def validate_user_rights(db, session_token, caller_name):
print "validate_user_rights"
try:
user_id = db.validate_session_token(session_token)
print "----------"
print user_id
print user_id, caller_name
if user_id is True and caller_name not in ("/knowledge/home",
"/knowledge/profile"):
print user_id
rows = db.call_proc_with_multiresult_set("sp_verify_user_rights",
[user_id, caller_name], 2)
print rows
if rows:
if rows[1][0].get("form_url") == caller_name:
return user_id
else:
return False
elif user_id:
return user_id
else:
return False
except Exception, e:
logger.logKnowledge("error", "validate_rights",
str(traceback.format_exc()))
logger.logKnowledge("error", "validate_rights", str(e))
raise fetch_error()
def bulk_update(self, table, columns, values, conditions):
try:
for outer_index, cond in enumerate(conditions):
query = "UPDATE " + table + " set "
for index, column in enumerate(columns):
if values[outer_index][index] is not None:
if (index < len(columns) - 1):
query += column + " = '%s', " % (
values[outer_index][index])
else:
query += column + " = '%s' " % (
values[outer_index][index])
query += " WHERE " + cond + "; "
cursor = self.cursor()
assert cursor is not None
cursor.execute(query)
logger.logKnowledge("query", "bulk_update",
"query: %s, param:%s" % (query, values))
cursor.nextset()
return True
except Exception, e:
logger.logKnowledge("error", "bulk_update",
"query: %s, param:%s" % (query, values))
logger.logKnowledge("error", "bulk_update", str(e))
raise fetch_error()
def insert(self, table, columns, values):
# columns = ", ".join(columns)
stringValue = []
for i in range(len(values)):
stringValue.append('%s')
if type(columns) is list:
columns = ", ".join(columns)
columns = "(%s)" % columns
query = """INSERT INTO %s %s """ % (table, columns)
query += " VALUES (%s) " % (",".join(stringValue))
try:
n_id = int(self.execute_insert(query, values))
print n_id
logger.logKnowledge("query", "insert",
"query: %s, param:%s" % (query, values))
return n_id
if n_id == 0:
return False
except Exception, e:
print e
logger.logKnowledge("error", "insert",
"query: %s, param:%s" % (query, values))
logger.logKnowledge("error", "insert", str(e))
raise fetch_error()
def select_one(self, query, param=None):
cursor = self.cursor()
assert cursor is not None
try:
if param is None:
cursor.execute(query)
else:
if type(param) is tuple:
cursor.execute(query, param)
elif type(param) is list:
cursor.execute(query, param)
else:
cursor.execute(query)
cursor.nextset()
res = cursor.fetchone()
cursor.nextset()
logger.logclient("query", "select_one",
"query: %s, param:%s" % (query, param))
return res
except Exception, e:
logger.logclient("error", "select_one",
"query: %s, param:%s" % (query, param))
logger.logclient("error", "select_one", str(e))
raise fetch_error()
def delete(self, table, condition, condition_val):
query = "DELETE from " + table + " WHERE " + condition
try:
return self.execute(query, condition_val)
except Exception, e:
logger.logKnowledge("error", "delete",
"query: %s, param:%s" % (query, condition_val))
logger.logKnowledge("error", "delete", str(e))
raise fetch_error()
def delete_action_after_approval(db, csv_id):
try:
args = [csv_id]
db.call_proc("sp_statutory_mapping_delete", args)
return True
except Exception, e:
logger.logKnowledge("error", "update action from list",
str(traceback.format_exc()))
logger.logKnowledge("error", "update action from list", str(e))
raise fetch_error()
def save_action_from_view(db, csv_id, sm_id, action, remarks, session_user):
try:
args = [csv_id, sm_id, action, remarks]
data = db.call_proc("sp_approve_mapping_action_save", args)
print data
return True
except Exception, e:
logger.logKnowledge("error", "update action from view",
str(traceback.format_exc()))
logger.logKnowledge("error", "update action from view", str(e))
raise fetch_error()
