def add_admin():
"""
This API registers an admin
"""
user_id = get_jwt_identity().get('id')
user = query_existing_user(user_id)
if user:
user.roles = Roles.ADMIN
user.avatar = request.json.get('avatar', None)
user.phone = request.json.get('phone', None)
user.gender = request.json.get('gender', None)
user.real_name = request.json.get('real_name', None)
user.language = request.json.get('language', 'CN')
user.province = request.json.get('province', None)
user.city = request.json.get('city', None)
user.register_time = datetime.utcnow()
user.nick_name = request.json.get('nick_name', None)
user.validated = VALIDATIONS.WAITING
db.session.add(user)
db.session.commit()
return jsonify(message="Admin added!"), 201
else:
return jsonify(message="No such user"), 201
def get_parent_students_sessions():
"""
This api gets all the parent's student's sessions within the time frame.
"""
parent_id = get_jwt_identity().get('id')
start_time = request.json.get('start_time', None)
end_time = request.json.get('end_time', None)
start_time_utc = datetime_string_to_utc(start_time)
end_time_utc = datetime_string_to_utc(end_time)
parent = query_existing_user(parent_id)
result = []
if parent:
students = query_parent_students(parent_id)
for student, _ in students:
class_sessions = query_student_sessions(student.id, start_time_utc,
end_time_utc)
student_result = student.to_dict()
student_result['class_sessions'] = []
for class_session, _ in class_sessions:
student_result['class_sessions'].append(
class_session.to_dict())
result.append(student_result)
return jsonify(message=result), 201
else:
return jsonify(message=result), 201
def bind_parents():
"""
This API adds parent information into DB and binds a parent with a student.
"""
parent_id = get_jwt_identity().get('id')
student_id = request.json.get('student_id', None)
teacher_id = request.json.get('teacher_id', None)
relation = request.json.get('relation', None)
parent_hood = query_parent_hood(parent_id, student_id)
# First, find the parent based on the parent_id
parent = query_existing_user(parent_id)
if parent:
# If the parent is already logged in, then add the info into db
parent.phone = request.json.get('phone', None)
parent.real_name = request.json.get('real_name', None)
# The following info can be get from wechat
parent.nick_name = request.json.get('nick_name', None)
parent.gender = request.json.get('gender', None)
parent.language = request.json.get('language', 'CN')
parent.province = request.json.get('province', None)
parent.city = request.json.get('city', None)
parent.avatar = request.json.get('avatar', None)
if parent.roles <= Roles.PARENT:
# If the user's role is no larger than PARENT
# Then change the user's role and register_time, validated status, approve_time, approver_id
# Else, the following information stay the same.
parent.roles = Roles.PARENT
parent.register_time = datetime.utcnow()
parent.validated = VALIDATIONS.APPROVED
parent.approve_time = datetime.utcnow()
parent.approver_id = teacher_id
db.session.add(parent)
db.session.commit()
if parent_hood:
# Second, find if there is already a parenthood record in the DB
# If so, update the original parenthood to a new value
original_relation = parent_hood.relation
parent_hood.relation = relation
db.session.add(parent_hood)
db.session.commit()
return jsonify(message="modified relation from " +
str(original_relation) + " to " +
str(relation)), 201
else:
# If no such parenthood in the DB
# Create a new one in the DB
parent_hood = ParentHood()
parent_hood.parent_id = parent_id
parent_hood.student_id = student_id
parent_hood.relation = relation
db.session.add(parent_hood)
db.session.commit()
return jsonify(message="Successfully binded parent"), 201
else:
return jsonify(message="No such user"), 201
def get_approvees():
"""
This api gets all approved user by user_id
"""
user_id = request.json.get('user_id', None)
user = query_existing_user(user_id)
print(user.approver)
return jsonify(message="User does not exist"), 201
def get_user_role():
"""
This API returns the user's role and validation status.
"""
user_id = get_jwt_identity().get('id')
user = query_existing_user(user_id)
if user:
return jsonify(message=user.get_roles()), 201
else:
return jsonify(message="No such user."), 201
def get_parent_students():
"""
This api gets the students of a parent.
"""
parent_id = get_jwt_identity().get('id')
parent = query_existing_user(parent_id)
if parent:
students = query_parent_students(parent_id)
return jsonify(message=[student.to_dict()
for student, _ in students]), 201
else:
return jsonify(message=[]), 201
def get_admins():
"""
This API gets all admins in the DB
"""
super_id = get_jwt_identity().get('id')
super = query_existing_user(super_id)
if current_app.config.get('SUPER_ID') and super.openid == current_app.config.get('SUPER_ID'):
admins = query_unrevoked_admins()
return jsonify(message=[admin.validate_info() for admin in admins]), 201
else:
return jsonify(message="What are you thinking?"), 201
def get_user():
"""
This api gets one user from the DB by the access token.
