def connect_user(data): """ :param data: request data :return: """ if dv.check_user_connection(data): user, message = UserDB.authenticate(**data) if not user: return json_result(False, message=message, connected=False), 401 expires_duration = timedelta(hours=4) token = create_access_token(identity=user.email, fresh=True, expires_delta=expires_duration) # print("created_token", token) connect_user_login(user, token) # print("bien connecté") return json_result(True, message="Vous êtes bien connecté.", connected=True, connectionInfo={ "token": session["token"], "email": session["email"], "first_name": session["first_name"], "family_name": session["family_name"], "right": session["right"] }), 200
def valider_inscription(link): user = sm.Users.load_user_by_validation_link(link) if user is None: return json_result(False) else: sm.Users.validate_user(user) return json_result(True)
def set_new_password(): """ Change password for a user. :return: """ data = request.get_json() if "currentPassword" in data and "newPassword" in data: current_password = data["currentPassword"] new_password = data["newPassword"] user_db = UserDB.query.filter_by(email=session["email"]).first() if not user_db: return json_result( False, message="L'utilisateur n'a pas été trouvé."), 200 if not user_db.verify_password(current_password): return json_result( False, message="Le mot de passe actuel est incorrect."), 200 if len(new_password) < 6: return json_result( False, message="Le nouveau mot de passe proposé est trop court. " "Il doit avoir une taille de 6 caractères au minimum."), 200 new_password_hash = generate_password_hash(new_password) user_db.mdp_hash = new_password_hash db.session.commit() return json_result( True, message="Le nouveau mot de passe a été accepté."), 200 return json_result(False, "La requête est incorrect"), 400
def chercher_enregistrements(): data = request.get_json() the_query = EnregistrementDB.query filtered = False if "description" in data and data["description"]: the_query.filter_by(description=data["description"]) filtered = True if "cote" in data and data["cote"]: the_query.filter_by(cote=data["cote"]) filtered = True if "annee" in data and data["annee"]: the_query.filter_by(annee=data["annee"]) filtered = True if "provenance" in data and data["provenance"]: the_query.filter_by(provenance=data["provenance"]) filtered = True if "mots_clef" in data and data["mots_clef"]: the_query.filter_by(mots_clef=data["mots_clef"]) filtered = True if "valide" in data and data["valide"]: the_query.filter_by(valide=data["valide"]) filtered = True if filtered: results_db = the_query.all() results = [Enregistrement.from_db_to_data(res) for res in results_db] return json_result(True, results=results), 200 else: return json_result(True, results=[]), 200
def book_records(): if request.method == "POST": data = request.get_json() if dv.check_enregistrement(data): enregistrement_db = Enregistrement.from_data_to_db(data) db.session.add(enregistrement_db) db.session.commit() return json_result( True, id=enregistrement_db.id, message="L'enregistrement a correctement été sauvegardé."), 201 return json_result( False, message="Erreur de la sauvegarde de l'enregistrement."), 400 elif request.method == "GET": n_page, size, sort_by = get_pagination(request) # region filtre cote = request.args.get("cote", "") titre = request.args.get("titre", "") mot_clef = request.args.get("mot_clef", "") the_query = EnregistrementDB.query if cote: the_query = the_query.filter( EnregistrementDB.cote.like(f"%{cote}%")) if titre: the_query = the_query.join(ReferenceBibliographiqueLivreDB) \ .filter(ReferenceBibliographiqueLivreDB.titre.like(f"%{titre}%")) if mot_clef: the_query = the_query.filter( EnregistrementDB.mots_clef.like(f"%{mot_clef}%")) valid = request.args.get("valid", "1") if valid in ["1", "0"]: the_query = the_query.filter( EnregistrementDB.valide == int_to_bool(valid)) else: the_query = the_query.filter(EnregistrementDB.valide == True) # endregion if sort_by: the_query = the_query.order_by(sort_by) else: the_query = the_query.order_by("cote") enregistrements = [] for record_db in the_query.paginate(page=n_page, per_page=size).items: record = Enregistrement.from_db_to_data(record_db) # print(record) if record and record['reference']: record["reference"] = record['reference']['titre'] enregistrements.append(record) else: logging.error(f"record id = {record_db.id} record found " f"but no bound reference") return json_result(True, enregistrements=enregistrements), 200
