def pre_update_billbooks(updates, billbook):
'''
Before update bill book:
1. Only bill book's owners can change its status
'''
if 'status' in updates:
relation = get_data('relation', 400)
if relation['status'] > 0:
del updates['status']
if 'default' in updates:
default = updates['default']
ori_default = billbook.get('default', False)
if default and not ori_default:
user = get_data('user', 409)
relation = get_user_billbook_relation(user['_id'])
operator.patch_many('billbooks', {'$set': {
'default': False
}}, {
'default': True,
'_id': {
'$in': list(relation.keys())
}
})
elif not default and ori_default:
del updates['default']
def post_update_bills(updates, bill):
ori_amount = bill['amount']
ori_account = bill['account']
amount = updates.get('amount', ori_amount)
account = updates.get('account', ori_account)
user = get_data('user', 409)
transfer_billbook = get_transfer_billbook(user['_id'])
if bill['billbook'] != transfer_billbook:
if account != ori_account:
change_account_amount(ori_account, -ori_amount)
change_account_amount(account, amount)
elif amount != ori_amount:
change_account_amount(ori_account, amount - ori_amount)
_check_bill_cats(bill)
else:
ori_payer = bill['payer']
ori_consumer = bill['consumer']
payer_id = updates.get('payer', ori_payer)
consumer_id = updates.get('consumer', ori_consumer)
payer = operator.str2id(get_normal_account(payer_id)) if payer_id else None
consumer = operator.str2id(get_normal_account(consumer_id)) if consumer_id else None
if amount != ori_amount:
change_account_amount(account, amount - ori_amount)
change_account_amount(payer if account != payer else consumer, ori_amount - amount)
def pre_insert_bills(bills):
'''
Before insert bill:
1. Make sure now user is at least writer of the bill book of this bill.
2. Set now user as the creater of this bill.
3. Check related categorys, create if not existing.
'''
user = get_data('user', 409)
for num, bill in enumerate(bills):
relation = operator.get('billbook_user_relation', {
'user': user['_id'],
'billbook': bill['billbook']
})
if not relation:
billbook = operator.get('billbooks', {'_id': bill['billbook']})
if billbook['status'] > 0:
abort(400)
elif relation['status'] > 2:
abort(400)
bills[num]['creater'] = user['_id']
bills[num]['creater_name'] = user['nickname']
if get_transfer_billbook(user['_id']) != bill['billbook']:
_check_bill_cats(bill)
def instance_auth(self, infos, method):
user = get_data('user')
if not user:
return False
if method == 'PATCH':
return user['_id'] == infos['_id']
elif method == 'GET':
return True
return False
def pre_insert_billbooks(billbooks):
user = get_data('user', 409)
relation = get_user_billbook_relation(user['_id'])
for num, billbook in enumerate(billbooks):
billbooks[num]['owners'] = [user['_id']]
if num is 0 and not relation:
billbooks[0]['default'] = True
elif billbook.get('default', False):
billbooks[num]['default'] = False
def pre_get_bills(req, lookup):
if lookup.get('_id', None) is None:
user = get_data('user', 409)
relation = get_user_billbook_relation(user['_id'], True)
billbook = lookup.get('billbook', None)
if billbook:
lookup['billbook'] = check_billbook_lookup(
billbook, user['_id'], relation)
else:
lookup['billbook'] = {'$in': list(relation.keys())}
def post_delete_bills(bill):
user = get_data('user', 409)
transfer = get_transfer_billbook(user['_id'])
amount = bill['amount']
change_account_amount(bill['account'], -amount)
if transfer == bill['billbook'] and bill['payer'] and bill['consumer']:
payer_id = bill.get('payer')
consumer_id = bill.get('consumer')
payer = operator.str2id(get_normal_account(payer_id)) if payer_id else None
consumer = operator.str2id(get_normal_account(consumer_id)) if consumer_id else None
change_account_amount(payer if bill['account'] != payer else consumer, amount)
def post_get_bills(res):
user = get_data('user', 409)
if user:
transfer_billbook = get_transfer_billbook(user['_id'])
if '_items' in res:
for index, bill in enumerate(res['_items']):
if bill['billbook'] == transfer_billbook:
res['_items'][index]['billbook'] = 'transfer'
else:
if res['billbook'] == transfer_billbook:
res['billbook'] = 'transfer'
return res
def post_update_user_infos(updates, info):
ori_nickname = info['nickname']
nickname = updates.get('nickname', '')
if nickname and nickname != ori_nickname:
user = get_data('user', 409)
relation = get_user_billbook_relation(user['_id'], True)
operator.patch_many('bills', {'$set': {
'creater_name': nickname
}}, {
'creater_name': ori_nickname,
'billbook': {
'$in': list(relation.keys())
}
})
def instance_auth(self, cat, method):
user = get_data('user')
if not user:
return False
relation = operator.get('billbook_user_relation', {
'user': user['_id'],
'billbook': cat['billbook']
})
if method in ['DELETE', 'PATCH']:
return relation['status'] <= 1
elif method == 'GET':
return relation is not None
return False
def pre_insert_relation(relations):
'''
Before insert relation:
