def signup_user():
data = request.get_json()
firstName = data.get('firstname')
lastName = data.get('lastname')
otherNames = data.get('othernames')
email = data.get('email')
phoneNumber = data.get('phonenumber')
userName = data.get('username')
userPassword = data.get('password')
if not firstName or not lastName or not\
otherNames or not email or not phoneNumber or not \
userName or not userPassword:
return jsonify({
'status': 400,
'error': 'A required field is either missing or empty'
}), 400
if not validateUser.validate_names(firstName) or not \
validateUser.validate_names(lastName) or not \
validateUser.validate_names(otherNames) or not \
validateUser.validate_names(userName):
return jsonify({
'status':
400,
'error':
'Name must be a string and must not contain spaces'
}), 400
if not validateUser.validate_phoneNumber(phoneNumber):
return jsonify({
'status':
400,
'error':
'Only numbers are allowed for the phonenumber field'
}), 400
if not validate_email(email):
return jsonify({'status': 400, 'error': 'Invalid email'}), 400
if not validateUser.validate_password(userPassword):
return jsonify({
'status':
400,
'error':
'Password must be atleast 8 characters and should have atleast one number and one capital letter'
}), 400
user = User(firstName, lastName, otherNames, email, phoneNumber, userName,
generate_password_hash(userPassword))
if db_handler().select_one_record('user_table', 'useremail', email):
return jsonify({
'status': 400,
'error': 'User account already exists'
}), 400
user = db_handler().add_user(user.firstname, user.lastname,
user.othernames, user.username, user.email,
user.phoneNumber, user.password,
user.registered, user.isAdmin)
data.pop('password')
return jsonify({
'status': 201,
'data': data,
'message': 'Your Account was created successfuly'
}), 201
def edit_location_of_incident(incident_id, record_type):
data = request.get_json()
location = data.get('location')
try:
incident_Id = int(incident_id)
except:
return jsonify({
'status': 400,
'error': 'incident_id must be a valid number'
}), 400
if not location:
return jsonify({
'status': 400,
'error': 'location field is empty or missing'
}), 400
if not validateIncident.validate_location(location):
return jsonify({
'status':
400,
'error':
'Location field only takes in a list of valid Lat and Long cordinates'
}), 400
redflag_data_fetch = db_handler().select_one_incident(
'incident_table', 'incidentid', incident_Id, record_type)
if not redflag_data_fetch:
return jsonify({
'status': 200,
'message': 'incident record not found'
}), 200
if redflag_data_fetch[7] != 'Draft':
return jsonify({
'status':
400,
'error':
'You cannot change the location while the incident status is not Draft'
}), 400
db_handler().update_incident_record_location(incident_Id, location[0],
location[1], record_type)
incident_record_type = redflag_data_fetch[3]
redflag_data_fetch = db_handler().select_one_incident(
'incident_table', 'incidentid', incident_Id, record_type)
data_dict = {
"incidentid": redflag_data_fetch[0],
"createdon": redflag_data_fetch[1],
"createdby": redflag_data_fetch[2],
"record_type": redflag_data_fetch[3],
"incident_location": redflag_data_fetch[4],
"comment": redflag_data_fetch[6],
"status": redflag_data_fetch[7]
}
return jsonify({
'status':
200,
'data':
data_dict,
'message':
f"Updated {incident_record_type} record's location"
}), 200
def edit_comment_of_incident(incident_id, record_type):
info = request.get_json()
comment = info.get('comment')
try:
incident_Id = int(incident_id)
except:
return jsonify({
'status': 400,
'error': 'incident_id must be a valid number'
}), 400
if not comment:
return jsonify({
'status': 400,
'error': 'comment field is empty or missing'
}), 400
if not validateIncident.validate_comment(comment):
return jsonify({
'status': 400,
'error': 'comment must be a string'
}), 400
incident_result = db_handler().select_one_incident('incident_table',
'incidentid',
int(incident_Id),
record_type)
if not incident_result:
return jsonify({
'status': 200,
'message': 'incident record not found'
}), 200
if incident_result[7] != 'Draft':
return jsonify({
'status':
400,
'error':
'You cannot change the location while the incident status is not Draft'
}), 400
db_handler().update_incident_record('comment', incident_Id, comment,
