Exemplo n.º 1
0
def register():
    body = request.form
    users = app.getDict(database.child('users'))

    if not body["email"] or not body["password"]:
        return jsonify({"message": "Error: One of the credentials is empty"
                        }), status.HTTP_400_BAD_REQUEST
    for user in users.values():
        if user["email"] == body["email"]:
            return jsonify({
                "message":
                "Error: A user with the same email already exist"
            }), status.HTTP_400_BAD_REQUEST

    accessToken = secrets.token_hex(16)
    database.child('users').push({
        "email": body["email"],
        "password": body["password"],
        "accessToken": accessToken,
        "isAdmin": False,
        "services": ""
    })
    return jsonify({
        "message": "User successfully created",
        "data": {
            "accessToken": accessToken
        }
    }), status.HTTP_200_OK
Exemplo n.º 2
0
def Delete(userServices, userId, serviceId, actualUser):
    if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
        return jsonify({
            "message":
            "Error: user '" + actualUser["value"]["email"] +
            "' cannot delete a user's service"
        }), status.HTTP_400_BAD_REQUEST

    if serviceId in userServices:
        userService = userServices[serviceId]
        database.child('users').child(userId).child('services').child(
            serviceId).remove()
        userServices.pop(serviceId)
        if len(userServices) == 0:
            database.child('users').child(userId).update({"services": ""})
        return jsonify({
            "message": "User's service '" + userService["name"] +
            "' successfully disconnected.",
            "data": {
                "services": userServices
            }
        }), status.HTTP_200_OK
    return jsonify({
        "message":
        "Error: User's service '" + serviceId + "' do not exist."
    }), status.HTTP_400_BAD_REQUEST
Exemplo n.º 3
0
def Delete(userWidgets, userId, serviceId, widgetId, actualUser):
    if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
        return jsonify({
            "message":
            "Error: user '" + actualUser["value"]["email"] +
            "' cannot delete a user's widget"
        }), status.HTTP_400_BAD_REQUEST

    if widgetId in userWidgets:
        userWidget = userWidgets[widgetId]
        database.child('users').child(userId).child('services').child(
            serviceId).child('widgets').child(widgetId).remove()
        userWidgets.pop(widgetId)
        if len(userWidgets) == 0:
            database.child('users').child(userId).child('services').child(
                serviceId).update({"widgets": ""})
        return jsonify({
            "message":
            "User's widget '" + userWidget["name"] + "' successfully removed.",
            "data": {
                "widgets": userWidgets
            }
        }), status.HTTP_200_OK
    return jsonify({
        "message":
        "Error: User's widget '" + widgetId + "' do not exist."
    }), status.HTTP_400_BAD_REQUEST
Exemplo n.º 4
0
def Delete(users, userId, actualUser):
    if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
        return jsonify({"message": "Error: user '" + actualUser["value"]["email"] + "' cannot delete an other user"}), status.HTTP_400_BAD_REQUEST

    if userId in users:
        user = users[userId]
        database.child('users').child(userId).remove()
        users.pop(userId)
        if len(users) == 0:
            database.update({"users": ""})
        return jsonify({"message": "user '" + user["emial"] + "' successfully removed.", "data": {"user": users}}), status.HTTP_200_OK
    return jsonify({"message": "Error: user '" + userId + "' do not exist."}), status.HTTP_400_BAD_REQUEST
Exemplo n.º 5
0
def userServices(userId, serviceId):
    form = request.form.to_dict(flat=True)
    users = app.getDict(database.child('users'))
    actualUser = app.getActualUser(request.headers.get("Authorization"), users)

    params = {
        "name": {
            "type": str,
            "mandatory": True,
            "default": None
        },
        "accessToken": {
            "type": str,
            "mandatory": False,
            "default": ""
        }
    }

    if not actualUser:
        return jsonify({"message":
                        "User not authorized"}), status.HTTP_401_UNAUTHORIZED

    if request.method != "GET" and request.method != "DELETE":
        paramTypeError = app.checkParamsType(form, params)
        if paramTypeError != None:
            return paramTypeError
        if request.method == "POST":
            paramMandatoryError = app.checkParamsMandatory(form, params)
            if paramMandatoryError != None:
                return paramMandatoryError

