def post(self):
claims = get_jwt_claims()
if 'admin' not in claims['roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
data = parser.parse_args()
if not data['username'] or not data['password']:
return {
'message':
'Imposible to perform operation... missing parameters'
}, 400
user = UserModel.find_by_username(data['username'])
if not user:
return {
'message': 'User {} doesn\'t exists'.format(data['username'])
}, 401
user.password = UserModel.generate_hash(data['password'])
try:
user.save_to_db()
return {
'message':
'Password for user {} successfully changed'.format(
user.username)
}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
data = parser.parse_args()
current_user = UserModel.find_by_login(data['login'])
if not current_user:
return {'message': 'User {} doesnt exists'.format(data['login'])}, 401
if UserModel.verify_hash(data['password'], current_user.password):
expires = datetime.timedelta(days=1)
access_token = create_access_token(identity=current_user, expires_delta=expires)
return {
'id_token': access_token
}
else:
return {'message', 'Wrong credentials'}, 401
def post(self):
vendedor_login = get_jwt_identity()
vendedor = UserModel.find_by_login(vendedor_login)
if not vendedor:
return {
'message': 'Vendedor {} doesnt exists'.format(vendedor_login)
}, 401
data = agregar_cliente_parser.parse_args()
organizacionId = vendedor.organizationId
correoVendedor = vendedor.email
nombre = data['nombre']
apellidos = data['apellidos']
direccion = data['direccion']
fechaNacimiento = data['fechaNacimiento']
telefono = data['telefono']
email = data['email']
try:
cliente = cliente_service.crear_cliente(
organizacion_id=organizacionId,
correo_vendedor=correoVendedor,
nombre=nombre,
apellidos=apellidos,
direccion=direccion,
fecha_nacimiento=fechaNacimiento,
telefono=telefono,
email=email)
except Exception as ex:
return {'message', 'Error del servidor al guardar el cliente'}, 500
return cliente.to_dict()
def delete(self, username):
current_username = get_jwt_identity()
if username == current_username:
return {
'message': 'Request user cant ask for deleting himself'
}, 403
claims = get_jwt_claims()
if 'admin' not in claims['roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
user_to_delete = UserModel.find_by_username(username)
if not user_to_delete:
return {'message': 'User {} doesn\'t exists'.format(username)}, 401
try:
user_to_delete.delete_me()
return {'messages': 'User {} deleted'.format(username)}
except:
return {
'message': 'Something went wrong width delete process'
}, 500
def post(self):
data = parser.parse_args()
current_user = UserModel.find_by_username(data['username'])
if not current_user:
return {
'message': 'User {} doesn\'t exists'.format(data['username'])
}, 401
if UserModel.verify_hash(data['password'], current_user.password):
access_token = create_access_token(identity=current_user)
refresh_token = create_refresh_token(identity=current_user)
return {
'message': 'Logged in as {}'.format(current_user.username),
'access_token': access_token,
'refresh_token': refresh_token
}
else:
return {'message': 'Wrong credentials'}, 401
def get(self):
claims = get_jwt_claims()
if 'admin' not in claims['roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
return UserModel.return_all()
def get(self):
current_username = get_jwt_identity()
user = UserModel.find_by_username(current_username)
ret_user = {
'username': user.username,
'firstName': user.firstName,
'lastName': user.lastName,
'roles': [role.role_name for role in user.roles]
}
return ret_user
def get(self):
login = get_jwt_identity()
current_user = UserModel.find_by_login(login)
if not current_user:
return {'message': 'User {} doesnt exists'.format(login)}, 401
else:
organization = organization_service.get_organizacion_by_id(current_user.organizationId)
if not organization:
return {'message': 'Organization {} doesnt exists'.format(current_user.organizationId)}, 401
return organization.to_dict()
def post(self):
claims = get_jwt_claims()
if 'admin' not in claims['authorities']:
return {'message': 'You dont have permision to perform this operation'}, 401
data = parser.parse_args()
if UserModel.find_by_login(data['login']):
return {'message': 'User {} already exists'.format(data['login'])}
new_user = UserModel(
login=data['login'],
password=UserModel.generate_hash(data['password']),
firstName=data['firstName'],
lastName=data['lastName'],
email=data['email']
)
for authority in data['authorities']:
new_user_authority = AuthorityModel.find_by_authority_name(authority)
if new_user_authority:
new_user.authorities.append(new_user_authority)
try:
new_user.save_to_db()
return {'message': 'User {} was create'.format(new_user.login)}
except:
return {'message': 'Something went wrong'}, 500