record_type)
returned_type = incident_result[3]
incident_result = db_handler().select_one_incident('incident_table',
'incidentid',
incident_Id,
record_type)
redflag_dict = {
"incidentid": incident_result[0],
"createdon": incident_result[1],
"createdby": incident_result[2],
"record_type": incident_result[3],
"incident_location": incident_result[4],
"comment": incident_result[6],
"status": incident_result[7]
}
return jsonify({
'status': 200,
'data': redflag_dict,
'message': f"Updated {returned_type} record's comment"
}), 200
def edit_incident_location(incident_id, record_type):
data = request.get_json()
location = data.get('location')
try:
incident_Id = int(incident_id)
except:
return jsonify({
'status': 400,
'message': 'incident id must be an integer'
}), 400
if not location:
return jsonify({
'status': 400,
'message': 'location field is empty or missing'
}), 400
if not incident.validate_location(location):
return jsonify({
'status':
400,
'error':
'Location field only takes in a list of valid Lat and Long cordinates'
}), 400
redflag_data_saved = db_handler().select_one_incident(
'incidentTable', 'incident_id', incident_Id, record_type)
if not redflag_data_saved:
return jsonify({'status': 400, 'error': 'incident is not found'}), 400
if redflag_data_saved[7] != 'Draft':
return jsonify({
'status':
400,
'error':
'you can not change location if the incident status is not draft'
}), 400
db_handler().update_incident_record_location(incident_Id, location[0],
location[1], record_type)
incident_record_type = redflag_data_saved[3]
redflag_data_saved = db_handler().select_one_incident(
'incidentTable', 'incident_id', incident_Id, record_type)
data_dict = {
"incidentid": redflag_data_saved[0],
"createdon": redflag_data_saved[1],
"createdby": redflag_data_saved[2],
"record_type": redflag_data_saved[3],
"incident_location": redflag_data_saved[4],
'comment': redflag_data_saved[6],
'status': redflag_data_saved[7]
}
return jsonify({
'status': 200,
'data': data_dict,
'message': f"updated {incident_record_type} successfully"
}), 200
def create_incident(current_user):
info = request.get_json()
incident_type = info.get('incident_type')
location = info.get('location')
comment = info.get('comment')
if not incident_type or not location or not comment:
return jsonify({
'status': 400,
'error': 'A field is missing or empty'
}), 400
if not incident.validate_recordType(incident_type):
return jsonify({
'status':
400,
'error':
'Incident type must either be a red-flag or intervention'
}), 400
if not incident.validate_comment(comment):
return jsonify({
'status': 400,
'error': 'comment must be a string'
}), 400
if not incident.validate_location(location):
return jsonify({
'status': 400,
'error': 'location must be a lat and long format'
}), 400
inciden = Incident(current_user[0], incident_type, location, comment)
db_handler().add_incident_record(inciden.createdOn, inciden.createdBy,
inciden.record_type, inciden.location[0],
inciden.location[1], inciden.comment,
inciden.status)
data_dict = {
"createdon": inciden.createdOn,
"record_type": inciden.record_type,
"incident_location": inciden.location,
"comment": inciden.comment,
"status": inciden.status
}
return jsonify({
'status': 201,
'data': data_dict,
'message': f'created {incident_type} record successfully'
}), 201
def change_status(incident_id, record_type):
status_data = request.get_json()
status = status_data.get('status')
try:
incident_Id = int(incident_id)
except:
return jsonify({
'status': 400,
'error': 'incident_id must be a valid number'
}), 400
if not status:
return jsonify({
'status': 400,
'error': 'status field is either empty or missing'
}), 400
if not validateIncident.validate_status(status):
return jsonify({
'status':
400,
'error':
'status must a string and must be under investigation or rejected or resolved'
}), 400
incident_record_data = db_handler().select_one_incident(
'incident_table', 'incidentid', incident_Id, record_type)
if not incident_record_data:
return jsonify({
'status': 200,
'message': 'incident record not found'
}), 200
db_handler().update_incident_record('incident_status', incident_Id, status,
record_type)
incident_record_data = db_handler().select_one_incident(
