Exemple #1
0
def changepswd():
    current_user = get_jwt_identity()

    pipeline = Pipeline(request)
    pipeline.add(ensureJson)
    pipeline.add(ensureParam, [request, 'username'])
    pipeline.add(ensureParam, [request, 'oripswd'])
    pipeline.add(ensureParam, [request, 'newpswd'])

    broken, retvs = pipeline.run()
    if broken:
        return retvs

    _, username, oripswd, newpswd = retvs

    sess = DBSession()
    user = sess.query(User).filter_by(username=username).first()

    if not user or not cmparePswd(
            oripswd, user.password) or not user.id == current_user:
        return jsonify({"msg": "Bad username or password"}), 401

    user.setPassword(newpswd)
    sess.commit()

    invalidate(get_raw_jwt())
    return jsonify(msg="Change password successfully, please relogin"), 200
Exemple #2
0
 def deleteQuestion(question):
     session = DBSession()
     q = session.query(Question).filter(question == Question.id).first()
     if (q != None):
         q.deleted = True
     session.commit()
     session.close()
Exemple #3
0
def rejectSupplierOrder():
    sess = DBSession()
    current_user = get_jwt_identity()

    if not request.is_json:
        return jsonify(result=False, msg="Missing JSON in request"), 400

    user = sess.query(User).filter_by(id=current_user).first()
    if True or user.isOperator:
        supplierOrder_id = request.json.get('sorderid')
        if not supplierOrder_id:
            return jsonify(result=False, msg="Missing sorderid parameter"), 400

        reason = request.json.get('reason')
        if not reason:
            return jsonify(result=False, msg="Missing reason parameter"), 400

        supplierOrder = sess.query(SupplierOrder).filter_by(
            id=supplierOrder_id, rejected=False).first()
        if not supplierOrder:
            return jsonify(result=False, msg="Bad sorderid"), 401

        supplierOrder.rejected = True
        supplierOrder.rejectReason = reason
        sess.commit()
        return jsonify(result=True), 200

    else:
        return jsonify(result=False, msg="No Permission"), 403
Exemple #4
0
def registery():
    if (not 'captcha' in session.keys()) or (session['captcha'] == None):
        return jsonify(result=False, reason="Please reload captcha first"), 400

    pipeline = Pipeline(request)
    pipeline.add(ensureJson)
    pipeline.add(ensureCaptcha, [request, session])
    pipeline.add(
        ensureParam,
        [request, 'username', lambda: invalidateSession(session, 'captcha')])
    pipeline.add(
        ensureParam,
        [request, 'password', lambda: invalidateSession(session, 'captcha')])

    broken, retvs = pipeline.run()
    if broken:
        return retvs

    _, _, username, password = retvs

    sess = DBSession()
    user = User(username)
    user.setPassword(password)
    sess.add(user)
    sess.commit()

    session['captcha'] = None
    return jsonify(result=True), 200
Exemple #5
0
def createProduct():
    sess = DBSession()
    current_user = get_jwt_identity()
    user = sess.query(User).filter_by(id=current_user).first()
    #manager = sess.query(User).filter_by(id=current_user,isManager=True).first()
    if not user.isManager:
        return jsonify({"msg": "No Permission"}), 401

    if not request.is_json:
        return jsonify({"msg": "Missing JSON in request"}), 400

    title = request.json.get('title')
    if not title:
        return jsonify({"msg": "Missing title parameter"}), 400
    
    category = request.json.get('category')
    if not category:
        return jsonify({"msg": "Missing category parameter"}), 400

    storehouse_id = request.json.get('storehouse_id')
    if not storehouse_id:
        return jsonify({"msg": "Missing storehouse_id parameter"}), 400
    
    dictdata = request.json.get('dictdata')
    if not dictdata:
        return jsonify({"msg": "Missing dictdata parameter"}), 400

    product = Product(title,category,storehouse_id)
    product.update(dictdata)
    sess.add(product)
    sess.commit()
    return jsonify(result=True, productId=product.id)
Exemple #6
0
def update():
    current_user = get_jwt_identity()

    pipeline = Pipeline(request)
    pipeline.add(ensureJson)
    pipeline.add(ensureParam, [request, 'id'])
    pipeline.add(ensureParam, [request, 'receiver'])
    pipeline.add(ensureParam, [request, 'phonenumber'])
    pipeline.add(ensureParam, [request, 'address'])

    broken, retvs = pipeline.run()
    if broken:
        return retvs
    _, _id, receiver, phonenumber, address = retvs

