def __init__(self, email, password, firstName, lastName, role = 0, phone='0', licenseMask =0, keyMask = 0, association = ''): self.syncMaster = 0 self.active = 1 self.phone = phone self.cardAuthBlock = 1 self.cardAuthSector = 4 self.cardID = '' self.cardKey = '' self.cardSecret = '' self.cardAuthKeyA = 'FF FF FF FF FF FF' self.cardAuthKeyB = '' self.cardSecret = '' self.role = role; self.email = email self.password = flask_bcrypt.generate_password_hash(password) self.firstName = firstName self.lastName = lastName self.association = association self.phone = phone self.keyMask = keyMask self.licenseMask = licenseMask self.accessDaysMask = 127 self.accessType = 0 self.accessDayCounter = 0 self.accessDateStart = (datetime.datetime.today()).replace(hour=0, minute=0, second=0, microsecond=0) self.accessDateEnd = (datetime.datetime.today() + datetime.timedelta(365*15)).replace(hour=0,minute=0,second=0,microsecond=0) self.accessTimeStart = datetime.datetime.today().replace(hour= 6, minute= 0, second=0, microsecond=0) self.accessTimeEnd = datetime.datetime.today().replace(hour= 22, minute= 30, second=0, microsecond=0) self.lastLoginDateTime = datetime.datetime.today() self.registerDateTime = datetime.datetime.today() self.budget = 0.00;
def __init__(self, email, password, firstName, lastName, role=0, phone='0', licenseMask=0, keyMask=0, association=''): self.syncMaster = 0 self.active = 1 self.phone = phone self.cardAuthBlock = 1 self.cardAuthSector = 4 self.cardID = '' self.cardSecret = '' self.cardAuthKeyA = '' self.cardAuthKeyB = '' self.role = role self.email = email self.password = flask_bcrypt.generate_password_hash(password) self.firstName = firstName self.lastName = lastName self.association = association self.phone = phone self.keyMask = keyMask self.licenseMask = licenseMask self.accessDaysMask = 127 self.accessType = 0 self.accessDayCounter = 10 self.accessDayCyclicBudget = 10 self.weeklyAccessAverage = 0 self.weeklyAccessWeekNumber = datetime.datetime.now().isocalendar()[1] self.weeklyAccessCount = 0 self.monthlyAccessAverage = 0 self.monthlyAccessMonthNumber = datetime.datetime.now().month self.monthlyAccessCount = 0 self.lastAccessDaysUpdateDate = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0) self.accessDateStart = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0) self.accessDateEnd = ( datetime.datetime.today() + datetime.timedelta(365 * 15)).replace( hour=0, minute=0, second=0, microsecond=0) self.accessTimeStart = datetime.datetime.today().replace( hour=0, minute=1, second=0, microsecond=0) self.accessTimeEnd = datetime.datetime.today().replace( hour=23, minute=59, second=0, microsecond=0) self.lastAccessDateTime = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0) self.lastLoginDateTime = datetime.datetime.today() self.lastSyncDateTime = datetime.datetime.now() self.registerDateTime = datetime.datetime.today() self.budget = 0.00 self.lastBudgetUpdateDate = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0)
def post(self): form = LostPasswordForm() if not form.validate_on_submit(): return form.errors, 422 user = User.query.filter_by(email=form.email.data).first() if user is None: return "", 401 new_password = controller.id_generator(12) user.password = flask_bcrypt.generate_password_hash(new_password) db.session.commit() send_email( "%s: A new password has been generated" % "RoseGuarden", MAIL_USERNAME, [user.email], render_template("lostpassword_mail.txt", user=user, password=new_password), render_template("lostpassword_mail.html", user=user, password=new_password), ) return "", 201
def post(self): form = LostPasswordForm() if not form.validate_on_submit(): return form.errors, 422 user = User.query.filter_by(email=form.email.data).first() if user is None: return '', 401 new_password = security.generator_password(12) user.password = flask_bcrypt.generate_password_hash(new_password) db.session.commit() send_email("%s: A new password has been generated" % 'RoseGuarden', config.MAIL_USERNAME, [user.email], render_template("lostpassword_mail.txt", user=user, password=new_password), render_template("lostpassword_mail.html", user=user, password=new_password)) return '', 201
