def change_order_status(current_user, id): if not db.is_admin(current_user.user_id): return response_message('Unauthorized', 'Not enough access privileges', 401) request_data = request.get_json() try: if not isinstance(request_data['status'], str): return response_message('error', 'status should be string value', 400) status = [ 'pickup_started', 'rejected', 'in_transit', 'cancelled', 'delivered' ] if not db.get_parcel_by_value('parcels', 'parcel_id', id): return jsonify({'message': 'order not found'}), 404 if not request_data['status'] in status: return jsonify({ 'message': "invalid status,parcels can be cancelled,delivered,in_transit,rejected,pickup_started" }), 400 db.change_status(request_data['status'], id) our_user = db.get_user_by_value('users', 'user_id', db.get_parce_owner_id(id)) sendemail( our_user[3], 'Order Status Update', 'Hello there ' + our_user[1] + '\nYour parcels status ' + request_data['status']) return jsonify({ 'message': 'order status updated successfully', 'new_status': request_data['status'] }), 200 except KeyError as e: return response_message('error', 'status is missing', 400)
def change_user_type(current_user, user_id): if not db.is_admin(current_user.user_id): return response_message('unauthorised', 'cant access that', 401) if db.get_user_by_value('users', 'user_id', user_id) is None: return response_message('Error', 'User does not exist', 404) db.update_role(user_id) return response_message('success', 'User is now admin', 200)
def login_user(): """ User login if he supplies correct credentials token is generated and given to a user """ try: if request.content_type != 'application/json': return response_message('Bad request', 'Content-type must be in json', 400) request_data = request.get_json() if not request_data: return jsonify({"Failed": "Empty request"}), 400 email = request_data['email'] if not validate_email(email): return response_message('Failed', 'email is invalid', 400) password = request_data['password'] db_user = db.get_user_by_value('users', 'email', email) if not db_user[6]: return response_message( 'Failed', 'email is not verified,please visit your mailbox', 401) new_user = User(db_user[0], db_user[1], db_user[2], db_user[3], db_user[4], db_user[6]) passed = check_password_hash(new_user.password, password) if passed is False: return response_message('Failed', 'email or password is invalid', 400) else: print(222) payload = { 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=0, hours=23), 'user_id': new_user.user_id, 'email': new_user.email, 'is_admin': new_user.is_admin } token = jwt.encode(payload, 'TRULYS_SECRET', algorithm='HS256') if token: return jsonify({ "message": "You have successfully logged in", "auth_token": token.decode('UTF-8'), 'user_id': new_user.user_id, 'is_admin': new_user.is_admin }), 200 except Exception as er: print(er) return response_message('Failed', 'email or password is invalid', 400)
def get_user_parcels(current_user, id): if not db.is_admin(current_user.user_id): if current_user.user_id != id: return response_message( 'unauthorized operation', 'You do not have permissions to access that', 401) if not db.get_user_by_value('users', 'user_id', id) is None: try: parcel_list = [] for parcel in db.get_user_parcels(id): parcel_dict = { "parcel_id": parcel[0], "user_id": parcel[1], "pickup_address": parcel[3], "destination_address": parcel[2], "sender_email": parcel[5], "recipient_email": parcel[10], "recipient_phone_number": parcel[7], "placed": parcel[18], "status": parcel[6] } parcel_list.append(parcel_dict) return jsonify({"parcels": parcel_list}), 200 except IndexError as e: return jsonify({"message": 'User does not exist'}), 404 else: return jsonify({"message": 'User does not exist'}), 404
def get_parcels(current_user): if not db.is_admin(current_user.user_id): return response_message('unauthorized operation', 'Only admin users can view all orders', 401) all = db.get_all_parcels() if all: parcel_list = [] for parcel in all: parcel_dict = { "parcel_id": parcel[0], "user_id": parcel[1], "pickup_address": parcel[3], "destination_address": parcel[2], "sender_email": parcel[5], "recipient_email": parcel[10], "recipient_phone_number_number": parcel[7], "placed": parcel[18], "status": parcel[6] } parcel_list.append(parcel_dict) return jsonify({"parcels": parcel_list}), 200 return jsonify({ 'message': 'No parcel delivery orders posted yet', 'count': len(all) }), 404
