api v2", 200)
def add_parcel(current_user):
if not request.content_type == 'application/json':
return jsonify({"failed":
'Content-type must be application/json'}), 415
request_data = request.get_json()
helper = Helper()
try:
if not validate_email(request_data['recipient_email']):
return jsonify({"message": "Recipient email is invalid"}), 400
if len(str(request_data['recipient_phone_number'])) < 10:
return jsonify({
"message":
"Recipient Phone number should be atleast 10 characters"
}), 400
if len(str(request_data['parcel_description'])) < 5:
return jsonify({
"message":
"Your Parcel description should be atleast 5 characters"
}), 400
if not isinstance(request_data['parcel_description'], str):
return jsonify({"message":
"Description should be string values"}), 400
if not isinstance(request_data['pickup_address'], str):
return jsonify(
{"message": "pickup_address should be string values"}), 400
if (helper.get_formatted_address(
request_data['pickup_address'])) is None:
return jsonify({"message": "pickup_address not found"}), 400
if not isinstance(request_data['destination_address'], str):
return jsonify(
{"message":
"destination_address should be string values"}), 400
if (helper.get_formatted_address(
request_data['destination_address'])) is None:
return jsonify({"message": "destination_address not found"}), 400
if not isinstance(request_data['quantity'], int):
return jsonify({"message":
"quantity should be integer values"}), 400
if not isinstance(request_data['weight'], int):
return jsonify({"message": "weight should be integer values"}), 400
if not isinstance(request_data['recipient_name'], str):
return jsonify(
{"message": "recipient_name should be string values"}), 400
except KeyError as keyerr:
return response_message('Failed', f"{keyerr}" + 'is missing', 400)
dest_lat_lng = helper.get_dest_latlong(request_data['destination_address'])
pickup_latlng = helper.get_pickup_latlong(request_data['pickup_address'])
distance = helper.get_distance(pickup_latlng, dest_lat_lng)
price = helper.get_charge(request_data['weight'], distance,
request_data['quantity'])
try:
db.insert_into_parcels(
helper.get_formatted_address(request_data['destination_address']),
helper.get_formatted_address(request_data['pickup_address']),
request_data['parcel_description'], current_user.user_id,
db.get_user_email(current_user.user_id),
request_data['recipient_name'], request_data['recipient_email'],
request_data['recipient_phone_number'], request_data['weight'],
request_data['quantity'], pickup_latlng, dest_lat_lng, distance,
price)
except psycopg2.IntegrityError:
return response_message('message', 'something went wrong', 403)
return jsonify({
"status": "success",
"message": "Parcel request has been created successfully",
"parcel": db.get_last_insert_id()
}), 201
