def __func(): status = data['status'] if status == 'pause': current_app.running_context.executor.pause_workflow(execution_id, user=get_jwt_claims().get('username', None)) elif status == 'resume': current_app.running_context.executor.resume_workflow(execution_id, user=get_jwt_claims().get('username', None)) elif status == 'abort': current_app.running_context.executor.abort_workflow(execution_id, user=get_jwt_claims().get('username', None)) return None, NO_CONTENT
def __func(workflow): if not workflow.is_valid: return Problem(INVALID_INPUT_ERROR, 'Cannot execute workflow', 'Workflow is invalid') args = data['arguments'] if 'arguments' in data else None start = data['start'] if 'start' in data else None env_vars = data['environment_variables'] if 'environment_variables' in data else None env_var_objs = [] if env_vars: env_var_objs = [EnvironmentVariable(**env_var) for env_var in env_vars] arguments = [] if args: errors = [] arguments = [Argument(**arg) for arg in args] for argument in arguments: if argument.errors: errors.append('Errors in argument {}: {}'.format(argument.name, argument.errors)) if errors: current_app.logger.error('Could not execute workflow. Invalid Argument construction') return Problem( INVALID_INPUT_ERROR, 'Cannot execute workflow.', 'Some arguments are invalid. Reason: {}'.format(errors)) execution_id = current_app.running_context.executor.execute_workflow(workflow_id, start=start, start_arguments=arguments, environment_variables=env_var_objs, user=get_jwt_claims().get('username', None)) current_app.logger.info('Executed workflow {0}'.format(workflow_id)) return {'id': execution_id}, SUCCESS_ASYNC
def user_has_correct_roles(accepted_roles, all_required=False): if not accepted_roles: return False user_roles = set(get_jwt_claims().get('roles', [])) if all_required: return not accepted_roles - user_roles else: return any(role in accepted_roles for role in user_roles)
def delete(self, name): claims = get_jwt_claims() if not claims['is_admin']: return {'message': 'Admin privilege required.'}, 401 item = ItemModel.find_by_name(name) if item: item.delete_from_db() return {'message': 'Item deleted.'} return {'message': 'Item not found.'}, 404
def signal_recording(): claims = get_jwt_claims() params = request.get_json(silent=True) if request.method == 'POST': return send_to_doctor(params, claims, mongo)
def audit(apply_id): claims = get_jwt_claims() auditor_id = claims['id'] apply_record = DeviceApplyRecord.query.filter_by(id=apply_id).first() device = Device.query.filter_by(id=apply_record.device_id).first() # 审批“申请中”、“归还中” if apply_record and apply_record.status in [1, 4] and device: auditor_is_admin = False audit_or_not = False result = redis_client.hget("user_{user_id}".format(user_id=auditor_id), "roles") if result: roles = json.loads(result.decode('utf-8')) if "admin" in roles: auditor_is_admin = True # admin角色可以审批所有申请、归还记录 if auditor_is_admin: audit_or_not = True else: # 非admin角色只能处理owner是自己的申请、归还记录。 if device.owner_id == auditor_id: audit_or_not = True if audit_or_not: # 审批申请 if apply_record.status == 1: apply_record.apply_audit_reason = request.json.get("reason") apply_record.apply_auditor_id = auditor_id if request.json.get("approval") == 1: apply_record.status = 2 device.current_user_id = apply_record.applicant_id # 若借用出去,且current_user!=owner,状态变成借用中。 if device.current_user_id != device.owner_id: device.status = 2 details = "通过{applicant}的申请".format( applicant=apply_record.applicant.realname) else: apply_record.status = 3 details = "拒绝{applicant}的申请".format( applicant=apply_record.applicant.realname) # 审批归还 else: apply_record.return_audit_reason = request.json.get("reason") apply_record.return_auditor_id = auditor_id if request.json.get("approval") == 1: apply_record.status = 5 device.current_user_id = None details = "通过{applicant}的归还".format( applicant=apply_record.applicant.realname) else: apply_record.status = 6 details = "拒绝{applicant}的归还".format( applicant=apply_record.applicant.realname) try: db.session.add(apply_record) db.session.add(device) db.session.commit() device_log = DeviceLog(device_id=device.id, operator_id=claims['id'], details=details) db.session.add(device_log) db.session.commit() return generate_response() except Exception as e: current_app.logger.error(str(e)) db.session.rollback() return generate_response(code_msg=Code.APPLY_DEVICE_AUDIT_FAILED)
