def get_users():
query_params = request.args
if not query_params.get(gc.CNIC) and not query_params.get(gc.CONTACT):
response = make_general_response(INVALID_QUERY_PARAM,
"Invalid query params")
return response, BAD_REQUEST
cnic = query_params.get(gc.CNIC)
contact = query_params.get(gc.CONTACT)
if cnic and not validate_cnic(cnic):
response = make_general_response(INVALID_PARAMETER, "Invalid CNIC")
return response, BAD_REQUEST
if contact and not validate_contact(contact):
response = make_general_response(INVALID_PARAMETER, "Invalid contact")
return response, BAD_REQUEST
users = find_user_by_cnic_or_contact(cnic, contact)
if users:
response = make_general_response(SUCCESS, "Success")
response[gc.DATA] = users
return response, OK
else:
response = make_general_response(USER_NOT_FOUND, "User Not found")
return response, BAD_REQUEST
def login():
auth_body = request.authorization
if not auth_body or not auth_body.get(gc.USERNAME) or not auth_body.get(gc.PASSWORD):
response = make_general_response(FAIL, "Authorization Missing")
return response, UNAUTHORIZED
query = f"Select * from {ADMIN} where {USERNAME} = '{auth_body.get(gc.USERNAME)}' and" \
f" {PASSWORD} = '{auth_body.get(gc.PASSWORD)}' "
r = database.select_query(query)
result = r.fetchall()
if len(result) != 0:
if result[0][USERNAME] == auth_body.get(USERNAME) and result[0][PASSWORD] == auth_body.get(PASSWORD):
response = make_general_response(SUCCESS, "SUCCESS")
token = encode(
{
USERNAME: auth_body.get(gc.USERNAME),
PASSWORD: sha256(auth_body.get(gc.PASSWORD).encode(gc.ASCII)).hexdigest()
}, current_app.config[SECRET_KEY])
response[gc.TOKEN] = token
return response, OK
else:
response = make_general_response(ADMIN_NOT_FOUND, "Could not verify")
return response, UNAUTHORIZED
else:
response = make_general_response(ADMIN_NOT_FOUND, "Could not verify")
return response, UNAUTHORIZED
def get_roles():
roles = get_all_roles()
if roles:
response = make_general_response(SUCCESS, "Success")
response[gc.DATA] = roles
return response, OK
else:
response = make_general_response(FAIL, "FAIL")
return response, BAD_REQUEST
def get_shifts():
shifts = get_all_shifts()
if shifts:
response = make_general_response(SUCCESS, "Success")
response[gc.DATA] = shifts
return response, OK
else:
response = make_general_response(FAIL, "FAIL")
return response, BAD_REQUEST
def get_genders():
gender = get_all_genders()
if gender:
response = make_general_response(SUCCESS, "Success")
response[gc.DATA] = gender
return response, OK
else:
response = make_general_response(FAIL, "FAIL")
return response, BAD_REQUEST
def get_madrassas():
madrassas = get_all_madrassas()
if madrassas:
response = make_general_response(SUCCESS, "Success")
response[gc.DATA] = madrassas
return response, OK
else:
response = make_general_response(FAIL, "FAIL")
return response, BAD_REQUEST
def admin_dashboard():
def first_row_first_col(query):
res = database.select_query(query)
res = res.fetchall()
count = res[0][ID]
return count
query_params = request.args
length_query_param = len(query_params)
if length_query_param == 0:
response = make_general_response(MISSING_QUERY_PARAM, "Query params are missing")
return response, BAD_REQUEST
elif len(query_params) > 1:
response = make_general_response(ADDITIONAL_QUERY_PARAM, "Additional Query params")
return response, BAD_REQUEST
elif not query_params.get(gc.ADMIN):
response = make_general_response(INVALID_QUERY_PARAM, "Invalid query params")
return response, BAD_REQUEST
username = query_params.get(gc.ADMIN)
query = f"Select {USERNAME} from {ADMIN} where {USERNAME} = '{username}' "
r = database.select_query(query)
result = r.fetchall()
if len(result) == 0:
response = make_general_response(ADMIN_NOT_FOUND, "Admin not found")
return response, OK
query = f"select count({ID}) as {ID} from {MADRASSA}"
madrassa_count = first_row_first_col(query)
query = f"select count({ID}) as {ID} from {COURSE}"
course_count = first_row_first_col(query)
query = f"select count({ID}) as {ID} from {SHIFT}"
shift_count = first_row_first_col(query)
query = f"select count({ID}) as {ID} from {ENROLLMENT} where {ROLE_ID} = 0"
teacher_count = first_row_first_col(query)
query = f"select count({ID}) as {ID} from {ENROLLMENT} where {ROLE_ID} = 1"
student_count = first_row_first_col(query)
response = make_general_response(SUCCESS, "Success")
response[gc.DATA] = {
'totalStudents': student_count,
'totalTeachers': teacher_count,
'totalShifts': shift_count,
'totalCourses': course_count,
