Esempio n. 1
0
def login_user():
	params = request.get_json()
	if request.content_type != 'application/json':
		return jsonify({"status": "failed", "message": "Invalid content-type. Must be application/json." }), 400
	if not params or not params['username'] or not params['password']:
		return jsonify({ "status" : "failed" , 'message' : "Username or password is empty " }  ) , 401
	username = params["username"]
	try:
		ps_connection  = InitDB()
		if(ps_connection):
			ps_cursor = ps_connection.cursor()
			query = (" SELECT * FROM users where user_username = %s " )
			ps_cursor.execute(query, ( username , ) )
			rv = ps_cursor.fetchone()
			ps_cursor.close()
			CloseDB(ps_connection) 
			if not rv :
				return jsonify({"status": "failed", 'message': "Username is incorrect "}), 401  
		
			password = rv[3]
			public_id = rv[1]
			user_id = rv[0]
			company_id = rv[4]
			if check_password_hash(password , params['password']):
				token = jwt.encode({'member_public_id' : str(public_id),'user_id' : str(user_id) ,'company_id' :company_id,'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=int(os.getenv('EXPIRED')))}, os.getenv('SECRET_KEY'))
				token = token.decode('UTF-8')
				result = register_token(token ,public_id )
				if result == 'success': 
					return jsonify({'token':token}), 200
				else:
					return jsonify({"status": "failed", 'message': "... "}), 500
			else :
				return jsonify({"status": "failed", 'message': "Password is incorrect "}), 401
	except Exception as e :
		return e
Esempio n. 2
0
def InsertTeamMember(team_id, user_id):
    exists_user = False
    all_member = findteamMember(team_id)
    if all_member == 'error':
        return ['failed', 'error could not find member in team', 200]
    for member in all_member:
        if int(member[0]) == int(user_id):
            exists_user = True
    if exists_user == True:
        return ['failed', 'error member already in team member', 200]
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = (
                "  insert into team_has_users ( team_id ,user_id ) values ( %s , %s )"
            )
            ps_cursor.execute(query, (
                team_id,
                user_id,
            ))
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)
            return 'success'
    except Exception as e:
        return ['failed', 'user not in user table', 200]
Esempio n. 3
0
def insertUser_details(params, user_public_id):
    try:
        user_id = findUserIdfromPublic_id(user_public_id)
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = (
                "  insert into userdetails( userdetails_employee_id , userdetails_firstname , userdetails_lastname , userdetails_phone , userdetails_email , userdetails_position ,user_id ) values ( %s , %s , %s ,%s ,%s ,%s ,%s) "
            )
            ps_cursor.execute(query, (
                params["userdetails_employee_id"],
                params["userdetails_firstname"],
                params["userdetails_lastname"],
                params["userdetails_phone"],
                params["userdetails_email"],
                params["userdetails_position"],
                user_id,
            ))
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)
            return 'success'
    except Exception as e:
        print(e)
        return e
Esempio n. 4
0
    def decorated(*args, **kwargs):
        token = None
        if "Authorization" in request.headers:
            token = request.headers["Authorization"]

        if not token:
            return jsonify({"message": "Token is missing!"}), 401

        access_token = token.split(" ")[1]

        try:
            data = jwt.decode(access_token, os.getenv('SECRET_KEY'))
            member_public_id = data["member_public_id"]
            ps_connection = InitDB()
            if (ps_connection):
                ps_cursor = ps_connection.cursor()
                query = ("select system_token from system_token "
                         " where member_public_id = %s "
                         " order by system_token_id desc "
                         " limit 1")
                ps_cursor.execute(query, (member_public_id, ))
                rv = ps_cursor.fetchone()
                ps_cursor.close()
                CloseDB(ps_connection)
                activeToken = rv[0]

                if activeToken != access_token:
                    return jsonify({"message": "Token BlackList"}), 401
                current_user = data
        except Exception as e:
            return jsonify({"message": "Invalid Token"}), 401