def authors_(): """ POST: add an author GET: get list of authors :return: """ if request.method == "GET": n_page, size, sort_by = get_pagination(request) the_query = AuthorDB.query # sort_desc = request.args.get("sortDesc") # region filter first_name = request.args.get("first_name", "") if first_name: the_query = the_query.filter( AuthorDB.first_name.like(f"%{first_name}%")) logging.error(f"{first_name}") family_name = request.args.get("family_name", "") if family_name: the_query = the_query.filter( AuthorDB.family_name.like(f"%{family_name}%")) logging.error(f"{family_name}") valid = request.args.get("valid", "1") if valid in ["1", "0"]: the_query = the_query.filter(AuthorDB.valide == int_to_bool(valid)) else: the_query = the_query.filter(AuthorDB.valide == True) if sort_by: the_query = the_query.order_by(sort_by) else: the_query = the_query.order_by("family_name") authors = [ Author.from_db_to_data(author) for author in the_query.paginate(page=n_page, per_page=size).items ] logging.error(len(authors)) return json_result(True, authors=authors), 200 elif request.method == "POST": data = request.get_json() if dv.check_author(data): author_exists = AuthorDB.query.filter_by( first_name=data["first_name"], family_name=data["family_name"]).first() if not author_exists: author_db = Author.from_data_to_db(data) db.session.add(author_db) db.session.commit() return json_result(True, id=author_db.id), 201 return json_result(True, id=author_exists.id), 200 else: return json_result(False), 304
def book_references(): if request.method == "POST": data = request.get_json() if dv.check_reference_bibliographique_livre(data): reference_db = ReferenceBibliographiqueLivre.from_data_to_db(data) db.session.add(reference_db) db.session.commit() return json_result(True, id=reference_db.id, message="La référence a été sauvegardée"), 201 return json_result( False, message="La sauvegarde de la référence a échoué."), 400 elif request.method == "GET": n_page, size, sort_by = get_pagination(request) titre = request.args.get("titre", "") # print("titre", titre) the_query = ReferenceBibliographiqueLivreDB.query if titre: the_query = the_query.filter( ReferenceBibliographiqueLivreDB.titre.like(f"%{titre}%")) valid = request.args.get("valid", "1") # print(type(valid), valid) if valid in ["1", "0"]: # print("HERE") the_query = the_query.filter( ReferenceBibliographiqueLivreDB.valide == int_to_bool(valid)) else: the_query = the_query.filter( ReferenceBibliographiqueLivreDB.valide == True) # sort_desc = request.args.get("sortDesc") # references = [{"first_name": author.first_name, # "family_name": author.family_name, # "id": author.id} # for author in ReferenceBibliographiqueLivreDB # .query.order_by(sort_by).paginate(page=n_page, per_page=size).items] if sort_by: the_query = the_query.order_by(sort_by) else: the_query = the_query.order_by("title") references = [] for reference_db in the_query.paginate(page=n_page, per_page=size).items: reference = ReferenceBibliographiqueLivre.from_db_to_data( reference_db) reference["authors"] = " ".join([ f"{author['first_name']} {author['family_name']}" for author in reference['authors'] ]) references.append(reference) logging.debug(len(references)) return json_result(True, references=references), 200
