Exemplo n.º 1
0
def handleFacebookUser():
    fb_response = request.json.get(Labels.FbResponse)
    guest_jwt = request.json.get(Labels.Jwt)
    guest_user = JwtUtil.getUserInfoFromJwt(guest_jwt)
    fb_id = fb_response.get(Labels.Id)
    if fb_id == None:
        return JsonUtil.failure()

    fb_user = User.query.filter_by(fb_id=fb_response.get(Labels.Id)).first()

    # if the fb_user already has an account
    if fb_user:
        fb_user.transferGuestCart(guest_user)
        user_jwt = JwtUtil.create_jwt(fb_user.toJwtDict())
        user_info = fb_user.toPublicDictFast()
        output = {Labels.User: user_info, Labels.Jwt: user_jwt}
        return JsonUtil.successWithOutput(output)

    register_user_response = User.registerFacebookUser(fb_response, guest_user)
    if register_user_response.get(Labels.Success):
        register_user_response[Labels.Jwt] = JwtUtil.create_jwt(
            register_user_response[Labels.Jwt])
        return JsonUtil.successWithOutput(register_user_response)
    else:
        return JsonUtil.failureWithOutput(register_user_response)
    return JsonUtil.failure()
Exemplo n.º 2
0
def updateProductInfo(admin_user):

    product_id = request.json.get(Labels.ProductId)
    product = request.json.get(Labels.Product)
    sale_end_date = product.get('sale_end_date')
    print(sale_end_date)

    name = request.json.get(Labels.Name)
    tags = request.json.get(Labels.Tags)

    this_product = MarketProduct.query.filter_by(product_id=product_id).first()
    if product == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("There was no input")
    if this_product == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Error retrieving product information")

    for key in product.keys():
        try:
            if key in MarketProduct.INTEGER_INPUTS:
                if product.get(key):
                    value = int(product.get(key))
                else:
                    value = None
            else:
                value = product.get(key)

            if key == Labels.ProductListingTags:
                tag_list = value.split(',')
                print(tag_list)
                this_product.updateProductListingTags(tag_list)
            if key == Labels.ProductSearchTags:
                tag_list = value.split(',')
                this_product.updateProductSearchTags(tag_list)
            if key == Labels.RelatedProductTags:
                tag_list = value.split(',')
                this_product.updateRelatedProductTags(tag_list)

            elif value != None:
                setattr(this_product, key, value)
        except:
            AdminAction.addAdminAction(admin_user,
                                       request.path,
                                       request.remote_addr,
                                       success=False)
            return JsonUtil.failure(key + " input is invalid")

    db.session.commit()
    AdminAction.addAdminAction(admin_user,
                               request.path,
                               request.remote_addr,
                               success=True)
    return JsonUtil.success(Labels.Product, this_product.toPublicDict())
Exemplo n.º 3
0
def setMainProductPhoto(admin_user):
    product_id = request.json.get(Labels.ProductId)
    image_id = request.json.get(Labels.ImageId)
    this_product = MarketProduct.query.filter_by(product_id=product_id).first()
    if this_product == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Error retrieving product information")

    this_image = ProductImage.query.filter_by(image_id=image_id).first()
    if this_image == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Error retrieving image")

    this_product.main_image = image_id
    db.session.commit()
    AdminAction.addAdminAction(admin_user,
                               request.path,
                               request.remote_addr,
                               success=True)
    return JsonUtil.success(Labels.Product, this_product.toPublicDict())
Exemplo n.º 4
0
def checkAdminLogin():
    ip = request.remote_addr
    username = request.json.get(Labels.Username)
    password = request.json.get(Labels.Password)
    if LoginAttempt.blockIpAddress(ip):
        LoginAttempt.addLoginAttempt(username,
                                     ip,
                                     success=False,
                                     is_admin=True)
        return JsonUtil.failure(ErrorMessages.IpBlocked)

    if AdminUser.checkLogin(username, password):
        admin_user = AdminUser.query.filter_by(username=username).first()
        admin_jwt = JwtUtil.create_jwt(admin_user.toPublicDict())
        LoginAttempt.addLoginAttempt(username, ip, success=True, is_admin=True)
        return JsonUtil.successWithOutput({
            Labels.User:
            admin_user.toPublicDict(),
            "jwt":
            admin_jwt
        })
    else:
        LoginAttempt.addLoginAttempt(username,
                                     ip,
                                     success=False,
                                     is_admin=True)
        return JsonUtil.failure(ErrorMessages.InvalidCredentials)
Exemplo n.º 5
0
def updateVariant(admin_user):
    product_id = request.json.get(Labels.ProductId)
    this_product = MarketProduct.query.filter_by(product_id=product_id).first()
    if this_product == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Invalid submission")

    variant = request.json.get(Labels.Variant)
    if not variant:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Invalid variant")