'incident_table', 'incidentid', incident_Id, record_type)
data_dict = {
"incidentid": incident_record_data[0],
"createdon": incident_record_data[1],
"createdby": incident_record_data[2],
"record_type": incident_record_data[3],
"incident_location": incident_record_data[4],
"comment": incident_record_data[6],
"status": incident_record_data[7]
}
return jsonify({
'status':
200,
'data':
data_dict,
'message':
f"{incident_record_data[3]} record's status was successfuly updated"
}), 200
def post_incident(current_user):
details = request.get_json()
incident_type = details.get('incident_type')
location = details.get('location')
comment = details.get('comment')
# video = details.get('video')
if not incident_type or not location or not comment:
return jsonify({
'status': 400,
'error': 'A required field is either missing or empty'
}), 400
if not validateIncident.validate_type(incident_type):
return jsonify({
'status':
400,
'error':
'type must a string and must be red-flag or intervention'
}), 400
if not validateIncident.validate_location(location):
return jsonify({
'status':
400,
'error':
'Location field only takes in a list of valid Lat and Long cordinates'
}), 400
if not validateIncident.validate_comment(comment):
return jsonify({
'status': 400,
'error': 'comment must be a string'
}), 400
incident = Incident(current_user[0], incident_type, location, comment)
db_handler().add_incident_record(incident.createdOn, incident.createdBy,
incident.record_type,
incident.location[0],
incident.location[1], incident.comment,
incident.status)
data_dict = {
"createdon": incident.createdOn,
"record_type": incident.record_type,
"incident_location": incident.location,
"comment": incident.comment,
"status": incident.status
}
return jsonify({
'status': 201,
'data': data_dict,
'message': f'created {incident_type} record successfuly'
}), 201
def get_an_incident(incident_id, record_type):
try:
incidentId = int(incident_id)
except:
return jsonify({
'status': 200,
'message': 'incident id must be an integer'
}), 200
fetched_data = db_handler().select_one_incident('incidentTable',
'incident_id', incidentId,
record_type)
if not fetched_data:
return jsonify({
'status': 200,
'message': 'incident is not found'
}), 200
data_dict = {
"incidentid": fetched_data[0],
"createdon": fetched_data[1],
"createdby": fetched_data[2],
"record_type": fetched_data[3],
"incident_location": fetched_data[4],
"comment": fetched_data[6],
"status": fetched_data[7]
}
return jsonify({'status': 200, 'data': data_dict}), 200
def fetch_an_incident(incident_id, record_type):
try:
incidentId = int(incident_id)
except:
return jsonify({
'status': 400,
'error': 'incident_id must be a valid number'
}), 400
record_data = db_handler().select_one_incident('incident_table',
'incidentid', incidentId,
record_type)
if not record_data:
return jsonify({
'status': 200,
'message': 'Incident record not found'
}), 200
data_dict = {
"incidentid": record_data[0],
"createdon": record_data[1],
"createdby": record_data[2],
"record_type": record_data[3],
"incident_location": record_data[4],
"comment": record_data[6],
"status": record_data[7]
}
return jsonify({'data': data_dict, 'status': 200}), 200
def change_status_of_incident(incident_id, record_type):
info = request.get_json()
status = info.get('status')
try:
incident_Id = int(incident_id)
except:
return jsonify({
'status': 400,
'error': 'incident is must be a valid integer'
}), 400
if not status:
return jsonify({
'status': 400,
'error': 'status field is missing or not found'
}), 400
if not incident.validate_status(status):
return jsonify({
'status': 400,
'error': 'status must be s string'
}), 400
incident_to_update = db_handler().select_one_incident(
'incidentTable', 'incident_id', incident_Id, record_type)
if not incident_to_update:
return jsonify({'status': 200, 'error': 'incident not found'}), 200
db_handler().update_incident_record('status', incident_Id, status,
record_type)
incident_to_update = db_handler().select_one_incident(
'incidentTable', 'incident_id', incident_Id, record_type)
incident_to = incident_to_update[3]
data_dict = {
'incidentId': incident_to_update[0],
'createdon': incident_to_update[1],
'createdby': incident_to_update[2],
'record_type': incident_to_update[3],
'location': incident_to_update[4],