    user = database.child('users').child(userId)
    if user.get().val() == None:
        return jsonify({
            "message": "Error: user '" + userId + "' do not exist."
        }), status.HTTP_400_BAD_REQUEST
    userServices = app.getDict(
        database.child('users').child(userId).child('services'))

    with open('about.json', 'r') as json_file:
        jsonData = json.load(json_file)["server"]["services"]

    if request.method == "GET" and not serviceId:
        return List(userServices, userId, actualUser)
    elif request.method == "GET" and serviceId:
        return Get(userServices, userId, serviceId, actualUser)
    elif request.method == "POST" and not serviceId:
        return Post(userServices, form, params, jsonData, userId, actualUser)
    elif request.method == "PUT" and serviceId:
        return Put(userServices, form, jsonData, userId, serviceId, actualUser)
    elif request.method == "DELETE" and serviceId:
        return Delete(userServices, userId, serviceId, actualUser)
Exemplo n.º 6
0
def Post(users, form, params, actualUser):
    if "isAdmin" in form and form["isAdmin"] == "true" and not actualUser["value"]["isAdmin"]:
        return jsonify({"message": "Error: user '" + actualUser["value"]["email"] + "' cannot create a user with administrator permissions"}), status.HTTP_400_BAD_REQUEST

    for user in users.values():
        if user["email"].lower() == form["email"].lower():
            return jsonify({"message": "Error: user '" + form["email"] + "' already exist"}), status.HTTP_400_BAD_REQUEST

    for paramName, param in params.items():
        if not paramName in form:
            form[paramName] = param["default"]
    form["services"] = ""

    database.child('users').push(form)
    return jsonify({"message": "user '" + form["email"] + "' successfully created", "data": {"user": form}}), status.HTTP_200_OK
Exemplo n.º 7
0
def Put(users, form, userId, actualUser):
    if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
        return jsonify({"message": "Error: user '" + actualUser["value"]["email"] + "' cannot update an other user"}), status.HTTP_400_BAD_REQUEST

    if "email" in form:
        for user in users.values():
            if user["email"].lower() == form["email"].lower():
                return jsonify({"message": "Error: user '" + form["email"] + "' already exist"}), status.HTTP_400_BAD_REQUEST

    if userId in users:
        user = users[userId]
        if "isAdmin" in form and not actualUser["value"]["isAdmin"]:
            return jsonify({"message": "Error: user '" + userId + "' cannot set himself as administrator"}), status.HTTP_400_BAD_REQUEST
        database.child('users').child(userId).update(form)
        return jsonify({"message": "user '" + user["email"] + "' successfully updated.", "data": {"user": form}}), status.HTTP_200_OK
    return jsonify({"message": "Error: user '" + userId + "' do not exist."}), status.HTTP_400_BAD_REQUEST
Exemplo n.º 8
0
def Put(userServices, form, jsonData, userId, serviceId, actualUser):
    if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
        return jsonify({
            "message":
            "Error: user '" + actualUser["value"]["email"] +
            "' cannot update a user's service"
        }), status.HTTP_400_BAD_REQUEST

    if "name" in form:
        serviceExist = False
        for serviceJsonData in jsonData:
            if serviceJsonData["name"].lower() == form["name"].lower():
                serviceExist = True
        if not serviceExist:
            return jsonify({
                "message":
                "Error: Service '" + form["name"].lower() + "' do not exist."
            }), status.HTTP_400_BAD_REQUEST

        for userService in userServices.values():
            if userService["name"].lower() == form["name"].lower():
                return jsonify({
                    "message":
                    "Error: User's service '" + form["name"].lower() +
                    "' already exist"
                }), status.HTTP_400_BAD_REQUEST