def chercher_reference_livre(): data = request.get_json() the_query = ReferenceBibliographiqueLivreDB.query if data is None: return json_result(False), 400 if "titre" in data and data["titre"]: the_query = the_query.filter( ReferenceBibliographiqueLivreDB.titre.like(f"%{data['titre']}%")) ref_livres_db = the_query.all() results = [ ReferenceBibliographiqueLivre.from_db_to_data(ref_livre_db) for ref_livre_db in ref_livres_db ] return json_result(True, results=results) return json_result(True, results=[]), 200
def check_login(): if "email" in session: return json_result( True, connected=True, message="Vous êtes connecté", connectionInfo=dict(token=session["token"], email=session["email"], first_name=session["first_name"], family_name=session["family_name"], right=session["right"]), ) else: return json_result(False, connected=False, message="Vous êtes déconnecté")
def fonction_modifiee(*args, **kwargs): if request.method not in for_request_method: return methode(*args, **kwargs) if type(pseudo) == str: try: verify_jwt_in_request() except FreshTokenRequired: disconnect_user() # logging.log(logging.ERROR, "disconnected") if pseudo in session: return methode(*args, **kwargs) # logging.log(logging.ERROR, "not connected") return json_result(False, "Vous n'êtes pas connecté"), 401 else: # logging.log(logging.ERROR, "not connected") return json_result(False, "Vous n'êtes pas conencté"), 401
def users_(): if request.method == "GET": n_page = int(request.args.get("page")) size = int(request.args.get("size")) sort_by = request.args.get("sortBy") the_query = UserDB.query first_name = request.args.get("first_name", "") if first_name: the_query = the_query.filter( UserDB.first_name.like(f"%{first_name}%")) family_name = request.args.get("family_name", "") if family_name: the_query = the_query.filter( UserDB.family_name.like(f"%{family_name}%")) right = request.args.get("right", "") if right: the_query = the_query.filter(UserDB.right.like(f"%{right}%")) users = [ dict(first_name=user.first_name, family_name=user.family_name, id=user.id, email=user.email, right=user.right.name) for user in the_query.order_by( sort_by).paginate(page=n_page, per_page=size).items ] return json_result(True, users=users), 200
def authors_count(): """ :return: """ the_query = AuthorDB.query # region filtre if "first_name" in request.args: the_query = the_query.filter( AuthorDB.first_name.like(f"%{request.args.get('first_name')}%")) if "family_name" in request.args: the_query = the_query.filter( AuthorDB.family_name.like(f"%{request.args.get('family_name')}%")) # endregion query = """ SELECT * FROM Author AS A WHERE A.first_name LIKE '%s' AND A.family_name LIKE '%s' AND 1 = ( SELECT valid FROM ReferenceBibliographiqueLivre AS RBL WHERE A.id = RBL. ) """ valid = request.args.get("valid", "1") if valid in ["1", "0"]: # print("HERE") the_query = the_query.filter(AuthorDB.valide == int_to_bool(valid)) else: the_query = the_query.filter(AuthorDB.valide == True) number = the_query.count() logging.debug(number) return json_result(True, total=number), 200
def book_records_count(): cote = request.args.get("cote", "") titre = request.args.get("titre", "") mot_clef = request.args.get("mot_clef", "") the_query = EnregistrementDB.query if cote: the_query = the_query.filter(EnregistrementDB.cote.like(f"%{cote}%")) if titre: the_query = the_query.join(ReferenceBibliographiqueLivreDB) \ .filter(ReferenceBibliographiqueLivreDB.titre.like(f"%{titre}%")) if mot_clef: the_query = the_query.filter( EnregistrementDB.mots_clef.like(f"%{mot_clef}%")) valid = request.args.get("valid", "1") if valid in ["1", "0"]: the_query = the_query.filter( EnregistrementDB.valide == int_to_bool(valid)) else: the_query = the_query.filter(EnregistrementDB.valide == True) number = the_query.count() logging.debug(number) return json_result(True, total=number), 200
