def test_addNewUser(self):
email = "*****@*****.**"
name = "TESTNAME"
password = "******"
salt = "$2b$12$IB/erL6YpE48btg6pQnDF."
userIDAdmin = 1
self.assertTrue(dbhandler.addNewUser(userIDAdmin, email, name, password, salt))
self.assertEqual(1, dbhandler.checkEmail(email))
info = dbhandler.getLogin(email)
self.assertEqual(info['password'], password)
self.assertEqual(info['salt'], salt)
ID = dbhandler.getUserID(email)['ID']
self.assertEqual(name, dbhandler.getUserNameFromID(ID)['name'])
userID = 2
self.assertFalse(dbhandler.addNewUser(userID, email, name, password, salt))
# Clean up the mess made here ^
connection = dbhandler.makeConnection()
try:
with connection.cursor() as cursor:
sql = ("DELETE FROM users WHERE email = '{0}'")
cursor.execute(sql.format(email))
connection.commit()
except Exception as e:
return("Error: {0}. Error code is {1}".format(e, e.args[0]))
finally:
connection.close()
def post(self):
# Form all elements from form into a list.
info = []
for argument in [
"email1", "email2", "userName", "userPass1", "userPass2"
]:
info.append(self.get_argument(argument))
logging.info("Attempt to add new user: {0}".format(info))
userEmail = (self.get_secure_cookie("email").decode("utf-8"))
chatNames = dbhandler.getChatNameID(userEmail)
alerts = []
if self.get_argument("email1") != self.get_argument("email2"):
alerts.append("Emails do not match")
if self.get_argument("userPass1") != self.get_argument(
"userPass2"):
alerts.append("Passwords do not match")
logging.info("Failed to add new user; neither match")
self.render("homeAdmin.html",
email=userEmail,
chats=chatNames,
alerts=alerts)
else:
self.render("homeAdmin.html",
email=userEmail,
chats=chatNames,
alerts=alerts)
logging.info("Failed to add new user; emails don't match")
elif self.get_argument("userPass1") != self.get_argument("userPass2"):
alerts.append("Passwords do not match")
logging.info("Failed to add new user; pwds don't match")
self.render("homeAdmin.html",
email=userEmail,
chats=chatNames,
alerts=alerts)
else:
userID = dbhandler.getUserID(userEmail)['ID']
newEmail = self.get_argument("email1")
name = self.get_argument("userName")
salt = (bcrypt.gensalt()).decode("utf-8")
password = (hashPwd(self.get_argument("userPass1"),
salt)).decode("utf-8")
returnValue = dbhandler.addNewUser(userID, newEmail, name,
password, salt)
if returnValue == True:
self.render("homeAdmin.html",
email=userEmail,
chats=chatNames,
alerts=[
"Success",
])
logging.info("Added new user successfully")
else:
logging.error("Failed to add a new user")
logging.error(returnValue)
self.render("homeAdmin.html",
email=userEmail,
chats=chatNames,
alerts=[
"Failed to add new user",
])
def get(self, url):
# Validate user exists.
email = self.get_secure_cookie("email").decode("utf-8")
userID = dbhandler.getUserID(email)
if userID != None:
userID = userID['ID']
else:
self.redirect("/home")
# Validate that the shift being edited belongs to that user.
shiftID = url.rsplit("/", 1)
shiftID = (shiftID[(len(shiftID) - 1)])
shiftUserID = dbhandler.getShiftUserID(shiftID)
if shiftUserID != None:
shiftUserID = shiftUserID['userID']
else:
self.redirect("/home")