def change_destination(current_user, id): rdata = request.get_json() helper = Helper() if not "destination_address" in rdata: return jsonify({'message': 'Please add a new destination address'}), 400 newdest = rdata['destination_address'] if db.get_parcel_by_value('parcels', 'parcel_id', id) is None: return jsonify({"message": "parcel delivery request not found"}), 404 if (helper.get_formatted_address(rdata['destination_address'])) is None: return jsonify({"message": "destination_address not found"}), 400 # CHECK SAME DESTINATION ADDRESSES if str(db.get_destination_address(id)).lower() == str(newdest).lower(): return response_message('Forbidden', 'cannot change to the same destination', 403) if not db.is_order_delivered(id): if db.is_parcel_owner(id, current_user.user_id): our_user = db.get_user_by_value('users', 'user_id', db.get_parce_owner_id(id)) new_lat_lng = helper.get_dest_latlong(newdest) new_distance = helper.get_distance(new_lat_lng, db.get_pick_up_latlng(id)) parcel_weight = db.get_parcel_weight(id) new_price = helper.get_charge(parcel_weight, new_distance, quantity=None) res = db.change_destination(helper.get_formatted_address(newdest), id, new_lat_lng, new_distance, new_price) sendemail( our_user[3], 'Destination Update', 'Hello there \n New Destination Update for ' + current_user.username + '\nNew Destination is ' + res) return jsonify({ 'message': 'destination updated successfully', 'new_destination': res }), 200 else: return response_message('Forbidden', 'Not authorised to perform operation', 403) else: return jsonify({'message': 'order already delivered cant update'}), 403
def change_present_location(current_user, id): heper = Helper() if not db.is_admin(current_user.user_id): return response_message('Unauthorized', 'Not enough access previleges', 401) request_data = request.get_json() try: if not isinstance(request_data['current_location'], str): return response_message('error', 'current location should be string value', 400) if not db.get_parcel_by_value('parcels', 'parcel_id', id): return response_message('error', 'order not found', 404) if is_should_update(request_data): cl = heper.get_formatted_address(request_data['current_location']) if cl is None: return response_message( 'error', 'current location address does not exist', 400) db.change_present_location(cl, id) if heper.get_dest_latlong( heper.get_formatted_address( request_data['current_location']) ) == db.get_destination_latlng(id): db.update_parcel_status('delivered', id) else: db.update_parcel_status('in_transit', id) our_user = db.get_user_by_value('users', 'user_id', db.get_parce_owner_id(id)) sendemail( our_user[3], 'Order Update', 'Hello there ' + our_user[1] + '\nYour parcels location is now ' + db.get_current_location(id)) return jsonify({ 'message': 'current location updated successfully', 'Present Location': db.get_current_location(id) }), 200 else: return jsonify( {'message': 'bad request object, current location missing'}), 400 except KeyError as identifier: return jsonify({'message': str(identifier) + 'is missing'})
def search_app(current_user): data = request.get_json() if not 'query' in data: return response_message("failed", "please search", 400) query = data['query'] results = db.search_app(query) response_data = [] if isinstance(results, str): return response_message("not_found", results, 404) print(results) for result in results: res_obj = { "user_id": result[0], "user_email": result[2], "user_name": result[1], } response_data.append(res_obj) return jsonify({"message": "found", "data": response_data}), 200
def get_users(current_user): if not db.is_admin(current_user.user_id): return response_message('unauthorized operation', 'Only admin users can view all users', 401) users = Database().get_users() user_list = [] for user in users: user_dict = { "user_id": user[0], "fullname": user[1], "username": user[2], "email": user[3], "phone_number": user[5], "is_admin": user[6], "joined": user[7] } user_list.append(user_dict) return jsonify({"users": user_list}), 200