def get(self):
requester_login = get_jwt_identity()
current_requester = UserModel.find_by_login(requester_login)
if 'ROLE_ADMIN' not in [
authority.authority_name
for authority in current_requester.authorities
]:
return {'message': 'You dont have access to this resource'}, 403
contratos = contrato_service.find_all_contratos()
return contratos
def get(self):
login = get_jwt_identity()
current_user = UserModel.find_by_login(login)
if not current_user:
return {'message': 'User {} doesnt exists'.format(login)}, 401
else:
ret_user = {
'login': current_user.login,
'firstName': current_user.firstName,
'lastName': current_user.lastName,
'email': current_user.email,
'authorities': [authority.authority_name for authority in current_user.authorities]
}
return ret_user
def put(self):
data = parser.parse_args()
user_to_edit = UserModel.find_by_login(data['login'])
if not user_to_edit:
return {'message': 'User {} doesnt exists'.format(data['login'])}
else:
user_to_edit.firstName = data['firstName']
user_to_edit.lastName = data['lastName']
try:
user_to_edit.save_to_db()
return {'message': 'User {} was edited'.format(user_to_edit.login)}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
data = parser.parse_args()
if not data['username'] or not data['password'] or not data[
'old_password']:
return {
'message':
'Imposible to perform operation... missing parameters'
}, 400
current_username = get_jwt_identity()
if current_username != data['username']:
return {'message': 'Not matching username'}, 400
user = UserModel.find_by_username(current_username)
if not user:
return {
'message': 'User {} doesn\'t exists'.format(current_username)
}, 401
if not UserModel.verify_hash(data['old_password'], user.password):
return {'message': 'Current password doesn\'t match'}, 403
user.password = UserModel.generate_hash(data['password'])
try:
user.save_to_db()
return {
'message':
'Password for user {} successfully changed'.format(
user.username)
}
except:
return {'message': 'Something went wrong'}, 500
def get(self, cliente_id):
vendedor_login = get_jwt_identity()
vendedor = UserModel.find_by_login(vendedor_login)
if not vendedor:
return {
'message': 'Vendedor {} doesnt exists'.format(vendedor_login)
}, 401
if not cliente_service.cliente_le_pertenece_a_vendedor(
vendedor_email=vendedor.email, cliente_id=cliente_id):
return {'message': 'El cliente no le pertenece al vendedor'}, 403
cliente = cliente_service.obtener_cliente_por_id(cliente_id)
return cliente.to_dict()
def delete(self, cliente_id):
vendedor_login = get_jwt_identity()
vendedor = UserModel.find_by_login(vendedor_login)
if not vendedor:
return {
'message': 'Vendedor {} doesnt exists'.format(vendedor_login)
}, 401
if not cliente_service.cliente_le_pertenece_a_vendedor(
vendedor_email=vendedor.email, cliente_id=cliente_id):
return {'message': 'El cliente no le pertenece al vendedor'}, 403
if not cliente_service.borrar_cliente_por_id(cliente_id=cliente_id):
return {'message': 'Error del servidor al borrar el cliente'}, 500
return {'message': 'El cliente fue borrado exitosamente'}, 200
def put(self):
current_username = get_jwt_identity()
claims = get_jwt_claims()
data = parser.parse_args()
if not data['username']:
return {'message': 'Missing parameters'}, 403
if data['username'] != current_username and 'admin' not in claims[
'roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
user_to_edit = UserModel.find_by_username(data['username'])
if not user_to_edit:
return {
'message': 'User {} doesn\'t exists'.format(data['username'])
}, 401
if 'admin' in claims['roles'] and data['username'] != current_username:
user_to_edit.roles = []
try:
user_to_edit.save_to_db
except:
return {
'message': 'Something went wrong trying to save roles'
}, 500
for role in data['roles']:
user_to_edit_role = RoleModel.find_by_role_name(role)
if user_to_edit_role:
user_to_edit.roles.append(user_to_edit_role)
user_to_edit.firstName = data['firstName']
user_to_edit.lastName = data['lastName']
try:
user_to_edit.save_to_db()
return {
'message': 'User {} was edited'.format(user_to_edit.username)
}
except:
return {'message': 'Something went wrong'}, 500
def put(self, contrato_id):
vendedor_login = get_jwt_identity()
current_vendedor = UserModel.find_by_login(vendedor_login)
if not current_vendedor:
return {
'message': 'No user with login {}'.format(vendedor_login)
}, 401
try:
contrato = contrato_service.desactivar_contrato(
correo_vendedor=current_vendedor.email,
contrato_id=contrato_id)
except Exception as ex:
return {'message': str(ex)}, 500
return contrato.to_dict()
def post(self):
vendedor_login = get_jwt_identity()
current_vendedor = UserModel.find_by_login(vendedor_login)
if not current_vendedor:
return {