def chercher_enregistrements_proches(): query_result = request.args.get("record") res = [] if re.match( r"^(A|B|C|D|MM|BBH|GHA|GHB|GHC|GHbr|BBC|CAF|JSFA|RCAF|Congrès|" r"RCNSS|CNSS|CSS|TAB|F*G|FAM|FAP|MML|NUM|NUMbr) [0-9]{1,5}.*", query_result): book_records_db = EnregistrementDB.query.filter( EnregistrementDB.cote.like(f"%{query_result}%")).all() for book_record_db in book_records_db: if book_record_db: res.append( dict( text= f"{book_record_db.reference.titre} {book_record_db.cote}", value=book_record_db.id)) else: book_records_db = db.session\ .query(EnregistrementDB, ReferenceBibliographiqueLivreDB)\ .filter(EnregistrementDB.id_reference == ReferenceBibliographiqueLivreDB.id)\ .filter(ReferenceBibliographiqueLivreDB.titre.like(f"%{query_result}%")) for book_record_db, ref_biblio_db in book_records_db: res.append( dict(text= f"{book_record_db.reference.titre} {book_record_db.cote}", value=book_record_db.id)) return json_result(True, suggestedRecords=res), 200
def author_entries_count_routes(id_): # logging.warning("bizarre") record_count = Enregistrement.get_records_by_author_count(id_) reference_count = ReferenceBibliographiqueLivre.get_references_by_author_count( id_) total = record_count + reference_count return json_result(True, total=total), 200
def get_reference_entries(id_): n_page, size, sort_by = get_pagination(request) entries = [] authors = Author.get_authors_by_ref(id_, n_page, size, sort_by) records = Enregistrement.get_records_by_author(id_, n_page, size, sort_by) entries.extend(authors) entries.extend(records) return json_result(True, entries=entries), 200
def send_forgotten_password_email(): """ Send an email to a user with a new password. :return: """ data = request.get_json() if "email_address" in data: user_db = UserDB.query.filter_by(email=session["email"]).first() if not user_db: return json_result(False, "L'adresse email donné est inconnu"), 200 new_password = generate_new_password() new_password_hash = generate_password_hash(new_password) user_db.mdp_hash = new_password_hash db.session.commit() mail_manager.send_email_new_password(session["email"], new_password) return json_result(True, "Un courriel vous a été envoyé"), 200 return json_result(False, "Il manque l'adresse email dans la requête"), 401
def get_record_entries(id_): n_page, size, sort_by = get_pagination(request) entries = [] authors = Author.get_authors_by_record(id_, n_page, size, sort_by) references = ReferenceBibliographiqueLivre.get_references_by_record( id_, n_page, size, sort_by) entries.extend(authors) entries.extend(references) return json_result(True, entries=entries), 200
def author_entries_routes(id_): n_page, size, sort_by = get_pagination(request) entries = [] records = Enregistrement.get_records_by_author(id_, n_page, size, sort_by) references = ReferenceBibliographiqueLivre.get_references_by_author( id_, n_page, size, sort_by) entries.extend(records) entries.extend(references) return json_result(True, entries=entries), 200
def create_new_user(): if request.method == "POST": user_form = request.get_json() if dv.check_user(user_form): already_exists = sm.Users.check_if_user_exist( user_form["email"]) is not None if already_exists: return json_result( False, message="Il existe déjà un compte avec cet adresse email.") else: user = sm.UserSess.create_new( user_form, generate_password_hash(user_form["password"])) # print("Créer nouvel utilisateur") if user: token = user.generate_confirmation_token() # satbibilio.clementbesnier.eu/utilisateur/enregistre link = f"https://satbiblio.clementbesnier.eu/utilisateur/verification-enregistrement?" \ f"inscription_token={token}&email={user.email}" # link = url_for("sat_biblio.confirmer_inscription_utilisateur", # inscription_token=token, # email=user.email, # _external=True) link_to_resend = "" mail_manager.envoyer_mail_demande_inscription_utilisateur( user, link) return json_result( True, message="Le compte a correctement été créé. " "Vous allez recevoir un courriel de confirmation " "à l'adresse email donnée.", link_to_resend=link_to_resend) else: return json_result( False, message="Les données reçues sont invalides") else: return json_result( False, message= "Les données reçues ne permettent pas de créer un compte utilisateur. " "Contactez l'administrateur de ce site.") return json_result(False, "Mauvaise méthode de requête.")