        return f(current_user, *args, **kwargs)
Esempio n. 5
0
def findAdminNameId(username):
	try:
		ps_connection  = InitDB()
		if(ps_connection):
			ps_cursor = ps_connection.cursor()
			query = ("select count(*) from admin where admin_username = %s ")
			ps_cursor.execute(query, (username , ) )
			company = ps_cursor.fetchone()
			ps_cursor.close()   
			CloseDB(ps_connection)     
			return company
	except(Exception ) as e:
		return 'error'
Esempio n. 6
0
def findteamMember(team_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = (" select user_id from team_has_users where team_id = %s ")
            ps_cursor.execute(query, (team_id, ))
            team_member = ps_cursor.fetchall()
            ps_cursor.close()
            CloseDB(ps_connection)
            return team_member
    except Exception as e:
        return 'error'
Esempio n. 7
0
def findUserIdfromPublic_id(user_public_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = ("select user_id from users where user_public_id = %s ")
            ps_cursor.execute(query, (user_public_id, ))
            data = ps_cursor.fetchone()
            ps_cursor.close()
            CloseDB(ps_connection)
            return data[0]
    except (Exception) as e:
        return e
Esempio n. 8
0
def findUserNameId(username):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = ("select count(*) from users where user_username = %s ")
            ps_cursor.execute(query, (username, ))
            data = ps_cursor.fetchone()
            ps_cursor.close()
            CloseDB(ps_connection)
            return data
    except (Exception) as e:
        return e
Esempio n. 9
0
def RemoveTeam(team_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = ("  delete from team where team_id = %s  ")
            ps_cursor.execute(query, (team_id, ))
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)
            return 'success'
    except Exception as e:
        print(e)
        return 'error'
Esempio n. 10
0
def findValidUserId(user_public_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = ("select count(*) from users where user_public_id = %s ")
            ps_cursor.execute(query, (user_public_id, ))
            data = ps_cursor.fetchone()
            ps_cursor.close()
            CloseDB(ps_connection)
            count = int(data[0])
            return (count)
    except (Exception) as e:
        return e
Esempio n. 11
0
def registerAdmin(username ,password ,company_id):
	hashed_password = generate_password_hash(password, method='sha256')
	admin_public_id = str(uuid.uuid4()) 
	try:
		ps_connection  = InitDB()
		if(ps_connection):
			ps_cursor = ps_connection.cursor()
			query = ("  insert into admin( admin_public_id , admin_username , admin_password ,admin_is_active,company_id ) values ( %s , %s , %s ,%s ,%s )" )
			ps_cursor.execute(query, (admin_public_id,  username , hashed_password , '1', company_id , ) ) 
			ps_connection.commit()
			ps_cursor.close()
			CloseDB(ps_connection)      
			return 'success'
	except Exception as e :
	   return 'error'
Esempio n. 12
0
def find_all_user(company_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
            sql = (
                " select users.company_id , users.user_is_active , users.user_public_id , users.user_username , userdetails.userdetails_firstname , userdetails.userdetails_lastname , userdetails.userdetails_employee_id ,   userdetails.userdetails_avatar  from users  "
                " left join userdetails on users.user_id = userdetails.user_id "
                " where company_id = %s ")
            ps_cursor.execute(sql, (company_id, ))
            data = ps_cursor.fetchall()
            ps_cursor.close()
            CloseDB(ps_connection)
            return ['success', data, 200]
    except Exception as e:
        return ['success', 'failed ' + e.message, 500]
Esempio n. 13
0
def findTeam_ById(id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
            query = (" select * from team " " where team.team_id = %s ")
            ps_cursor.execute(query, (id, ))
            team = ps_cursor.fetchone()
            team["created_on"] = team["created_on"].timestamp()
            if team is None:
                team = []
            ps_cursor.close()
            CloseDB(ps_connection)
            return ['success', team, 200]
    except Exception as e:
        print(e)
        return ['failed', 'cant not find team', 200]
Esempio n. 14
0
def findAll_Company_admin(company_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
            query = (
                " select team.team_id , team.team_public_id , team.team_name , team.team_avatar , team.team_is_active ,(SELECT extract(epoch from team.created_on) as TIME ), team.admin_id , team.company_id "
                " from team inner join company on team.company_id = company.company_id "
                " where company.company_id = %s ")
            ps_cursor.execute(query, (company_id, ))
            all_team_data = ps_cursor.fetchall()
            ps_cursor.close()
            CloseDB(ps_connection)
            return ['success', all_team_data, 200]
    except Exception as e:
        print(e)
        return ['failed', 'cant not find team', 200]
Esempio n. 15
0
def EditTeam(team_name, company_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = (
                "  UPDATE  team SET  team_name = %s WHERE company_id = %s ")
