def validate_user_rights(db, session_token, caller_name): print "validate_user_rights" try: user_id = db.validate_session_token(session_token) print "----------" print user_id print user_id, caller_name if user_id is True and caller_name not in ("/knowledge/home", "/knowledge/profile"): print user_id rows = db.call_proc_with_multiresult_set("sp_verify_user_rights", [user_id, caller_name], 2) print rows if rows: if rows[1][0].get("form_url") == caller_name: return user_id else: return False elif user_id: return user_id else: return False except Exception, e: logger.logKnowledge("error", "validate_rights", str(traceback.format_exc())) logger.logKnowledge("error", "validate_rights", str(e)) raise fetch_error()
def bulk_update(self, table, columns, values, conditions): try: for outer_index, cond in enumerate(conditions): query = "UPDATE " + table + " set " for index, column in enumerate(columns): if values[outer_index][index] is not None: if (index < len(columns) - 1): query += column + " = '%s', " % ( values[outer_index][index]) else: query += column + " = '%s' " % ( values[outer_index][index]) query += " WHERE " + cond + "; " cursor = self.cursor() assert cursor is not None cursor.execute(query) logger.logKnowledge("query", "bulk_update", "query: %s, param:%s" % (query, values)) cursor.nextset() return True except Exception, e: logger.logKnowledge("error", "bulk_update", "query: %s, param:%s" % (query, values)) logger.logKnowledge("error", "bulk_update", str(e)) raise fetch_error()
def insert(self, table, columns, values): # columns = ", ".join(columns) stringValue = [] for i in range(len(values)): stringValue.append('%s') if type(columns) is list: columns = ", ".join(columns) columns = "(%s)" % columns query = """INSERT INTO %s %s """ % (table, columns) query += " VALUES (%s) " % (",".join(stringValue)) try: n_id = int(self.execute_insert(query, values)) print n_id logger.logKnowledge("query", "insert", "query: %s, param:%s" % (query, values)) return n_id if n_id == 0: return False except Exception, e: print e logger.logKnowledge("error", "insert", "query: %s, param:%s" % (query, values)) logger.logKnowledge("error", "insert", str(e)) raise fetch_error()
def select_one(self, query, param=None): cursor = self.cursor() assert cursor is not None try: if param is None: cursor.execute(query) else: if type(param) is tuple: cursor.execute(query, param) elif type(param) is list: cursor.execute(query, param) else: cursor.execute(query) cursor.nextset() res = cursor.fetchone() cursor.nextset() logger.logclient("query", "select_one", "query: %s, param:%s" % (query, param)) return res except Exception, e: logger.logclient("error", "select_one", "query: %s, param:%s" % (query, param)) logger.logclient("error", "select_one", str(e)) raise fetch_error()
def delete(self, table, condition, condition_val): query = "DELETE from " + table + " WHERE " + condition try: return self.execute(query, condition_val) except Exception, e: logger.logKnowledge("error", "delete", "query: %s, param:%s" % (query, condition_val)) logger.logKnowledge("error", "delete", str(e)) raise fetch_error()
def delete_action_after_approval(db, csv_id): try: args = [csv_id] db.call_proc("sp_statutory_mapping_delete", args) return True except Exception, e: logger.logKnowledge("error", "update action from list", str(traceback.format_exc())) logger.logKnowledge("error", "update action from list", str(e)) raise fetch_error()
def save_action_from_view(db, csv_id, sm_id, action, remarks, session_user): try: args = [csv_id, sm_id, action, remarks] data = db.call_proc("sp_approve_mapping_action_save", args) print data return True except Exception, e: logger.logKnowledge("error", "update action from view", str(traceback.format_exc())) logger.logKnowledge("error", "update action from view", str(e)) raise fetch_error()
def verify_password(db, user_id, encrypt_password): try: row = db.call_proc("sp_verify_password", [user_id, encrypt_password]) # if int(row[0]["count"]) == 0: # raise process_error("E065") # else print row return int(row[0]["count"]) except Exception, e: logger.logKnowledge("error", "verify_password", str(traceback.format_exc())) logger.logKnowledge("error", "verify_password", str(e)) raise fetch_error()
def update_password(db, password, user_id): result = db.call_proc_with_multiresult_set( "sp_tbl_user_login_details_update", (user_id, encrypt(password)), 1) if len(result) == 0: raise fetch_error() employee_name = result[0][0]["username"] action = "\"%s\" has updated his/her password" % (employee_name) db.save_activity(user_id, 0, action) if result: return True else: return False
def save_toast_messages(self, user_cat_id, message_head, message_text, link, users_to_notify, session_user): created_on = get_date_time() m1 = "INSERT INTO tbl_messages (user_category_id, message_heading, message_text, " + \ "link, created_by, created_on) values (%s, %s, %s, %s, %s, %s)" msg_id = self.execute_insert(m1, [ user_cat_id, message_head, message_text, link, session_user, created_on ]) if msg_id is False or msg_id == 0: raise fetch_error() m2 = "INSERT INTO tbl_message_users (message_id, user_id) values (%s, %s)" for u in users_to_notify: self.execute(m2, [msg_id, u]) return True
