def update_business_data(current_user, id): business = Business.query.filter_by(name=request.json.get('name')).first() if business: try: post_data = request.json name = post_data.get("name") abbreviation = post_data.get("abbreviation") company_address = post_data.get("company_address") country = post_data.get("country") countries = post_data.get("countries_of_operation") annual_sales_revenue = post_data.get("annual_sales_revenue") software = post_data.get("software") user_id = current_user.id business = Business(name=name, abbreviation=abbreviation, company_address=company_address, country=country, countries=countries, annual_sales_revenue=annual_sales_revenue, accounting_software=software, user_id=user_id) business.save() return response('success', 'Business updated successfully', 200) except Exception as e: result = {'message': str(e)} return make_response(jsonify(result)), 401 else: return response('business not registered register first', 202)
def change_use_type(current_user, user_id): if int(current_user.type) != User.Type.admin or int( current_user.type) != User.Type.bank_teller: return response('unauthorised', 'Cannot perform operation', 401) user = User.query.filter_by(id=user_id).first() if not user: return response('Not found', 'user not found check ID', 404) user.type = request.json.get('type') db.session.commit() return response('success', 'user status updated', 200)
def delete_business_data(current_user, id): try: if not current_user.is_admin: if not Business.query.filter_by( id=id).first().user_id == current_user.id: return response( 'Unauthorized', 'User does not have the rights to perform requested action', '401') Business.delete(id) return response('Success', 'Deleted successfully', 200) except Exception as e: return {'message': str(e)}
def get_all_users(current_user): if int(current_user.type) != User.Type.admin or int( current_user.type) != User.Type.bank_teller: return response('unauthorised', 'Cannot perform operation', 401) all_users = User.get_all() result = user_schema.dump(all_users) return jsonify(result.data)
def check_balance(current_user, account_id): if account_id: account = Accounts.query.filter_by(id=account_id, user_id=current_user.id) result = account_schema.dump(account) return jsonify(result.data) return response('failed', 'check account id and try again', 200)
def delete_one_user(current_user, user_id): if int(current_user.type) != User.Type.admin or int( current_user.type) != User.Type.bank_teller: return response('unauthorised', 'Cannot perform operation', 401) if not user: return jsonify({"message: no User found"}) User.delete_user(id) return jsonify({'message': 'user {user_id} deleted successfully'})
def register_user(): user = User.query.filter_by(email=request.json.get('email')).first() if not user: try: post_data = request.json email = post_data.get("email") firstname = post_data.get("firstname") lastname = post_data.get("lastname") password = post_data.get("password") user = User(firstname, lastname, email, password) user.save() return response('success', 'account created successfully', 201) except Exception as e: result = {'message': str(e)} return make_response(jsonify(result)), 401 else: return response('User already exists', 'Please Login', 202)
def register(): # query if the user exists user = User.query.filter_by(name=request.json.get('name')).first() if not user: try: post_data = request.json # register the user name = post_data.get('name') password = post_data.get('password') user = User(name=name, password=password) user.save() return response('success', 'account created', 201) except Exception as e: # In case of any errors, return a String message containing the error result = {'message': str(e)} return make_response(jsonify(result)), 401 else: # User is Already in the database so we do not want to register them twice return response('Already exists', 'Please Login', 202)
def register(): # query if the user exists user = User.query.filter_by(email=request.json.get('email')).first() if not user: try: post_data = request.json # register the user email = post_data.get('email') firstname = post_data.get('firstname') lastname = post_data.get('lastname') password = post_data.get('password') id_type = post_data.get('id_type') id_number = post_data.get('id_number') phone_number = post_data.get('phone_number') user = User(email=email, firstname=firstname, lastname=lastname, password=password, id_type=id_type, id_number=id_number, phone_number=phone_number) user.save() account_name = firstname + ' ' + lastname account = Accounts(user_id=user.id, account_name=account_name, account_number=generate_account_number()) account.save() return response('success', 'account created', 201) except Exception as e: #In case of any errors, return a String message containing the error result = {'message': str(e)} return make_response(jsonify(result)), 401 else: # User is Already in the database so we do not want to register them twice return response('Already exists', 'Please Login', 202)