def get_a_parcel(current_user, id): """ return order request details for a specific order :param id: :return: """ if not db.is_admin(current_user.user_id): if current_user.user_id != db.get_parce_owner_id(id): return response_message( 'unauthorized operation', 'You do not have enough permissions to access that', 401) if db.get_parcel_by_value('parcels', 'parcel_id', id) is None: return jsonify({"message": "parcel delivery request order not found"}), 404 results = db.get_parcel_by_value('parcels', 'parcel_id', id) parcel_dict = { "parcel_id": results[0], "user_id": results[1], "pickup_address": results[3], "destination_address": results[2], "sender_email": results[5], "recipient_email": results[11], "recipient_phone_number": results[7], "current_location": results[10], "recipient fullname": results[12], "destination_latlng": results[14], "pickuplat_lng": results[13], "weight": results[9], "distance": results[15], "status": results[6], "price": results[16], "created": results[18], "last_modified": results[17], "parcel_description": results[4], "quantity": results[8] } return jsonify(parcel_dict), 200
def logout(current_user): db.invalidate_a_token(get_token()) return response_message('success', 'you have successfully logged out', 200)
def create_user(): """ User creates an account User sign up details are added to the data base """ if request.content_type != 'application/json': return response_message('Bad request', 'Content-type must be json type', 400) request_data = request.get_json() try: if not request_data: return jsonify({"message": "Empty request"}), 400 username = request_data['username'] str(username).replace(" ", "") email = request_data['email'] fullname = request_data['fullname'] if not fullname: return response_message('Missing', 'FullName is required', 400) phone_number = str(request_data['phone_number']) if len(phone_number) < 10: return response_message( 'Invalid', 'phone number should be atleast 10 characters long', 400) if not re.match("[0-9]", phone_number): return response_message('Invalid', 'phone number should not contain letters', 400) if not isinstance(fullname, str) or not isinstance(username, str): return response_message( 'Invalid', 'fullname and username should be of type string', 400) if len(str(fullname)) < 3 or len(username) < 3: return response_message( 'Invalid', 'FullName and username should be atleast 3 characters long', 400) if not username: return response_message('Missing', 'Username required', 400) if not validate_email(email): return response_message('Error', 'Missing or wrong email format', 400) if not len(request_data['password']) > 5: return response_message('Failed', 'Ensure password is atleast 6 characters', 400) if db.get_user_by_value('users', 'email', email): return response_message( 'Failed', 'User with email ' + email + ' already exists', 409) if db.get_user_by_value('users', 'username', username): return response_message('Failed', username + ' is taken', 409) password = generate_password_hash(request_data['password']) db.insert_into_user(fullname, username, email, phone_number, password) url = f"{request.url_root}api/v2/auth/email_verify?token={jwt.encode({'email':email},'TRULYS_SECRET').decode('utf-8')}" sendemail( email, 'Welcome to SendIT', 'Hello there ' + fullname + 'Click this link to verify your email\n' + '\n ' + url) return response_message( 'Success', 'Please visit your email to verify your account', 201) except KeyError as e: return jsonify({'Error': str(e) + ' is missing'}), 400
def create_user(): """ User creates an account User sign up details are added to the data base """ if request.content_type != 'application/json': return response_message('Bad request', 'Content-type must be json type', 400) request_data = request.get_json() try: if not request_data: return jsonify({"message": "Empty request"}), 400 username = request_data['username'] str(username).replace(" ", "") email = request_data['email'] fullname = request_data['fullname'] if not fullname: return response_message('Missing', 'FullName is required', 400) phone_number = str(request_data['phone_number']) if len(phone_number) < 10: return response_message( 'Invalid', 'phone number should be atleast 10 characters long', 400) if not re.match("[0-9]", phone_number): return response_message('Invalid', 'phone number should not contain letters', 