def login_user():
params = request.get_json()
if request.content_type != 'application/json':
return jsonify({"status": "failed", "message": "Invalid content-type. Must be application/json." }), 400
if not params or not params['username'] or not params['password']:
return jsonify({ "status" : "failed" , 'message' : "Username or password is empty " } ) , 401
username = params["username"]
try:
ps_connection = InitDB()
if(ps_connection):
ps_cursor = ps_connection.cursor()
query = (" SELECT * FROM users where user_username = %s " )
ps_cursor.execute(query, ( username , ) )
rv = ps_cursor.fetchone()
ps_cursor.close()
CloseDB(ps_connection)
if not rv :
return jsonify({"status": "failed", 'message': "Username is incorrect "}), 401
password = rv[3]
public_id = rv[1]
user_id = rv[0]
company_id = rv[4]
if check_password_hash(password , params['password']):
token = jwt.encode({'member_public_id' : str(public_id),'user_id' : str(user_id) ,'company_id' :company_id,'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=int(os.getenv('EXPIRED')))}, os.getenv('SECRET_KEY'))
token = token.decode('UTF-8')
result = register_token(token ,public_id )
if result == 'success':
return jsonify({'token':token}), 200
else:
return jsonify({"status": "failed", 'message': "... "}), 500
else :
return jsonify({"status": "failed", 'message': "Password is incorrect "}), 401
except Exception as e :
return e
def InsertTeamMember(team_id, user_id):
exists_user = False
all_member = findteamMember(team_id)
if all_member == 'error':
return ['failed', 'error could not find member in team', 200]
for member in all_member:
if int(member[0]) == int(user_id):
exists_user = True
if exists_user == True:
return ['failed', 'error member already in team member', 200]
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = (
" insert into team_has_users ( team_id ,user_id ) values ( %s , %s )"
)
ps_cursor.execute(query, (
team_id,
user_id,
))
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return 'success'
except Exception as e:
return ['failed', 'user not in user table', 200]
def insertUser_details(params, user_public_id):
try:
user_id = findUserIdfromPublic_id(user_public_id)
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = (
" insert into userdetails( userdetails_employee_id , userdetails_firstname , userdetails_lastname , userdetails_phone , userdetails_email , userdetails_position ,user_id ) values ( %s , %s , %s ,%s ,%s ,%s ,%s) "
)
ps_cursor.execute(query, (
params["userdetails_employee_id"],
params["userdetails_firstname"],
params["userdetails_lastname"],
params["userdetails_phone"],
params["userdetails_email"],
params["userdetails_position"],
user_id,
))
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return 'success'
except Exception as e:
print(e)
return e
def decorated(*args, **kwargs):
token = None
if "Authorization" in request.headers:
token = request.headers["Authorization"]
if not token:
return jsonify({"message": "Token is missing!"}), 401
access_token = token.split(" ")[1]
try:
data = jwt.decode(access_token, os.getenv('SECRET_KEY'))
member_public_id = data["member_public_id"]
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = ("select system_token from system_token "
" where member_public_id = %s "
" order by system_token_id desc "
" limit 1")
ps_cursor.execute(query, (member_public_id, ))
rv = ps_cursor.fetchone()
ps_cursor.close()
CloseDB(ps_connection)
activeToken = rv[0]
if activeToken != access_token:
return jsonify({"message": "Token BlackList"}), 401
current_user = data
except Exception as e:
return jsonify({"message": "Invalid Token"}), 401
return f(current_user, *args, **kwargs)
def findAdminNameId(username):
try:
ps_connection = InitDB()
if(ps_connection):
ps_cursor = ps_connection.cursor()
query = ("select count(*) from admin where admin_username = %s ")
ps_cursor.execute(query, (username , ) )
company = ps_cursor.fetchone()
ps_cursor.close()
CloseDB(ps_connection)
return company
except(Exception ) as e:
return 'error'
def findteamMember(team_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = (" select user_id from team_has_users where team_id = %s ")
ps_cursor.execute(query, (team_id, ))
team_member = ps_cursor.fetchall()
ps_cursor.close()
CloseDB(ps_connection)
return team_member
except Exception as e:
return 'error'
def findUserIdfromPublic_id(user_public_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = ("select user_id from users where user_public_id = %s ")
ps_cursor.execute(query, (user_public_id, ))
data = ps_cursor.fetchone()
ps_cursor.close()
CloseDB(ps_connection)
return data[0]
except (Exception) as e:
return e
def findUserNameId(username):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = ("select count(*) from users where user_username = %s ")
ps_cursor.execute(query, (username, ))
data = ps_cursor.fetchone()
ps_cursor.close()
CloseDB(ps_connection)
return data
except (Exception) as e:
return e
def RemoveTeam(team_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = (" delete from team where team_id = %s ")
ps_cursor.execute(query, (team_id, ))
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return 'success'
except Exception as e:
print(e)
return 'error'
def findValidUserId(user_public_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = ("select count(*) from users where user_public_id = %s ")
ps_cursor.execute(query, (user_public_id, ))
data = ps_cursor.fetchone()
ps_cursor.close()
CloseDB(ps_connection)
count = int(data[0])
return (count)
except (Exception) as e:
return e
def registerAdmin(username ,password ,company_id):
hashed_password = generate_password_hash(password, method='sha256')
admin_public_id = str(uuid.uuid4())
try:
ps_connection = InitDB()
if(ps_connection):
ps_cursor = ps_connection.cursor()
query = (" insert into admin( admin_public_id , admin_username , admin_password ,admin_is_active,company_id ) values ( %s , %s , %s ,%s ,%s )" )
ps_cursor.execute(query, (admin_public_id, username , hashed_password , '1', company_id , ) )