def get_container_list(): claims = get_jwt_claims() if request.method == 'GET': """ ?branch=SAMPIT & document_level=1 (lvl 1 s/d 9) & agent=MERATUS & page=1 & search="" """ branch = request.args.get("branch") document_level = request.args.get("document_level") agent = request.args.get("agent") search = request.args.get("search") # PAGGING page_number = 1 page = request.args.get("page") LIMIT = 30 if page: page_number = int(page) # find database find = {} if branch: find["branch"] = branch if document_level: # Jika dokumen lvl dimasukkan 0 maka untuk memunculkan doc lvl selain 5 if document_level == "0": # NOT EQUAL 9 karena 9 Dokumen Finish find["document_level"] = {'$ne': 9} else: find["document_level"] = int(document_level) if agent: find["agent"] = agent if search: find["container_number"] = {'$regex': f'.*{search}.*'} container_coll = mongo.db.container_info.find(find).skip( (page_number - 1) * LIMIT).limit(LIMIT).sort("_id", -1) container_list = [] for container in container_coll: container_list.append(container) return {"containers": container_list}, 200 if request.method == 'POST': if not claims["isTally"]: return { "message": "user tidak memiliki hak akses untuk menambahkan data" }, 403 schema = ContainerInitSchema() try: data = schema.load(request.get_json()) except ValidationError as err: return err.messages, 400 activity_list = ["RECEIVING-MUAT", "BONGKAR-DELIVERY"] if data["activity"].upper() not in activity_list: return { "message": "activity harus diantara RECEIVING-MUAT atau BONGKAR-DELIVERY" }, 400 data_insert = { "container_number": data["container_number"].upper(), "voyage": data["voyage"].upper(), "size": data["size"], "tipe": data["tipe"].upper(), "full_or_empty": data["full_or_empty"].upper(), # "RECEIVING-MUAT , BONGKAR-DELIVERY" "activity": data["activity"].upper(), "created_at": data["created_at"], "branch": data["branch"].upper(), # post client dari collection vessel "vessel_id": data["vessel_id"], "vessel": data["vessel"], # PENTING DIGUNAKAN UNTUK MEMUNCULKAN DI AGENT "agent": data["agent"].upper(), # from data vessel "int_dom": data["int_dom"].upper(), # AUTO "creator_username": get_jwt_identity(), "creator_name": claims["name"], "updated_at": datetime.now(), "document_level": 1, "dammaged": False, "checkpoint": { "one": "", "two": "", "three": "", "four": "" }, "checkpoint_status": { "one": "", "two": "", "three": "", "four": "" } } # DATABASE try: id = mongo.db.container_info.insert_one(data_insert).inserted_id except: return {"message": "galat insert container"}, 500 return {"message": f"{id} data berhasil disimpan"}, 201
def auth(): res = { 'user_name': get_jwt_identity(), 'user_email': get_jwt_claims()['email'] } return jsonify(res), 200
def post(self): """ Method: POST Add books in the book database ______________ Parameter Input _______________ judul, penulis, tanggal_terbit, isbn, bahasa, genre, jenis_cover, status, foto_buku, sinopsis, penerbit : string, This input will be the data in the book table. we can enter user input data into the table using db.commit (). """ parser = reqparse.RequestParser() parser.add_argument('judul', location='json', help='judul invalid', default='None', required=True) parser.add_argument('penulis', location='json', help='penulis invalid', default='None', required=True) parser.add_argument('jumlah_halaman', type=int, location='json', help='jumlah halaman invalid', default=0, required=True) parser.add_argument('tanggal_terbit', location='json', help='tanggal terbit invalid', default='none', required=True) parser.add_argument('isbn', location='json', help='isbn invalid', default='none', required=True) parser.add_argument('genre', location='json', help='genre invalid', default='none', required=True) parser.add_argument('bahasa', location='json', help='bahasa invalid', default='none', required=True) parser.add_argument('berat', type=float, location='json', help='berat invalid', default=1) parser.add_argument('lebar', type=float, location='json', help='lebar invalid', default=0) parser.add_argument('panjang', type=float, location='json', help='panjang invalid', default=0) parser.add_argument('jenis_cover', location='json', help='jenis cover invalid', default='Soft Cover', required=True) parser.add_argument('status', location='json', help='status invalid', default=0, required=True) parser.add_argument('foto_buku', location='json', help='link foto buku invalid', default='none', required=True) parser.add_argument('sinopsis', location='json', help='sinopsis invalid', default='') parser.add_argument('harga', type=int, location='json', help='harga invalid', default=0, required=True) parser.add_argument('stok', type=int, location='json', help='stok invalid', default=0, required=True) parser.add_argument('penerbit', location='json', help='penerbit invalid', default='', required=True) args = parser.parse_args() claim = get_jwt_claims() book = Books(claim['id'], args['judul'], args['penulis'], args['jumlah_halaman'], args['tanggal_terbit'], args['isbn'], args['genre'], args['bahasa'], args['berat'], args['lebar'], args['panjang'], args['jenis_cover'], args['status'], args['foto_buku'], args['sinopsis'], args['harga'], args['stok'], args['penerbit'], claim['email']) db.session.add(book) db.session.commit() app.logger.debug('DEBUG : %s', book) return marshal(book, Books.response_fields), 200, { 'Content-Type': 'application/json' }
