def user_details(uid):
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
user = User.find_by_id(token.user)
if user is None:
return ru.http_unauthorized(message="Token is invalid")
return ru.http_success(
meta={
'uid': user.uid,
'first_name': user.first_name,
'last_name': user.last_name,
'email': user.email,
'role': role_values_reverse.get(user.role),
'status': status_values_reverse.get(user.status)
})
def user_details_update():
#TODO: separate to a validation class
if request.get_json() is None:
return ru.http_unsupported_media_type()
if request.get_json().get('email') is None:
return ru.http_bad_gateway(message="Email must not be empty")
if not vu.is_valid_email(request.get_json().get('email')):
return ru.http_bad_gateway(message="Email is invalid")
if request.get_json().get('first_name') is None:
return ru.http_bad_gateway(message="First name must not be empty")
if request.get_json().get('last_name') is None:
return ru.http_bad_gateway(message="Last name must not be empty")
if request.get_json().get('role') is None:
return ru.http_bad_gateway(message="Role must not be empty")
if request.get_json().get('role') not in role_values:
return ru.http_bad_gateway(message="Role value is not valid")
if request.headers.get('authorization') is None:
return ru.http_unauthorized()
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
if User.is_existing_email_for_update_by_id(
token.user,
request.get_json().get('email')):
return ru.http_conflict(message="Email is already existing")
user = User.find_by_id(token.user)
if user is None:
return ru.http_forbidden()
if not User.update_user_by_id(
user.id,
email=request.get_json().get('email'),
first_name=request.get_json().get('first_name'),
last_name=request.get_json().get('last_name'),
role=user.role):
ru.http_conflict(message="Failed to update the resource")
return ru.http_success(message="Successful updated")
def user_password_update_for_admin(uid):
#TODO: separate to a validation class
if request.get_json() is None:
return ru.http_unsupported_media_type()
#TODO: improve validation for password
if request.get_json().get('password') is None:
return ru.http_bad_gateway(message="Password must not be empty")
if len(request.get_json().get('password')) < 8:
return ru.http_bad_gateway(
message="Password must be a minimum of 8 characters")
if request.headers.get('authorization') is None:
return ru.http_unauthorized()
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
user = User.find_by_id(token.user)
if user is None:
return ru.http_forbidden()
if not user.is_admin:
return ru.http_forbidden()
if not User.update_user_password_by_uid(
uid, User.generate_password(request.get_json().get('password'))):
ru.http_conflict(message="Failed to update the resource")
return ru.http_success(message="Successful updated password")
def get_users_for_admin():
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
user = User.find_by_id(token.user)
if user is None:
return ru.http_forbidden()
if not user.is_admin:
return ru.http_forbidden()
#TODO: pagination
#request.args.get('offset'), request.args.get('limit')
all_users = User.get_all()
meta = []
if all_users is not None:
for row in all_users:
meta.append({
'uid': row.uid,
'first_name': row.first_name,
'last_name': row.last_name,
'email': row.email,
'role': role_values_reverse.get(row.role),
'status': status_values_reverse.get(row.status)
})
return ru.http_success(meta=meta)
def user_login():
#TODO: separate to a validation class
if request.get_json() is None:
return ru.http_unsupported_media_type()
if request.get_json().get('email') is None:
return ru.http_bad_gateway()
if not vu.is_valid_email(request.get_json().get('email')):
return ru.http_bad_gateway()
#TODO: improve validation for password
if request.get_json().get('password') is None:
return ru.http_bad_gateway()
if len(request.get_json().get('password')) < 8:
return ru.http_bad_gateway(
message="Password must be a minimum of 8 characters")
user = User.is_valid_user(request.get_json().get('email'),
request.get_json().get('password'))