400) if not isinstance(fullname, str) or not isinstance(username, str): return response_message( 'Invalid', 'fullname and username should be of type string', 400) if len(str(fullname)) < 3 or len(username) < 3: return response_message( 'Invalid', 'FullName and username should be atleast 3 characters long', 400) if not username: return response_message('Missing', 'Username required', 400) if not validate_email(email): return response_message('Error', 'Missing or wrong email format', 400) if not len(request_data['password']) > 5: return response_message('Failed', 'Ensure password is atleast 6 characters', 400) if db.get_user_by_value('users', 'email', email): return response_message( 'Failed', 'User with email ' + email + ' already exists', 409) if db.get_user_by_value('users', 'username', username): return response_message('Failed', username + ' is taken', 409) password = generate_password_hash(request_data['password']) db.insert_into_user(fullname, username, email, phone_number, password) sendemail( email, 'Welcome to SendIT', 'Hello there ' + fullname + ',\n We want to thank you for joining our platform and we love you\n' 'For any inquiries,you can dm us on twitter or reply to this email\n Have fun \nThe SendIT Team' ) return response_message('Success', 'User account successfully created, log in', 201) except KeyError as e: return jsonify({'Error': str(e) + ' is missing'}), 400
def welcome(current_user): return response_message("ok", "Welcome to the sendit api v2", 200)
def add_parcel(current_user): if not request.content_type == 'application/json': return jsonify({"failed": 'Content-type must be application/json'}), 415 request_data = request.get_json() helper = Helper() try: if not validate_email(request_data['recipient_email']): return jsonify({"message": "Recipient email is invalid"}), 400 if len(str(request_data['recipient_phone_number'])) < 10: return jsonify({ "message": "Recipient Phone number should be atleast 10 characters" }), 400 if len(str(request_data['parcel_description'])) < 5: return jsonify({ "message": "Your Parcel description should be atleast 5 characters" }), 400 if not isinstance(request_data['parcel_description'], str): return jsonify({"message": "Description should be string values"}), 400 if not isinstance(request_data['pickup_address'], str): return jsonify( {"message": "pickup_address should be string values"}), 400 if (helper.get_formatted_address( request_data['pickup_address'])) is None: return jsonify({"message": "pickup_address not found"}), 400 if not isinstance(request_data['destination_address'], str): return jsonify( {"message": "destination_address should be string values"}), 400 if (helper.get_formatted_address( request_data['destination_address'])) is None: return jsonify({"message": "destination_address not found"}), 400 if not isinstance(request_data['quantity'], int): return jsonify({"message": "quantity should be integer values"}), 400 if not isinstance(request_data['weight'], int): return jsonify({"message": "weight should be integer values"}), 400 if not isinstance(request_data['recipient_name'], str): return jsonify( {"message": "recipient_name should be string values"}), 400 except KeyError as keyerr: return response_message('Failed', f"{keyerr}" + 'is missing', 400) dest_lat_lng = helper.get_dest_latlong(request_data['destination_address']) pickup_latlng = helper.get_pickup_latlong(request_data['pickup_address']) distance = helper.get_distance(pickup_latlng, dest_lat_lng) price = helper.get_charge(request_data['weight'], distance, request_data['quantity']) try: db.insert_into_parcels( helper.get_formatted_address(request_data['destination_address']), helper.get_formatted_address(request_data['pickup_address']), request_data['parcel_description'], current_user.user_id, db.get_user_email(current_user.user_id), request_data['recipient_name'], request_data['recipient_email'], request_data['recipient_phone_number'], request_data['weight'], request_data['quantity'], pickup_latlng, dest_lat_lng, distance, price) except psycopg2.IntegrityError: return response_message('message', 'something went wrong', 403) return jsonify({ "status": "success", "message": "Parcel request has been created successfully", "parcel": db.get_last_insert_id() }), 201