def agencyAuthController():
errorString = ''
if ('agency' in session):
return redirect(url_for('agency_panel'))
if request.method == 'POST' and ('email'
in request.form) and ('password'
in request.form):
if request.form['email'] and request.form['password']:
hash = hashlib.sha256(
request.form['password'].encode()).hexdigest().upper()
currentUser = Agency.objects(email=request.form['email'],
password=hash).first()
if currentUser:
if currentUser.active == 1:
session['agency'] = currentUser
return redirect(url_for('agency_panel'))
else:
errorString = "Your account is not active"
else:
errorString = "Wrong data, unable to execute login"
else:
errorString = "Please insert username and password"
return render_template('auth/login_agency.html', errorString=errorString)
def agencyReservationController(action=None, resourceId=None, config={}):
#keep non-logged users outside
if ('agency' not in session):
return redirect(url_for('agency_auth'))
#check resourceId validity
reservationData = None
if resourceId:
if ObjectId.is_valid(str(resourceId)):
reservationData = Reservation.objects(
id=ObjectId(str(resourceId)),
agency=ObjectId(str(
session['agency']['_id']['$oid']))).first()
if not reservationData:
return render_template(
'404.html', errorString="This Reservation does not exist")
else:
if str(session['agency']['_id']['$oid']) != str(
reservationData.agency):
return render_template(
'404.html',
errorString="You do not have access to this page")
else:
return render_template('404.html',
errorString="This ParkingID is not valid")
errorString = ''
parkingList = []
validationErrors = []
pageTitle = ""
reservationList = []
agencyList = []
counters = {"reservations": 0, "earned": 0, "agencyProfit": 0}
#switch action cases (add,edit,delete,list)
if action == 'add' or action == 'edit':
pageTitle = "Add Reservation" if action == "add" else "Edit Reservation"
templatePath = 'reservations/add_agency.html'
parkingList = Parking.objects().order_by('name')
if request.method == 'POST' and ('submit' in request.form):
#return render_template("404.html",errorString=datetime.strptime("2019-02-01 15:26", '%Y-%m-%d %H:%M').isoformat())
#validation
#validate name
if 'name' in request.form:
if not request.form['name']:
validationErrors.append("Field name is empty")
else:
validationErrors.append("Missing field name in request")
#validate surname
if 'surname' in request.form:
if not request.form['surname']:
validationErrors.append("Field surname is empty")
else:
validationErrors.append("Missing field surname in request")
#validate email
if 'email' in request.form:
if not request.form['email'] or not request.form['email'].find(
"@"):
validationErrors.append("Field email is empty or invalid")
else:
validationErrors.append("Missing field email in request")
#validate parking
relatedParking = None
if 'parking' in request.form:
#request.form['relatedParking']
if request.form['parking'] and ObjectId.is_valid(
str(request.form['parking'])):
if not Parking.objects(
id=ObjectId(str(request.form['parking']))).first():
validationErrors.append(
"The parking you are referencing is not existing")
else:
relatedParking = ObjectId(str(request.form['parking']))
else:
validationErrors.append(
"The parking you are referencing is not valid")
else:
validationErrors.append("Missing parking reference in request")
#validate agency
relatedAgency = ObjectId(session['agency']['_id']['$oid'])
#validate dates
fromDate = None
toDate = None
if 'fromDate' in request.form:
if not request.form['fromDate']:
validationErrors.append("Field fromDate is empty")
else:
try:
fromDate = datetime.strptime(request.form['fromDate'],
'%Y-%m-%d %H:%M')
except:
validationErrors.append("Field fromDate is empty")
else:
validationErrors.append("Missing field fromDate in request")
if 'toDate' in request.form:
if not request.form['toDate']:
validationErrors.append("Field toDate is empty")
else:
try:
toDate = datetime.strptime(request.form['toDate'],
'%Y-%m-%d %H:%M')
except:
validationErrors.append("Field toDate is empty")
else:
validationErrors.append("Missing field fromDate in request")
#non-mandatory fields
model = ""
plate = ""
type = "car"
paymentType = "online"
amount = 0
agencyProfit = 0
if 'model' in request.form:
model = request.form['model']
if 'plate' in request.form:
plate = request.form['plate']
if 'type' in request.form:
type = ("car"
if str(request.form['type']) == "car" else "moto")
if 'paymentType' in request.form:
paymentType = ("online" if str(request.form['paymentType'])
== "online" else "onsite")
if fromDate and toDate:
#check date difference
dateDiff = toDate - fromDate
reservationHours = dateDiff.total_seconds() / 3600
if reservationHours <= 0:
validationErrors.append(
"Distance between starting and ending date should be 1 hour"
)
if len(validationErrors) == 0:
#proceed calculating amount and (if needed) agencyProfit
selectedParking = Parking.objects(id=relatedParking).first()
amount = decimal.Decimal(
reservationHours) * selectedParking['pricePerHour']
if relatedAgency:
#calc profit
selectedAgency = Agency.objects(id=relatedAgency).first()
agencyProfit = selectedAgency['profitRate'] * amount / 100
if action == 'add':
executionDate = datetime.now()
result = Reservation(
status="CONFIRMED",
user={
'name': request.form['name'],
'surname': request.form['surname'],
'email': request.form['email'],
'model': model,
'plate': plate,
'type': type
},
fromDate=fromDate.isoformat(),
toDate=toDate.isoformat(),
parking=relatedParking,
amount=amount,
paymentType=paymentType,
agencyProfit=agencyProfit,
agency=relatedAgency,
executionDate=executionDate.isoformat()).save()
if result:
try:
server = smtplib.SMTP(
config['SMTP_CONFIG']['HOST'],
config['SMTP_CONFIG']['PORT'])
server.starttls()
server.login(config['SMTP_CONFIG']['LOGIN'],
config['SMTP_CONFIG']['PASSWORD'])
to = str(request.form['email'])
msg = MIMEMultipart()
msg['From'] = config['SMTP_CONFIG']['SEND_FROM']
msg['To'] = to
msg['Subject'] = "Well done! Parking reservation confirm"
body = "<p>Dear " + escape(
request.form['name'] + " " +
request.form['surname']
) + ",<br>this is your booking:<ul>\
<li>Code : " + str(result.id) + "</li>\
<li>Execution : " + executionDate.strftime(
'%d/%m/%Y %H:%M') + "</li>\
<li>From : " + fromDate.strftime(
'%d/%m/%Y %H:%M') + "</li>\
<li>To : " + toDate.strftime(
'%d/%m/%Y %H:%M') + "</li>\
<li>Amount : €" + str(amount) + "</li>\
<li>Parking : " + escape(str(
selectedParking.name)) + "</li>\
<li>Parking Address : " + escape(
str(selectedParking.address) +
"," +
str(selectedParking.city) +
" " + str(selectedParking.
district)) + "</li>\
</ul><br><br>Best regards,<br><b>eparkingsystem</b></p>\
"
msg.attach(MIMEText(body, 'html'))
text = msg.as_string()
server.sendmail(config['SMTP_CONFIG']['SEND_FROM'],
to, text)
server.quit()
except:
pass
return redirect(url_for('agency_reservations'))
else:
validationErrors.append("Unable to write this record")
else:
result = Reservation.objects(
id=ObjectId(str(resourceId))).update(
status="CONFIRMED",
user={
'name': request.form['name'],
'surname': request.form['surname'],
'email': request.form['email'],
'model': model,
'plate': plate,
'type': type
},
fromDate=fromDate.isoformat(),
toDate=toDate.isoformat(),
parking=relatedParking,
amount=amount,
paymentType=paymentType,
agencyProfit=agencyProfit,
agency=relatedAgency,
executionDate=datetime.now().isoformat())
return redirect(
url_for('agency_reservations',
action='edit',
resourceId=resourceId))
else:
errorString = '|'.join(validationErrors)
elif action == 'delete':
Reservation.objects(
id=ObjectId(str(resourceId)),
agency=ObjectId(str(session['agency']['_id']['$oid']))).delete()
return redirect(url_for('agency_reservations'))
else:
pageTitle = "Reservations"
templatePath = 'reservations/list.html'
objectList = Reservation.objects(agency=ObjectId(
str(session['agency']['_id']['$oid']))).order_by("-executionDate")
reservationList = objectList.aggregate(*[{
"$lookup": {
"from": "parkings",
"localField": "parking",
"foreignField": "_id",
"as": "parkingData"
}
}, {
"$lookup": {
"from": "agencies",
"localField": "agency",
"foreignField": "_id",
"as": "agencyData"
}
}, {
"$unwind": "$parkingData"
}, {
"$unwind": "$agencyData"
}, {
"$project": {
"_id": 1,
"status": 1,
"user": 1,
"fromDate": 1,
"toDate": 1,
"parking": 1,
"amount": 1,
"paymentType": 1,
"agencyProfit": 1,
"agency": 1,
"executionDate": 1,
"parkingName": "$parkingData.name",
"agencyCompanyName": "$agencyData.companyName",
}
}])
#get counters value
counters['reservations'] = objectList.count()
counters['agencyProfit'] = 0
counters['earned'] = objectList.sum("agencyProfit")
return render_template(templatePath,
pageTitle=pageTitle,
agency=session['agency'],
userType='agency',
errorString=errorString,
parkingList=parkingList,
agencyList=agencyList,
reservationList=reservationList,
reservationData=reservationData,
action=action,
resourceId=resourceId,
counters=counters)