    if serviceId in userServices:
        userService = userServices[serviceId]
        database.child('users').child(userId).child('services').child(
            serviceId).update(form)
        return jsonify({
            "message": "User's service '" + userService["name"] +
            "' successfully updated.",
            "data": {
                "services": form
            }
        }), status.HTTP_200_OK
    return jsonify({
        "message":
        "Error: User's service '" + serviceId + "' do not exist."
    }), status.HTTP_400_BAD_REQUEST
Exemplo n.º 9
0
def Put(userWidgets, form, jsonData, userId, serviceId, widgetId, actualUser):
    if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
        return jsonify({
            "message":
            "Error: user '" + actualUser["value"]["email"] +
            "' cannot update a user's widget"
        }), status.HTTP_400_BAD_REQUEST

    if "name" in form:
        widgetExist = False
        for widgetJsonData in jsonData:
            if widgetJsonData["name"].lower() == form["name"].lower():
                widgetExist = True
        if not widgetExist:
            return jsonify({
                "message":
                "Error: Widget '" + form["name"].lower() + "' do not exist."
            }), status.HTTP_400_BAD_REQUEST

        for userWidget in userWidgets.values():
            if userWidget["name"].lower() == form["name"].lower():
                return jsonify({
                    "message":
                    "Error: User's widget '" + form["name"] + "' already exist"
                }), status.HTTP_400_BAD_REQUEST

    if widgetId in userWidgets:
        userWidget = userWidgets[widgetId]
        database.child('users').child(userId).child('services').child(
            serviceId).child('widgets').child(widgetId).update(form)
        return jsonify({
            "message": "User's widget '" + userWidget["name"] +
            "' successfully configured.",
            "data": {
                "widgets": form
            }
        }), status.HTTP_200_OK
    return jsonify({
        "message":
        "Error: User's widget '" + widgetId + "' do not exist."
    }), status.HTTP_400_BAD_REQUEST
Exemplo n.º 10
0
def login():
    body = request.form
    users = app.getDict(database.child('users'))

    if not body["email"] or not body["password"]:
        return jsonify({"message": "Error: One of the credentials is empty"
                        }), status.HTTP_400_BAD_REQUEST
    for userName, user in users.items():
        if user["email"] == body["email"] and user["password"] == body[
                "password"]:
            accessToken = secrets.token_hex(16)
            database.child('users').child(userName).update(
                {"accessToken": accessToken})
            return jsonify({
                "message": "User successfully connected",
                "data": {
                    "accessToken": accessToken
                }
            }), status.HTTP_200_OK
    return jsonify({"message": "One of the credentials is invalid."
                    }), status.HTTP_400_BAD_REQUEST
Exemplo n.º 11
0
def Post(userServices, form, params, jsonData, userId, actualUser):
    if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
        return jsonify({
            "message":
            "Error: user '" + actualUser["value"]["email"] +
            "' cannot create a user's service"
        }), status.HTTP_400_BAD_REQUEST

    serviceExist = False
    for serviceJsonData in jsonData:
        if serviceJsonData["name"].lower() == form["name"].lower():
            serviceExist = True
    if not serviceExist:
        return jsonify({
            "message":
            "Error: Service '" + form["name"].lower() + "' do not exist."
        }), status.HTTP_400_BAD_REQUEST

    for userService in userServices.values():
        if userService["name"].lower() == form["name"].lower():
            return jsonify({
                "message":
                "Error: User's service '" + form["name"] + "' already exist"
            }), status.HTTP_400_BAD_REQUEST

    for paramName, param in params.items():
        if not paramName in form:
            form[paramName] = param["default"]
    form["widgets"] = ""

    database.child('users').child(userId).child('services').push(form)
    return jsonify({
        "message":
        "User's service '" + form["name"] + "' successfully connected.",
        "data": {
            "services": form
        }
    }), status.HTTP_200_OK
Exemplo n.º 12
0
def users(userId):
    form = request.form.to_dict(flat=True)
    users = app.getDict(database.child('users'))
    actualUser = app.getActualUser(request.headers.get("Authorization"), users)

    params = {
        "email": {
            "type": str,
            "mandatory": True,
            "default": None
        },
        "password": {
            "type": str,
            "mandatory": True,
            "default": None
        },
        "isAdmin": {
            "type": bool,
            "mandatory": False,
            "default": False
        },
        "accessToken": {
            "type": str,
            "mandatory": False,
            "default": ""
        },
    }

    if not actualUser:
        return jsonify({"message": "User not authorized"}), status.HTTP_401_UNAUTHORIZED