if user is None:
return ru.http_unauthorized(message="Email and password is not valid")
token = UserToken.generate_token()
if UserToken.create_token(user=user.id, token=token):
ru.http_conflict(message="Failed to create a user token")
return ru.http_success(
meta={
'uid': user.uid,
'token': token,
'role': role_values_reverse.get(user.role),
'first_name': user.first_name,
'last_name': user.last_name
})
def get_users_by_roles(role):
if role is None:
ru.http_bad_gateway(message="Role is required")
if role not in role_values:
ru.http_bad_gateway(message="Role is invalid")
if request.headers.get('authorization') is None:
return ru.http_unauthorized()
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
user = User.find_by_id(token.user)
if user is None:
return ru.http_forbidden()
if user.is_admin:
meta = []
for row in User.find_by_role(role_values.get(role)):
meta.append({
"first_name": row.first_name,
"last_name": row.last_name,
"email": row.email,
"uid": row.uid
})
return ru.http_success(message="Successful fetching of data",
meta=meta)
if user.is_employee and role == 'manager':
meta = []
for row in User.find_by_role(role_values.get(role)):
meta.append({
"first_name": row.first_name,
"last_name": row.last_name,
"email": row.email,
"uid": row.uid
})
return ru.http_success(message="Successful fetching of data",
meta=meta)
if user.is_manager and role == 'finance_manager':
meta = []
for row in User.find_by_role(role_values.get(role)):
meta.append({
"first_name": row.first_name,
"last_name": row.last_name,
"email": row.email,
"uid": row.uid
})
return ru.http_success(message="Successful fetching of data",
meta=meta)
return ru.http_bad_gateway(message="Invalid role")
def get_travel_finance_record():
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
user = User.find_by_id(token.user)
if user is None:
return ru.http_forbidden()
if user.is_finance_manager:
travels = db.session.query(Travel).join(
TravelApproval, TravelApproval.travel == Travel.id).filter(
or_(TravelApproval.approver == user.id,
TravelApproval.sender == user.id)).all()
meta = []
if travels is not None:
for travel in travels:
query = db.session.query(TravelApproval, User).join(
User, TravelApproval.approver == User.id,
isouter=True).filter(travel.id == TravelApproval.travel)
sub = db.session.query(TravelApproval.status).filter(
TravelApproval.travel == travel.id).order_by(
desc(TravelApproval.id)).limit(1)
if status_values.get(request.args.get('status')) is not None:
query = query.filter(
TravelApproval.status == sub,
TravelApproval.status == status_values.get(
request.args.get('status')),
TravelApproval.status != 0)
else:
query = query.filter(TravelApproval.status == sub,
TravelApproval.status.in_([1, 2, 3]))
query = query.order_by(desc(TravelApproval.id)).limit(1)
for row in query.all():
o = User.find_by_id(travel.owner)
s = User.find_by_id(row[0].sender)
a = row[0]
u = row[1]
#t_ : for travel object
#ta_ : for travel approval object
#u_ : for user object
if a is not None:
meta.append({
't_id':
travel.id,
't_created':
travel.created,
't_modified':
travel.modified,
't_description':
travel.description,
't_start_date':
travel.start_date,
't_end_date':
travel.end_date,
't_mode':
travel.mode,
't_ticket_cost':
travel.ticket_cost,
't_home_airport_cost':
travel.home_airport_cab_cost,
't_destination_airport_cost':
travel.dest_airport_cab_cost,
't_hotel_cost':
travel.hotel_cost,
't_local_conveyance':
travel.local_conveyance,
'ta_status':
status_values_reverse.get(a.status),
'u_id':
u.uid,
'u_email':
u.email,
'u_first_name':
u.first_name,
'u_last_name':
u.last_name,
'u_role':
role_values_reverse.get(u.role),
'o_first_name':
o.first_name,
'o_last_name':
o.last_name,
's_id':
s.uid,
's_first_name':
s.first_name,
's_last_name':
s.last_name,
})
else:
meta.append({
't_id': travel.id,
't_created': travel.created,
't_modified': travel.modified,
't_description': None,
't_start_date': travel.start_date,
't_end_date': travel.end_date,
't_mode': travel.mode,
't_ticket_cost': travel.ticket_cost,
't_home_airport_cost':
