def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
accept = False
for key in auth_k:
if key[0] == data['key']:
accept = str(key[1])
break
if accept:
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT master FROM librarians.user WHERE id=%s ORDER BY id ASC;", (accept, ))
resp = cur.fetchone()
if resp:
cur.execute("SELECT * FROM librarians.user;")
resp = cur.fetchall()
ret = {}
pub = open('pem/'+data['key']+'.pem', 'rb').read()
for user in range(len(resp)):
ret.update({user: [Sec.encrypt_(str(value), pub) for value in resp[user]]})
return ret, 200
else:
return {'status': 'brak autoryzacji'}, 401
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
try:
pass_ = sha512(data['pass_'].encode()).hexdigest()
cur.execute(
"SELECT * FROM librarians.user WHERE email=%s AND haslo=%s;",
(data['login'].lower(), pass_))
resp = cur.fetchone()
if resp:
d = date.today() - resp[6]
print(d.days)
if d.days >= 30:
d = '1'
else:
d = '0'
cache = ''.join(
random.sample('qwertyuiopasdfghjklzxcvbnm123456789', 32))
auth_k.append((cache, resp[0]))
open('pem/' + cache + '.pem', 'wb').write(data['publicKey'])
return {
'auth': Sec.encrypt_(cache, Sec.get_public()),
'master': Sec.encrypt_(str(resp[5]), data['publicKey']),
'data': Sec.encrypt_(d, data['publicKey'])
}, 200
else:
return {'status': 'zle dane'}, 406
except:
return {'status': 'blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
accept = False
for key in auth_k:
if key[0] == data['key']:
accept = str(key[1])
break
if accept:
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute(
"SELECT master FROM librarians.user WHERE id=%s ORDER BY id ASC;",
(accept, ))
resp = cur.fetchone()
if resp:
cur.execute("DELETE FROM librarians.user WHERE id=%s;",
(data['arg1'], ))
return {'status': 'usunieto'}, 200
else:
return {'status': 'brak autoryzacji'}, 401
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT * FROM librarians.books ORDER BY id_b ASC;")
resp = cur.fetchall()
if resp:
ret = {}
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
for reader in range(len(resp)):
ret.update({
reader + 1: [
Sec.encrypt_(str(value), pub)
for value in resp[reader]
]
})
return ret, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
user_id = str([x[1] for x in auth_k if x[0] == data['key']][0])
if not user_id:
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute(
"SELECT imie, nazwisko, email, master FROM librarians.user WHERE id=%s;",
(user_id, ))
resp = cur.fetchone()
if resp:
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
return {
'data': [Sec.encrypt_(str(value), pub) for value in resp]
}, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
name = data['arg1'].split('/')
cur.execute(
"SELECT * FROM librarians.user WHERE imie=%s AND nazwisko=%s AND email=%s;",
(name[0], name[1], data['arg2']))
resp = cur.fetchall()
if resp:
return {'status': 'istnieje'}, 507
else:
if data['arg3'] == 'True': data['arg3'] = '1'
else: data['arg3'] = '0'
d = date.today()
password = ''.join(
random.sample('qwertyuiopasdfghjklzxcvbnm1234567890', 8))
cur.execute(
"INSERT INTO librarians.user VALUES (default, %s, %s, %s, %s, %s, %s);",
(name[0], name[1], data['arg2'],
sha512(password.encode('UTF-8')).hexdigest(),
data['arg3'], d.isoformat()))
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
return {
'status': 'dodano',
'data': Sec.encrypt_(password, pub)
}, 201
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
accept = False
for key in auth_k:
if key[0] == data['key']:
accept = str(key[1])
break
if accept:
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT master FROM librarians.user WHERE id=%s ORDER BY id ASC;", (accept, ))
resp = cur.fetchone()
if resp:
if data['arg3'] == 'True': data['arg3'] = '1'
else: data['arg3'] = '0'
cur.execute("""UPDATE librarians.user
SET imie=%s, nazwisko=%s, email=%s, master=%s
WHERE id=%s;""", (data['arg1'], data['arg2'], data['login'], data['arg3'], data['name_id']))
return {'status': 'zmieniono'}, 200
else:
return {'status': 'brak autoryzacji'}, 401
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
user_id = str([x[1] for x in auth_k if x[0] == data['key']][0])
if not user_id:
return {'status': 'brak autoryzacji'}, 401
try:
pass_old = sha512(data['arg1'].encode()).hexdigest()
cur.execute("SELECT haslo FROM librarians.user WHERE id=%s;",
(user_id, ))
resp = cur.fetchone()
if resp[0] == pass_old:
pass_new = sha512(data['pass_'].encode()).hexdigest()
data = date.today()
cur.execute(
"UPDATE librarians.user SET haslo=%s, last=%s WHERE id=%s;",
(pass_new, data.isoformat(), user_id))