def post(self, businessId, customerId): claims = get_jwt_claims() if not claims['is_admin']: return { 'message': 'Error # 41 in Customer Resource, admin previlege required' }, 400 approved_zid_list = VbusinessModel.find_all_business_list() if businessId not in approved_zid_list: return { 'message': 'Error # 46 in Customer Resource, You have not been authorized to use this business' }, 400 customerId = str( db.session.query(func.max( CacusModel.xcus)).filter_by(zid=businessId).first()) customerId = increment(customerId) if CacusModel.find_by_customerId(businessId, customerId): return { 'message': "Error # 54 in Customer Resource, An item with name '{}' already exists." .format(customerId) }, 400 json_data = request.get_json() if not json_data: return { 'message': 'Error # 59 in Customer Resource, No input data provided' }, 400 try: data = cacusSchema.load(json_data).data except ValidationError as err: return err.messages, 400 ztime = datetime.datetime.now() zutime = datetime.datetime.now() xdate = datetime.datetime.today() customerDetail = CacusModel(zid=businessId, ztime=ztime, zutime=zutime, xcus=customerId, xshort=data['xshort'], xadd1=data['xadd1'], xadd2=data['xadd2'], xcity=data['xcity'], xmobile=data['xmobile'], xsp=data['xsp']) try: customerDetail.save_to_db() except Exception as e: print(e) return { "message": "Error # 86 in Customer Resource, An error occured inserting the customer" }, 400 return customerDetail.json(), 200
def protected(): username = get_jwt_identity() claims = get_jwt_claims() return jsonify(logged_in_as=username, claims=claims), 200
def post(self): # Seharusnya mengambil value seperti total harga dari respond checkout keranjang (patch) dan beli barang claims = get_jwt_claims() user_id = claims['id'] parser = reqparse.RequestParser() parser.add_argument('nama_penerima', location='json', required=True) parser.add_argument('no_telepon', location='json', required=True) parser.add_argument('alamat_penerima', location='json', required=True) parser.add_argument('metode_pembayaran', location='json', required=True) args = parser.parse_args() detail_pemesanan = DetailPemesanan( user_id, args['nama_penerima'], args['no_telepon'], args['alamat_penerima'], args['metode_pembayaran']) db.session.add(detail_pemesanan) db.session.commit() marshal_detail_pemesanan = marshal( detail_pemesanan, DetailPemesanan.response_fields) # Bikin Properti untuk Riwayat Pemesanan # keranjang_id, barang_id, nama_barang, harga_barang, user_id, jumlah, ukuran, # id_pemesanan, total_harga, total_harga_int # Ambil semua data keranjang dengan checkout_status = True daftar_belanjaan = [] list_keranjang = Keranjang.query.filter_by(user_id=user_id) total_belanja = 0 for keranjang in list_keranjang: if keranjang.checkout_status == True: barang_id = keranjang.barang_id nama_barang = keranjang.nama_barang harga_barang = keranjang.harga_barang user_id = user_id jumlah = keranjang.jumlah ukuran = keranjang.ukuran id_pemesanan = detail_pemesanan.id total_harga = "Rp. {}".format( keranjang.jumlah * keranjang.harga_barang_int) total_harga_int = keranjang.jumlah * keranjang.harga_barang_int pemesanan = RiwayatPemesanan(barang_id, nama_barang, harga_barang, user_id, jumlah, ukuran, id_pemesanan, total_harga, total_harga_int) # Menambah jumlah barang terjual di masing masing barang barang = Barang.query.get(barang_id) barang.terjual = barang.terjual + jumlah # Menambah popularitas senilai 5 di toko toko_id = barang.toko_id toko = Toko.query.get(toko_id) toko.popularitas = toko.popularitas + 5 # Menambah keuntungan di toko untung = (keranjang.harga_barang_int - harga_bahan[barang.bahan])*jumlah toko.keuntungan = toko.keuntungan + untung db.session.add(barang) db.session.add(toko) db.session.add(pemesanan) db.session.delete(keranjang) db.session.commit() total_belanja += total_harga_int pemesanan_marshal = marshal( pemesanan, RiwayatPemesanan.response_fields) daftar_belanjaan.append(pemesanan_marshal) # Email si penjual / designer bahwa jualannya laku designer = User.query.get(toko.user_id) nama_designer = designer.full_name email_designer = designer.email signature = gmail.get_signature() message = bought_html.message.format( nama_designer, nama_barang) + signature subject = "GREAT NEWS FROM TEESIGNR" gmail.send_email("*****@*****.**", email_designer, subject, message) # Email si pembeli detail pemesanan pesanan_id = detail_pemesanan.id user = User.query.get(user_id) full_name = user.full_name total_harga_belanja = "Rp. {}".format(total_belanja) metode_pembayaran = args['metode_pembayaran'] nama_penerima = args['nama_penerima'] nomor_telepon = args['no_telepon'] alamat_penerima = args['alamat_penerima'] email_user = user.email signature = gmail.get_signature() message = konfirmasi_html.PesananEmail(full_name, pesanan_id, total_harga_belanja, metode_pembayaran, nama_penerima, nomor_telepon, alamat_penerima, daftar_belanjaan) + signature subject = "ORDER INFORMATION (TEESIGNR)" gmail.send_email("*****@*****.**", email_user, subject, message) marshal_detail_pemesanan["total_belanja"] = "Rp. {}".format( total_belanja) marshal_detail_pemesanan["daftar_belanja"] = daftar_belanjaan return {"status": "checkout berhasil", "detail": marshal_detail_pemesanan}, 200, {'Content-type': 'application/json'}
def decorated(*args, **kwargs): if get_jwt_claims() == "admin": return func(*args, **kwargs) else: return custom_error("Invalid user role supplied.", 403)
def process_recording(): claims = get_jwt_claims() params = request.get_json(silent=True) return processing(params, claims, mongo)
