Пример #1
0
def roles_uri():
    args = request.get_json(silent=True)

    if request.method == 'GET':
        try:
            roles = query.get_all_roles()
            return get_json('roles', roles)

        except Exception as e:
            print(e)
            response = create_error('unexpected_error', e)
            return (response, 500)

    elif request.method == 'DELETE':

        print("ahhhh")
        role_ids = args.get('ids')
        try:
            if role_ids:
                for x in role_ids:

                    query.remove_role(x)
                return (json.dumps({}), 200)
            else:
                response = create_error('role_not_found')
                return (response, 404)
        except Exception as e:
            response = create_error('unexpected_error', e)
            return (response, 500)
Пример #2
0
def users_uri():
    if request.method == 'GET':
        try:
            users = query.get_all_users()
            return get_json('users', users)

        except Exception as e:
            print(e)
            response = create_error('unexpected_error', e)
            return (response, 500)
Пример #3
0
def groups_uri():
    if request.method == 'GET':
        try:
            groups = query.get_all_groups()
            return get_json('roles', groups)

        except Exception as e:
            print(e)
            response = create_error('unexpected_error', e)
            return (response, 500)
Пример #4
0
def user_uri():
    #args = request.args
    # print(request.args)
    print(request.get_json())
    # print(request.data)
    args = request.get_json()
    if args is None:
        response = create_error('missing_argument')
        return (response, 404)

    user_email = args.get('email')
    # password = args.get('password')
    # if password:
    #     hashedpw = generate_password_hash(password)

    #Get the post call from login.js and verify that it is correct, does not left user
    # login if they entered the wrong things
    excludes = args.get('excludes', [])
    if request.method == 'POST':
        username = args.get('username')
        password = args.get('password')
        print(username)
        try:
            user = query.get_user_by_username(username)
            if user:
                if (query.is_usermane_correct(user.username)):
                    if (check_password_hash(user.password, password)):
                        print(login_user(user))
                        #TODO create a session varaible that makes it so the user can acess pages that
                        #normally would not be allowed to acess such as add, edit or delete any users
                        return get_json('user', user, excludes)
                    else:
                        response = create_error('password is incorrect')
                        return (response, 404)
                else:
                    response = create_error('username is incorrect')
                    return (response, 404)

            else:
                response = create_error('user_not_found')
                return (response, 403)

        except Exception as e:
            response = create_error('unexpected_error', e)
            return (response, 500)

    elif request.method == 'PUT':

        try:
            email = args.get('email')
            first_name = args.get('first_name')
            last_name = args.get('last_name')
            username = args.get('username')
            password = args.get('password')
            if password:
                hashedpw = generate_password_hash(password)
            isadmin_checkbox = args.get('is_admin')
            if isadmin_checkbox in 'on':
                isadmin = 1
            else:
                isadmin = 0

            #Update the user with the provided info
            user = query.get_user_by_email(user_email)

            if user:
                if user.email is None:
                    response = create_error('invalid_email')
                    return (response, 400)
                elif user.email != email and query.does_user_email_exist(
                        email):

                    response = create_error('email_taken')
                    return (response, 400)

                if first_name:
                    user.first_name = first_name
                if last_name:
                    user.last_name = last_name
                if email:
                    user.email = email
                if username:
                    user.username = username
                if password:
                    password = password
                if isadmin:
                    user.isadmin = isadmin

                    is_updated = query.update_user(user)
                    if is_updated:
                        return (get_json('user', user), 200)

                    response = create_error('unexpected_error',
                                            'Employee was not updated')
                    return (response, 500)
                else:
                    response = create_error('employee_not_found')
                    return (response, 404)

            # Insert a new user if the right conditions are met
            if user_email:
                if query.does_user_email_exist(user_email):
                    response = create_error('email_taken')
                    return (response, 400)
                elif email:
                    #hashpassword = hashPassword(password)
                    user = User(email=email,
                                first_name=first_name,
                                last_name=last_name,
                                username=username,
                                password=hashedpw,
                                is_admin=isadmin)
                    query.add_user(user)

                    response = get_json('user', user, excludes)
                    return (response, 200)
                else:
                    response = create_error('missing_arguments')
                    return (response, 400)

        except Exception as e:

            response = create_error('unexpected_error', e)
            return (response, 500)

    elif request.method == 'DELETE':
        user = query.get_user_by_email(email)
        try:
            if user:
                is_deleted = query.remove_user_by_id(email)
                if is_deleted:
                    return (json.dumps({}), 200)

                response = create_error('unexpected_error')
                return (response, 500)
            else:
                response = create_error('employee_not_found')
                return (response, 404)
        except Exception as e:
            response = create_error('unexpected_error', e)
            return (response, 500)
Пример #5
0
def role_uri():
    args = request.args
    args = request.get_json()

    if args is None:
        response = create_error('missing_argument')
        return (response, 404)

    role_id = args.get('id')
    if request.method == 'GET':
        try:
            role = query.get_role_by_id(role_id)

            if role:
                return get_json('role', role)
            else:
                response = create_error('role_not_found')
                return (response, 404)

        except Exception as e:
            response = create_error('unexpected_error', e)
            return (response, 500)

    elif request.method == 'PUT':
        try:
            name = args.get('name')
            description = args.get('description')
            group_ids = args.get('groups')

            # Update the role with the provided info
            if role_id:
                role = query.get_role_by_id(role_id)
                if role:
                    if query.does_role_name_exist(name):
                        response = create_error('name_taken')
                        return (response, 400)

                    if name:
                        role.name = name
                    if description:
                        role.description = description

                    if group_ids:
                        groups = get_groups_with_ids(group_ids)
                        role.groups = groups

                    is_updated = query.update_role(role)
                    if is_updated:
                        return (get_json('role', role), 200)

                    response = create_error('unexpected_error')
                    return (response, 500)
                else:
                    response = create_error('role_not_found')
                    return (response, 404)
            # Insert the new role, when it doesn't exist
            else:
                # Check for required arguments

                if query.does_role_name_exist(name):
                    response = create_error('email_taken')
                    return (response, 400)
                elif name:
                    groups = get_groups_with_ids(group_ids)
                    role = Role(name=name, description=description)
                    role.groups = groups
                    is_added = query.add_role(role)
                    if is_added:
                        response = get_json('role', role)
                        return (response, 200)
                    else:
                        raise Exception('Database operation failed: %s' %
                                        'add into employee table')

                else:
                    response = create_error('missing_argument')
                    return (response, 400)

        except Exception as e:
            print(e)
            response = create_error('unexpected_error', e)
            return (response, 500)

    elif request.method == 'DELETE':
        # role = query.get_role_by_id(role_id)
        print(role_id)
        try:
            if role_id:
                for x in role_id:
                    query.remove_role(role_id[0])
                return (json.dumps({}), 200)
            else:
                response = create_error('role_not_found')
                return (response, 404)
        except Exception as e:
            response = create_error('unexpected_error', e)
            return (response, 500)