def __init__( self, email, password, firstName, lastName, role=0, phone="0", licenseMask=0, keyMask=0, association="" ): self.syncMaster = 0 self.active = 1 self.phone = phone self.cardAuthBlock = 1 self.cardAuthSector = 4 self.cardID = "" self.cardKey = "" self.cardSecret = "" self.cardAuthKeyA = "FF FF FF FF FF FF" self.cardAuthKeyB = "" self.cardSecret = "" self.role = role self.email = email self.password = flask_bcrypt.generate_password_hash(password) self.firstName = firstName self.lastName = lastName self.association = association self.phone = phone self.keyMask = keyMask self.licenseMask = licenseMask self.accessDaysMask = 127 self.accessType = 0 self.accessDayCounter = 0 self.accessDateStart = (datetime.datetime.today()).replace(hour=0, minute=0, second=0, microsecond=0) self.accessDateEnd = (datetime.datetime.today() + datetime.timedelta(365 * 15)).replace( hour=0, minute=0, second=0, microsecond=0 ) self.accessTimeStart = datetime.datetime.today().replace(hour=6, minute=0, second=0, microsecond=0) self.accessTimeEnd = datetime.datetime.today().replace(hour=22, minute=30, second=0, microsecond=0) self.lastLoginDateTime = datetime.datetime.today() self.registerDateTime = datetime.datetime.today() self.budget = 0.00
def post(self, id): if id != g.user.id: if g.user.role != 1: return make_response(jsonify({'error': 'Not authorized'}), 403) form = UserPatchForm() if not form.validate_on_submit(): print form.errors return form.errors, 422 user = User.query.filter_by(id=id).first() log_text = '' if form.newpassword.data != None and form.newpassword.data != '': oldpwd = base64.decodestring(form.oldpassword.data) if not flask_bcrypt.check_password_hash(user.password, oldpwd): print 'incoorect old password' return make_response(jsonify({'error': 'Not authorized'}), 403) print 'correct old password' if log_text != '': log_text += '; ' log_text += 'Changed password' user.password = flask_bcrypt.generate_password_hash( base64.decodestring(form.newpassword.data)) db.session.commit() if form.lastName.data != None and form.lastName.data != '': if user.lastName != form.lastName.data: if log_text != '': log_text += '; ' log_text += 'Change last name from ' + user.lastName + ' to ' + form.lastName.data user.lastName = form.lastName.data if form.firstName.data != None and form.firstName.data != '': if user.firstName != form.firstName.data: if log_text != '': log_text += '; ' log_text += 'Change first name from ' + user.firstName + ' to ' + form.firstName.data user.firstName = form.firstName.data if form.phone.data != None and form.phone.data != '': if user.phone != form.phone.data: if log_text != '': log_text += '; ' log_text += 'Change phone number from ' + user.phone + ' to ' + form.phone.data user.phone = form.phone.data if form.association.data != None and form.association.data != '': if user.association != form.association.data: if log_text != '': log_text += '; ' log_text += 'Change association to ' + str( form.association.data) user.association = form.association.data # this properties can only be changed by a admin or a superuser if form.role.data != None and form.role.data != '': if g.user.role != 1: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.role != form.role.data: if log_text != '': log_text += '; ' log_text += 'Change role from ' + str( user.role) + ' to ' + str(form.role.data) user.role = form.role.data if form.accessDaysMask.data != None and form.accessDaysMask.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDaysMask != form.accessDaysMask.data: if log_text != '': log_text += '; ' log_text += 'Change accessDaysMask from ' + str( user.accessDaysMask) + ' to ' + str( form.accessDaysMask.data) user.accessDaysMask = form.accessDaysMask.data if form.accessDayCounter.data != None and form.accessDayCounter.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDayCounter != form.accessDayCounter.data: if log_text != '': log_text += '; ' log_text += 'Change accessDayCounter from ' + str( user.accessDayCounter) + ' to ' + str( form.accessDayCounter.data) user.lastAccessDaysUpdateDate = datetime.datetime.today() user.accessDayCounter = form.accessDayCounter.data if form.accessDayCyclicBudget.data != None and form.accessDayCyclicBudget.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDayCyclicBudget != form.accessDayCyclicBudget.data: if log_text != '': log_text += '; ' log_text += 'Change accessDayCyclicBudget from ' + str( user.accessDayCyclicBudget) + ' to ' + str( form.accessDayCyclicBudget.data) user.lastAccessDaysUpdateDate = datetime.datetime.today() user.accessDayCyclicBudget = form.accessDayCyclicBudget.data if form.accessType.data != None and form.accessType.