'comment': incident_to_update[6],
'status': incident_to_update[7]
}
return jsonify({
'status': 200,
'data': data_dict,
'message': f"updated {incident_to} status"
}), 200
def edit_redflag_comment(current_user, incident_id):
record_data = db_handler().select_one_record('incident_table', 'incidentid',
incident_id)
if record_data:
if int(record_data[2]) != current_user[0]:
return jsonify({'status': 403,
'error': 'You can only edit the location of a record you created'
}), 403
return edit_comment_of_incident(incident_id, 'red-flag')
def edit_intervention_location(current_user, incident_id):
check_record = db_handler().select_one_record('incident_table', 'incidentid',
incident_id)
if check_record:
if int(check_record[2]) != current_user[0]:
return jsonify({'status': 403,
'error': 'You can only edit the location of a record you created'
}), 403
return edit_location_of_incident(incident_id, 'intervention')
def delete_intervention_record(current_user, incident_id):
delete_data = db_handler().select_one_incident('incident_table', 'incidentid',
incident_id, 'intervention')
if delete_data:
if int(delete_data[2]) != current_user[0]:
return jsonify({'status': 403,
'error': 'You can only delete a record you created'
}), 403
return delete_incident(incident_id, 'intervention')
def change_intervention_location(current_user, incident_id):
check_info = db_handler().select_one_record('incidentTable', 'incident_id',
incident_id)
if int(check_info[2]) != current_user[0]:
return jsonify({
'message':
'You can edit location of an incident you did not create'
})
return edit_incident_location(incident_id, 'intervention')
def delete_intervention(current_user, incident_Id):
delete = db_handler().select_one_record('incidentTable', 'incident_id',
incident_Id)
if delete:
if int(delete[2]) != current_user[0]:
return jsonify({
'message':
'You can not delete an intervention you did not create'
})
return delete_incident(incident_Id, 'intervention')
def delete_incident(incident_id, record_type):
try:
incident_Id = int(incident_id)
except:
return jsonify({
'status': 400,
'error': 'incident_id must be a valid number'
}), 400
delete_data = db_handler().select_one_incident('incident_table',
'incidentid', incident_Id,
record_type)
if not delete_data:
return jsonify({
'status': 200,
'message': 'incident record not found'
}), 200
db_handler().delete_incident_record(incident_Id, record_type)
return jsonify({
'status': 200,
'message': f"{delete_data[3]} record has been deleted"
}), 200
def change_redflag_comment(current_user, incident_id):
check_data = db_handler().select_one_record('incidentTable', 'incident_id',
incident_id)
if check_data:
if int(check_data[2]) != current_user[0]:
return jsonify({
'message':
'You can not edit comment of an incident you did not create'
})
return edit_comment_of_incident(incident_id, 'red-flag')
def login_user(user_type):
login_info = request.get_json()
login_email = login_info.get('email')
login_pass = login_info.get('password')
if not login_email or not login_email:
return jsonify({'status': 400, 'error': 'a field is missing'}), 400
if not validateUser.validate_password(login_pass):
return jsonify({
'status':
400,
'error':
'a password must be 8 characters and above and it must have both numbers and letters'
}), 400
if not validate_email(login_email):
return jsonify({'status': 400, 'error': 'invalid email'}), 400
user_data = db_handler().select_one_record('user_table', 'email',
login_email)
if user_data:
if user_type == 'admin':
if user_data[9] is False:
return jsonify({
'status':
401,
'error':
'you can not login as anormal user here'
}), 401
if user_type == 'normal_user':
if user_data[9] is True:
return jsonify({
'status':
401,
'error':
'you can not login as an admin from here'
}), 401
if user_data[5] == login_email and check_password_hash(
user_data[6], login_pass):
access_token = encode_token(login_email)
return jsonify({
'status': 200,
'access_token': access_token.decode('UTF-8'),
'message': 'You are successfully logged in'
}), 200
return jsonify({'status': 401, 'error': 'wrong email or password'}), 401
def inner_func(*args,**kwargs):
token = None
if 'Authorization' in request.headers:
token = request.headers['Authorization']
if not token:
return jsonify({'status':401,'error': 'token is invalid or missing'}),401
try:
data = jwt.decode(token,app.config['SECRET'], algorithms = ['HS256'])
current_user = db_handler().select_one_record('user_table', 'email', data['sub'])
except jwt.ExpiredSignatureError:
return jsonify({'status': 401,'error':'The token has expired please login again'}),401
except jwt.InvalidTokenError:
return jsonify({'status': 401,'error' : 'Invalid token. please login again'})
return f(current_user, *args, **kwargs)
def fetch_all_incidents(record_type):
fetched_data = db_handler().select_all_incidents(record_type)
if not fetched_data:
return jsonify({
'status': 200,
'message': 'No incidents recorded yet'
}), 200
keys = [
"incidentid", "createdon", "createdby", "record_type",
"incident_location", "comment", "status"
]
incident_records = []
for data in fetched_data:
records = [
data[0], data[1], data[2], data[3], data[4], data[6], data[7]
]
incident_records.append(dict(zip(keys, records)))
return jsonify({'data': incident_records, 'status': 200}), 200
def login_user(user_type):
login_info = request.get_json()
login_email = login_info.get('email')
login_password = login_info.get('password')
if not login_email or not login_password:
return jsonify({
'status': 400,
'error': 'email or password cannot be empty'
}), 400
if not validate_email(login_email):
return jsonify({'status': 400, 'error': 'Invalid email'}), 400
if not validateUser.validate_password(login_password):
return jsonify({
'status':
400,
'error':
'Password must be atleast 8 characters and should have atleast one number and one capital letter'
}), 400
user_data = db_handler().select_one_record('user_table', 'useremail',
login_email)
if user_data:
if user_type == "admin":
if user_data[9] is False:
return jsonify({
'status':
401,
'error':
"You can't login as a normal user from here"
}), 401
if user_type == "normal_user":
if user_data[9] is True:
return jsonify({
'status': 401,
'error': "You can't login as an admin from here"
}), 401
if user_data[5] == login_email and \
check_password_hash(user_data[7], login_password):
access_token = encode_token(login_email)
return jsonify({
'status': 200,
'access_token': access_token.decode('UTF-8'),
'message': 'You are now loggedin'
}), 200
return jsonify({'status': 401, 'error': 'Wrong email or password'}), 401
def register_user():
data = request.get_json()
firstname = data.get('firstname')
lastname = data.get('lastname')
othername = data.get('othername')
username = data.get('username')
email = data.get('email')
password = data.get('password')
phonenumber = data.get('phonenumber')
if not firstname or not lastname or not othername or not username \
or not email or not password or not phonenumber:
return jsonify({
'status': 400,
'error': 'A field is missing or not filled in'
}), 400
if not validateUser.validate_name(firstname) or not validateUser.validate_name(lastname) \
or not validateUser.validate_name(othername) or not validateUser.validate_name(username):
return jsonify({
'status':
400,
'error':
'All names must be strings and thier must be no space'
}), 400
if not validateUser.validate_number(phonenumber):
return jsonify({
'status': 400,
'error': 'phonenumber must be an integer'
}), 400
if not validateUser.validate_password(password):
return jsonify({
'status':
400,
'error':
'a password must be 8 characters and above and it must have both numbers and letters'
}), 400
if not validate_email(email):
return jsonify({'status': 400, 'error': 'invalid email'}), 400
new_user = User(firstname, lastname, othername, username, email,
generate_password_hash(password), phonenumber)
if db_handler().select_one_record('user_table', 'email', email):
return jsonify({
'status': 200,
'message': 'account already exists try log in'
}), 200
# db_handler().add_user('Busolo','Emma','Amos','EmmaAmos','*****@*****.**'
# ,generate_password_hash('EmmaAmos123'),25670364,datetime.datetime.now(),True)
new_user = db_handler().add_user(new_user.firstname, new_user.lastname,
new_user.othername, new_user.username,
new_user.email, new_user.password,
new_user.phonenumber, new_user.registered,
new_user.is_admin)
data.pop('password')
return jsonify({
'status': 201,
'message': 'your account has been created successfully'
}), 201