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return 'success'
except Exception as e :
return 'error'
def find_all_user(company_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
sql = (
" select users.company_id , users.user_is_active , users.user_public_id , users.user_username , userdetails.userdetails_firstname , userdetails.userdetails_lastname , userdetails.userdetails_employee_id , userdetails.userdetails_avatar from users "
" left join userdetails on users.user_id = userdetails.user_id "
" where company_id = %s ")
ps_cursor.execute(sql, (company_id, ))
data = ps_cursor.fetchall()
ps_cursor.close()
CloseDB(ps_connection)
return ['success', data, 200]
except Exception as e:
return ['success', 'failed ' + e.message, 500]
def findTeam_ById(id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
query = (" select * from team " " where team.team_id = %s ")
ps_cursor.execute(query, (id, ))
team = ps_cursor.fetchone()
team["created_on"] = team["created_on"].timestamp()
if team is None:
team = []
ps_cursor.close()
CloseDB(ps_connection)
return ['success', team, 200]
except Exception as e:
print(e)
return ['failed', 'cant not find team', 200]
def findAll_Company_admin(company_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
query = (
" select team.team_id , team.team_public_id , team.team_name , team.team_avatar , team.team_is_active ,(SELECT extract(epoch from team.created_on) as TIME ), team.admin_id , team.company_id "
" from team inner join company on team.company_id = company.company_id "
" where company.company_id = %s ")
ps_cursor.execute(query, (company_id, ))
all_team_data = ps_cursor.fetchall()
ps_cursor.close()
CloseDB(ps_connection)
return ['success', all_team_data, 200]
except Exception as e:
print(e)
return ['failed', 'cant not find team', 200]
def EditTeam(team_name, company_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = (
" UPDATE team SET team_name = %s WHERE company_id = %s ")
ps_cursor.execute(query, (
team_name,
company_id,
))
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return 'success'
except Exception as e:
return 'error'
def RemoveTeamMember(team_id, user_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = (
" delete from team_has_users where team_id = %s and user_id = %s "
)
ps_cursor.execute(query, (
team_id,
user_id,
))
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return 'success'
except Exception as e:
return 'error'
def InsertTeam(team_name, team_avatar, admin_id, company_id):
dt = datetime.datetime.now(tz)
team_uuid = str(uuid.uuid4())
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
query = (
" insert into team ( team_public_id , team_name , team_avatar ,team_is_active,created_on , admin_id , company_id ) values ( %s , %s , %s ,%s ,%s ,%s ,%s )"
)
ps_cursor.execute(query, (team_uuid, team_name, team_avatar, '1',
dt, admin_id, company_id))
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return 'success'
except Exception as e:
print(e)
return 'error'
def update_userdetails(params, user_public_id):
try:
column = ''
for column_name in params.keys():
column = str(column) + str(column_name + " = '" +
params[column_name] + "' ,")
sql_prepare = (column[0:(len(column)) - 1])
user_id = findUserIdfromPublic_id(user_public_id)
sql_builder = "UPDATE userdetails SET " + str(
sql_prepare) + " WHERE user_id = %s "
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor()
ps_cursor.execute(sql_builder, (user_id, ))
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
return ['success', 'Edited : ' + str(user_public_id), 200]
except Exception as e:
return ['success', 'failed ' + e.message, 500]
def findteamMember_details(team_id):
try:
ps_connection = InitDB()
if (ps_connection):
ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
query = (
" select users.user_is_active , users.user_id,users.user_public_id , users.user_username , userdetails.userdetails_firstname "
" ,userdetails.userdetails_lastname ,userdetails.userdetails_lastname ,userdetails.userdetails_employee_id ,userdetails.userdetails_phone , userdetails.userdetails_email,userdetails.userdetails_position , userdetails.userdetails_avatar "
" from team_has_users "
" inner join users on users.user_id = team_has_users.user_id "
" left join userdetails on userdetails.user_id = users.user_id "
" where team_id = %s ")
ps_cursor.execute(query, (team_id, ))
team_member = ps_cursor.fetchall()
ps_cursor.close()
CloseDB(ps_connection)
return ['success', team_member, 200]
except Exception as e:
print(e)
return ['failed', 'cant not find team', 200]
def RegisterCompany_with_groupsystem(current_user):
if request.content_type != 'application/json':
return jsonify({"status": "failed", "message": "Invalid content-type. Must be application/json." }), 400
try:
params = request.get_json()
company_name = params["company_name"]
uuid_entry = str(uuid.uuid4())
ps_connection = InitDB()
if(ps_connection):
ps_cursor = ps_connection.cursor()
query = (" insert into company( company_name , company_public_id , company_is_active ,created_on ) values ( %s , %s , %s ,%s )" )
ps_cursor.execute(query, (company_name, uuid_entry , '1', datetime.datetime.now() ) )
ps_connection.commit()
ps_cursor.close()
CloseDB(ps_connection)
token = request.headers["Authorization"]
access_token = token.split(" ")[1]
status_code = create_storage(access_token ,uuid_entry )
if int (status_code) == 201 :
return jsonify({"status" : 'success' , "company_public_id" : uuid_entry } ),201
except (Exception, psycopg2.Error) as error:
return jsonify({'status' : 'falied' , "message" : error} ),500
def register_token(token, member_public_id):
try:
ps_connection = InitDB()
if (ps_connection):
token = str(token)
member_public_id = str(member_public_id)
ps_cursor = ps_connection.cursor()
query = (
"INSERT INTO system_token(system_token , member_public_id , created_on) VALUES (%s , %s , %s ) "
)
ps_cursor.execute(query, (
token,
member_public_id,
dt,
))
ps_cursor.close()
ps_connection.commit()
CloseDB(ps_connection)
return 'success'
except (Exception) as e:
print(e)
return e