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessType != form.accessType.data: if log_text != '': log_text += '; ' log_text += 'Change accessType from ' + str( user.accessType) + ' to ' + str(form.accessType.data) user.lastAccessDaysUpdateDate = datetime.datetime.today() user.accessType = form.accessType.data if form.keyMask.data != None and form.keyMask.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.keyMask != form.keyMask.data: if log_text != '': log_text += '; ' log_text += 'Change keyMask from ' + str( user.keyMask) + ' to ' + str(form.keyMask.data) user.keyMask = form.keyMask.data if form.accessDateStart.data != None and form.accessDateStart.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDateStart != dateutil.parser.parse( form.accessDateStart.data).replace(tzinfo=None): if log_text != '': log_text += '; ' log_text += 'Change accessDateStart from ', ( user.accessDateStart), ' to ', (form.accessDateStart.data) user.accessDateStart = dateutil.parser.parse( form.accessDateStart.data).replace(tzinfo=None) if form.accessDateEnd.data != None and form.accessDateEnd.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDateEnd != dateutil.parser.parse( form.accessDateEnd.data).replace(tzinfo=None): if log_text != '': log_text += '; ' log_text += 'Change accessDateEnd from ' + str( user.accessDateEnd) + ' to ' + str(form.accessDateEnd.data) user.accessDateEnd = dateutil.parser.parse( form.accessDateEnd.data).replace(tzinfo=None) if form.accessTimeStart.data != None and form.accessTimeStart.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessTimeStart != dateutil.parser.parse( form.accessTimeStart.data).replace(tzinfo=None): if log_text != '': log_text += '; ' log_text += 'Change accessTimeStart from ' + str( user.accessTimeStart) + ' to ' + str( form.accessTimeStart.data) user.accessTimeStart = dateutil.parser.parse( form.accessTimeStart.data).replace(tzinfo=None) if form.accessTimeEnd.data != None and form.accessTimeEnd.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessTimeEnd != dateutil.parser.parse( form.accessTimeEnd.data).replace(tzinfo=None): if log_text != '': log_text += '; ' log_text += 'Change accessTimeEnd from ' + str( user.accessTimeEnd) + ' to ' + str(form.accessTimeEnd.data) user.accessTimeEnd = dateutil.parser.parse( form.accessTimeEnd.data).replace(tzinfo=None) log_text = 'Update of ' + user.firstName + ' ' + user.lastName + ' (' + user.email + ')' + ' with the following changes: ' + log_text logentry = Action(datetime.datetime.utcnow(), config.NODE_NAME, g.user.firstName + ' ' + g.user.lastName, g.user.email, log_text, 'User updated', 'L2', 0, 'Web based') db.session.add(logentry) db.session.commit() return '', 201
def __init__(self, email, password): self.email = email self.password = flask_bcrypt.generate_password_hash(password)
def __init__(self, email, password, firstName, lastName, role=0, phone='0', licenseMask=0, keyMask=0, association=''): self.syncMaster = 0 self.active = 1 self.phone = phone self.cardAuthBlock = 1 self.cardAuthSector = 4 self.cardID = '' self.cardSecret = '' self.cardAuthKeyA = '' self.cardAuthKeyB = '' self.role = role self.email = email self.password = flask_bcrypt.generate_password_hash(password) self.firstName = firstName self.lastName = lastName self.association = association self.phone = phone self.keyMask = keyMask self.licenseMask = licenseMask self.accessDaysMask = 127 self.accessType = 0 self.accessDayCounter = 10 self.accessDayCyclicBudget = 10 self.weeklyAccessAverage = 0 self.weeklyAccessWeekNumber = datetime.datetime.now().isocalendar()[1] self.weeklyAccessCount = 0 self.monthlyAccessAverage = 0 self.monthlyAccessMonthNumber = datetime.datetime.now().month self.monthlyAccessCount = 0 self.lastAccessDaysUpdateDate = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0) self.accessDateStart = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0) self.accessDateEnd = (datetime.datetime.today() + datetime.timedelta(365 * 15)).replace( hour=0, minute=0, second=0, microsecond=0) self.accessTimeStart = datetime.datetime.today().replace(hour=0, minute=1, second=0, microsecond=0) self.accessTimeEnd = datetime.datetime.today().replace(hour=23, minute=59, second=0, microsecond=0) self.lastAccessDateTime = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0) self.lastLoginDateTime = datetime.datetime.today() self.lastSyncDateTime = datetime.datetime.now() self.registerDateTime = datetime.datetime.today() self.budget = 0.00 self.lastBudgetUpdateDate = (datetime.datetime.today()).replace( hour=0, minute=0, second=0, microsecond=0)