1. Only owners or managers can add new user.
2. Managers can only add writers or readers
'''
user = get_data('user', 409)
for num, relation in enumerate(relations):
user_relation = operator.get('billbook_user_relation', {
'user': user['_id'],
'billbook': relation['billbook']
})
if not user_relation or user_relation['status'] > 1:
abort(409)
if relation['status'] <= 1 and user_relation['status'] == 1:
abort(409)
def instance_auth(self, relation, method):
user = get_data('user')
if not user:
return False
user_relation = operator.get('billbook_user_relation', {
'user': user['_id'],
'billbook': relation['billbook']
})
set_data('relation', user_relation)
if method in ['DELETE', 'PATCH']:
return user_relation and user_relation['status'] <= 1
elif method == 'GET':
return True
return False
def post_insert_bills(bills):
'''
After insert bill:
1. Change the amont of the account of this bill
'''
user = get_data('user', 409)
transfer = get_transfer_billbook(user['_id'])
for bill in bills:
amount = bill['amount']
change_account_amount(bill['account'], amount)
if transfer == bill['billbook']:
payer_id = bill.get('payer')
consumer_id = bill.get('consumer')
payer = operator.str2id(get_normal_account(payer_id)) if payer_id else None
consumer = operator.str2id(get_normal_account(consumer_id)) if consumer_id else None
change_account_amount(payer if bill['account'] != payer else consumer, -amount)
def pre_get_cats(req, lookup):
'''
Before get category:
1. If not specified bill books, limit the range as
user's bill book.
2. Given one bill book, continue if user have view privileges,
otherwise stop with error 409
3. Given many bill book, check each and remove unaccessible ones.
'''
if lookup.get('_id', None) is None:
user = get_data('user', 409)
billbook = lookup.get('billbook', None)
relation = get_user_billbook_relation(user['_id'])
if billbook:
lookup['billbook'] = check_billbook_lookup(billbook, user['_id'], relation)
else:
lookup['billbook'] = {'$in': list(relation.keys())}
def instance_auth(self, bill, method):
user = get_data('user')
if not user:
return False
creater = bill.get('creater')
relation = operator.get('billbook_user_relation', {
'user': user['_id'],
'billbook': bill['billbook']
})
billbook = operator.get('billbooks', {'_id': bill['billbook']})
relation_status = relation['status'] if relation else 4
billbook_status = billbook['status']
# set_data('relation', relation)
if method in ['PATCH', 'DELETE']:
return billbook_status == 0 or relation_status <= 1 or (user['_id'] is creater and relation_status <= 2)
elif method == 'GET':
return billbook_status <= 1 or relation_status is not None
return False
def pre_get_relation(req, lookup):
'''
Before get relation:
1. If no bill book and no user, limit to
now user.
2. If bill book but no user, only show books
which can be accessed by now user.
3. # TODO If not now user and no bill book,
only show that user public bill books.
'''
if lookup.get('_id', None) is None:
user = get_data('user', 409)
billbook = lookup.get('billbook', None)
user_ = lookup.get('user', None)
if not billbook and not user_:
lookup['user'] = user['_id']
elif billbook and not user_:
lookup['billbook'] = check_billbook_lookup(billbook, user['_id'])
elif not billbook and user_ and user_ != user['_id']:
pass
def instance_auth(self, billbook, method):
user = get_data('user')
if not user:
return False
relation = operator.get('billbook_user_relation', {
'user': user['_id'],
'billbook': billbook['_id']
})
if relation:
set_data('relation', relation)
relation_status = relation['status']
else:
relation_status = 4
billbook_status = billbook['status']
if method == 'DELETE':
return relation_status <= 0
elif method == 'PATCH':
return relation_status <= 1
elif method == 'GET':
return billbook_status <= 1 or relation_status <= 3
return False
def pre_get_billbooks(req, lookup):
'''
Before get billbooks, check lookup to make sure
users can only view accessible bill books:
1. If not specified bill books, limit the range as
user's bill book.
2. Given one bill book, continue if user have view privileges,
otherwise stop with error 409
3. Given many bill book, check each and remove unaccessible ones.
'''
if lookup.get('_id', None) is None:
user = get_data('user', 409)
relation = get_user_billbook_relation(
user['_id'],
lookup.get('name') == '***transfer***')
# print
billbook = lookup.get('_id', None)
if billbook:
lookup['_id'] = check_billbook_lookup(billbook, user['_id'],
relation)
else:
lookup['_id'] = {'$in': list(relation.keys())}
def post_insert_billbooks(billbooks):
'''
After insert billbooks, for each billbook:
1. Set now user as owner
'''
def _get_cats(billbook):
return [{
'icon': 'food',
'text': '餐饮',
'labels': ['早餐', '中餐', '晚餐'],
'billbook': billbook
}, {
'icon': 'salary',
'text': '工资',
'labels': [],
'billbook': billbook
}, {
'icon': 'shopping',
'text': '购物',
'labels': [],
'billbook': billbook
}, {
'icon': 'bus',
'text': '交通',
'labels': [],
'billbook': billbook
}, {
'icon': 'sing',
'text': '娱乐',
'labels': [],
'billbook': billbook
}, {
'icon': 'coin',
'text': '消费',
'labels': [],
'billbook': billbook
}, {
'icon': 'loan',
'text': '信贷',
'labels': [],
'billbook': billbook
}, {
'icon': 'house-rent',
'text': '住房',
'labels': [],
'billbook': billbook
}, {
'icon': 'transfer',
'text': '转账',
'labels': [],
'billbook': billbook
}, {
'icon': 'travel',
'text': '旅行',
'labels': [],
'billbook': billbook
}]
user = get_data('user', 409)
for billbook in billbooks:
operator.post('billbook_user_relation', {
'user': user['_id'],
'billbook': billbook['_id'],
'status': 0
})
operator.post_many('bill_categorys', _get_cats(billbook['_id']))