"""
id = get_jwt_identity().get('id')
user = query_existing_user(id)
if user:
result = user.full_info()
if current_app.config.get('SUPER_ID') and user.openid == current_app.config.get("SUPER_ID"):
result['is_super'] = True
return jsonify(message=result), 201
else:
return jsonify(message=[]), 201
def validate_admin():
"""
This API validates an admin in the request
"""
super_id = get_jwt_identity().get('id')
super = query_existing_user(super_id)
if current_app.config.get('SUPER_ID') and super.openid == current_app.config.get('SUPER_ID'):
admin_id = request.json.get('admin_id', None)
decision = request.json.get('decision', 0)
admin = query_existing_user(admin_id)
if admin:
admin.validated = decision
admin.approver_id = super_id
admin.approve_time = datetime.utcnow()
db.session.add(admin)
db.session.commit()
return jsonify(message="Admin validation status changed by the man"), 201
else:
return jsonify(message="No such user"), 201
else:
return jsonify(message="What are you thinking?"), 201
def validate_parent():
"""
This api validates a parent in the DB.
"""
parent_id = request.json.get('parent_id', None)
decision = request.json.get('decision', 0)
parent = query_existing_user(parent_id)
if parent:
parent.validated = decision
parent.approver_id = get_jwt_identity().get('id')
parent.approve_time = datetime.utcnow()
db.session.add(parent)
db.session.commit()
return jsonify(message="Parent validation updated"), 201
else:
return jsonify(message='User does not exist'), 201
def validate_user():
"""
This API validates the user in the request
"""
user_id = request.json.get('user_id', None)
decision = request.json.get('decision', None)
user = query_existing_user(user_id)
if user:
user.validated = decision
user.approver_id = get_jwt_identity().get('id')
user.approve_time = datetime.utcnow()
db.session.add(user)
db.session.commit()
return jsonify(message="User validation status changed"), 201
else:
return jsonify(message="User does not exist"), 201
def decorator(*args, **kwargs):
verify_jwt_in_request()
user_id = get_jwt_identity().get('id')
required_roles = roles
# If everybody can access, then just query existing users.
# This is to accomodate the register real information of teacher API.
if required_roles == 0:
user = query_existing_user(user_id)
else:
user = query_validated_user(user_id)
# Check if the user is qualified for the action or resources
if user:
user_roles = user.get_role_value()
if user_roles >= required_roles:
# If the user's role in DB is >= required roles, meaning the user has equal or above
# qualification for the API
return fn(*args, **kwargs)
else:
return jsonify(msg='not qualified'), 403
else:
return jsonify(msg='no such user'), 400
def register_teacher():
"""
This api adds teacher's real information to the DB.
"""
teacher_id = get_jwt_identity().get('id')
teacher = query_existing_user(teacher_id)
if teacher:
teacher.phone = request.json.get('phone', None)
teacher.real_name = request.json.get('real_name', None)
teacher.gender = request.json.get('gender', None)
teacher.language = request.json.get('language', 'CN')
teacher.province = request.json.get('province', None)
teacher.city = request.json.get('city', None)
teacher.avatar = request.json.get('avatar', None)
teacher.roles = Roles.TEACHER
teacher.register_time = datetime.utcnow()
db.session.add(teacher)
db.session.commit()
return jsonify(message="Teacher created successfully"), 201
else:
return jsonify(message='User does not exist'), 201
def register_parent():
"""
This api adds parent's real information to the DB.
"""
parent_id = get_jwt_identity().get('id')
parent = query_existing_user(parent_id)
if parent:
parent.phone = request.json.get('phone', None)
parent.nick_name = request.json.get('nick_name', None)
parent.real_name = request.json.get('real_name', None)
parent.gender = request.json.get('gender', None)
parent.language = request.json.get('language', 'CN')
parent.province = request.json.get('province', None)
parent.city = request.json.get('city', None)
parent.avatar = request.json.get('avatar', None)
parent.roles = Roles.PARENT
parent.register_time = datetime.utcnow()
db.session.add(parent)
db.session.commit()
return jsonify(message="Parent created successfully"), 201
else:
return jsonify(message='User does not exist'), 201