def habits(): params = request.get_json(silent=True, cache=False) claims = get_jwt_claims() if request.method == 'PUT': return habits_post(params, claims, mongo)
def get(self): id = get_jwt_claims()['user_id'] parser = reqparse.RequestParser() parser.add_argument("p", type=int, location="args", default=1) parser.add_argument("rp", type=int, location="args", default=15) args = parser.parse_args() qry = SecondLevels.query.filter_by(user_id=id).filter_by( content_type='comment') qry = qry.order_by(desc(SecondLevels.created_at)) #prepare query info so similar to home GET #count qry result total_result = len(qry.all()) if (total_result % args['rp'] != 0) | (total_result == 0): total_pages = int(total_result / args['rp']) + 1 else: total_pages = int(total_result / args['rp']) #pagination offset = (args['p'] - 1) * args['rp'] qry = qry.limit(args['rp']).offset(offset) query_info = { 'total_result': total_result, 'total_pages': total_pages, 'page_number': args['p'], 'result_per_pages': args['rp'] } rows = [] for que in qry: qry2 = TopLevels.query.get(que.parent_id) user_data = create_mini_profile(id) marshal_parent = marshal(qry2, TopLevels.response_fields) marshal_parent['user_data'] = create_mini_profile(qry2.user_id) sl_amount = SecondLevels.query.filter_by(parent_id=qry2.id).count() marshal_parent['sl_amount'] = sl_amount tags = tl_tags_return(qry2.id) marshal_parent['tags'] = tags rows.append({ 'user_data': user_data, 'posting_detail': marshal(que, SecondLevels.response_fields), 'parent_detail': marshal_parent }) second_data = { 'second_info': { 'sl_amount': len(rows) }, 'second_detail_list': rows } return { 'query_info': query_info, 'second_data': second_data }, 200, { 'Content-Type': 'application/json' }
def put(self): policy = PasswordPolicy.from_names(length=6) parser = reqparse.RequestParser() parser.add_argument('username', location='json', required=True) parser.add_argument('email', location='json', required=True) parser.add_argument('password', location='json') parser.add_argument('password_new', location='json') #added input for user_detail, all nullable parser.add_argument('first_name', location='json') parser.add_argument('last_name', location='json') parser.add_argument('job_title', location='json') parser.add_argument('photo_url', location='json') #parsing json for array/list? ##changed to required. putting [] means (soft) deleting all tags for user ###FINAL: have to be inputed always. but cant be made required ### [] returned None still counted as none parser.add_argument('tags', location='json', action='append') args = parser.parse_args() id = get_jwt_claims()['user_id'] qry = Users.query.get(id) #add query for user_detail qry2 = UsersDetail.query.get(id) if qry is None: return { 'status': 'NOT_FOUND' }, 404, { 'Content-Type': 'application/json' } if qry2 is None: return { 'status': 'DETAIL_NOT_FOUND' }, 404, { 'Content-Type': 'application/json' } #became conditional, if inputed password if args['password']: #added hashing to check old_password old_password_digest = hashlib.md5( args['password'].encode()).hexdigest() validation = policy.test(args['password_new']) #safeguard against different old password dan method ganti password (base user general) if old_password_digest != qry.password: return { 'status': 'failed', 'result': 'wrong password' }, 401, { 'Content-Type': 'application/json' } if validation != []: return { 'status': 'failed', 'result': str(validation) }, 401, { 'Content-Type': 'application/json' } password_digest = hashlib.md5( args['password_new'].encode()).hexdigest() qry.password = password_digest qry.username = args['username'] qry.email = args['email'] qry.updated_at = db.func.now() ##adding user detail edit, if not empty, change record if args['first_name']: qry2.first_name = args['first_name'] if args['last_name']: qry2.last_name = args['last_name'] if args['job_title']: qry2.job_title = args['job_title'] if args['photo_url']: qry2.photo_url = args['photo_url'] #processing input user-tags and UT.query qry3_all = UserTags.query.filter_by(user_id=id) qry3 = qry3_all.filter_by(deleted=False) ##harus dalam bentuk tag list ##butuh all() atau ngga #list of dbs tag, in their names, have to be constructed first #redundancy for rewriting existing to undelete db_tag_list = [] db_tag_list_all = [] for que in qry3_all: qry5 = Tags.query.get(que.tag_id) if que in qry3: db_tag_list.append(qry5.name) db_tag_list_all.append(qry5.name) #operation to determine input_only tag list and db only tag list #both will be used to append and delete usertag table ##error, safeguard against empty list ###reqparse if keyword doesnt exist ####[mas Kobar] urusin aja di FEnya. ntar bingung sendiri # if 'tags' in args: # print("Masuk boskuh") if args['tags'] is None: input_set = set() else: input_set = set(args['tags']) input_only = input_set - set(db_tag_list) db_only = set(db_tag_list) - input_set #two times iteration, both by names for input_iter in input_only: #add safeguard for re-adding deleted tags #get tag_id first qry4 = Tags.query.filter_by(name=input_iter) qry4 = qry4.first() tag_id = qry4.tag_id #rewrite deleted to false if existing if input_iter in db_tag_list_all: #get from qry all, reactivate qry_reactivate = qry3_all.filter_by(tag_id=tag_id).first() qry_reactivate.deleted = False #kondisi mint else: #qry4 used for search for tag_id first user_tag = UserTags(id, tag_id) db.session.add(user_tag) for db_iter in db_only: qry4 = Tags.query.filter_by(name=db_iter) qry4 = qry4.first() tag_id = qry4.tag_id #qry3 is a user-filtered usertag #do a second filter for tag_id qry6 = qry3.filter_by(tag_id=tag_id).first() #set delete to true qry6.deleted = True qry6.updated_at = db.func.now() qry2.updated_at = db.func.now() #all commit db.session.commit() #get list of user tags, turn into list of names qry7 = UserTags.query.filter_by(user_id=id).filter_by(deleted=False) db_tag_list_final = [] for que in qry7: qry5 = Tags.query.get(que.tag_id) db_tag_list_final.append(qry5.name) user_data = marshal(qry, Users.response_fields) user_detail_data = marshal(qry2, UsersDetail.response_fields) user_tag_data = db_tag_list_final return { 'user_data': user_data, 'user_detail_data': user_detail_data, 'user_tag_data': user_tag_data }, 200, { 'Content-Type': 'application/json' }
def post(self): parser = reqparse.RequestParser() parser.add_argument('nama_penerima', location = 'json', required = True) parser.add_argument('no_hp_penerima', location = 'json', required = True) parser.add_argument('alamat_pengiriman', location = 'json', required = True) parser.add_argument('metode_pembayaran', location = 'json', required = True) parser.add_argument('jasa_kirim', location = 'json', required = True) parser.add_argument('voucher', location = 'json', required = False) args = parser.parse_args() claims = get_jwt_claims() qry_keranjang = Keranjang.query.filter_by(user_id = claims['id']) keranjang_data = qry_keranjang.first() qry_keranjang_details = KeranjangDetails.query.filter_by(keranjang_id = keranjang_data.id).filter_by(deleted=False) # list semua produk yang ingin dicheckout produks = [] for produk in qry_keranjang_details: item = marshal(produk, KeranjangDetails.response_fields) produks.append(item) #membuat transaksi if produks is not None: transaksi = Transaksi(claims['id'], args['nama_penerima'], args['no_hp_penerima'], args['alamat_pengiriman'], args['metode_pembayaran'], args['jasa_kirim'], harga=0, ongkos_kirim=0, diskon=0, total_harga=0) db.session.add(transaksi) db.session.commit() app.logger.debug('DEBUG : %s', transaksi) #membuat transaksi detail (list produk) qry_transaksi = Transaksi.query.filter_by(user_id = claims['id']).filter_by(harga=0).filter_by(deleted=False) qry_transaksi = qry_transaksi.first() for produk in produks: qry_produk = Produk.query.get(produk['produk_id']) if qry_produk.stok >= produk['kuantitas']: qry_produk.stok -= produk['kuantitas'] qry_produk.jumlah_terjual += produk['kuantitas'] qry_transaksi.harga += produk['harga'] qry_transaksi.total_harga += produk['harga'] transaksi_detail = TransaksiDetails(qry_transaksi.id, produk['produk_id'], produk['kuantitas'], produk['harga']) db.session.add(transaksi_detail) db.session.commit() app.logger.debug('DEBUG : %s', transaksi_detail) else: return {'message' : 'kuantitas pembelian melebihi stok yang tersedia'} #menghapus produk pada keranjang yang berhasil di checkout qry_keranjang_details_2 = qry_keranjang_details.filter_by(deleted=False) for qry in qry_keranjang_details_2: qry.deleted = True db.session.commit() keranjang_data.total_harga = 0 db.session.commit() return {'message' : "checkout berhasil"}, 200
def decorated(*args, **kwargs): if get_jwt_claims() in ["admin", "sub_admin"]: return func(*args, **kwargs) else: return custom_error("Invalid user role to apply this action.", 403)
def get(self): claims = get_jwt_claims() parser = reqparse.RequestParser() parser.add_argument('p', type=int, location='args', default=1) parser.add_argument('rp', type=int, location='args', default=125) parser.add_argument('keyword', location='args') # Pagination args = parser.parse_args() offset = (args['p'] * args['rp']) - args['rp'] # Get all customers and sort it from the newest qry = Customers.query.filter_by(id_users=claims['id']) qry = qry.order_by(desc(Customers.created_at)) if args['keyword'] is not None and args['keyword'] != '': qry = qry.filter_by(id_users=claims['id']).filter( Customers.fullname.like("%" + args["keyword"] + "%") | Customers.phone_number.like("%" + args["keyword"] + "%") | Customers.email.like("%" + args["keyword"] + "%")) rows = [] for row in qry.limit(args['rp']).offset(offset).all(): rows.append(marshal(row, Customers.response_fields)) # variable min = 0 new_customer = 0 total_costumer = 0 custumer_id = '' # setting time time = (datetime.now() + timedelta(hours=7)).strftime("%Y-%m-%d") today = datetime(int(time[0:4]), int(time[5:7]), int(time[8::])) start = today + relativedelta(days=-(int(time[8::])) + 1) end = today + relativedelta(days=+1) qry_grand_customers = Customers.query.filter_by( id_users=claims['id']).all() for costumer in qry_grand_customers: total_costumer = total_costumer + 1 if costumer.total_transaction > min: min = costumer.total_transaction custumer_id = costumer.id for costumer in qry_grand_customers: create_at = costumer.created_at if start <= create_at and create_at <= end: new_customer = new_customer + 1 # Case when loyal customer exists if custumer_id != '': qry_costumer_loyal = Customers.query.get(custumer_id) custumer_loyal = marshal(qry_costumer_loyal, Customers.response_fields) result = { "list_all_customer": rows, "total_costumer": total_costumer, "costumer_loyal": custumer_loyal, "new_customer": new_customer } # Case when there are no customer have made transaction else: result = { "list_all_customer": rows, "total_costumer": total_costumer, "costumer_loyal": "Belum ada pelanggan yang melakukan transaksi", "new_customer": new_customer } return result, 200
def critical(): username = get_jwt_identity() claims = get_jwt_claims() return jsonify(fresh_logged_in_as=username, claims=claims), 200
def post(self): claims = get_jwt_claims() return {"claims": claims}, 200
def put(self, businessId, customerId): claims = get_jwt_claims() if not claims['is_admin']: return { 'message': 'Error # 94 in Customer Resource, admin previlige required' }, 400 approved_zid_list = VbusinessModel.find_all_business_list() if businessId not in approved_zid_list: return { 'message': 'Error # 99 in Customer Resource, You have not been authorized to use this business' }, 400 json_data = request.get_json() if not json_data: return { 'message': 'Error # 104 in Customer Resource, No input data provided' }, 400 try: data = cacusUpdateSchema.load(json_data).data except ValidationError as err: return { 'message': 'Error # 109 in Customer Resource, Validation error in Schemas' }, 400 ztime = datetime.datetime.now() zutime = datetime.datetime.now() xdate = datetime.datetime.now() customerDetail = CacusModel.find_by_customerId(businessId, customerId) if customerDetail is None: customerDetail = CacusModel(zid=businessId, ztime=ztime, zutime=zutime, xcus=customerId, xshort=data['xshort'], xadd1=data['xadd1'], xadd2=data['xadd2'], xcity=data['xcity'], xmobile=data['xmobile'], xsp=data['xsp']) else: customerDetail.zid = businessId customerDetail.zutime = zutime customerDetail.xdate = xdate customerDetail.xcus = customerId customerDetail.xshort = data['xshort'] customerDetail.xadd1 = data['xadd1'] customerDetail.xadd2 = data['xadd2'] customerDetail.xcity = data['xcity'] customerDetail.xmobile = data['xmobile'] customerDetail.xsp = data['xsp'] try: customerDetail.save_to_db() except Exception as e: print(e) return { "message": "Error # 145 in Customer Resource, An error update the customer" }, 400 return customerDetail.json(), 200
def post(self): current_user = get_jwt_identity() claims = get_jwt_claims() token = create_access_token(identity=current_user, user_claims=claims) return {'token':token, 'claims':claims}, 200
def put(self, id=None): """ Method: PUT Updating the book data according to ID by the User ______________ Parameter Input _______________ id: params (required), id entered by the user. judul, penulis, tanggal_terbit, isbn, bahasa, genre, jenis_cover, status, foto_buku, sinopsis, penerbit : string, This input will be the data in the book table. """ if id is None: return { 'message': 'Masukkan ID' }, 400, { 'Content-Type': 'application/json' } elif id is not None: parser = reqparse.RequestParser() parser.add_argument('judul', location='json', default='None', required=True) parser.add_argument('penulis', location='json', help='penulis invalid', default='None', required=True) parser.add_argument('jumlah_halaman', type=int, location='json', help='jumlah halaman invalid', default=0, required=True) parser.add_argument('tanggal_terbit', location='json', help='tanggal terbit invalid', default='none', required=True) parser.add_argument('isbn', location='json', help='isbn invalid', default='none', required=True) parser.add_argument('genre', location='json', help='genre invalid', default=0, required=True) parser.add_argument('bahasa', location='json', help='bahasa invalid', default='none', required=True) parser.add_argument('berat', type=float, location='json', help='berat invalid', default=0, required=True) parser.add_argument('lebar', type=int, location='json', help='lebar invalid', default=0) parser.add_argument('panjang', type=int, location='json', help='panjang invalid', default=0) parser.add_argument('jenis_cover', location='json', help='jenis cover invalid', default='none', required=True) parser.add_argument('status', location='json', help='status invalid', default=0, required=True) parser.add_argument('foto_buku', location='json', help='link foto buku invalid', default='none', required=True) parser.add_argument('sinopsis', location='json', help='sinopsis invalid', default=0, required=True) parser.add_argument('harga', type=int, location='json', help='harga invalid', default=0, required=True) parser.add_argument('stok', type=int, location='json', help='stok invalid', default=0, required=True) parser.add_argument('penerbit', location='json', help='penerbit