'totalMadrassas': madrassa_count
}
return response, OK
def delete_shifts():
query_params = request.args
deleted, code, detail = delete_shift(query_params[gc.ID])
response = make_general_response(code, detail)
response[gc.DELETED] = deleted
if deleted:
return response, OK
return response, BAD_REQUEST
def add_roles():
request_body = request.get_json()
data, response_code, detail = add_new_role(request_body[gc.NAME])
response = make_general_response(response_code, detail)
if data:
response[gc.DATA] = data
return response, CREATED
return response, BAD_REQUEST
def update_roles():
request_body = request.get_json()
data, response_code, detail = update_role(request_body[gc.ID],
request_body[gc.NAME])
response = make_general_response(response_code, detail)
if data:
response[gc.DATA] = data
return response, OK
return response, BAD_REQUEST
def add_user():
request_body = request.get_json()
if not validate_cnic(request_body.get(gc.CNIC)):
response = make_general_response(INVALID_PARAMETER, "Invalid CNIC")
return response, BAD_REQUEST
if not validate_email(request_body.get(gc.EMAIL)):
response = make_general_response(INVALID_PARAMETER, "Invalid Email ID")
return response, BAD_REQUEST
if not validate_contact(request_body.get(gc.CONTACT)):
response = make_general_response(INVALID_PARAMETER, "Invalid Contact")
return response, BAD_REQUEST
if not validate_contact(request_body.get(gc.GUARDIAN_CONTACT)):
response = make_general_response(INVALID_PARAMETER,
"Invalid Guardian Contact")
return response, BAD_REQUEST
if not validate_date(request_body.get(gc.DATE_OF_BIRTH)):
response = make_general_response(
INVALID_PARAMETER, "Invalid DOB. Allowed Date format is YYYYMMDD")
return response, BAD_REQUEST
user_param = request_body
data, response_code, detail = add_new_user(user_param)
response = make_general_response(response_code, detail)
if data:
response[gc.DATA] = data
return response, CREATED
return response, BAD_REQUEST
def add_shifts():
request_body = request.get_json()
flag, start_time = validate_time(request_body[gc.START_TIME])
if not flag:
response = make_general_response(
INVALID_PARAMETER, "Invalid Start Time format allowed is hhmm")
return response, BAD_REQUEST
flag, end_time = validate_time(request_body[gc.END_TIME])
if not flag:
response = make_general_response(
INVALID_PARAMETER, "Invalid End Time format allowed is hhmm")
return response, BAD_REQUEST
data, response_code, detail = add_new_shift(request_body[gc.NAME],
start_time, end_time)
response = make_general_response(response_code, detail)
if data:
response[gc.DATA] = data
return response, CREATED
return response, BAD_REQUEST
def enroll_users():
request_body = request.get_json()
_id = request_body[gc.USER_ID]
user = find_user_by_id(_id)
if not user:
response = make_general_response(USER_NOT_FOUND, "User not found")
return response, BAD_REQUEST
madrassa_detail_id = request_body[gc.MADRASSA_DETAIL]
madrassa_detail = find_madrassa_detail_by_id(madrassa_detail_id)
if not madrassa_detail:
response = make_general_response(MADRASSA_DETAILS_NOT_FOUND,
"Madrassa details not found")
return response, BAD_REQUEST
role_id = request_body[gc.ROLE_ID]
role = find_role_by_id(role_id)
if not role:
response = make_general_response(ROLE_NOT_FOUND, "Role not found")
return response, BAD_REQUEST
enrollment_date = request_body[gc.ENROLMENT_DATE]
if not validate_date(enrollment_date):
response = make_general_response(
INVALID_PARAMETER,
"Invalid Date Format. Allowed Date format is YYYYMMDD")
return response, BAD_REQUEST
enrolled, response_code, detail = enroll_user_in_madrassa(
user, madrassa_detail, role, enrollment_date)
response = make_general_response(response_code, detail)
if enrolled:
return response, OK
return response, BAD_REQUEST
def wrap(*args, **kwargs):
token = None
headers = request_header()
if X_ACCESS_TOKEN in headers:
token = headers[X_ACCESS_TOKEN]
if not token:
response = make_general_response(MISSING_TOKEN, 'token is missing')
return response, UNAUTHORIZED
# try:
algorithm = gc.SHA256
data = decode(token,
current_app.config[SECRET_KEY],
algorithms=[algorithm])
query = f"Select {PASSWORD} from {ADMIN} where {USERNAME} = '{data.get(gc.USERNAME)}'"
r = select_query(query)
if r:
result = r.fetchall()
password = result[0][PASSWORD]
hashed_password = sha256(password.encode(gc.ASCII)).hexdigest()
if hashed_password == data.get(gc.PASSWORD):
return f(*args, **kwargs)
response = make_general_response(FAIL, 'FAIL')
return response, BAD_REQUEST