travel.home_airport_cab_cost,
't_destination_airport_cost':
travel.dest_airport_cab_cost,
't_hotel_cost': travel.hotel_cost,
't_local_conveyance': travel.local_conveyance,
'ta_status': None,
'u_id': None,
'u_email': None,
'u_first_name': None,
'u_last_name': None,
'u_role': None,
'o_first_name': o.first_name,
'o_last_name': o.last_name,
's_id': s.uid,
's_first_name': s.first_name,
's_last_name': s.last_name,
})
return ru.http_success(message="successfully fetched", meta=meta)
else:
return ru.http_forbidden(
message='Role is not allowed to access this resource')
def submit_to_finance_manager_by_manager(id):
#TODO: separate to a validation class
if request.get_json() is None:
return ru.http_unsupported_media_type()
finance_manager_id = None
if 'approver' not in request.get_json():
return ru.http_bad_gateway(
message="Approver is required in the request")
else:
if request.get_json().get('approver') is None:
pass
else:
finance_manager = User.find_by_uid(
request.get_json().get('approver'))
if finance_manager is None:
return ru.http_bad_gateway(message="Invalid manager")
if not finance_manager.is_finance_manager:
return ru.http_bad_gateway(message="Invalid manager")
finance_manager_id = finance_manager.id
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
user = User.find_by_id(token.user)
if user is None:
return ru.http_forbidden()
if user.is_manager:
travel = db.session.query(Travel).join(
TravelApproval, TravelApproval.travel == Travel.id).filter(
TravelApproval.approver == user.id, TravelApproval.status == 2,
Travel.id == id).first()
if travel is None:
return ru.http_conflict(message="No travel available for update")
ta = db.session.query(TravelApproval).filter(
travel.id == TravelApproval.travel).order_by(
desc(TravelApproval.id)).limit(1).first()
if ta is None:
return ru.http_conflict(message="No data available for update")
#if not submitted
if ta.status != 2:
return ru.http_conflict(message="Data is not available for update")
if ta.approver != user.id:
return ru.http_conflict(
message="Data is not available for update of the user")
TravelApproval.create(status=1,
travel=travel.id,
sender=user.id,
approver=finance_manager_id)
return ru.http_success()
else:
return ru.http_forbidden(
message='Role is not allowed to access this resource')
def approve_record_by_manager(id):
#TODO: separate to a validation class
if request.get_json() is None:
return ru.http_unsupported_media_type()
if request.get_json().get('status') is None:
return ru.http_bad_gateway(message="Status is required")
if status_values.get(
request.get_json().get('status')) is None or status_values.get(
request.get_json().get('status')) not in (2, 3):
return ru.http_bad_gateway(message="Status is invalid")
auth = request.headers.get('authorization').split(' ')
if not vu.is_valid_bearer(auth):
return ru.http_unauthorized(message="Invalid Bearer Authentication")
token = UserToken.is_valid_token(auth[1])
if token is None:
return ru.http_unauthorized(message="Invalid token")
if token.is_blocked or token.is_expired:
return ru.http_forbidden()
user = User.find_by_id(token.user)
if user is None:
return ru.http_forbidden()
if user.is_manager:
travel = db.session.query(Travel).join(
TravelApproval, TravelApproval.travel == Travel.id).filter(
TravelApproval.approver == user.id, TravelApproval.status == 1,
Travel.id == id).first()
if travel is None:
return ru.http_conflict(message="No travel available for update")
ta = db.session.query(TravelApproval).filter(
travel.id == TravelApproval.travel).order_by(
desc(TravelApproval.id)).limit(1).first()
if ta is None:
return ru.http_conflict(message="No data available for update")
#if not submitted
if ta.status != 1:
return ru.http_conflict(message="Data is not available for update")
if ta.approver != user.id:
return ru.http_conflict(
message="Data is not available for update of the user")
ta.status = status_values.get(request.get_json().get('status'))
db.session.commit()
return ru.http_success()
else:
return ru.http_forbidden(
message='Role is not allowed to access this resource')