'message': 'No user with login {}'.format(vendedor_login)
}, 401
data = request.data.decode('utf-8')
try:
contrato = Contrato.from_json(data)
except Exception as exception:
return {
'message',
'El objeto enviado no cumple con el formato correcto'
}, 400
if not contrato_service.verify_cliente_exists(contrato.clienteId):
return {
'message':
'No cliente with id {} found'.format(contrato.clienteId)
}, 404
if not contrato_service.verify_producto_exists(contrato.productoId):
return {
'message':
'No producto with id {} found'.format(contrato.productoId)
}, 404
try:
contrato = contrato_service.crear_contrato(
tipo=contrato.tipo,
cliente_id=contrato.clienteId,
producto_id=contrato.productoId,
correo_vendedor=current_vendedor.email,
dias_validez=contrato.diasValidez,
pagos_programados=contrato.pagosProgramados)
except Exception as ex:
return {'message': str(ex)}, 500
return contrato.to_dict()
def get(self):
vendedor_login = get_jwt_identity()
vendedor = UserModel.find_by_login(vendedor_login)
if not vendedor:
return {
'message': 'Vendedor {} doesnt exists'.format(vendedor_login)
}, 401
try:
clientes_objs = cliente_service.obtener_clientes_por_correo_vendedor(
vendedor.email)
clientes = [cliente.to_dict() for cliente in clientes_objs]
except Exception as exception:
return {
'message':
'error del servidor al obtener los clientes por vendedor'
}
return clientes
def put(self, cliente_id):
vendedor_login = get_jwt_identity()
vendedor = UserModel.find_by_login(vendedor_login)
if not vendedor:
return {
'message': 'Vendedor {} doesnt exists'.format(vendedor_login)
}, 401
if not cliente_service.cliente_le_pertenece_a_vendedor(
vendedor_email=vendedor.email, cliente_id=cliente_id):
return {'message': 'El cliente no le pertenece al vendedor'}, 403
data = editar_cliente_parser.parse_args()
if data['id'] != cliente_id:
return {
'message': 'Tratando de editar un cliente con diferente id'
}, 400
email = data['email']
nombre = data['nombre']
apellidos = data['apellidos']
direccion = data['direccion']
fecha_nacimiento = data['fechaNacimiento']
telefono = data['telefono']
try:
cliente = cliente_service.editar_cliente(
cliente_id=cliente_id,
email=email,
nombre=nombre,
apellidos=apellidos,
fecha_nacimiento=fecha_nacimiento,
direccion=direccion,
telefono=telefono)
except Exception as exception:
return {'message': 'Error del servidor al editar el cliente'}, 500
return cliente.to_dict()
def get(self, cliente_id):
vendedor_login = get_jwt_identity()
vendedor = UserModel.find_by_login(vendedor_login)
if not vendedor:
return {
'message': 'Vendedor {} doesnt exists'.format(vendedor_login)
}, 401
if not cliente_service.cliente_le_pertenece_a_vendedor(
vendedor_email=vendedor.email, cliente_id=cliente_id):
return {'message': 'El cliente no le pertenece al vendedor'}, 403
try:
resumen_contratos = cliente_service.resumen_contratos_por_cliente(
cliente_id=cliente_id)
except Exception as exception:
return {
'message':
'Error del servidor al recuperar los contratos por cliente'
}, 500
return resumen_contratos
def post(self):
user_login = get_jwt_identity()
current_user = UserModel.find_by_login(user_login)
if not current_user:
return {'message': 'User {} doesnt exists'.format(user_login)}, 401
data = parser.parse_args()
proyecto = Proyecto()
proyecto.nombre = data['nombre']
proyecto.descripcion = data['descripcion']
proyecto.correoCreador = current_user.email
proyecto.idSeccion = data['idSeccion']
proyecto.svgId = data['svgId']
proyecto.organizacionId = current_user.organizationId
proyecto.padreId = data['padreId']
try:
proyecto.save()
except Exception as ex:
return {'message', ex.message}, 500
return proyecto.to_dict()
def post(self):
claims = get_jwt_claims()
if 'admin' not in claims['roles']:
return {
'message': 'You dont have persmision to perform this operation'
}, 401
data = parser.parse_args()
if UserModel.find_by_username(data['username']):
return {
'message': 'User {} already exists'.format(data['username'])
}
new_user = UserModel(username=data['username'],
password=UserModel.generate_hash(
data['password']),
firstName=data['firstName'],
lastName=data['lastName'])
for role in data['roles']:
new_user_role = RoleModel.find_by_role_name(role)
if new_user_role:
new_user.roles.append(new_user_role)
try:
new_user.save_to_db()
# access_token = create_access_token(identity=new_user)
# refresh_token = create_refresh_token(identity=new_user)
return {
'message': 'User {} was created'.format(new_user.username)
# 'access_token': access_token,
# 'refresh_token': refresh_token
}
except:
return {'message': 'Something went wrong'}, 500
def post(self):
username = get_jwt_identity()
user = UserModel.find_by_username(username)
access_token = create_access_token(identity=user)
return {'access_token': access_token}