def employeeAgencyController(action=None, resourceId=None):
#keep non-logged users outside
if ('employee' not in session) or (session['employee']['superAdmin']
is not True):
return redirect(url_for('backoffice_auth'))
#check resourceId validity
agencyData = None
if resourceId is not None:
if ObjectId.is_valid(str(resourceId)):
agencyData = Agency.objects(id=ObjectId(str(resourceId))).first()
if not agencyData:
return render_template(
'404.html', errorString="This Agency does not exist")
else:
return render_template('404.html',
errorString="This AgencyID is not valid")
errorString = ''
agencyList = []
validationErrors = []
pageTitle = ""
#switch action cases (add,edit,delete,list)
if action == 'add' or action == 'edit':
pageTitle = "Add Agency" if action == "add" else "Edit Agency"
templatePath = 'agencies/add.html'
if request.method == 'POST' and ('submit' in request.form):
#validate username
if 'email' in request.form:
if not request.form['email']:
validationErrors.append("Field email is empty")
else:
if not request.form['email'].find("@"):
validationErrors.append(
"Email field should contain at least one @")
if action == 'add':
if len(Agency.objects(
email=request.form['email'])) > 0:
validationErrors.append(
"The email you've choose already exists")
else:
if len(
Agency.objects(
email=request.form['email'],
email__ne=agencyData.email)) > 0:
validationErrors.append(
"The email you've choose already exists")
else:
validationErrors.append("Missing field email in request")
#validate companyName
if 'companyName' in request.form:
if not request.form['companyName']:
validationErrors.append("Field companyName is empty")
else:
validationErrors.append("Missing field companyName in request")
#validate phone
if 'phone' in request.form:
if not request.form['phone']:
validationErrors.append("Field phone is empty")
else:
validationErrors.append("Missing field phone in request")
#validate phone
if 'VAT' in request.form:
if not request.form['VAT']:
validationErrors.append("Field VAT is empty")
else:
validationErrors.append("Missing field VAT in request")
city = ''
district = ''
address = ''
if 'city' in request.form:
city = request.form['city']
if 'district' in request.form:
district = request.form['district']
if 'address' in request.form:
address = request.form['address']
#validate password
if 'password' in request.form:
if not request.form['password']:
if (action == 'edit'):
hash = agencyData.password #keep old password
else:
validationErrors.append("Field password is empty")
else:
if len(request.form['password']) < 8:
validationErrors.append(
"Password field should be min. 8 chars")
else:
hash = hashlib.sha256(request.form['password'].encode(
)).hexdigest().upper() #make new hash
else:
validationErrors.append("Missing field password in request")
#validate active
if len(validationErrors) == 0:
#save
if action == 'add':
result = Agency(
companyName=str(request.form['companyName']),
city=str(city),
district=str(district),
address=str(address),
email=str(request.form['email']),
phone=str(request.form['phone']),
profitRate=float(request.form['profitRate']),
VAT=str(request.form['VAT']),
password=hash,
active=(True if int(request.form['active']) == 1 else
False)).save()
if result:
lastAgency = Agency.objects(
email=request.form['email']).first()
return redirect(
url_for('agencies',
action='edit',
resourceId=lastAgency.id))
else:
validationErrors.append("Unable to write this record")
else:
result = Agency.objects(email=agencyData['email']).update(
companyName=str(request.form['companyName']),
city=str(city),
district=str(district),
address=str(address),
email=str(request.form['email']),
phone=str(request.form['phone']),
profitRate=float(request.form['profitRate']),
VAT=str(request.form['VAT']),
password=hash,
active=(True if int(request.form['active']) == 1 else
False))
return redirect(
url_for('agencies',
action='edit',
resourceId=resourceId))
else:
errorString = '|'.join(validationErrors)
elif action == 'delete':
pageTitle = "Agencies"
templatePath = 'agencies/list.html'
Agency.objects(id=ObjectId(str(resourceId))).delete()
agencyList = Agency.objects().order_by('companyName')
else:
pageTitle = "Agencies"
templatePath = 'agencies/list.html'
agencyList = Agency.objects().order_by('companyName')
return render_template(templatePath,
pageTitle=pageTitle,
employee=session['employee'],
userType='employee',
errorString=errorString,
agencyList=agencyList,
agencyData=agencyData,
action=action,
resourceId=resourceId)