    this_variant = ProductVariant.query.filter_by(
        variant_id=variant[Labels.VariantId]).first()
    if not this_variant:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Invalid variant")

    this_variant.updateVariant(variant)
    AdminAction.addAdminAction(admin_user,
                               request.path,
                               request.remote_addr,
                               success=True)
    return JsonUtil.success()
Exemplo n.º 6
0
def updateHomeImage(admin_user):
    image_id = request.json.get(Labels.ImageId)
    live = request.json.get(Labels.Live)
    image_text = request.json.get(Labels.ImageText)
    if not image_id:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Bad home image input")

    home_image = HomeImage.query.filter_by(image_id=image_id).first()
    if not home_image:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Bad home image input")

    home_image.updateHomeImage(live, image_text)
    AdminAction.addAdminAction(admin_user,
                               request.path,
                               request.remote_addr,
                               success=True)
    return JsonUtil.success()
Exemplo n.º 7
0
def checkRecoveryInformation():
    recovery_pin = request.json.get(Labels.RecoveryPin)
    user = User.query.filter_by(recovery_pin=recovery_pin).first()
    if user:
        if datetime.datetime.now() > user.recovery_pin_expiration:
            return JsonUtil.failure(ErrorMessages.ExpiredLink)
        else:
            return JsonUtil.success()
    else:
        return JsonUtil.failure(ErrorMessages.ExpiredLink)
Exemplo n.º 8
0
def setRecoveryPin():
    email = request.json.get(Labels.Email)
    if email == None or email == "":
        return JsonUtil.failure(ErrorMessages.BlankEmail)
    user = User.query.filter_by(email=email).first()
    if user:
        user.setRecoveryPin()
        EmailLib.sendRecoveryEmail(user)
        return JsonUtil.success()
    else:
        return JsonUtil.failure()
Exemplo n.º 9
0
def getMarketProductInfo():
	product_id = request.json.get(Labels.ProductId)
	if not product_id:
		return JsonUtil.failure("Bad Product Id")
	if not product_id.isdigit():
		return JsonUtil.failure("Bad Product Id")
	market_product = MarketProduct.query.filter_by(product_id = product_id).first()
	if market_product == None:
		return JsonUtil.failure("Error retrieving product information")
	else:
		return JsonUtil.success(Labels.Product, market_product.toPublicDict())
Exemplo n.º 10
0
def confirmProductRequest():
	confirmation_id = request.json.get(Labels.ConfirmationId)
	if confirmation_id == None:
		return JsonUtil.failure("No confirmation id sent or bad input")
	this_request = Request.query.filter_by(confirmation_id = confirmation_id).first()
	if this_request == None:
		return JsonUtil.failure("Bad confirmation id")

	this_request.confirmed = True
	db.session.commit()
	return JsonUtil.success()
Exemplo n.º 11
0
def softDeleteAccount(this_user):
    if this_user.fb_id:
        this_user.softDeleteAccount()
    else:

        password = request.json.get(Labels.Password)
        password_confirm = request.json.get(Labels.PasswordConfirm)
        if password != password_confirm:
            return JsonUtil.failure(ErrorMessages.InvalidCredentials)
        if not this_user.checkLogin(password):
            return JsonUtil.failure(ErrorMessages.InvalidCredentials)
        this_user.softDeleteAccount()
    return JsonUtil.success()
Exemplo n.º 12
0
def signUpForLandingList():
    email = request.json.get(Labels.Email)
    email_matches = LaunchListEmail.query.filter_by(email=email).first()
    if email_matches:
        return JsonUtil.failure("You've already subscribed")

    if not validate_email(email):
        return JsonUtil.failure("Invalid email, please try again")

    try:
        EmailLib.sendLaunchListEmail(email)
    except Exception as e:
        return JsonUtil.failure("Error sending email, please try again")

