def team(): admin = Worker.is_admin(current_user.id, g.current_invest.id) team = Worker.get_team(investment_id=g.current_invest.id) return render_template("team/team.html", title="Team", team=team, admin=admin)
def add_worker() -> str: if not Worker.is_admin(current_user.id, g.current_invest.id): return redirect(url_for("team.team")) form = CreateWorkerForm() if form.validate_on_submit(): if Worker.belongs_to_investment(form.email.data, g.current_invest.id): flash("This user is already added to workers.") return redirect(url_for("team.team")) user = User.query.filter_by(email=form.email.data).first() if not user: user = User( username=form.email.data, email=form.email.data, password=uuid.uuid4().hex, ) db.session.add(user) db.session.commit() user = User.query.filter_by(email=form.email.data).first() email.send_complete_registration_mail(user) worker = Worker( position=form.position.data, admin=form.admin.data, user_id=user.id, ) g.current_invest.workers.append(worker) db.session.commit() flash("You have added new worker successfully.") return redirect(url_for("team.team")) return render_template("team/form.html", title="Add Worker", form=form)
def test_post_when_user_is_lonely_admin(app_and_db, client, test_with_authenticated_user, inactive_user): db = app_and_db[1] investment = Investment(name="Test Invest") user1 = User.query.filter_by(username="******").first() user2 = User.query.filter_by(username="******").first() worker1 = Worker(position="pos1", admin=True, user_id=user1.id) worker2 = Worker(position="pos2", admin=False, user_id=user2.id) investment.workers.append(worker1) investment.workers.append(worker2) db.session.add(investment) db.session.commit() response = client.post( url_for("auth.delete_account", username="******"), data={"yes": True}, follow_redirects=True, ) assert response.status_code == 200 assert User.query.filter_by(username="******").first() assert Worker.query.filter_by(user_id=user1.id).first() assert Worker.query.filter_by(user_id=user2.id).first() assert ( b"This accounts is only admin in projects: ['Test Invest']." b" Give root permission to other user and try again" in response.data)
def test_get_workers(app_and_db): db = app_and_db[1] user1 = User(username="******", email="*****@*****.**", password="******") user2 = User(username="******", email="*****@*****.**", password="******") db.session.add(user1) db.session.add(user2) db.session.add(Investment(name="test invest 1")) db.session.add(Investment(name="test invest 2")) db.session.add(Investment(name="test invest 3")) db.session.commit() user1 = User.get_user(1) invest1 = Investment.query.filter_by(id=1).first() invest1.workers.append(Worker(position="pos1", user_id=user1.id)) invest2 = Investment.query.filter_by(id=2).first() invest2.workers.append(Worker(position="pos2", user_id=user1.id)) user2 = User.get_user(2) invest3 = Investment.query.filter_by(id=3).first() invest3.workers.append(Worker(position="pos3", user_id=user2.id)) db.session.commit() worker1 = Worker.query.filter_by(position="pos1").first() worker2 = Worker.query.filter_by(position="pos2").first() assert User.get_workers(user_id=1) == [worker1, worker2]
def test_get_num_of_admins(app_and_db): db = app_and_db[1] for i in range(1, 4): user = User( username="******".format(i), email="user_{}@mail.com".format(i), password="******", ) user.is_active = True db.session.add(user) investment = Investment(name="test invest") db.session.add(investment) db.session.commit() user1 = User.get_user(1) user2 = User.get_user(2) user3 = User.get_user(3) invest = Investment.query.filter_by(id=1).first() worker1 = Worker(position="pos1", admin=True, user_id=user1.id) worker2 = Worker(position="pos2", admin=False, user_id=user2.id) worker3 = Worker(position="pos3", admin=True, user_id=user3.id) invest.workers.append(worker1) invest.workers.append(worker2) invest.workers.append(worker3) db.session.commit() assert Investment.get_num_of_admins(investment_id=1) == 2