invalid', default=0, required=True) args = parser.parse_args() qry = Books.query.get(id) if qry is None: return { 'penulis': 'NOT_FOUND' }, 404, { 'Content-Type': 'application/json' } claim = get_jwt_claims() qry.user_id = claim['id'] qry.judul = args['judul'] qry.penulis = args['penulis'] qry.jumlah_halaman = args['jumlah_halaman'] qry.isbn = args['isbn'] qry.genre = args['genre'] qry.bahasa = args['bahasa'] qry.berat = args['berat'] qry.lebar = args['lebar'] qry.panjang = args['panjang'] qry.jenis_cover = args['jenis_cover'] qry.status = args['status'] qry.foto_buku = args['foto_buku'] qry.sinopsis = args['sinopsis'] qry.harga = args['harga'] qry.stok = args['stok'] qry.penerbit = args['penerbit'] qry.email_user = claim['email'] db.session.commit() return marshal(qry, Books.response_fields), 200, { 'Content-Type': 'application/json' }
def api_check(): email_usuario_logado = get_jwt_claims()['usuario.email'] return jsonify(email_usuario_logado)
def decorated_function(*args, **kwargs): claims = get_jwt_claims() if common_role(claims["roles"], roles): func(*args) else: return make_response("You have no permission for that", 401)
def protected(): claims = get_jwt_claims() if claims.get('username') == 'admin': return jsonify({'data': ['hi', 'it', 'works']}), 200 return jsonify({'msg': 'No access for you!'}), 400
def get_container_detail(id_container): claims = get_jwt_claims() if not ObjectId.is_valid(id_container): return {"message": "Object ID tidak valid"}, 400 if request.method == 'GET': container = mongo.db.container_info.find_one( {'_id': ObjectId(id_container)}) return jsonify(container), 200 if request.method == 'PUT': """Melakukan update informasi pada info petikemas""" schema = ContainerEditInfoSchema() try: data = schema.load(request.get_json()) except ValidationError as err: return err.messages, 400 activity_list = ["RECEIVING-MUAT", "BONGKAR-DELIVERY"] if data["activity"].upper() not in activity_list: return { "message": "activity harus diantara RECEIVING-MUAT atau BONGKAR-DELIVERY" }, 400 if not ObjectId.is_valid(id_container): return {"message": "Object ID tidak valid"}, 400 if not claims["isTally"]: return { "message": "user ini tidak dapat melakukan edit dokumen" }, 403 data_to_change = { "container_number": data["container_number"].upper(), "size": data["size"], "tipe": data["tipe"].upper(), "full_or_empty": data["full_or_empty"].upper(), "activity": data["activity"].upper(), "created_at": data["created_at"], "updated_at": datetime.now(), "creator_username": get_jwt_identity(), "creator_name": claims["name"] } # digunakan untuk memastikan tidak ada yang mengupdate sebelum update ini last_update = data["updated_at"] # Hanya document lvl 1 yang bisa diubah query = { '_id': ObjectId(id_container), "updated_at": last_update, "document_level": 1 } update = {'$set': data_to_change} # MEMANGGIL DATABASE container = mongo.db.container_info.find_one_and_update( query, update, return_document=True) if container is None: return { "message": "Gagal update. Dokumen ini telah di ubah oleh seseorang sebelumnya. Harap cek data terbaru!" }, 402 return jsonify(container), 201 if request.method == 'DELETE': """ DELETE HANYA DAPAT DILAKUKAN PADA DOKUMEN LVL 1 OLEH FOREMAN dan Tally """ if claims["isForeman"] or claims["isTally"]: query = { '_id': ObjectId(id_container), 'branch': claims["branch"][0], 'document_level': 1 } container = mongo.db.container_info.find_one_and_delete(query) if container is None: return { "message": "Dokumen yang sudah dilakukan pengecekan tidak dapat dihapus" }, 406 return {"message": "Dokumen berhasil di hapus"}, 204 return { "message": "Dokumen hanya bisa di hapus oleh Manajer atau Foreman" }, 403
def post(self): """ Method: POST Adding products to the 'cart' when pressing the 'Insert Basket' button ______________ Parameter Input _______________ status_cart: boolean (default: false), book_id, judul, penulis, jenis_cover, foto_buku, status_jual: string (required), harga, stok: integer (required), berat: float (required) Cart: query of carts, Cart are objects that exist in the cart table. """ parser = reqparse.RequestParser() parser.add_argument('status_cart', type=bool, location='json', default=False) parser.add_argument('book_id', location='json', required=True) parser.add_argument('judul', location='json', required=True) parser.add_argument('penulis', location='json', required=True) parser.add_argument('jenis_cover', location='json', required=True) parser.add_argument('foto_buku', location='json', required=True) parser.add_argument('harga', type=int, location='json', required=True) parser.add_argument('stok', type=int, location='json', required=True, default=1) parser.add_argument('berat', type=float, location='json', required=True, default=1) parser.add_argument('status_jual', location='json', default='Ready Stock') args = parser.parse_args() claim = get_jwt_claims() cart = Cart(args['status_cart'], claim['id'], args['book_id'], args['judul'], args['penulis'], args['jenis_cover'], args['foto_buku'], args['harga'], args['stok'], args['berat'], args['status_jual'], claim['email']) qry = Cart.query for query in qry: if claim['email'] == query.email and int(args['book_id']) == int( query.book_id) and query.status_cart is False: return {'message': 'buku sudah ada di dalam cart'} queries = Books.query for query in queries: if int(query.id) == int( args['book_id'] ) and query.stok < 1 and args['status_jual'] == 'Ready Stock': return {'message': 'stok buku telah habis'} db.session.add(cart) db.session.commit() app.logger.debug('DEBUG : %s', cart) return marshal(cart, Cart.cart_fields), 200, { 'Content-Type': 'application/json' }