return {'status': 'zmieniono'}, 200
else:
return {'status': 'rozne'}, 409
except:
return {'status': 'blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("""
SELECT bor.rented, re.name, bo.title, bor.give_back, bor.id_br
FROM librarians.borrows AS bor, librarians.books AS bo, librarians.readers AS re
WHERE bor.name_id=re.id_r AND bor.book_id=bo.id_b
ORDER BY bor.id_br ASC;
""")
resp = cur.fetchall()
if resp:
ret = {}
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
for borrow in range(len(resp)):
cache = (resp[borrow][0].isoformat(), resp[borrow][1],
resp[borrow][2], resp[borrow][3], resp[borrow][4])
ret.update({
borrow:
[Sec.encrypt_(str(value), pub) for value in cache]
})
return ret, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute(
"""UPDATE librarians.readers
SET name=%s, addres=%s
WHERE id_r=%s;""",
(data['arg1'], data['arg2'], data['name_id']))
return {'status': 'zmieniono'}, 200
except Exception:
return {'status': 'wystapil blad'}, 5000
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
if data['arg2'] == 'True':
cur.execute(
"UPDATE librarians.comments SET accept='1' WHERE id_comment=%s;",
(data['arg1'], ))
return {'status': 'zaakceptowano'}, 200
else:
cur.execute(
"DELETE FROM librarians.comments WHERE id_comment=%s;",
(data['arg1'], ))
return {'status': 'usunieto'}, 200
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT * FROM librarians.readers WHERE id_r=%s;",
(data['arg1'], ))
resp = cur.fetchone()
if resp:
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
return {
'data': [Sec.encrypt_(str(value), pub) for value in resp]
}, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT * FROM librarians.readers WHERE name=%s AND addres=%s;", (data['arg1'], data['arg2']))
resp = cur.fetchall()
if resp:
return {'status': 'istnieje'}, 507
else:
password = ''.join(random.sample('qwertyuiopasdfghjklzxcvbnm1234567890', 8))
cur.execute("INSERT INTO librarians.readers VALUES (default ,%s, %s, 'null', %s, 'false', %s);",
(data['arg1'], data['arg2'], sha512(password.encode('UTF-8')).hexdigest(), data['login']))
pub = open('pem/'+data['key']+'.pem', 'rb').read()
return {'status': 'dodano', 'login': Sec.encrypt_(data['arg1'], pub),
'haslo': Sec.encrypt_(password, pub)}, 201
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT * FROM librarians.borrows WHERE id_br=%s AND give_back='1';", (data['arg1'], ))
resp = cur.fetchone()
if resp:
return {'status': 'istnieje'}, 507
else:
cur.execute("""
UPDATE librarians.books SET count=count+1
WHERE id_b=(SELECT book_id FROM librarians.borrows WHERE id_br=%s AND give_back='0');
UPDATE librarians.borrows SET return=%s, give_back='1' WHERE id_br=%s;
""", (data['arg1'], datetime.datetime.now().strftime("%Y-%m-%d"), data['arg1']))
return {'status': 'dodano'}, 201
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
if 'cover' in request.files and check_ext(request.files['cover']):
f = request.files['cover']
cover = secure_filename(data['arg1'])
f.save(
os.path.join('sort_api/image/' + cover + '.' +
f.filename.split('.')[1]))
cur.execute(
"SELECT * FROM librarians.books WHERE title=%s AND author=%s;",
(data['arg1'], data['arg2']))
resp = cur.fetchone()
if resp:
cur.execute(
"UPDATE librarians.books SET count=%s WHERE id_b=%s;",
(int(data['arg3']) + resp[3], resp[0]))
return {'status': 'istnieje/dodano'}, 507
else:
cur.execute(
"""INSERT INTO librarians.books
VALUES (default, %s, %s, %s);""",
(data['arg1'], data['arg2'], data['arg3']))
return {'status': 'dodano'}, 201
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
if 'cover' in request.files and check_ext(request.files['cover']):
f = request.files['cover']
cover = secure_filename(data['arg1'])
f.save(
os.path.join('sort_api/image/'+cover+'.'+f.filename.split('.')[1])
)
cur.execute("""UPDATE librarians.books
SET title=%s, author=%s, count=%s
WHERE id_b=%s;""", (data['arg1'], data['arg2'], data['arg3'], data['book_id']))
return {'status': 'zmieniono'}, 200
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute(
"SELECT give_back FROM librarians.borrows WHERE name_id=%s AND book_id=%s AND give_back='0';",
(data['name_id'], data['book_id']))
resp = cur.fetchall()
if resp:
return {'status': 'istnieje'}, 507
else:
cur.execute(
"""
INSERT INTO librarians.borrows VALUES (default, %s, %s, %s, %s, '0');
UPDATE librarians.books SET count=count-1 WHERE id_b=%s;
""", (data['arg1'], data['arg2'], data['name_id'],
data['book_id'], data['book_id']))
return {'status': 'dodano'}, 201
except Exception:
return {'status': 'wystapil blad'}, 500