def upload_transaction_details(current_user, id): if 'file' not in request.files: return bad_request('No file in request') file = request.files['file'] if file.filename == '': return bad_request('No file selected for uploading') if Transaction.get_title(file.filename, id): return response( 'Already exists', 'File with title %s has already been uploaded' % file.filename, 400) if file and allowed_file(file.filename): filename = secure_filename(file.filename) try: data = pd.read_csv(file, usecols=HEADERS, delimiter=',') data['business_id'] = id data['file_name'] = file.filename data['Due Date'] = pd.to_datetime(data['Due Date'], format="%m/%d/%y", infer_datetime_format=True) data['Transaction Date'] = pd.to_datetime( data['Transaction Date'], format="%m/%d/%y", infer_datetime_format=True) data.rename(columns={ 'Transaction': 'transaction', 'ID': 'transaction_id', 'Status': 'status', 'Transaction Date': 'transaction_date', 'Due Date': 'due_date', 'Customer or Supplier': 'customer_or_supplier', 'Item': 'item', 'Quantity': 'quantity', 'Unit Amount': 'unit_amount', 'Total Transaction Amount': 'total_transaction_amount' }, inplace=True) data.to_sql('transactions', con=db.engine, if_exists='append', index=False, chunksize=1000) except Exception as e: result = {'message': str(e)} return make_response(jsonify(result)), 401 return data.to_json() return bad_request('Only .csv files allowed')
def get_transaction_data(current_user, id): if not current_user.is_admin: if not Business.query.filter_by( id=id).first().user_id == current_user.id: return response( 'Unauthorized', 'User does not have the permissions to perform requested action', '401') result = Transaction.get_business_transactions(id) topQuantity = Transaction.get_top_qty(id) topValue = Transaction.get_top_value(id) total_orders = 0 total_order_payments = 0 total_bills = 0 total_bill_payements = 0 qtyData = [] valData = [] topProduct = None business = Business.get_business(id) for item in result: if item.transaction == "Order": total_orders += float(item.total_transaction_amount) if item.transaction == "Order Payement": total_order_payments += float(item.total_transaction_amount) if item.transaction == "Bill": total_bills += float(item.total_transaction_amount) if item.transaction == "Bill Payement": total_bill_payements += float(item.total_transaction_amount) amount_incoming = total_orders - total_order_payments amount_outgoing = total_bills - total_bill_payements currentUser = current_user.firstname + ' ' + current_user.lastname for (k, v) in topQuantity.items(): if not topProduct: topProduct = k qtyData.append({"name": k, "Quantity": round(v, 2)}) for (k, v) in topValue.items(): valData.append({"name": k, "Value": round(v, 2)}) return { "topProduct": topProduct, "currentUser": currentUser, "businessName": business.name, "topQuantity": qtyData, "topValue": valData, "incoming": round(amount_incoming, 2), "outgoing": round(amount_outgoing, 2) }
def deposit_to_account(current_user, account_id): if int(current_user.type) != User.Type.admin or int( current_user.type) != User.Type.bank_teller: return response('unauthorised', 'Cannot perform operation', 401) if account_id is not None: account_number = request.json.get('account_number') amount = request.json.get('amount') client_id = request.json.get('user_id') account = Accounts.query.filter_by(account_number=account_number, user_id=client_id).first() if account: amount_to_deposit = (int(amount)) account.balance = account.balance + amount_to_deposit account.save() account = Account.get_user_account(current_user.id) result = account_schema.dump(account) return jsonify(result.data) return "invalid account details do not match"
def funds_transfer(current_user, account_id): if account_id is not None: account_number = request.json.get('account_number') amount = request.json.get('amount') pin = request.json.get('pin') account = Accounts.query.filter_by(user_id=current_user.id).first( ) ## TODO: modify query to get current users account reciever_account = Accounts.query.filter_by( account_number=account_number).first( ) ## TODO: modify query to get current users account if account and reciever_account: amount_to_transfer = (int(amount)) if amount_to_transfer > account.balance: return response('failed', 'cannot transfer more than balance', 403) else: account.balance = account.balance - amount_to_transfer reciever_account.balance = reciever_account.balance + amount_to_transfer account.save() reciever_account.save() return ({"message": "Transaction successful"}) return ({"message": "funds transfer unsuccessful"})
def delete(self, account_id): if int(current_user.type) != User.Type.admin or int( current_user.type) != User.Type.bank_teller: return response('unauthorised', 'Cannot perform operation', 401) Accounts.delete_account(account_id) return jsonify({'message': 'user {account_id} deleted successfully'})
def index(): return response('success', "Welcome to offline Business application", 200)