def protected(): claims = get_jwt_claims() return jsonify({ 'username': claims['username'], 'admin': claims['admin'] }), 200
def go(): if not request.is_json: return jsonify({"msg": "Missing JSON in request"}), 400 # Bad request claims = get_jwt_claims() sender_id = claims['user_id'] print(sender_id) receiver_id = request.json.get('receiver_id') amount = request.json.get('amount') provider_id = request.json.get('provider_id') provider_commission = request.json.get('provider_commission') if sender_id == 0: # Bad request return jsonify({"msg": "Missing sender_id parameter"}), 400 if receiver_id == 0: # Bad request return jsonify({"msg": "Missing receiver_id parameter"}), 400 if amount == 0: # Bad request return jsonify({"msg": "Missing amount parameter"}), 400 if provider_id < 0: # Bad request return jsonify({"msg": "Missing provider_id parameter"}), 400 if provider_commission == 0: # Bad request return jsonify({"msg": "Missing provider_commission parameter"}), 400 sender_username = get_user_name(sender_id) print(sender_username) print(receiver_id) receiver_username = get_user_name(receiver_id) print(receiver_username) # amount : withdrawal from sender and deposit in the receiver is_withdrawal_done = withdrawal(sender_id, amount) is_deposit_done = deposit(receiver_id, amount) if is_withdrawal_done and is_deposit_done: if provider_id == sender_id: # provider_commission : withdrawal from client and deposit in the provider is_provider_commission_withdrawal_done = commission_withdrawal( receiver_id, provider_commission) is_provider_commission_deposit_done = commission_deposit( sender_id, provider_commission) if is_provider_commission_withdrawal_done and is_provider_commission_deposit_done: # log if commission_withdrawal(receiver_id, provider_commission): time = datetime.now() total = int(provider_commission * 2 + amount) new_operation(sender_username, receiver_username, sender_username, amount, time, total, provider_commission) # add our commission operation_id = get_operation_id(time) our_commission = OurCommissions( operation_id=operation_id, amount=provider_commission, client_id=receiver_id) try: db.session.add(our_commission) db.session.commit() return jsonify({"msg": "operation done ", "id": operation_id}), 200 except Exception as e: return jsonify({"msg": f"internal error '{e}'"}), 500 elif provider_id == receiver_id: # provier_commission : withdrawal from client and deposit in the provider is_provider_commission_withdrawal_done = commission_withdrawal( sender_id, provider_commission) is_provider_commission_deposit_done = commission_deposit( receiver_id, provider_commission) if is_provider_commission_withdrawal_done and is_provider_commission_deposit_done: if commission_withdrawal(sender_id, provider_commission): # log time = datetime.now() total = int(provider_commission * 2 + amount) new_operation(sender_username, receiver_username, receiver_username, amount, time, total, provider_commission) else: return jsonify({"msg": "internal error"}), 500 # add our commission operation_id = get_operation_id(time) our_commission = OurCommissions( operation_id=operation_id, amount=provider_commission, client_id=sender_id) try: db.session.add(our_commission) db.session.commit() return jsonify({"msg": "operation done ", "id": operation_id}), 200 except Exception as e: db.session.rollback() return jsonify({"msg": f"internal error '{e}'"}), 500 elif provider_id == 0: print(3333) is_our_commission_withdrawal_done = commission_withdrawal( sender_id, provider_commission) if is_our_commission_withdrawal_done: time = datetime.now() total = int(provider_commission + amount) new_operation(sender_username, receiver_username, 0, amount, time, total, provider_commission) # add out commission operation_id = get_operation_id(time) our_commission = OurCommissions( operation_id=operation_id, amount=provider_commission, client_id=sender_id) try: db.session.add(our_commission) db.session.commit() return jsonify({"msg": "operation done ", "id": operation_id}), 200 except Exception as e: db.session.rollback() return jsonify({"msg": f"internal error '{e}'"}), 500
def get(self): claims = get_jwt_claims() if claims['is_admin']: return {'users': [user.json() for user in UserModel.find_all()]} return {'message': 'Admin privilege required!!.'}, 401
def get(self): claims = get_jwt_claims() if not claims['is_admin']: return {"message": "Sorry you need to have admin privilege in order to see all users"} return {"Users": list(map(lambda user: user.json(), UserModel.query.all()))}