    sess = DBSession()
    addr = sess.query(Address).filter_by(id=_id).first()
    user = sess.query(User).filter_by(id=current_user).first()
    if (addr != None) and (addr.owner_id == current_user):
        addr.receiver = receiver
        addr.phonenumber = phonenumber
        addr.address = address
        sess.commit()
        return jsonify(result=True), 200
    return jsonify(result=False, reson="BAD ADDRESS ID"), 200
Exemple #7
0
def updateProduct():
    sess = DBSession()
    current_user = get_jwt_identity()
    user = sess.query(User).filter_by(id=current_user).first()
    if not user.isManager:
        return jsonify({"msg": "No Permission"}), 401

    if not request.is_json:
        return jsonify({"msg": "Missing JSON in request"}), 400
    
    product_id = request.json.get('product_id')
    if not product_id:
        return jsonify({"msg": "Missing product_id parameter"}), 400

    #name = request.json.get('name')
    #if not name:
    #    return jsonify({"msg": "Missing name parameter"}), 400
    
    #category = request.json.get('category')
    #if not category:
    #    return jsonify({"msg": "Missing category parameter"}), 400

    #status = request.json.get('status')
    #if not status:
    #    return jsonify({"msg": "Missing status parameter"}), 400

    #all_description = request.json.get('description')
    #if not all_description:
    #    return jsonify({"msg": "Missing description parameter"}), 400

    #product = sess.query(Product).filter_by(id=product_id,removed=False).first()
    #if not product:
    #    return jsonify({"msg": "Bad productId"}), 401
    
    #description = sess.query(Description).filter_by(product_id=product_id,removed=False).first()
    #if not description:
    #    return jsonify({"msg": "Bad description"}), 401

    #product.name=name
    # status = request.json.get('status')
    # if not status:
    #     return jsonify({"msg": "Missing status parameter"}), 400
    # product = sess.query(Product).filter_by(id=product_id).first()

    dictdata = request.json.get('dictdata')
    if not dictdata:
        return jsonify({"msg": "Missing dictdata parameter"}), 400
    
    product = sess.query(Product).filter_by(id=product_id).first()
    product.update(dictdata)
    sess.commit()
    #if product.removed:
    #    description.removed=True
    #description.modify(all_description)

    return jsonify(result=True), 200
Exemple #8
0
    def __init__(self, id, compulsory, question):
        if (len(question) < 1 or len(id) < 1):
            raise ValueError

        session = DBSession()
        self.id = id
        self.type = "TextQuestion"
        self.compulsory = compulsory
        self.question = question
        session.add(self)
        session.commit()
Exemple #9
0
    def __init__(self, id, compulsory, question, responses):
        if (responses == None or len(responses) < 1 or len(question) < 1
                or len(id) < 1):
            raise ValueError

        session = DBSession()
        self.id = id
        self.type = "MCQ"
        self.compulsory = compulsory
        self.question = question
        self.responses = responses
        session.add(self)
        session.commit()
Exemple #10
0
def delete():
    current_user = get_jwt_identity()
    pids = request.json['ids'] if request.is_json and (
        'ids' in request.json.keys()) else None

    sess = DBSession()
    for pid in pids:
        cart = sess.query(Cart).filter_by(creator_id=current_user,
                                          product_id=pid,
                                          removed=False).first()
        if cart:
            cart.removed = True
        sess.commit()

    return jsonify(result=True), 200
Exemple #11
0
def createOrder():
    sess = DBSession()
    current_user = get_jwt_identity()

    if not request.is_json:
        return jsonify({"msg": "Missing JSON in request"}), 400

    user = sess.query(User).filter_by(id=current_user).first()
    ids = request.json.get('ids')

    if not ids:
        return jsonify({"msg": "Missing ids parameter"}), 400

    receiver = request.json.get('receiver', '')
    phonenumber = request.json.get('phonenumber', '')
    address = request.json.get('address', '')

    carts = sess.query(Cart).filter_by(creator_id=current_user,
                                       removed=False).all()

    vir = Order(current_user)
    vir.setAddress(address, receiver, phonenumber)
    sess.add(vir)
    sess.commit()