def __init__(self, username=None, password=None, email=None): self.username = username self.password = flask_bcrypt.generate_password_hash(password) self.email = email
def post(self, id): if id != g.user.id: if (g.user.role & 1) == 0: return make_response(jsonify({"error": "Not authorized"}), 403) form = UserPatchForm() if not form.validate_on_submit(): print form.errors return form.errors, 422 user = User.query.filter_by(id=id).first() if form.newpassword.data != None and form.newpassword.data != "": print "Change password" + base64.decodestring(form.newpassword.data) oldpwd = base64.decodestring(form.oldpassword.data) if not flask_bcrypt.check_password_hash(user.password, oldpwd): print "incoorect old password" return make_response(jsonify({"error": "Not authorized"}), 403) print "correct old password" user.password = flask_bcrypt.generate_password_hash(base64.decodestring(form.newpassword.data)) db.session.commit() if form.lastName.data != None and form.lastName.data != "": print "Change last name" user.lastName = form.lastName.data if form.firstName.data != None and form.firstName.data != "": print "Change first name" user.firstName = form.firstName.data if form.phone.data != None and form.phone.data != "": print "Change phone number" user.phone = form.phone.data if form.role.data != None and form.role.data != "": print "Change role to " + str(form.role.data) user.role = form.role.data if form.association.data != None and form.association.data != "": print "Change association to " + str(form.association.data) user.association = form.association.data if form.accessDaysMask.data != None and form.accessDaysMask.data != "": print "Change accessDaysMask to " + str(form.accessDaysMask.data) user.accessDaysMask = form.accessDaysMask.data if form.accessDayCounter.data != None and form.accessDayCounter.data != "": print "Change accessDayCounter to " + str(form.accessDayCounter.data) user.accessDayCounter = form.accessDayCounter.data if form.accessType.data != None and form.accessType.data != "": print "Change accessType to " + str(form.accessType.data) user.accessType = form.accessType.data if form.keyMask.data != None and form.keyMask.data != "": print "Change keyMask to " + str(form.keyMask.data) user.keyMask = form.keyMask.data if form.accessDateStart.data != None and form.accessDateStart.data != "": print "Change accessDateStart to " + str(form.accessDateStart.data) user.accessDateStart = datetime.datetime.strptime(form.accessDateStart.data, "%Y-%m-%dT%H:%M:%S.%fZ") if form.accessDateEnd.data != None and form.accessDateEnd.data != "": print "Change accessDateEnd to " + str(form.accessDateEnd.data) user.accessDateEnd = datetime.datetime.strptime(form.accessDateEnd.data, "%Y-%m-%dT%H:%M:%S.%fZ") if form.accessTimeStart.data != None and form.accessTimeStart.data != "": print "Change accessTimeStart to " + str(form.accessTimeStart.data) user.accessTimeStart = datetime.datetime.strptime(form.accessTimeStart.data, "%Y-%m-%dT%H:%M:%S.%fZ") if form.accessTimeEnd.data != None and form.accessTimeEnd.data != "": print "Change accessTimeEnd to " + str(form.accessTimeEnd.data) user.accessTimeEnd = datetime.datetime.strptime(form.accessTimeEnd.data, "%Y-%m-%dT%H:%M:%S.%fZ") db.session.commit() return "", 201
def post(self, id): if id != g.user.id: if g.user.role != 1: return make_response(jsonify({'error': 'Not authorized'}), 403) form = UserPatchForm() if not form.validate_on_submit(): print form.errors return form.errors, 422 user = User.query.filter_by(id=id).first() log_text = '' if form.newpassword.data != None and form.newpassword.data != '': oldpwd = base64.decodestring(form.oldpassword.data) if not flask_bcrypt.check_password_hash(user.password, oldpwd): print 'incoorect old password' return make_response(jsonify({'error': 'Not authorized'}), 403) print 'correct old password' if log_text != '': log_text += '; ' log_text += 'Changed password' user.password = flask_bcrypt.generate_password_hash(base64.decodestring(form.newpassword.data)) db.session.commit() if form.lastName.data != None and form.lastName.data != '': if user.lastName != form.lastName.data: if log_text != '': log_text += '; ' log_text += 'Change last name from ' + user.lastName + ' to ' + form.lastName.data user.lastName = form.lastName.data if form.firstName.data != None and form.firstName.data != '': if user.firstName != form.firstName.data: if log_text != '': log_text += '; ' log_text += 'Change first name from ' + user.firstName + ' to ' + form.firstName.data user.firstName = form.firstName.data if form.phone.data != None and form.phone.data != '': if user.phone != form.phone.data: if log_text != '': log_text += '; ' log_text += 'Change phone number from ' + user.phone + ' to ' + form.phone.data user.phone = form.phone.data if form.association.data != None and form.association.data != '': if user.association != form.association.data: if log_text != '': log_text += '; ' log_text += 'Change association to ' + str(form.association.data) user.association = form.association.data # this properties can only be changed by a admin or a superuser if form.role.data != None and form.role.data != '': if g.user.role != 1: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.role != form.role.data: if log_text != '': log_text += '; ' log_text += 'Change role from ' + str(user.role) + ' to ' + str(form.role.data) user.role = form.role.data if form.accessDaysMask.data != None and form.accessDaysMask.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDaysMask != form.accessDaysMask.data: if log_text != '': log_text += '; ' log_text += 'Change accessDaysMask from ' + str(user.accessDaysMask) + ' to ' + str(form.accessDaysMask.data) user.accessDaysMask = form.accessDaysMask.data if form.accessDayCounter.data != None and form.accessDayCounter.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDayCounter != form.accessDayCounter.data: if log_text != '': log_text += '; ' log_text += 'Change accessDayCounter from ' + str(user.accessDayCounter) + ' to ' + str(form.accessDayCounter.data) user.lastAccessDaysUpdateDate = datetime.datetime.today() user.accessDayCounter = form.accessDayCounter.data if form.accessDayCyclicBudget.data != None and form.accessDayCyclicBudget.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDayCyclicBudget != form.accessDayCyclicBudget.data: if log_text != '': log_text += '; ' log_text += 'Change accessDayCyclicBudget from ' + str(user.accessDayCyclicBudget) + ' to ' + str(form.accessDayCyclicBudget.data) user.lastAccessDaysUpdateDate = datetime.datetime.today() user.accessDayCyclicBudget = form.accessDayCyclicBudget.data if form.accessType.data != None and form.accessType.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessType != form.accessType.data: if log_text != '': log_text += '; ' log_text += 'Change accessType from ' + str(user.accessType) + ' to ' + str(form.accessType.data) user.lastAccessDaysUpdateDate = datetime.datetime.today() user.accessType = form.accessType.data if form.keyMask.data != None and form.keyMask.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.keyMask != form.keyMask.data: if log_text != '': log_text += '; ' log_text += 'Change keyMask from ' + str(user.keyMask) + ' to ' + str(form.keyMask.data) user.keyMask = form.keyMask.data if form.accessDateStart.data != None and form.accessDateStart.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDateStart != datetime.datetime.strptime(form.accessDateStart.data, '%Y-%m-%dT%H:%M:%S.%fZ'): if log_text != '': log_text += '; ' log_text += 'Change accessDateStart from ' + str(user.accessDateStart) + ' to ' + str(form.accessDateStart.data) user.accessDateStart = datetime.datetime.strptime(form.accessDateStart.data, '%Y-%m-%dT%H:%M:%S.%fZ') if form.accessDateEnd.data != None and form.accessDateEnd.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessDateEnd != datetime.datetime.strptime(form.accessDateEnd.data, '%Y-%m-%dT%H:%M:%S.%fZ'): if log_text != '': log_text += '; ' log_text += 'Change accessDateEnd from ' + str(user.accessDateEnd ) + ' to ' + str(form.accessDateEnd.data) user.accessDateEnd = datetime.datetime.strptime(form.accessDateEnd.data, '%Y-%m-%dT%H:%M:%S.%fZ') if form.accessTimeStart.data != None and form.accessTimeStart.