def search_near_users(): query_result = request.args.get("user") res = [] users_db = dbm.UserDB.query.filter( or_(dbm.UserDB.first_name.like(f"%{query_result}%"), dbm.UserDB.family_name.like(f"%{query_result}%"))).all() for user_db in users_db: res.append( dict(text=f"{user_db.first_name} {user_db.family_name}", value=user_db.id)) return json_result(True, suggestedUsers=res), 200
def chercher_reference_livre_plus_proches(): titre = request.args.get("titre") references_db = ReferenceBibliographiqueLivreDB.query\ .filter(ReferenceBibliographiqueLivreDB.titre.like(f"%{titre}%")).all() references = [] for reference_db in references_db: # reference = ReferenceBibliographiqueLivre.from_db_to_data(reference_db) references.append({ "text": reference_db.titre, "value": reference_db.id }) return json_result(True, suggestedReferences=references), 200
def borrowings(): if request.method == "GET": n_page, size, sort_by = get_pagination(request) borrowing_date_before_today = request.args.get( "borrowing-date-before-today", None) query = EmpruntLivreDB.query if borrowing_date_before_today: borrowing_date_before_today = int(borrowing_date_before_today) date = datetime.date.fromtimestamp(borrowing_date_before_today) logging.warning(borrowing_date_before_today) query = query.filter_by(date_retour_prevu=date) if sort_by: query = query.order_by(sort_by) query = query.paginate(page=n_page, per_page=size) borrowings_db = query.items borrowings_data = [ EmpruntLivre.from_db_to_data(borrowing_db) for borrowing_db in borrowings_db ] return json_result(True, borrowings=borrowings_data), 200 elif request.method == "POST": data = request.get_json() # logging.log(logging.DEBUG, data) if dv.check_emprunt(data): user = UserSess(session["email"]) date_retour_prevu = datetime.date.fromisoformat( data["dateComebackExpected"]) emprunt = EmpruntLivreDB( id_emprunteur=data["borrower"], id_enregistrement=data["record"], id_gestionnaire=user.user_db.id, commentaire=data["comment"], date_retour_prevu=date_retour_prevu, # TODO string to date emprunte=True, rendu=False) db.session.add(emprunt) db.session.commit() return json_result(True, id=emprunt.id), 201 return json_result(False, message="Wrong data type"), 400 return json_result(False), 400
def user_(id_): user_db = UserDB.query.filter_by(id=id_).first() if request.method == "GET": user_db = UserDB.query.filter_by(id=id_).first() user = User.from_db_to_data(user_db) return json_result(True, user=user), 200 elif request.method == "PUT": data = request.get_json() if dv.check_user(data): user_db.first_name = data["first_name"] user_db.family_name = data["family_name"] user_db.right = UserRight.from_value(data["right"]) db.session.commit() return json_result(True), 200 else: return json_result(False), 400 elif request.method == "DELETE": if user_db: db.session.delete(user_db) db.session.commit() return json_result(True), 204 return json_result(False), 400
def author_(id_): """ GET: read an author PUT: update an author DELETE: delete an author :param id_: :return: """ if request.method == "GET": author_db = AuthorDB.query.filter_by(id=id_).first() author = Author.from_db_to_data(author_db) # logging.warning("ref") # logging.warning(ReferenceBibliographiqueLivre.get_references_by_author(id_, 1, 10, "")) # logging.warning("enregistrement") # logging.warning(Enregistrement.get_records_by_author(id_, 1, 10, "")) return json_result(True, author=author), 200 elif request.method == "PUT": data = request.get_json() author = AuthorDB.query.filter_by(id=id_).first() if validation.check_author(data): author.first_name = data["first_name"] author.family_name = data["family_name"] db.session.commit() return json_result(True), 200 else: return json_result(False), 400 elif request.method == "DELETE": id_author = id_ author_db = AuthorDB.query.filter_by(id=id_author).first() # exists ReferenceBibliographiqueLivreDB.query.filter_by(au) # TODO refuser si c'est utilisé dans des références if author_db: db.session.delete(author_db) db.session.commit() return json_result(True), 204 return json_result(False), 400
