def get(self, **kwargs): # TODO: order_id should be changed to 'report_id' # TODO: report template for EAV table should be made job_id = request.args.get('job_id') user_id = kwargs.get('user_id') res = {} # user_id와 order_id(report_id)가 매칭되는지 비교 try: query = text("SELECT user_id FROM job WHERE id=:job_id") cursor = g.db.execute(query, job_id=job_id) row = dict(cursor.fetchone().items()) if not int(row['user_id']) is int(user_id): res['e_msg'] = bad_request('User, order id mismatched') # 매칭되면 report 데이터 불러오기 cursor = g.db.execute(text("SELECT big_json FROM report_json WHERE job_id=:job_id"), job_id=job_id) row = cursor.fetchone() if len(row) == 0: res['e_msg'] = not_found('Data not found') except: raise Exception res['e_msg'] = success() res['data'] = dict(row.items()) return res
def get(self, **kwargs): res = {} user_id = kwargs.get('user_id') print "user_id : %s" % user_id member_type = member_type_check(user_id) if member_type == 'vc': query = text( "SELECT firm_name, status, runway, avg_burn_mon, cash_remaining \ FROM overview inner join firm_info on overview.firm_id = firm_info.firm_id" ) res['data'] = g.db.execute(query).fetchall() if res is None or len(res['data']) <= 0: res['e_msg'] = not_found('Portfolio is not found') return res else: res['data'] = [dict(i.items()) for i in res['data']] res['e_msg'] = success() else: res['e_msg'] = bad_request('This page is only for VC') return res
def get(self): res = {} try: res['data'] = g.db.execute( text("SELECT * FROM service")).fetchall() except: raise Exception if res is None or len(res['data']) <= 0: res['e_msg'] = not_found('Service id not found') return res res['data'] = [dict(i.items()) for i in res['data']] res['e_msg'] = success() return res
def get(self, **kwargs): id = kwargs.get('user_id') res = {} try: user_name = g.db.execute( text(""" SELECT customer_user_cred FROM user WHERE id=:id"""), id=id).fetchone() except: raise Exception if user_name is not None: res['data'] = dict(name=user_name[0]) res['e_msg'] = success() return res res['e_msg'] = not_found('Id not exists') return res
def post(self, **kwargs): attr = request.form.get('attribute') to = request.form.get('to') u_id = kwargs.get('user_id') res = dict() try: if attr == 'pw': query = "INSERT INTO credential (user_id, cred_key, cred_value) " \ "VALUES (:user_id, :cred_key, :cred_value) " \ "ON DUPLICATE KEY UPDATE cred_key=:cred_key, cred_value=:cred_value;" g.db.execute(text(query), user_id=u_id, cred_key='local_pw', cred_value=generate_password_hash(to)) res['e_msg'] = success() else: res['e_msg'] = not_found('User not found') except: raise Exception return res
def post(self, **kwargs): id, credcol = kwargs.get('user_id'), request.form.get('credcol') res = {} try: credcols = g.db.execute(text("SELECT DISTINCT credcol FROM mand_credcol")).fetchall() credcols = [i[0] for i in credcols] if credcol is None or credcol not in credcols: res['e_msg'] = bad_request('Invalid Credcol') return res rowcounted = g.db.execute(text("""DELETE FROM credential WHERE user_id=:id and cred_key=:cred_key """), id=id, cred_key=credcol).rowcount if rowcounted > 0: res['e_msg'] = success() else: res['e_msg'] = not_found('Token not found') except: raise Exception() return res
def post(self): name = request.form.get('id') pw = request.form.get('pw') res = {} try: db_info = g.db.execute(text('''SELECT user.id, credential.cred_value FROM credential JOIN user ON user_id=id WHERE customer_user_cred=:name AND cred_key=:key'''), name=name, key="local_pw").fetchone() except: raise Exception if db_info is None: res['e_msg'] = not_found('User not found') else: db_user_id = db_info[0] db_pw = db_info[1] # If user matched, get refresh token if check_password_hash(db_pw, pw): query = "SELECT cred_value FROM credential WHERE cred_key='login_refresh_token' AND user_id=:id" refresh_token = g.db.execute(text(query), id=db_user_id).fetchone()[0] res['refresh_token'] = refresh_token # If scope verified, get access token if jwt_scope_verify(str(refresh_token), app.config['SECRET_KEY']): access_token = jwt_access_token(db_user_id, 31536000, app.config['SECRET_KEY'], 'master') res['access_token'] = access_token res['e_msg'] = success() else: res['e_msg'] = unauthorized('User id or password invalid, please try again') return res