def test_post_when_delete(app_and_db, client, test_with_authenticated_user, inactive_user): db = app_and_db[1] investment1 = Investment(name="Test Invest 1") user1 = User.query.filter_by(username="******").first() user2 = User.query.filter_by(username="******").first() worker1 = Worker(position="pos1", admin=True, user_id=user1.id) worker2 = Worker(position="pos2", admin=True, user_id=user2.id) investment1.workers.append(worker1) investment1.workers.append(worker2) investment2 = Investment(name="Test Invest 2") worker = Worker(position="pos1", admin=True, user_id=user1.id) investment2.workers.append(worker) db.session.add(investment1) db.session.add(investment2) db.session.commit() response = client.post( url_for("auth.delete_account", username="******"), data={"yes": True}, follow_redirects=True, ) assert response.status_code == 200 assert not User.query.filter_by(username="******").first() assert not Worker.query.filter_by(user_id=user1.id).first() assert Worker.query.filter_by(user_id=user2.id).first() assert Investment.query.filter_by(name="Test Invest 1").first() assert not Investment.query.filter_by(name="Test Invest 2").first() assert b"The account has been deleted." in response.data
def add_task(): orderer = Worker.get_by_username(g.current_invest.id, current_user.username) if not orderer.id: flash("Choose investment first.") return redirect(url_for("tasks.tasks")) form = TaskForm() if form.validate_on_submit(): executor = Worker.get_by_username(g.current_invest.id, form.executor_name.data) db.session.add( Task( description=form.description.data, deadline=form.deadline.data, priority=form.priority.data, orderer=orderer, executor=executor, progress=0, investment_id=g.current_invest.id, ) ) db.session.commit() flash("You have created the task successfully.") notification = create_notification( worker_id=executor.id, n_type="task", description=f"You have a new task: '{form.description.data}' from {orderer.users.username}", ) add_notification(r, notification) return redirect(url_for("tasks.tasks")) return render_template("tasks/form.html", title="Add Task", form=form)
def deputed_tasks(): # TODO wrap queries in functions tasks_in_progress = ( Worker.get_by_username( invest_id=g.current_invest.id, username=current_user.username ) .deputed_tasks.filter(Task.progress != 100) .order_by(Task.deadline) .order_by(Task.priority.desc()) .all() ) realized_tasks = ( Worker.get_by_username( invest_id=g.current_invest.id, username=current_user.username ) .deputed_tasks.filter(Task.progress == 100) .order_by(Task.deadline) .order_by(Task.priority.desc()) .all() ) admin = Worker.is_admin(user_id=current_user.id, investment_id=g.current_invest.id) next_page = url_for("tasks.deputed_tasks") return render_template( "tasks/tasks.html", title="Deputed Tasks", tasks_in_progress=tasks_in_progress, realized_tasks=realized_tasks, admin=admin, next_page=next_page, )
def test_is_admin(app_and_db, active_user): db = app_and_db[1] db.session.add(Investment(name="test invest 1")) db.session.add(Investment(name="test invest 2")) db.session.add( Worker(position="pos1", admin=True, user_id=1, investment_id=1)) db.session.add( Worker(position="pos2", admin=False, user_id=1, investment_id=2)) db.session.commit() assert Worker.is_admin(user_id=1, investment_id=1) assert not Worker.is_admin(user_id=1, investment_id=2)
def test_belongs_to_investment(app_and_db, active_user): db = app_and_db[1] investment = Investment(name="test invest") worker = Worker(position="pos1", user_id=1) investment.workers.append(worker) db.session.add(investment) db.session.commit() assert Worker.belongs_to_investment(email="*****@*****.**", investment_id=1) assert not Worker.belongs_to_investment(email="*****@*****.**", investment_id=1)
def test_get_investment(app_and_db, active_user): db = app_and_db[1] user = User.get_user(1) db.session.add(Investment(name="test invest 1")) db.session.add(Investment(name="test invest 2")) db.session.commit() invest1 = Investment.query.filter_by(id=1).first() invest1.workers.append(Worker(user_id=user.id)) invest2 = Investment.query.filter_by(id=2).first() invest2.workers.append(Worker(user_id=user.id)) db.session.commit() assert User.get_investments(user_id=1) == [invest1, invest2]