    return JsonUtil.success()
Exemplo n.º 13
0
def subscribeUserToEmailList():
	email_list_id = request.json.get(Labels.EmailListId)
	email = request.json.get(Labels.Email)
	new_sub = EmailSubscription.addEmailSubscription(email, email_list_id)
	if not new_sub:
		return JsonUtil.failure()
	return JsonUtil.success()
Exemplo n.º 14
0
def changePassword(this_user):
    old_password = request.json.get(Labels.OldPassword)
    new_password = request.json.get(Labels.Password)
    new_password_confirm = request.json.get(Labels.PasswordConfirm)
    if new_password == new_password_confirm:
        valid_password = this_user.changePassword(old_password, new_password)
        if valid_password:
            output = {
                Labels.User: this_user.toPublicDict(),
                Labels.Jwt: JwtUtil.create_jwt(this_user.toJwtDict())
            }
            return JsonUtil.successWithOutput(output)
        else:
            return JsonUtil.failure(ErrorMessages.InvalidCredentials)
    else:
        return JsonUtil.failure(ErrorMessages.InvalidCredentials)
Exemplo n.º 15
0
def deleteUserCreditCard(this_user):
    card_id = request.json.get(Labels.StripeCardId)
    try:
        this_user.deleteCreditCard(card_id)
        return JsonUtil.success()
    except:
        return JsonUtil.failure(ErrorMessages.CardDeleteError)
Exemplo n.º 16
0
def deleteUserAddress(this_user):
    address_id = request.json.get(Labels.AddressId)
    try:
        this_user.deleteAddress(address_id)
        return JsonUtil.success()
    except:
        return JsonUtil.failure(ErrorMessages.AddressDeleteError)
Exemplo n.º 17
0
def getEmailListInfo(admin_user):
	email_list_id = request.json.get(Labels.EmailListId)
	email_list_info = EmailList.getEmailListInfo(email_list_id)
	if not email_list_info:
		AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = False)
		return JsonUtil.failure()
	AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = True)
	return JsonUtil.successWithOutput({Labels.EmailList : email_list_info.toPublicDict()})
Exemplo n.º 18
0
def unsubscribeUserFromEmailList():
	unsubscribe_id = request.json.get(Labels.UnsubscribeId)
	email_subscriber = EmailSubscription.query.filter_by(unsubscribe_id = unsubscribe_id).first()
	if not email_subscriber:
		return JsonUtil.failure()
	db.session.delete(email_subscriber)
	db.session.commit()
	return JsonUtil.successWithOutput({Labels.EmailList : email_list_info.toPublicDict()})
Exemplo n.º 19
0
def updateSettings(this_user):
    new_settings = request.json.get(Labels.NewSettings)
    if not User.isValidEmail(new_settings[Labels.Email]):
        return JsonUtil.failure(
            ErrorMessages.invalidEmail(new_settings[Labels.Email]))

    if new_settings.get(Labels.Name) == "":
        return JsonUtil.failure(ErrorMessages.BlankName)
    if not isinstance(new_settings.get(Labels.Name), str):
        return JsonUtil.failure(ErrorMessages.InvalidName)
    if len(new_settings.get(Labels.Name)) > User.NAME_MAX_LENGTH:
        return JsonUtil.failure(ErrorMessages.LongName)
    if not validate_email(new_settings.get(Labels.Email)):
        return JsonUtil.failure(ErrorMessages.InvalidEmail)

    email_match = User.query.filter_by(
        email=new_settings[Labels.Email].lower()).first()
    if email_match:
        if email_match.account_id != this_user.account_id:
            return JsonUtil.failure(
                ErrorMessages.inUseEmail(new_settings[Labels.Email]))
    if new_settings[Labels.Name] == "":
        return JsonUtil.failure(ErrorMessages.BlankName)
    # if not all(x.isalpha() or x.isspace() for x in new_settings[Labels.Name]):
    # 	return JsonUtil.failure(ErrorMessages.InvalidName)
    response = this_user.updateSettings(new_settings)
    return JsonUtil.successWithOutput(response)
Exemplo n.º 20
0
def addFeedback():
    email = request.json.get(Labels.Email)
    name = request.json.get(Labels.Name)
    feedback_content = request.json.get(Labels.FeedbackContent)
    category = request.json.get(Labels.Category)
    order_id = request.json.get(Labels.OrderId)

    if category == "":
        return JsonUtil.failure(ErrorMessages.BlankCategory)
    if feedback_content == "":
        return JsonUtil.failure(ErrorMessages.BlankMessage)

    this_feedback = Feedback(email, name, feedback_content, category, order_id)
    db.session.add(this_feedback)
    db.session.commit()

    # then email us about the feedback
    EmailLib.sendFeedbackEmailNotification(this_feedback)
    return JsonUtil.success()
Exemplo n.º 21
0
 def wrapper():
     jwt = request.json.get(Labels.Jwt)
     admin_user = JwtUtil.decodeAdminJwt(jwt)
     if not admin_user:
         AdminAction.addAdminAction(admin_user,
                                    request.path,
                                    request.remote_addr,
                                    success=False)
         return JsonUtil.failure(ErrorMessages.InvalidCredentials)
     return func(admin_user)
Exemplo n.º 22
0
def softDeleteProductRequestByRequestId():
	jwt = request.json.get(Labels.Jwt)
	decoded_jwt = JwtUtil.decodeAdminJwt(jwt)
	if not decoded_jwt:
		AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = False)
		return JsonUtil.jwt_failure()

	request_id = request.json.get(Labels.RequestId)
	if request_id == None:
		AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = False)
		return JsonUtil.failure("Bad input")
	this_request = Request.query.filter_by(request_id = request_id).first()
	if this_request == None:
		AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = False)
		return JsonUtil.failure("This request id doesn't exist")
	this_request.soft_deleted = True
	db.session.commit()
	AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = True)
	return JsonUtil.success()
Exemplo n.º 23
0
def addNewEmailList(admin_user):
	new_email_list_name = request.json.get(Labels.NewEmailListName)