def confirmer_inscription_utilisateur(inscription_token): email = request.args.get("email") user_sess = sm.UserSess(email) if user_sess and user_sess.confirmer_token(inscription_token): token = create_access_token(identity=user_sess.user_db.email) connect_user_login(user_sess.user_db, token) return json_result(True, message="Votre compte est validé.", connected=True, connectionInfo={ "token": session["token"], "email": session["email"], "first_name": session["first_name"], "family_name": session["family_name"], "right": session["right"] }), 200 else: return json_result( False, message="Le lien donné est invalide. " "Veuillez contacter l'administrateur si vous pensez qu'il y a un problème." )
def users_count(): the_query = UserDB.query if "first_name" in request.args: the_query = the_query.filter( UserDB.first_name.like(f"%{request.args.get('first_name')}%")) if "family_name" in request.args: the_query = the_query.filter( UserDB.family_name.like(f"%{request.args.get('family_name')}%")) if "right" in request.args: the_query = the_query.filter( UserDB.right.like(f"%{request.args.get('right')}%")) number = the_query.count() return json_result(True, total=number), 200
def chercher_auteurs(): data = request.get_json() the_query = AuthorDB.query filtered = False if "first_name" in data and data["first_name"]: the_query = the_query.filter_by(first_name=data["first_name"]) filtered = True if "family_name" in data and data["family_name"]: the_query = the_query.filter_by(family_name=data["family_name"]) filtered = True if filtered: results = the_query.all() else: results = [] results = [Author.from_db_to_data(author_db) for author_db in results] return json_result(True, results=results), 200
def book_reference(id_): if request.method == "GET": ref_livre_db = ReferenceBibliographiqueLivre.from_id_to_db(id_) if ref_livre_db: logging.warning(Author.get_authors_by_ref(id_, 1, 10, "")) logging.warning(Enregistrement.get_records_by_ref(id_, 1, 10, "")) ref_livre = ReferenceBibliographiqueLivre.from_db_to_data( ref_livre_db) if ref_livre: ref_livre["authors"] = [{ "text": f"{author_db.first_name} {author_db.family_name}", "value": author_db.id } for author_db in ref_livre_db.authors] logging.debug(ref_livre) return json_result(True, reference=ref_livre), 200 else: logging.error("reference void") return json_result(False), 404 return json_result(False), 404 elif request.method == "PUT": data = request.get_json() ref_biblio_db = ReferenceBibliographiqueLivre.from_id_to_db(id_) if ref_biblio_db: auteurs_db = [] for auteur in data["auteurs"]: if "value" in auteur: author_db = Author.from_id_to_db(auteur["value"]) if author_db: auteurs_db.append(author_db) ref_biblio_db.authors = auteurs_db ref_biblio_db.titre = data["titre"] ref_biblio_db.lieu_edition = data["lieu_edition"] ref_biblio_db.editeur = data["editeur"] ref_biblio_db.annee = data["annee"] ref_biblio_db.nd_page = data["nb_page"] db.session.commit() return json_result(True), 200 return json_result(False), 404 elif request.method == "DELETE": ref_biblio_db = ReferenceBibliographiqueLivreDB.query.filter_by( id=id_).first() if ref_biblio_db: db.session.delete(ref_biblio_db) db.session.commit() return json_result(True), 204 return json_result(False), 404
def book_references_count(): titre = request.args.get("titre", "") the_query = ReferenceBibliographiqueLivreDB.query if titre: the_query = the_query.filter( ReferenceBibliographiqueLivreDB.titre.like(f"%{titre}%")) valid = request.args.get("valid", "1") if valid in ["1", "0"]: the_query = the_query.filter( ReferenceBibliographiqueLivreDB.valide == int_to_bool(valid)) else: the_query = the_query.filter( ReferenceBibliographiqueLivreDB.valide == True) count = the_query.count() logging.debug(count) return json_result(True, total=count), 200