def verify_password(db, user_id, encrypt_password):
try:
row = db.call_proc("sp_verify_password", [user_id, encrypt_password])
# if int(row[0]["count"]) == 0:
# raise process_error("E065")
# else
print row
return int(row[0]["count"])
except Exception, e:
logger.logKnowledge("error", "verify_password",
str(traceback.format_exc()))
logger.logKnowledge("error", "verify_password", str(e))
raise fetch_error()
def update_password(db, password, user_id):
result = db.call_proc_with_multiresult_set(
"sp_tbl_user_login_details_update", (user_id, encrypt(password)), 1)
if len(result) == 0:
raise fetch_error()
employee_name = result[0][0]["username"]
action = "\"%s\" has updated his/her password" % (employee_name)
db.save_activity(user_id, 0, action)
if result:
return True
else:
return False
def save_toast_messages(self, user_cat_id, message_head, message_text,
link, users_to_notify, session_user):
created_on = get_date_time()
m1 = "INSERT INTO tbl_messages (user_category_id, message_heading, message_text, " + \
"link, created_by, created_on) values (%s, %s, %s, %s, %s, %s)"
msg_id = self.execute_insert(m1, [
user_cat_id, message_head, message_text, link, session_user,
created_on
])
if msg_id is False or msg_id == 0:
raise fetch_error()
m2 = "INSERT INTO tbl_message_users (message_id, user_id) values (%s, %s)"
for u in users_to_notify:
self.execute(m2, [msg_id, u])
return True
def validate_user_rights(self, session_token, rcaller_name, is_mobile):
if is_mobile is True:
user_id, user_category_id = self.validate_session_token(
session_token)
return user_id, user_category_id
caller_name = [str(x) for x in rcaller_name.split("/") if x != ""]
caller_name = "/%s" % (caller_name[0])
try:
user_id, user_category_id = self.validate_session_token(
session_token)
if user_id is not None:
if user_category_id == 1:
q = "select t2.form_url from tbl_form_category as t1 " + \
" inner join tbl_forms as t2 on t1.form_id = t2.form_id where " + \
" t1.user_category_id = 1 " + \
" and t2.form_url = %s "
param = [caller_name]
else:
q = "select t3.form_url " + \
" from tbl_users as t1 " + \
" inner join tbl_user_group_forms as t2 on t1.user_group_id = t2.user_group_id " + \
" inner join tbl_forms as t3 on t2.form_id = t3.form_id " + \
" where t1.user_id = %s and t3.form_url = %s"
param = [user_id, caller_name]
if caller_name not in ("/welcome", "/home", "/profile",
"/themes", "/reminders", "/escalations",
"/message", "/notifications",
"/view-profile", "/settings"):
rows = self.select_one(q, param)
if rows:
if rows.get("form_url") == caller_name:
return user_id, user_category_id
else:
return None, None
else:
return user_id, user_category_id
else:
return user_id, user_category_id
except Exception, e:
logger.logclient("error", "validate_rights", str(e))
raise fetch_error()
def append(self, table, column, value, condition, condition_val):
try:
rows = self.get_data(table, column, condition, condition_val)
currentValue = rows[0][column]
if currentValue is not None:
newValue = currentValue + "," + str(value)
else:
newValue = str(value)
columns = [column]
values = [newValue]
values += condition_val
res = self.update(table, columns, values, condition)
return res
except Exception, e:
logger.logKnowledge(
"error", "append",
"table: %s, column:%s, value:%s" % (table, column, value))
logger.logKnowledge("error", "append", str(e))
raise fetch_error()
def update_approve_action_from_list(db, csv_id, action, remarks, session_user,
type):
try:
print "&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&"
print "type-> ", type
if type == "all":
args = [csv_id, action, remarks, session_user.user_id()]
data = db.call_proc("sp_statutory_mapping_update_all_action", args)
print data
return True
else:
args = [csv_id, session_user.user_id()]
db.call_proc("sp_statutory_update_action", args)
return True
except Exception, e:
logger.logKnowledge("error", "update action from list",