# Get shift info to be rendered to document.
shift = dbhandler.getShiftInfo(shiftID)
shiftInfo = {
'date' : shift['startTime'].strftime("%d/%m/%Y"),
'startTime' : shift['startTime'].strftime("%H:%M"),
'endTime' : shift['endTime'].strftime("%H:%M"),
'breakLength' : (shift['break_length'] * 60),
'pay' : calculatePay(shift['startTime'], shift['endTime'], shift['break_length'], shift['pay'])
}
if shiftUserID == userID:
self.render("editShift.html", info = shiftInfo)
else:
self.redirect("/home")
def on_message(self, message):
userEmail = self.get_secure_cookie("email")
userEmail = userEmail.decode("utf-8")
userID = dbhandler.getUserID(userEmail)['ID']
# logging.warn(("USERNAME on_message:", userName))
# logging.warn(("USERID on_message:", userID))
if dbhandler.checkChatPrivileges(userID, self.chatID) != False:
message = tornado.escape.json_decode(message)['body']
# logging.warn(message)
messageID = dbhandler.setMessage(userID, self.chatID, message)
# logging.info(("MESSAGE ID: ", messageID))
if isinstance(messageID, int) == True:
logging.info("Successfully saved message")
newChatMessage = {
'id': messageID,
'content': message,
'uName': dbhandler.getUserNameFromID(userID)['name']
}
newChatMessage['html'] = tornado.escape.to_basestring(
self.render_string('newMessage.html',
message=newChatMessage))
# logging.info(newChatMessage)
# logging.info(self.chatID)
WSocketHandler.sendMessages(newChatMessage, self.chatID)
else:
logging.error("Error saving message")
else:
logging.warn(
"Message attempt with incorrect privileges. User: {0}, Chat:{1}"
.format(userID, self.chatID))
def get(self, url):
url = WSocketHandler.stripUrl(url)
userEmail = self.get_secure_cookie("email")
if userEmail != None:
userEmail = userEmail.decode("utf-8")
if dbhandler.checkEmail(userEmail) == True:
userID = dbhandler.getUserID(userEmail)['ID']
if dbhandler.checkChatPrivileges(userID, url) != False:
messageList = dbhandler.getRecentMessages(url)
if messageList != False:
messageList.reverse()
# For every message, add the human name.
for m in messageList:
userName = dbhandler.getUserName(m['memberID'])
m['uName'] = userName['name']
else:
messageList = []
isAdmin = dbhandler.checkChatAdmin(userID, url)
if isAdmin == True:
self.render("chatAdmin.html",
messages=messageList,
chatname=url,
signuplink=url)
else:
self.render("chat.html",
messages=messageList,
chatname=url)
else:
self.redirect("/home")
else:
self.redirect("/")
else:
self.redirect("/")
def post(self, url):
newEmail = self.get_argument("newEmail")
doesEmailExist = dbhandler.checkEmail(newEmail)
chatID = WSocketHandler.stripUrl(url)
# If the email exists, procede to check if the actioner is admin etc.
if doesEmailExist == 1:
actioningUserEmail = self.get_secure_cookie("email").decode(
"utf-8")
actioningUserID = dbhandler.getUserID(actioningUserEmail)['ID']
isAdmin = dbhandler.checkChatAdmin(actioningUserID, url)
if isAdmin == True:
newUserID = dbhandler.getUserID(newEmail)['ID']
dbhandler.setPrivileges(newUserID, {
chatID: False,
})
self.redirect("/chat/{0}".format(chatID))
else:
self.redirect("/chat/{0}".format(chatID))
else:
self.redirect("/chat/{0}".format(chatID))
def post(self):
adminUserEmail = self.get_secure_cookie("email").decode("utf-8")
adminUserID = dbhandler.getUserID(adminUserEmail)['ID']
if dbhandler.checkAdmin(adminUserID) == True:
chatName = self.get_argument("newChatName")
chatID = dbhandler.addNewChat(chatName)
# Chat ID's should always be an integer, if not, probably error.
if isinstance(chatID, int) == True:
userEmail = self.get_argument("initialChatUser")
if dbhandler.checkEmail(userEmail) == 1:
userID = dbhandler.getUserID(userEmail)['ID']
url = ("/chat/{0}".format(chatID))
self.redirect(url)
else:
url = ("/chat/{0}".format(chatID))
self.redirect(url)
else:
logging.error(chatID)
else:
self.redirect("/home")
def get(self):
if not self.get_secure_cookie("email"):
self.redirect("/login")
return
else:
userEmail = (self.get_secure_cookie("email").decode("utf-8"))
chatNames = dbhandler.getChatNameID(userEmail)
if dbhandler.checkAdmin(
dbhandler.getUserID(userEmail)['ID']) == True:
self.render("homeAdmin.html",
email=userEmail,
chats=chatNames,
alerts=[])
else:
self.render("home.html", email=userEmail, chats=chatNames)
def post(self):
email = self.get_secure_cookie("email").decode("utf-8")
shiftStartDate = str(self.get_argument("shiftStartDate"))
shiftStartTime = str(self.get_argument("shiftStartTime"))
startDateTime = shiftStartDate + " " + shiftStartTime
shiftEndDate = str(self.get_argument("shiftEndDate"))
shiftEndTime = str(self.get_argument("shiftEndTime"))
endDateTime = shiftEndDate + " " + shiftEndTime
try:
startDateTime = datetime.datetime.strptime(startDateTime, '%Y-%m-%d %H:%M')
endDateTime = datetime.datetime.strptime(endDateTime, '%Y-%m-%d %H:%M')
except:
self.redirect("/newShift")
breakLength = float(self.get_argument("breakLength"))
wage = float(self.get_argument("hourlyWage"))
userID = dbhandler.getUserID(email)['ID']
returnValue = dbhandler.addNewShift(startDateTime, endDateTime, breakLength, wage, userID)
if returnValue != True:
logging.error(returnValue)
self.render("newShifts.html")
else:
self.redirect("/home")
def post(self, url):