    #rders = []
    created = []
    for cart in carts:
        if cart.product_id in ids:
            product = sess.query(Product).filter_by(id=cart.product_id,
                                                    shelved=True).first()
            # 限购暂未实现
            #print(product.remain, cart.count)
            #if (not product) or (product.remain < cart.count):
            #    orders.append([False,cart.id])
            #    continue
            #product.remain = product.remain - cart.count
            order = Order(current_user, False)
            order.fill(cart.product_id, cart.count, product.price, vir.id)
            sess.add(order)
            cart.removed = True
            sess.commit()
            created.append(cart.product_id)
        #orders.append([True,cart.id,cart.product_id,cart.count,product.price])
    #return jsonify(orders=orders,price=vir.cost()), 200
    return jsonify(result=True, created=created), 200
Exemple #12
0
def payOrder():
    sess = DBSession()
    current_user = get_jwt_identity()

    if not request.is_json:
        return jsonify({"msg": "Missing JSON in request"}), 400

    order_id = request.json.get('orderid')
    if not order_id:
        return jsonify({"msg": "Missing orderid parameter"}), 400

    user = sess.query(User).filter_by(id=current_user).first()
    order = sess.query(Order).filter_by(id=order_id, paid=False,
                                        virtual=True).first()
    if not order:
        return jsonify(result=False, msg="Bad order_id"), 401
    order.paid = True
    sess.commit()
    return jsonify(result=True), 200
Exemple #13
0
def add():
    current_user = get_jwt_identity()

    pid = request.json['id'] if request.is_json and (
        'id' in request.json.keys()) else None
    count = request.json['count'] if request.is_json and (
        'count' in request.json.keys()) else None

    sess = DBSession()
    cart = sess.query(Cart).filter_by(creator_id=current_user,
                                      product_id=pid,
                                      removed=False).first()
    if cart:
        cart.count += count
        if cart.count <= 0:
            cart.removed = True
    else:
        cart = Cart(current_user, pid, count)
        sess.add(cart)

    sess.commit()
    return jsonify(result=True), 200
Exemple #14
0
def add():
    current_user = get_jwt_identity()

    pipeline = Pipeline(request)
    pipeline.add(ensureJson)
    pipeline.add(ensureParam, [request, 'receiver'])
    pipeline.add(ensureParam, [request, 'phonenumber'])
    pipeline.add(ensureParam, [request, 'address'])

    broken, retvs = pipeline.run()
    if broken:
        return retvs
    _, receiver, phonenumber, address = retvs
    addr = Address(current_user, receiver, phonenumber, address)
    sess = DBSession()
    sess.add(addr)
    sess.commit()

    user = sess.query(User).filter_by(id=current_user).first()
    if user.default_address_id is None:
        user.default_address_id = addr.id
        sess.commit()
    return jsonify(result=True, id=addr.id), 200
Exemple #15
0
def createSupplierOrder():
    sess = DBSession()
    current_user = get_jwt_identity()

    if not request.is_json:
        return jsonify(result=False, msg="Missing JSON in request"), 400

    if current_user:
        user = sess.query(User).filter_by(id=current_user).first()
        if user.isManager or user.isOperator:
            product_id = request.json.get('product_id')
            if not product_id:
                return jsonify({"msg": "Missing product_id parameter"}), 400

            count = request.json.get('count')
            if not count:
                return jsonify({"msg": "Missing count parameter"}), 400

            storehouse_id = request.json.get('storehouse_id')
            if not storehouse_id:
                return jsonify({"msg": "Missing storehouse_id parameter"}), 400

            product = sess.query(Product).filter_by(id=product_id).first()
            if not product:
                return jsonify({"msg": "Bad productId"}), 401

            supplierOrder = SupplierOrder(current_user)
            supplierOrder.fill(product_id, storehouse_id, count)
            sess.add(supplierOrder)
            sess.commit()
            return jsonify(sorderid=supplierOrder.id), 200

        else:
            return jsonify({"msg": "No Permission"}), 403
    else:
        return jsonify({"msg": "Please login"}), 401
Exemple #16
0
def delete():
    current_user = get_jwt_identity()

    pipeline = Pipeline(request)
    pipeline.add(ensureJson)
    pipeline.add(ensureParam, [request, 'id'])

    broken, retvs = pipeline.run()
    if broken:
        return retvs
    _, _id = retvs

    sess = DBSession()
    addr = sess.query(Address).filter_by(id=_id).first()

    user = sess.query(User).filter_by(id=current_user).first()
    if (addr != None) and (addr.owner_id == current_user):
        if user.default_address_id == addr.id:
            user.default_address_id = None
            sess.commit()
        sess.delete(addr)
        sess.commit()
        return jsonify(result=True), 200
    return jsonify(result=False, reson="BAD ADDRESS ID"), 200