def add_investment(app_and_db, active_user, unlogged_user): db = app_and_db[1] user1 = User.query.filter_by(username="******").first() user2 = User.query.filter_by(username="******").first() investment = Investment(name="Test Invest", description="test text") worker1 = Worker(position="admin", admin=True, user_id=user1.id) worker2 = Worker(position="second worker", admin=False, user_id=user2.id) investment.workers.append(worker1) investment.workers.append(worker2) db.session.add(investment) db.session.commit() # setting current_invest investment = Investment.query.filter_by(name="Test Invest").first() user1.current_invest_id = investment.id db.session.commit()
def get(self, id=None): if id: worker = self.get_worker(id) return jsonify(worker) if worker else { 'status': 'Worker not found' } return jsonify(Worker.objects().exclude('id'))
def info(_id: int) -> str: admin = Worker.is_admin(user_id=current_user.id, investment_id=_id) investment = Investment.query.filter_by(id=_id).first() return render_template("investments/info.html", title="Investment", investment=investment, admin=admin)
def register_worker(): data = request.get_json(force=True) if Worker.query.filter_by(hostname=data['hostname']).first(): return error_response(409, 'Worker already registered.') worker = Worker() worker.from_dict(data) db.session.add(worker) db.session.commit() response = jsonify(worker.to_dict()) response.status_code = 201 return response
def edit_task(): _id = request.args.get("_id") next_page = request.args.get("next_page") if not next_page: next_page = url_for("tasks.tasks") task = Task.query.get(int(_id)) if task: form = TaskForm() if form.validate_on_submit(): task.description = form.description.data task.deadline = form.deadline.data task.priority = form.priority.data if form.executor_name != task.executor.users.username: task.executor = Worker.get_by_username( invest_id=g.current_invest.id, username=form.executor_name.data ) db.session.commit() flash("You have edited the task successfully.") return redirect(next_page) elif request.method == "GET": form.description.data = task.description form.deadline.data = task.deadline form.priority.data = task.priority form.executor_name.data = task.executor.users.username return render_template("tasks/form.html", title="Edit Task", form=form) return redirect(next_page)
def change_root_permission(): _id = request.args.get("_id") if Worker.is_admin(current_user.id, g.current_invest.id): worker = Worker.query.filter_by(id=_id).first() if worker: num_of_admins = Investment.get_num_of_admins(g.current_invest.id) if num_of_admins < 2: if worker.admin: flash("You can not delete last admin!") return redirect(url_for("team.team")) form = WarrantyForm() if form.validate_on_submit(): if form.yes.data: if worker.admin: worker.admin = False else: worker.admin = True db.session.commit() flash( "You have changed worker's root permission successfully." ) return redirect(url_for("team.team")) return render_template("warranty_form.html", title="Change Root Permission", form=form) return redirect(url_for("team.team"))
def post(self): if request.is_json: email = request.json['email'] fname = request.json['fname'] lname = request.json['lname'] dob = request.json['dob'] identity = request.json['identity'] phone = request.json['phone'] worker = Worker(email=email, first_name=fname, last_name=lname, dob=dob, identification=identity, phone=phone, availibility=True) worker.save() return jsonify(worker) return {'status': 'invalid request'}
def test_get_by_user_id(app_and_db, active_user): db = app_and_db[1] investment = Investment(name="test") user = User.query.filter_by(username="******").first() worker = Worker(position="test worker", user_id=user.id) investment.workers.append(worker) db.session.add(investment) db.session.commit() assert Investment.get_by_user_id(user_id=1)