            ps_cursor.execute(query, (
                team_name,
                company_id,
            ))
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)
            return 'success'
    except Exception as e:
        return 'error'
Esempio n. 16
0
def RemoveTeamMember(team_id, user_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = (
                "  delete from team_has_users where team_id = %s and user_id = %s "
            )
            ps_cursor.execute(query, (
                team_id,
                user_id,
            ))
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)
            return 'success'
    except Exception as e:
        return 'error'
Esempio n. 17
0
def InsertTeam(team_name, team_avatar, admin_id, company_id):
    dt = datetime.datetime.now(tz)
    team_uuid = str(uuid.uuid4())
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            query = (
                "  insert into team ( team_public_id , team_name , team_avatar ,team_is_active,created_on , admin_id , company_id ) values ( %s , %s , %s ,%s ,%s ,%s ,%s )"
            )
            ps_cursor.execute(query, (team_uuid, team_name, team_avatar, '1',
                                      dt, admin_id, company_id))
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)
            return 'success'
    except Exception as e:
        print(e)
        return 'error'
Esempio n. 18
0
def update_userdetails(params, user_public_id):
    try:
        column = ''
        for column_name in params.keys():
            column = str(column) + str(column_name + " = '" +
                                       params[column_name] + "' ,")
        sql_prepare = (column[0:(len(column)) - 1])
        user_id = findUserIdfromPublic_id(user_public_id)
        sql_builder = "UPDATE userdetails SET " + str(
            sql_prepare) + " WHERE user_id = %s "
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor()
            ps_cursor.execute(sql_builder, (user_id, ))
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)
            return ['success', 'Edited : ' + str(user_public_id), 200]
    except Exception as e:
        return ['success', 'failed ' + e.message, 500]
Esempio n. 19
0
def findteamMember_details(team_id):
    try:
        ps_connection = InitDB()
        if (ps_connection):
            ps_cursor = ps_connection.cursor(cursor_factory=RealDictCursor)
            query = (
                " select users.user_is_active , users.user_id,users.user_public_id , users.user_username , userdetails.userdetails_firstname "
                " ,userdetails.userdetails_lastname  ,userdetails.userdetails_lastname  ,userdetails.userdetails_employee_id  ,userdetails.userdetails_phone , userdetails.userdetails_email,userdetails.userdetails_position , userdetails.userdetails_avatar "
                " from team_has_users "
                " inner join users on users.user_id = team_has_users.user_id  "
                " left join userdetails on userdetails.user_id = users.user_id "
                " where team_id = %s ")
            ps_cursor.execute(query, (team_id, ))
            team_member = ps_cursor.fetchall()
            ps_cursor.close()
            CloseDB(ps_connection)
            return ['success', team_member, 200]
    except Exception as e:
        print(e)
        return ['failed', 'cant not find team', 200]
Esempio n. 20
0
def RegisterCompany_with_groupsystem(current_user):
    if request.content_type != 'application/json':
        return jsonify({"status": "failed", "message": "Invalid content-type. Must be application/json." }), 400
    try:
        params = request.get_json()
        company_name = params["company_name"]
        uuid_entry = str(uuid.uuid4()) 
        ps_connection  = InitDB()
        if(ps_connection):
            ps_cursor = ps_connection.cursor()
            query = ("  insert into company( company_name , company_public_id , company_is_active ,created_on ) values ( %s , %s , %s ,%s )" )
            ps_cursor.execute(query, (company_name, uuid_entry , '1', datetime.datetime.now() ) )
            ps_connection.commit()
            ps_cursor.close()
            CloseDB(ps_connection)      
            token = request.headers["Authorization"]
            access_token = token.split(" ")[1]
            status_code  = create_storage(access_token ,uuid_entry )    
            if int (status_code) == 201 :   
                return jsonify({"status" : 'success' , "company_public_id" : uuid_entry } ),201
    except (Exception, psycopg2.Error) as error:
        return jsonify({'status' : 'falied' , "message" :  error} ),500
Esempio n. 21
0
def register_token(token, member_public_id):
    try:

        ps_connection = InitDB()
        if (ps_connection):
            token = str(token)
            member_public_id = str(member_public_id)
            ps_cursor = ps_connection.cursor()
            query = (
                "INSERT INTO system_token(system_token , member_public_id , created_on)  VALUES (%s , %s , %s ) "
            )
            ps_cursor.execute(query, (
                token,
                member_public_id,
                dt,
            ))
            ps_cursor.close()
            ps_connection.commit()
            CloseDB(ps_connection)
            return 'success'
    except (Exception) as e:
        print(e)
        return e