# Validate user exists.
email = self.get_secure_cookie("email").decode("utf-8")
userID = dbhandler.getUserID(email)
if userID != None:
userID = userID['ID']
else:
self.redirect("/home")
# Validate that the shift being edited belongs to that user.
shiftID = url.rsplit("/", 1)
shiftID = (shiftID[(len(shiftID) - 1)])
shiftUserID = dbhandler.getShiftUserID(shiftID)
if shiftUserID != None:
shiftUserID = shiftUserID['userID']
else:
self.redirect("/home")
# Get change info from form.
shiftStartDate = str(self.get_argument("shiftStartDate"))
shiftStartTime = str(self.get_argument("shiftStartTime"))
startDateTime = shiftStartDate + " " + shiftStartTime
shiftEndDate = str(self.get_argument("shiftEndDate"))
shiftEndTime = str(self.get_argument("shiftEndTime"))
endDateTime = shiftEndDate + " " + shiftEndTime
try:
startDateTime = datetime.datetime.strptime(startDateTime, '%Y-%m-%d %H:%M')
endDateTime = datetime.datetime.strptime(endDateTime, '%Y-%m-%d %H:%M')
except:
self.redirect("/newShift")
breakLength = float(self.get_argument("breakLength"))
wage = float(self.get_argument("hourlyWage"))
# Attempt to commit changes to database.
returnValue = dbhandler.editShiftInfo(shiftID, startDateTime, endDateTime, breakLength, wage)
if returnValue != True:
logging.error(returnValue)
self.redirect("/editShift/{0}".format(shiftID))
else:
self.redirect("/editShift/{0}".format(shiftID))
def get(self, url):
email = self.get_secure_cookie("email").decode("utf-8")
userID = dbhandler.getUserID(email)['ID']
# Get the ID of the payday from the url and then get the date from the
# startTime database entry.
payDateTime = ((dbhandler.getShiftInfo((url.rsplit("/", 1))[(len(url.rsplit("/", 1)) - 1)]))['startTime'])
payDate = payDateTime.strftime("%d/%m/%Y")
prevPayDateTime = payDateTime - datetime.timedelta(days=28)
shifts = dbhandler.getShifts(userID, payDateTime, prevPayDateTime)
shiftInfo = []
payInfo = {
'date' : payDate,
'pay' : calculatePayDay(shifts)
}
for shift in shifts:
shiftInfo.append(
{
"startDate" : shift['startTime'].strftime("%d/%m/%Y"),
"startTime" : shift['startTime'].strftime("%H:%M"),
"endTime" : shift['endTime'].strftime("%H:%M"),
"ID" : shift['ID']
}
)
self.render("payday.html", shifts = shiftInfo, payInfo = payInfo)
def get(self):
if not self.get_secure_cookie("email"):
self.redirect("/signup")
else:
email = self.get_secure_cookie("email").decode("utf-8")
userID = dbhandler.getUserID(email)['ID']
maxDate = datetime.datetime.now() + datetime.timedelta(seconds = 2419200)
shifts = dbhandler.getShiftsAndPaydays(userID, maxDate)
formatedShifts = []
for shift in shifts:
if shift['pdflag'] == 1:
# Code for if shift is a payday
formatedShifts.append(
{
"ID" : shift['ID'],
"startDate" : shift['startTime'].strftime("%d/%m/%Y"),
"pdflag" : True
}
)
pass
elif shift['pdflag'] == 0:
# Code for if shift is a regular shift
formatedShifts.append(
{
"startDate" : shift['startTime'].strftime("%d/%m/%Y"),
"startTime" : shift['startTime'].strftime("%H:%M"),
"endTime" : shift['endTime'].strftime("%H:%M"),
"ID" : shift['ID'],
"pdflag" : False
}
)
else:
# DATABASE ERROR
logging.error("Big error with getting shifts: {0}".format(shifts))
break
self.render("home.html", shifts = formatedShifts)
def test_getUserID(self):
self.assertEqual(4, dbhandler.getUserID("*****@*****.**")['ID'])