def validate_user_rights(self, session_token, rcaller_name, is_mobile): if is_mobile is True: user_id, user_category_id = self.validate_session_token( session_token) return user_id, user_category_id caller_name = [str(x) for x in rcaller_name.split("/") if x != ""] caller_name = "/%s" % (caller_name[0]) try: user_id, user_category_id = self.validate_session_token( session_token) if user_id is not None: if user_category_id == 1: q = "select t2.form_url from tbl_form_category as t1 " + \ " inner join tbl_forms as t2 on t1.form_id = t2.form_id where " + \ " t1.user_category_id = 1 " + \ " and t2.form_url = %s " param = [caller_name] else: q = "select t3.form_url " + \ " from tbl_users as t1 " + \ " inner join tbl_user_group_forms as t2 on t1.user_group_id = t2.user_group_id " + \ " inner join tbl_forms as t3 on t2.form_id = t3.form_id " + \ " where t1.user_id = %s and t3.form_url = %s" param = [user_id, caller_name] if caller_name not in ("/welcome", "/home", "/profile", "/themes", "/reminders", "/escalations", "/message", "/notifications", "/view-profile", "/settings"): rows = self.select_one(q, param) if rows: if rows.get("form_url") == caller_name: return user_id, user_category_id else: return None, None else: return user_id, user_category_id else: return user_id, user_category_id except Exception, e: logger.logclient("error", "validate_rights", str(e)) raise fetch_error()
def append(self, table, column, value, condition, condition_val): try: rows = self.get_data(table, column, condition, condition_val) currentValue = rows[0][column] if currentValue is not None: newValue = currentValue + "," + str(value) else: newValue = str(value) columns = [column] values = [newValue] values += condition_val res = self.update(table, columns, values, condition) return res except Exception, e: logger.logKnowledge( "error", "append", "table: %s, column:%s, value:%s" % (table, column, value)) logger.logKnowledge("error", "append", str(e)) raise fetch_error()
def update_approve_action_from_list(db, csv_id, action, remarks, session_user, type): try: print "&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&" print "type-> ", type if type == "all": args = [csv_id, action, remarks, session_user.user_id()] data = db.call_proc("sp_statutory_mapping_update_all_action", args) print data return True else: args = [csv_id, session_user.user_id()] db.call_proc("sp_statutory_update_action", args) return True except Exception, e: logger.logKnowledge("error", "update action from list", str(traceback.format_exc())) logger.logKnowledge("error", "update action from list", str(e)) raise fetch_error()
def update_bulk_client_unit_approve_reject_list(db, csv_unit_id, action, remarks, declined_count, session_user): try: args = [ csv_unit_id, action, remarks, session_user.user_id(), declined_count ] print args data = db.call_proc("sp_bulk_client_unit_update_action", args) print "here" print data return True except Exception, e: logger.logKnowledge("error", "update action from list", str(traceback.format_exc())) logger.logKnowledge("error", "update action from list", str(e)) raise fetch_error()
def update(self, table, columns, values, condition): query = "UPDATE " + table + " set " for index, column in enumerate(columns): if index < len(columns) - 1: query += column + " = %s, " else: query += column + " = %s " query += " WHERE " + condition try: status = self.execute(query, values) logger.logKnowledge("query", "update", "query: %s, param:%s" % (query, values)) return status except Exception, e: print e logger.logKnowledge("error", "update", "query: %s, param:%s" % (query, values)) logger.logKnowledge("error", "update", str(e)) raise fetch_error()
def bulk_insert(self, table, columns, valueList): stringValue = [] for i in range(len(columns)): stringValue.append('%s') if type(columns) is list: columns = ", ".join(columns) query = "INSERT INTO %s (%s) " % (table, columns) query += " VALUES (%s) " % (",".join(stringValue)) try: cursor = self.cursor() assert cursor is not None cursor.executemany(query, valueList) logger.logKnowledge("query", "bulk_insert", "query: %s, param:%s" % (query, valueList)) cursor.nextset() return True except Exception, e: logger.logKnowledge("error", "bulk_insert", "query: %s, param:%s" % (query, valueList)) logger.logKnowledge("error", "bulk_insert", str(e)) raise fetch_error()
def handle_api_request(self, unbound_method, request_data_type, need_session_id): is_bulk_upload = False # self._ip_addess = request.remote_addr self._ip_addess = request.headers.get("X-Real-Ip") caller_name = request.headers.get("Caller-Name") api_type = request.url try: if request_data_type == "knowledgeformat": request_data = request else: request_data = self._parse_request(request_data_type) if request_data is None: raise ValueError("Request data is Null") elif type(request_data) is str: raise ValueError(request_data) if "/api/bu" in api_type: is_bulk_upload = True _db_con = bulk_db_connect() else: _db_con = before_first_request() _db = Database(_db_con) _db.begin() valid_session_data = None session_user = None _session_db = None _session_db_con = None print is_bulk_upload if is_bulk_upload is True: _session_db_con = before_first_request() _session_db = Database(_session_db_con) _session_db.begin() valid_session_data, session_user = self.validate_user_rights( request_data, _session_db, caller_name) if valid_session_data is None: session_user = UserInfo(_session_db, session_user) _session_db.commit() else: valid_session_data, session_user = self.validate_user_rights( request_data, _db, caller_name) if valid_session_data is None: if need_session_id is True: response_data = unbound_method(self, request_data, _db, session_user) else: response_data = unbound_method(self, request_data, _db) else: response_data = valid_session_data if response_data is None or type(response_data) is bool: _db.rollback() raise fetch_error() elif type(response_data) != technomasters.ClientCreationFailed: _db.commit() else: _db.rollback() _db.close() _db_con.close() return self.respond(response_data) except Exception, e: logger.logKnowledge("error", "handle_api_request", str(e)) logger.logKnowledge("error", "handle_api_request", str(traceback.format_exc())) if str(e).find("expected a") is False: _db.rollback() _db.close() _db_con.close() return self._send_response(str(e), 400)