def test_check_admins(app_and_db): db = app_and_db[1] for i in range(1, 5): user = User( username="******".format(i), email="user_{}@mail.com".format(i), password="******", ) user.is_active = True db.session.add(user) investment = Investment(name="test invest {}".format(i)) db.session.add(investment) db.session.commit() user1 = Investment.query.filter_by(id=1).first() user2 = Investment.query.filter_by(id=2).first() user3 = Investment.query.filter_by(id=3).first() # one user -> not add to list invest1 = Investment.query.filter_by(id=1).first() worker1 = Worker(position="pos1", admin=True, user_id=user1.id) invest1.workers.append(worker1) # two users, one admin, user1 is admin -> add to list invest2 = Investment.query.filter_by(id=2).first() worker1 = Worker(position="pos1", admin=True, user_id=user1.id) worker2 = Worker(position="pos2", admin=False, user_id=user2.id) invest2.workers.append(worker1) invest2.workers.append(worker2) # two users, user1 is not admin -> not add to list invest3 = Investment.query.filter_by(id=3).first() worker1 = Worker(position="pos1", admin=False, user_id=user1.id) worker2 = Worker(position="pos2", admin=True, user_id=user2.id) invest3.workers.append(worker1) invest3.workers.append(worker2) # three user, two admin, user1 is admin -> not add to list invest4 = Investment.query.filter_by(id=4).first() worker1 = Worker(position="pos1", admin=True, user_id=user1.id) worker2 = Worker(position="pos2", admin=False, user_id=user2.id) worker3 = Worker(position="pos3", admin=True, user_id=user3.id) invest4.workers.append(worker1) invest4.workers.append(worker2) invest4.workers.append(worker3) db.session.commit() user = User.query.filter_by(username="******").first() assert User.check_admins(user_id=user.id)[0] == [invest2] assert User.check_admins(user_id=user.id)[1] == [invest1]
def test_create_worker(self): w = Worker(id='30132180123', name='hss', email='*****@*****.**', address='tju', password='******') db.session.add(w) db.session.commit() # test the password assert w.verify_password('123') assert not w.verify_password('1234') # test the token token = w.generate_auth_token(expiration=1000) ver_w = w.verify_auth_token(token) assert ver_w != Worker.query.get('30132180xx') assert ver_w == Worker.query.get('30132180123') db.session.add(w) db.session.commit() d = WorkerDegree(worker_id=w.id, department_id=1) db.session.add(d) db.session.commit()
def workers(): form = AddWorkerForm() if form.validate_on_submit(): worker = Worker(first_name=form.first_name.data, middle_name=form.middle_name.data, second_name=form.second_name.data, email=form.email.data, company_id=current_user.id) db.session.add(worker) db.session.commit() if not os.path.exists('{}/workers/{}'.format(current_user.uploads_path, worker.id)): os.mkdir('{}/workers/{}'.format(current_user.uploads_path, worker.id)) worker.uploads_path = os.path.join( current_user.uploads_path, 'workers', str(worker.id)) db.session.commit() flash('Новый сотрудник добавлен') return redirect(url_for('main.workers')) if current_user.role == 'company': company = Company.query.get(current_user.id) workers = Worker.query.filter_by(company_id=current_user.id).all() elif current_user.role == 'doctor': doctor = Doctor.query.get(current_user.id) company = Company.query.get(doctor.company_id) workers = Worker.query.filter_by(company_id=doctor.company_id).all() return render_template('workers.html', title='Работники', form=form, company=company, workers=workers)
def test_post(client, test_with_authenticated_user): user = User.query.filter_by(username="******").first() form = InvestmentForm(name="New Invest", description="test text") response = client.post(url_for("investments.create"), data=form.data, follow_redirects=True) assert response.status_code == 200 assert b"You have created new investment successfully." in response.data investment = Investment.query.filter_by(name="New Invest").first() workers = Worker.get_team(investment.id) assert investment.description == "test text" assert investment.workers.all() == workers assert workers[0].user_id == user.id