    if request.method != "GET" and request.method != "DELETE":
        paramTypeError = app.checkParamsType(form, params)
        if paramTypeError != None:
            return paramTypeError
        if request.method == "POST":
            paramMandatoryError = app.checkParamsMandatory(form, params)
            if paramMandatoryError != None:
                return paramMandatoryError

    if request.method == "GET" and not userId:
        return List(users, actualUser)
    elif request.method == "GET" and userId:
        return Get(users, userId, actualUser)
    elif request.method == "POST" and not userId:
        return Post(users, form, params, actualUser)
    elif request.method == "PUT" and userId:
        return Put(users, form, userId, actualUser)
    elif request.method == "DELETE" and userId:
        return Delete(users, userId, actualUser)
Exemplo n.º 13
0
def userWidgets(userId, serviceId, widgetId):
    form = request.form.to_dict(flat=True)
    users = app.getDict(database.child('users'))
    actualUser = app.getActualUser(request.headers.get("Authorization"), users)

    params = {
        "name": {
            "type": str,
            "mandatory": True,
            "default": None
        },
        "params": {
            "type": object,
            "mandatory": True,
            "default": None
        },
        "timer": {
            "type": float,
            "mandatory": True,
            "default": None
        },
        "x": {
            "type": int,
            "mandatory": False,
            "default": 0
        },
        "y": {
            "type": int,
            "mandatory": False,
            "default": 0
        },
        "w": {
            "type": int,
            "mandatory": False,
            "default": 4
        },
        "h": {
            "type": int,
            "mandatory": False,
            "default": 7
        }
    }

    if not actualUser:
        return jsonify({"message":
                        "User not authorized"}), status.HTTP_401_UNAUTHORIZED

    if request.method != "GET" and request.method != "DELETE":
        paramTypeError = app.checkParamsType(form, params)
        if paramTypeError != None:
            return paramTypeError
        if request.method == "POST":
            paramMandatoryError = app.checkParamsMandatory(form, params)
            if paramMandatoryError != None:
                return paramMandatoryError

    user = database.child('users').child(userId)
    if user.get().val() == None:
        return jsonify({
            "message": "Error: user '" + userId + "' do not exist."
        }), status.HTTP_400_BAD_REQUEST

    userService = database.child('users').child(userId).child(
        'services').child(serviceId)
    if userService.get().val() == None:
        return jsonify({
            "message":
            "Error: user's service '" + serviceId + "' do not exist."
        }), status.HTTP_400_BAD_REQUEST
    userWidgets = app.getDict(
        database.child('users').child(userId).child('services').child(
            serviceId).child('widgets'))

    serviceName = app.getDict(
        database.child('users').child(userId).child('services').child(
            serviceId))["name"]
    with open('about.json', 'r') as json_file:
        jsonData = json.load(json_file)["server"]
        for service in jsonData["services"]:
            if service["name"].lower() == serviceName.lower():
                jsonData = service["widgets"]

    if request.method == "GET" and not widgetId:
        return List(userWidgets, userId, actualUser)
    elif request.method == "GET" and widgetId:
        return Get(userWidgets, userId, widgetId, actualUser)
    elif request.method == "POST" and not widgetId:
        return Post(userWidgets, form, params, jsonData, userId, serviceId,
                    actualUser)
    elif request.method == "PUT" and widgetId:
        return Put(userWidgets, form, jsonData, userId, serviceId, widgetId,
                   actualUser)
    elif request.method == "DELETE" and widgetId:
        return Delete(userWidgets, userId, serviceId, widgetId, actualUser)
Exemplo n.º 14
0
def getServiceAccesToken(userId, serviceName):
    services = getDict(database.child('users').child(userId).child("services"))
    for service in services.values():
        if service["name"] == serviceName:
            return service["accessToken"]
Exemplo n.º 15
0
def setServiceAccesToken(userId, serviceName, accessToken):
    services = getDict(database.child('users').child(userId).child("services"))
    for (serviceId, service) in services.items():
        if service["name"] == serviceName:
            database.child('users').child(userId).child("services").child(
                serviceId).update({"accessToken": accessToken})