def login():
try:
kwargs = request.body_params.dict()
exist_user = EmployeeModel.find_by_identity(kwargs["email"])
if exist_user is None:
return jsonify(error="wrong email or password"), 401
if not exist_user.authenticate(kwargs["password"]):
return jsonify(error="wrong email or password"), 401
if not has_access(exist_user.role, ["admin"]):
return jsonify(error="Access denied"), 403
# Create the tokens we will be sending back to the user
access_token = create_access_token(
identity=exist_user,
additional_claims={"role": exist_user.role.id})
refresh_token = create_refresh_token(
identity=exist_user,
additional_claims={"role": exist_user.role.id})
AdminRespUser.update_forward_refs()
admin_dto = AdminRespUser.from_orm(exist_user).dict()
resp = jsonify(user=admin_dto,
accessToken=access_token,
refreshToken=refresh_token), 200
return resp
except Exception as e:
print(e)
return jsonify(error="Admin login error"), 500
def edit_consumer(customer_id):
try:
kwargs = request.body_params.dict()
exists_customer = CustomerModel.get_by_id(customer_id)
if exists_customer is None:
return jsonify(error="Customer not found"), 400
exists_customer.email = kwargs.get("email") or exists_customer.email
exists_customer.first_name = kwargs.get(
"first_name") or exists_customer.first_name
exists_customer.last_name = kwargs.get(
"last_name") or exists_customer.last_name
exists_customer.telephone = kwargs.get(
"telephone") or exists_customer.telephone
exists_customer.city = kwargs.get("city") or exists_customer.city
exists_customer.country = kwargs.get(
"country") or exists_customer.country
exists_customer.is_active = kwargs.get(
"is_active") or exists_customer.is_active
exists_customer.save()
user_dto = AdminRespUser.from_orm(exists_customer).dict()
return jsonify(customer=user_dto), 200
except Exception as e:
print(e)
return jsonify(error="Staff edit error"), 500
def customer(customer_id):
try:
user = CustomerModel.get_by_id(customer_id)
if user is None:
return jsonify(error="User not found"), 400
AdminRespUser.update_forward_refs()
user_dto = AdminRespUser.from_orm(user).dict()
resp = jsonify(user=user_dto), 200
return resp
except Exception as e:
print(e)
return jsonify(error="User error"), 500
def add_employee():
try:
kwargs = request.body_params.dict()
exists_user = EmployeeModel.verify_for_signup(kwargs.get("email"),
kwargs.get("telephone"))
if exists_user:
return jsonify(error="Account already exits"), 400
# TODO check if service is right
# services = [ServiceModel.get_by_id(service) for service in kwargs.get("services")]
role_id: str = RoleModel.find_by_identity("staff").id
employee = EmployeeModel(**kwargs, role_id=role_id)
employee.save()
dto = AdminRespUser.from_orm(employee).dict()
return jsonify(user=dto), 200
except Exception as e:
print(e)
return jsonify(error="Error adding employee"), 500
def delete_customer(customer_id):
try:
customer = CustomerModel.get_by_id(customer_id)
if customer is None:
return jsonify(error="Customer not found"), 400
if customer.role == "admin":
return jsonify(error="Access denied"), 403
customer.is_active = False
customer.save()
dto = AdminRespUser.from_orm(customer).dict()
return jsonify(customer=dto), 200
except Exception as e:
return jsonify(error="Staff delete error"), 500
def delete_employee(employee_id):
try:
employee = EmployeeModel.get_by_id(employee_id)
if employee is None:
return jsonify(error="Employee not found"), 400
if employee.role == "admin":
return jsonify(error="Access denied"), 403
employee.is_active = False
employee.save()
dto = AdminRespUser.from_orm(employee).dict()
return jsonify(employee=dto), 200
except Exception as e:
return jsonify(error="Staff delete error"), 500
def edit_employee(employee_id):
try:
kwargs = request.body_params.dict()
exists_employee = EmployeeModel.get_by_id(employee_id)
if exists_employee is None:
return jsonify(error="Employee not found"), 400
if kwargs.get("services") is not None:
services = [
ServiceModel.get_by_id(service)
for service in kwargs.get("services")
]
exists_employee.services.extend(services)
exists_employee.email = kwargs.get("email") or exists_employee.email
exists_employee.first_name = kwargs.get(
"first_name") or exists_employee.first_name
exists_employee.last_name = kwargs.get(
"last_name") or exists_employee.last_name
exists_employee.telephone = kwargs.get(
"telephone") or exists_employee.telephone
exists_employee.city = kwargs.get("city") or exists_employee.city
exists_employee.country = kwargs.get(
"country") or exists_employee.country
exists_employee.is_active = kwargs.get(
"is_active") or exists_employee.is_active
exists_employee.save()
services = exists_employee.services.all()
user_dto = AdminRespUser.from_orm(exists_employee).dict()
services_dto = [
AdminRespServiceSchema.from_orm(service).dict()
for service in services
]
return jsonify(employee={
"user": user_dto,
"services": services_dto
}), 200
except Exception as e:
print(e)
return jsonify(error="Staff edit error"), 500
def get_employee(employee_id):
try:
staff = EmployeeModel.get_by_id(employee_id)
if staff is None:
return jsonify(error="Employee not found"), 400
services = staff.services.all()
user_dto = AdminRespUser.from_orm(staff).dict()
services_dto = [
AdminRespServiceSchema.from_orm(service).dict()
for service in services
]
return jsonify(employee={
"user": user_dto,
"services": services_dto
}), 200
except Exception as e:
print(e)
return jsonify(error="Staff error"), 500