	matching_list = EmailList.query.filter_by(email_list_name = new_email_list_name).first()
	if matching_list:
		AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = False)
		return JsonUtil.failure(ErrorMessages.EmailListNameTaken)
	EmailList.addNewEmailList(new_email_list_name)
	AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = True)
	return JsonUtil.successWithOutput()
Exemplo n.º 24
0
def checkPassword(this_user):
    input_password = request.json.get(Labels.Password)
    if this_user.checkLogin(input_password):
        output = {
            Labels.User: this_user.toPublicDict(),
            Labels.Jwt: JwtUtil.create_jwt(this_user.toJwtDict())
        }
        return JsonUtil.successWithOutput(output)
    else:
        return JsonUtil.failure(ErrorMessages.InvalidCredentials)
Exemplo n.º 25
0
def getRelatedProductsByTag():
	product_id = request.json.get(Labels.ProductId)
	this_product = MarketProduct.query.filter_by(product_id = product_id).first()
	if not this_product:
		return JsonUtil.failure()

	matching_products = this_product.getRelatedProductsByTag()

	return JsonUtil.successWithOutput({
			Labels.Products :  [product.toPublicDict() for product in matching_products]
		})
Exemplo n.º 26
0
def recoverySetPassword():
    password = request.json.get(Labels.Password)
    password_confirm = request.json.get(Labels.PasswordConfirm)
    recovery_pin = request.json.get(Labels.RecoveryPin)
    user = User.query.filter_by(recovery_pin=recovery_pin).first()
    if not password or password == "" or not password_confirm or password_confirm == "":
        return JsonUtil.failure(ErrorMessages.BlankPassword)

    if password != password_confirm:
        return JsonUtil.failure(ErrorMessages.PasswordConfirmMismatch)

    if user:
        if user.recovery_pin_expiration:
            if datetime.datetime.now() > user.recovery_pin_expiration:
                return JsonUtil.failure(ErrorMessages.ExpiredLink)
            else:
                is_valid_password = User.validatePasswordSubimssion(password)
                if is_valid_password[Labels.Success]:
                    user.setPasswordWithRecovery(password)
                    return JsonUtil.success()
                else:
                    return JsonUtil.failure(is_valid_password[Labels.Error])
        else:
            return JsonUtil.failure(ErrorMessages.ExpiredLink)
    else:
        return JsonUtil.failure(ErrorMessages.ExpiredLink)
Exemplo n.º 27
0
def confirmEmail():
    email_confirmation_id = request.json.get(Labels.EmailConfirmationId)
    this_user = User.query.filter_by(
        email_confirmation_id=email_confirmation_id).first()
    if this_user == None:
        return JsonUtil.failure()
    else:
        this_user.confirmEmail()
        return JsonUtil.successWithOutput({
            Labels.User:
            this_user.toPublicDict(),
            Labels.Jwt:
            JwtUtil.create_jwt(this_user.toJwtDict())
        })
Exemplo n.º 28
0
def uploadManufacturerLogo(admin_user):
    product_id = request.json.get(Labels.ProductId)
    image_data = request.json.get(Labels.ImageData)
    if image_data == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("No image has been uploaded!")
    image_bytes = image_data.encode('utf-8')
    image_decoded = base64.decodestring(image_bytes)
    this_product = MarketProduct.query.filter_by(product_id=product_id).first()
    if this_product == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Product doesn't exist")
    this_product.addManufacturerLogo(image_decoded)
    AdminAction.addAdminAction(admin_user,
                               request.path,
                               request.remote_addr,
                               success=True)
    return JsonUtil.success()
Exemplo n.º 29
0
def getAdminMarketProductInfo(admin_user):
    product_id = request.json.get(Labels.ProductId)
    market_product = MarketProduct.query.filter_by(
        product_id=product_id).first()
    if market_product == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("Error retrieving product information")
    else:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=True)
        return JsonUtil.success(Labels.Product, market_product.toPublicDict())
Exemplo n.º 30
0
def uploadHomeImage(admin_user):
    image_data = request.json.get(Labels.ImageData)
    if image_data == None:
        AdminAction.addAdminAction(admin_user,
                                   request.path,
                                   request.remote_addr,
                                   success=False)
        return JsonUtil.failure("No image has been uploaded!")
    image_bytes = image_data.encode('utf-8')
    image_decoded = base64.decodestring(image_bytes)
    HomeImage.addHomeImage(image_decoded)
    AdminAction.addAdminAction(admin_user,
                               request.path,
                               request.remote_addr,
                               success=True)
    return JsonUtil.success()