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessTimeStart != datetime.datetime.strptime(form.accessTimeStart.data, '%Y-%m-%dT%H:%M:%S.%fZ'): if log_text != '': log_text += '; ' log_text += 'Change accessTimeStart from ' + str(user.accessTimeStart) + ' to ' + str(form.accessTimeStart.data) user.accessTimeStart = datetime.datetime.strptime(form.accessTimeStart.data, '%Y-%m-%dT%H:%M:%S.%fZ') if form.accessTimeEnd.data != None and form.accessTimeEnd.data != '': if g.user.role != 1 and g.user.role != 2: return make_response(jsonify({'error': 'Not authorized'}), 403) if user.accessTimeEnd != datetime.datetime.strptime(form.accessTimeEnd.data, '%Y-%m-%dT%H:%M:%S.%fZ'): if log_text != '': log_text += '; ' log_text += 'Change accessTimeEnd from ' + str(user.accessTimeEnd) + ' to ' + str(form.accessTimeEnd.data) user.accessTimeEnd = datetime.datetime.strptime(form.accessTimeEnd.data, '%Y-%m-%dT%H:%M:%S.%fZ') log_text = 'Update of ' + user.firstName + ' ' + user.lastName + ' (' + user.email + ')' + ' with the following changes: ' + log_text logentry = Action(datetime.datetime.utcnow(), config.NODE_NAME, g.user.firstName + ' ' + g.user.lastName, g.user.email, log_text, 'User updated', 'L2', 0, 'Web based') db.session.add(logentry) db.session.commit() return '', 201
def post(self, id): if id != g.user.id: if (g.user.role & 1) == 0: return make_response(jsonify({'error': 'Not authorized'}), 403) form = UserPatchForm() if not form.validate_on_submit(): print form.errors return form.errors,422 user = User.query.filter_by(id=id).first() if form.newpassword.data != None and form.newpassword.data != '': print 'Change password' + base64.decodestring(form.newpassword.data) oldpwd = base64.decodestring(form.oldpassword.data) if not flask_bcrypt.check_password_hash(user.password, oldpwd): print 'incoorect old password' return make_response(jsonify({'error': 'Not authorized'}), 403) print 'correct old password' user.password = flask_bcrypt.generate_password_hash(base64.decodestring(form.newpassword.data)) db.session.commit() if form.lastName.data != None and form.lastName.data != '': print 'Change last name' user.lastName = form.lastName.data if form.firstName.data != None and form.firstName.data != '': print 'Change first name' user.firstName = form.firstName.data if form.phone.data != None and form.phone.data != '': print 'Change phone number' user.phone = form.phone.data if form.role.data != None and form.role.data != '': print 'Change role to ' + str(form.role.data) user.role = form.role.data if form.association.data != None and form.association.data != '': print 'Change association to ' + str(form.association.data) user.association = form.association.data if form.accessDaysMask.data != None and form.accessDaysMask.data != '': print 'Change accessDaysMask to ' + str(form.accessDaysMask.data) user.accessDaysMask = form.accessDaysMask.data if form.accessDayCounter.data != None and form.accessDayCounter.data != '': print 'Change accessDayCounter to ' + str(form.accessDayCounter.data) user.accessDayCounter = form.accessDayCounter.data if form.accessType.data != None and form.accessType.data != '': print 'Change accessType to ' + str(form.accessType.data) user.accessType = form.accessType.data if form.keyMask.data != None and form.keyMask.data != '': print 'Change keyMask to ' + str(form.keyMask.data) user.keyMask = form.keyMask.data if form.accessDateStart.data != None and form.accessDateStart.data != '': print 'Change accessDateStart to ' + str(form.accessDateStart.data) user.accessDateStart = datetime.datetime.strptime(form.accessDateStart.data, '%Y-%m-%dT%H:%M:%S.%fZ') if form.accessDateEnd.data != None and form.accessDateEnd.data != '': print 'Change accessDateEnd to ' + str(form.accessDateEnd.data) user.accessDateEnd = datetime.datetime.strptime(form.accessDateEnd.data, '%Y-%m-%dT%H:%M:%S.%fZ') if form.accessTimeStart.data != None and form.accessTimeStart.data != '': print 'Change accessTimeStart to ' + str(form.accessTimeStart.data) user.accessTimeStart = datetime.datetime.strptime(form.accessTimeStart.data, '%Y-%m-%dT%H:%M:%S.%fZ') if form.accessTimeEnd.data != None and form.accessTimeEnd.data != '': print 'Change accessTimeEnd to ' + str(form.accessTimeEnd.data) user.accessTimeEnd = datetime.datetime.strptime(form.accessTimeEnd.data, '%Y-%m-%dT%H:%M:%S.%fZ') db.session.commit() return '', 201