str(traceback.format_exc()))
logger.logKnowledge("error", "update action from list", str(e))
raise fetch_error()
def update_bulk_client_unit_approve_reject_list(db, csv_unit_id, action,
remarks, declined_count,
session_user):
try:
args = [
csv_unit_id, action, remarks,
session_user.user_id(), declined_count
]
print args
data = db.call_proc("sp_bulk_client_unit_update_action", args)
print "here"
print data
return True
except Exception, e:
logger.logKnowledge("error", "update action from list",
str(traceback.format_exc()))
logger.logKnowledge("error", "update action from list", str(e))
raise fetch_error()
def update(self, table, columns, values, condition):
query = "UPDATE " + table + " set "
for index, column in enumerate(columns):
if index < len(columns) - 1:
query += column + " = %s, "
else:
query += column + " = %s "
query += " WHERE " + condition
try:
status = self.execute(query, values)
logger.logKnowledge("query", "update",
"query: %s, param:%s" % (query, values))
return status
except Exception, e:
print e
logger.logKnowledge("error", "update",
"query: %s, param:%s" % (query, values))
logger.logKnowledge("error", "update", str(e))
raise fetch_error()
def bulk_insert(self, table, columns, valueList):
stringValue = []
for i in range(len(columns)):
stringValue.append('%s')
if type(columns) is list:
columns = ", ".join(columns)
query = "INSERT INTO %s (%s) " % (table, columns)
query += " VALUES (%s) " % (",".join(stringValue))
try:
cursor = self.cursor()
assert cursor is not None
cursor.executemany(query, valueList)
logger.logKnowledge("query", "bulk_insert",
"query: %s, param:%s" % (query, valueList))
cursor.nextset()
return True
except Exception, e:
logger.logKnowledge("error", "bulk_insert",
"query: %s, param:%s" % (query, valueList))
logger.logKnowledge("error", "bulk_insert", str(e))
raise fetch_error()
def handle_api_request(self, unbound_method, request_data_type,
need_session_id):
is_bulk_upload = False
# self._ip_addess = request.remote_addr
self._ip_addess = request.headers.get("X-Real-Ip")
caller_name = request.headers.get("Caller-Name")
api_type = request.url
try:
if request_data_type == "knowledgeformat":
request_data = request
else:
request_data = self._parse_request(request_data_type)
if request_data is None:
raise ValueError("Request data is Null")
elif type(request_data) is str:
raise ValueError(request_data)
if "/api/bu" in api_type:
is_bulk_upload = True
_db_con = bulk_db_connect()
else:
_db_con = before_first_request()
_db = Database(_db_con)
_db.begin()
valid_session_data = None
session_user = None
_session_db = None
_session_db_con = None
print is_bulk_upload
if is_bulk_upload is True:
_session_db_con = before_first_request()
_session_db = Database(_session_db_con)
_session_db.begin()
valid_session_data, session_user = self.validate_user_rights(
request_data, _session_db, caller_name)
if valid_session_data is None:
session_user = UserInfo(_session_db, session_user)
_session_db.commit()
else:
valid_session_data, session_user = self.validate_user_rights(
request_data, _db, caller_name)
if valid_session_data is None:
if need_session_id is True:
response_data = unbound_method(self, request_data, _db,
session_user)
else:
response_data = unbound_method(self, request_data, _db)
else:
response_data = valid_session_data
if response_data is None or type(response_data) is bool:
_db.rollback()
raise fetch_error()
elif type(response_data) != technomasters.ClientCreationFailed:
_db.commit()
else:
_db.rollback()
_db.close()
_db_con.close()
return self.respond(response_data)
except Exception, e:
logger.logKnowledge("error", "handle_api_request", str(e))
logger.logKnowledge("error", "handle_api_request",
str(traceback.format_exc()))
if str(e).find("expected a") is False:
_db.rollback()
_db.close()
_db_con.close()
return self._send_response(str(e), 400)