def getfile(billid, fileid): start = time.time() bill_id = billid username = request.authorization.username passwordinfo = request.authorization.password bill_sc = Billschema(many=False) data1 = request.get_json() dbtime = time.time() flag = checkauthentication(username, passwordinfo) dur = (time.time() - dbtime) * 1000 c.timing("dbconnect", dur) if flag == True: #check if user exits result = Credential.select_user_by_email(username) user_sc = Credentialschema() data = user_sc.dump(result) owner_id = data.get('id') result2 = Bills.select_user_by_billid(bill_id) bill_sc = Billschema(many=False) data2 = bill_sc.dump((result2)) owner_id2 = data2.get('owner_id') if owner_id == owner_id2: #authorized against bill and user file_sc = File_schema_output(many=False) dbtime = time.time() result = File.select_file_by_file_id(fileid) dur = (time.time() - dbtime) * 1000 c.timing("dbconnect", dur) print(result) data = file_sc.dump(result) print(data) if not result: c.incr("getfilecount") dur = (time.time() - start) * 1000 c.timing("getfilecount", dur) return custom_http_code("file does not exist bad request", 404) c.incr("getfilecount") dur = (time.time() - start) * 1000 c.timing("getfilecount", dur) return custom_http_code(data, 200) else: return custom_http_code('Unauthorised', 401) else: return custom_http_code('invalid login', 401)
def deletefile(billid, fileid): bill_id = billid username = request.authorization.username passwordinfo = request.authorization.password bill_sc = Billschema(many=False) data1 = request.get_json() flag = checkauthentication(username, passwordinfo) if flag == True: #check if user exits result = Credential.select_user_by_email(username) user_sc = Credentialschema() data = user_sc.dump(result) owner_id = data.get('id') result2 = Bills.select_user_by_billid(bill_id) bill_sc = Billschema(many=False) data2 = bill_sc.dump((result2)) owner_id2 = data2.get('owner_id') if owner_id == owner_id2: #authorized against bill and user file_sc = File_schema_output(many=False) result = File.select_file_by_file_id(fileid) print(result) if not result: return custom_http_code("file does not exist", 404) basedir = app.config['UPLOAD_FOLDER'] filedir = root_dir + "/" + "attachments" + "/" + fileid + "/" shutil.rmtree(filedir) File.delete_file(fileid) return custom_http_code(data, 204) else: return custom_http_code('Unauthorised', 401) else: return custom_http_code('invalid login', 401)
def deletefile(billid, fileid): start = time.time() bill_id = billid username = request.authorization.username passwordinfo = request.authorization.password bill_sc = Billschema(many=False) data1 = request.get_json() dbtime = time.time() flag = checkauthentication(username, passwordinfo) dur = (time.time() - dbtime) * 1000 c.timing("dbconnect", dur) if flag == True: #check if user exits result = Credential.select_user_by_email(username) user_sc = Credentialschema() data = user_sc.dump(result) owner_id = data.get('id') result2 = Bills.select_user_by_billid(bill_id) bill_sc = Billschema(many=False) data2 = bill_sc.dump((result2)) owner_id2 = data2.get('owner_id') if owner_id == owner_id2: #authorized against bill and user file_sc = File_schema_output(many=False) dbtime = time.time() result = File.select_file_by_file_id(fileid) dur = (time.time() - dbtime) * 1000 c.timing("dbconnect", dur) print(result) if not result: return custom_http_code("file does not exist", 404) filedir = root_dir + "/" + "attachments" + "/" + fileid + "/" bucketkey = 'fileid' + '/' s3 = boto3.resource("s3") bucketobj = s3.Bucket(bucket) file_key = fileid + '/' bucketobj.objects.filter(Prefix=file_key).delete() if os.path.exists(filedir): shutil.rmtree(filedir) else: print("file id folder noyt found") File.delete_file(fileid) c.incr("deletefilecount") dur = (time.time() - start) * 1000 c.timing("deletefilecount", dur) return custom_http_code(data, 204) else: c.incr("deletefilecount") dur = (time.time() - start) * 1000 c.timing("deletefilecount", dur) return custom_http_code('Unauthorised', 401) else: return custom_http_code('invalid login', 401)
def upload_file(billId): start = time.time() bill_id = billId username = request.authorization.username passwordinfo = request.authorization.password bill_sc = Billschema(many=False) data1 = request.get_json() dbtime = time.time() flag = checkauthentication(username, passwordinfo) dur = (time.time() - dbtime) * 1000 c.timing("dbconnect", dur) if flag == True: #check if user exits result = Credential.select_user_by_email(username) user_sc = Credentialschema() data = user_sc.dump(result) owner_id = data.get('id') dbtime = time.time() result2 = Bills.select_user_by_billid(bill_id) dur = (time.time() - dbtime) * 1000 c.timing("dbconnect", dur) bill_sc = Billschema(many=False) data2 = bill_sc.dump((result2)) owner_id2 = data2.get('owner_id') if owner_id == owner_id2: #authorized against bill and user # checking if the request has the file part file = request.files['file'] # if 'file' not in request.files: return custom_http_code('No file part in the request', 400) elif file.filename == '': return custom_http_code('No file part in the request', 400) elif file and allowed_file(file.filename): result = File.select_file_by_billid(bill_id) print(result) if result: return custom_http_code( "file already exists with bill delete first", 400) filename = secure_filename(file.filename) id = str(uuid.uuid4().hex) dir = "attachments" + "/" + id # os.mkdir(dir) target = os.path.join(root_dir, dir) print(target) if not os.path.isdir(target): os.mkdir(target) else: return custom_http_code("file already exists", 400) destination_folder = "/".join([target, filename]) file.seek(0, os.SEEK_END) file_len = file.tell() img_key = hashlib.md5(file.read()).hexdigest() obj = file.save(destination_folder) #file = request.files['file'] object_name = id + "/" + file.filename s3_client = boto3.client('s3') name = 'attachments/' + id + '/' + filename #fileobj= open(name,'r') #obj=file.save(destination_folder) file = request.files['file'] dbtime = time.time() uploading = s3_client.upload_fileobj(file, bucket, object_name) #obj=file.save(destination_folder) dur = (time.time() - dbtime) * 1000 c.timing("s3time", dur) url = 'https://s3.console.aws.amazon.com/' + bucket + "/attachments/" + id + "/" + filename upload_date = datetime.datetime.today().strftime('%Y-%m-%d') # img_key = hashlib.md5(file.read()).hexdigest() # print(img_key.encode("utf-8")) dbtime = time.time() new_bill = File(id, bill_id, filename, upload_date, url, file_len, img_key) db.create_all() db.session.add(new_bill) db.session.commit() dur = (time.time() - dbtime) * 1000 c.timing("dbconnect", dur) # result=Credential.query.filter_by(first_name='Jane').first() file_sc = File_schema_output(many=False) result = File.select_file_by_file_id(id) print(result) data = file_sc.dump(result) print(data) # bill_schema= Billschema(many=False) # data= Bills.select_user_by_billid(billid) # query_result = bill_schema.dump(data) #file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename)) c.incr("postfilecount") dur = (time.time() - start) * 1000 c.timing("postfilecount", dur) return custom_http_code(data, 201) else: c.incr("postfilecount") dur = (time.time() - start) * 1000 c.timing("postfilecount", dur) return custom_http_code('wrong file extension', 400) else: c.incr("postfilecount") dur = (time.time() - start) * 1000 c.timing("postfilecount", dur) return custom_http_code('Unauthorised', 401) else: return custom_http_code('invalid login', 401)