Exemplo n.º 1
0
def new_user_fun():
    cl = db().get_collection('users')
    data = request.get_json()

    # check requiring keys
    for i in ['name', 'email', 'secret']:
        if i not in data:
            return resp_data(-1, msg=f"requires '{i}'")

    # check not allow
    for i in ['_id', 'level', 'forms']:
        if i in data:
            return resp_data(-2, msg=f"not allow '{i}'")

    # check exists user
    email = data['email']
    name = data['name']
    r = cl.find_one({"$or": [{'name': name}, {'email': email}]})
    if r:
        return resp_data(-3,
                         msg=f"user email='{email}' "
                         f"or name='{name}' exists")

    pw = data['secret']
    pw, salt = User.get_hash_text(pw)
    data['secret'] = f'{pw}${salt}'
    data['level'] = 1
    data['forms'] = []

    user_id = cl.insert_one(data)
    user_id = str(user_id.inserted_id)
    return resp_data(0, msg=f'created user', data={'id': user_id})
Exemplo n.º 2
0
def get_result(result_id):
    cl = db().get_collection('results')

    data = cl.find_one({'_id': ObjectId(result_id)})
    if not data:
        return resp_data(-1, msg=f"form result '{result_id}' not found")

    del data['_id']
    return resp_data(0, msg='found', data=data)
Exemplo n.º 3
0
def get_form(form_id):
    cl = db().get_collection('forms')

    data = cl.find_one({'_id': ObjectId(form_id)})
    if not data:
        return resp_data(-1, msg=f"form '{form_id}' not found")

    del data['_id']
    return resp_data(0, msg=f"form '{form_id}' found", data=data)
Exemplo n.º 4
0
def get_user(user_id: str):
    cl = db().get_collection('users')

    data = cl.find_one({"_id": ObjectId(user_id)})
    if not data:
        return resp_data(-1, msg='user not found')

    del data['secret']
    del data['_id']
    return resp_data(0, msg='user found', data=data)
Exemplo n.º 5
0
def info():
    cl = db().get_collection('users')
    user_id = get_jwt_identity()['id']

    user = cl.find_one({'_id': ObjectId(user_id)})
    if not user:
        return resp_data(-1, msg='user not found')

    del user['_id']
    del user['secret']
    user['id'] = user_id

    return resp_data(0, msg='here are you', data=user)
Exemplo n.º 6
0
def get_results():
    cl = db().get_collection('results')

    form_id = request.args.get('form')
    if not form_id:
        return resp_data(-1, msg='no form selected')

    rs = cl.find({'form_id': form_id})
    if not rs:
        return resp_data(1, msg='no result yet', data=[])
    data = []
    for r in rs:
        r: dict
        r['result_id'] = str(r.pop('_id'))
        r.pop('form_id')
        data.append(r)
    return resp_data(0, msg='results found', data=data)
Exemplo n.º 7
0
def new_form():
    cl = db().get_collection('forms')
    data = request.get_json()
    logged_user = get_jwt_identity()

    if not data:
        return resp_data(-1, msg="json parsing error")

    for i in ['_id', 'time']:
        if i in data:
            return resp_data(-2, msg=f"not allow '{i}'")

    data['creator'] = logged_user['id']
    data['time'] = dt.now().isoformat()

    form_id = cl.insert_one(data)
    if not form_id:
        return resp_data(-3, msg='unknown error')

    return resp_data(0,
                     msg='form created',
                     data={'id': str(form_id.inserted_id)})
Exemplo n.º 8
0
def login():
    cl = db().get_collection('users')
    d = None
    if request.is_json:
        d = request.json
    else:
        d = request.form

    name = d.get('name')
    password = d.get('password')
    if not name or not password:
        return resp_data(-1, msg=f"'name' and 'password' are required")

    u = cl.find_one({'name': name})
    u['id'] = str(u['_id'])
    if not u:
        return resp_data(-2, msg=f"user '{name}' did not exist")

    if not User.from_map(u).check_secret(password):
        return resp_data(-3, msg='password error')

    token = create_access_token(identity={
        'name': u['name'],
        'id': u['id'],
        'level': u['level']
    })
    return resp_data(0,
                     msg='login successfully',
                     data={
                         'token': token,
                         'user': {
                             'name': u['name'],
                             'id': u['id'],
                             'level': u['level']
                         }
                     })
Exemplo n.º 9
0
def new_result():
    cl = db().get_collection('results')
    data = request.get_json()
    logged_user = get_jwt_identity()

    if not data:
        return resp_data(-1, msg='unknown error')

    for i in ['_id', 'time']:
        if i in data:
            return resp_data(-2, msg=f"not allow '{i}'")

    for i in ['form_id', 'data']:
        if i not in data:
            return resp_data(-3, msg=f"require '{i}'")

    data['user'] = logged_user['id']
    data['time'] = dt.now().isoformat()
    result_id = cl.insert_one(data)
    if not result_id:
        return resp_data(-4, msg="unknown error")
    return resp_data(0,
                     msg="created form result",
                     data={'id': str(result_id.inserted_id)})