def test_get_current_invest(app_and_db, active_user): db = app_and_db[1] investment = Investment(name="Test Investment") user = User.query.filter_by(username="******").first() user.current_invest_id = 1 worker = Worker(position="test position", user_id=user.id) investment.workers.append(worker) db.session.add(investment) db.session.commit() user = User.query.filter_by(username="******").first() current_invest = user.get_current_invest() print(type(current_invest)) assert current_invest.name == "Test Investment"
def delete() -> str: _id = request.args.get("_id") if not Worker.is_admin(user_id=current_user.id, investment_id=_id): return redirect(url_for("investments.info", _id=_id)) form = WarrantyForm() if form.validate_on_submit(): if form.no.data: return redirect(url_for("investments.info", _id=_id)) if form.yes.data: Investment.query.filter_by(id=_id).delete() db.session.commit() flash("Investment has been deleted.") return redirect(url_for("investments.invest_list")) return render_template("warranty_form.html", title="Delete Investment", form=form)
def tasks(): new_tasks = g.current_worker.get_new_tasks() if g.current_worker.id: g.current_worker.update_last_activity("last_time_tasks_displayed") tasks_in_progress = Task.get_in_progress(invest_id=g.current_invest.id) realized_tasks = Task.get_realized(invest_id=g.current_invest.id) admin = Worker.is_admin(user_id=current_user.id, investment_id=g.current_invest.id) next_page = url_for("tasks.tasks") return render_template( "tasks/tasks.html", title="Tasks", new_tasks=new_tasks, tasks_in_progress=tasks_in_progress, realized_tasks=realized_tasks, admin=admin, next_page=next_page, )
def add_worker(): if request.method == 'POST': worker_name = request.form['worker_name'] worker_address = request.form['worker_address'] worker_contact = request.form['worker_contact'] worker = Worker(worker_name=worker_name, worker_address=worker_address, worker_contact=worker_contact, admin=current_user) db.session.add(worker) db.session.commit() flash('{} is successfully added'.format(worker_name)) return redirect(url_for('worker_detials')) return render_template('administrator/worker.html', title='Worker', worker=None)
def test_investment(app_and_db, active_user): db = app_and_db[1] investment = Investment(name="Test Investment") user = User.query.filter_by(username="******").first() worker = Worker(position="test position", user_id=user.id) investment.workers.append(worker) db.session.add(investment) db.session.commit() user = User.query.filter_by(username="******").first() worker = Worker.query.filter_by(position="test position").first() investment = Investment.query.filter_by(name="Test Investment").first() assert user.workers.first() == worker assert investment.workers.first() == worker assert worker.user_id == user.id assert worker.investment_id == investment.id
def delete_worker() -> str: _id = request.args.get("_id") if not Worker.is_admin(current_user.id, g.current_invest.id): return redirect(url_for("team.team")) form = WarrantyForm() if form.validate_on_submit(): if form.yes.data: worker = Worker.query.filter_by(id=_id).first() if worker: if worker.user_id != current_user.id: db.session.delete(worker) db.session.commit() flash("You have been deleted worker successfully.") else: flash("You can not delete yourself!") return redirect(url_for("team.team")) return render_template("warranty_form.html", title="Delete Worker", form=form)
def edit_worker() -> str: _id = request.args.get("_id") if not Worker.is_admin(current_user.id, g.current_invest.id): return redirect(url_for("team.team")) worker = Worker.query.filter_by(id=_id).first() if worker: form = EditWorkerForm() if form.validate_on_submit(): worker.position = form.position.data db.session.commit() flash( "You have edited the information about the worker successfully." ) return redirect(url_for("team.team")) elif request.method == "GET": form.position.data = worker.position return render_template("team/form.html", title="Edit Worker", form=form) return redirect(url_for("teat.team"))