def register():
body = request.form
users = app.getDict(database.child('users'))
if not body["email"] or not body["password"]:
return jsonify({"message": "Error: One of the credentials is empty"
}), status.HTTP_400_BAD_REQUEST
for user in users.values():
if user["email"] == body["email"]:
return jsonify({
"message":
"Error: A user with the same email already exist"
}), status.HTTP_400_BAD_REQUEST
accessToken = secrets.token_hex(16)
database.child('users').push({
"email": body["email"],
"password": body["password"],
"accessToken": accessToken,
"isAdmin": False,
"services": ""
})
return jsonify({
"message": "User successfully created",
"data": {
"accessToken": accessToken
}
}), status.HTTP_200_OK
def Delete(userServices, userId, serviceId, actualUser):
if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
return jsonify({
"message":
"Error: user '" + actualUser["value"]["email"] +
"' cannot delete a user's service"
}), status.HTTP_400_BAD_REQUEST
if serviceId in userServices:
userService = userServices[serviceId]
database.child('users').child(userId).child('services').child(
serviceId).remove()
userServices.pop(serviceId)
if len(userServices) == 0:
database.child('users').child(userId).update({"services": ""})
return jsonify({
"message": "User's service '" + userService["name"] +
"' successfully disconnected.",
"data": {
"services": userServices
}
}), status.HTTP_200_OK
return jsonify({
"message":
"Error: User's service '" + serviceId + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
def Delete(userWidgets, userId, serviceId, widgetId, actualUser):
if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
return jsonify({
"message":
"Error: user '" + actualUser["value"]["email"] +
"' cannot delete a user's widget"
}), status.HTTP_400_BAD_REQUEST
if widgetId in userWidgets:
userWidget = userWidgets[widgetId]
database.child('users').child(userId).child('services').child(
serviceId).child('widgets').child(widgetId).remove()
userWidgets.pop(widgetId)
if len(userWidgets) == 0:
database.child('users').child(userId).child('services').child(
serviceId).update({"widgets": ""})
return jsonify({
"message":
"User's widget '" + userWidget["name"] + "' successfully removed.",
"data": {
"widgets": userWidgets
}
}), status.HTTP_200_OK
return jsonify({
"message":
"Error: User's widget '" + widgetId + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
def Delete(users, userId, actualUser):
if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
return jsonify({"message": "Error: user '" + actualUser["value"]["email"] + "' cannot delete an other user"}), status.HTTP_400_BAD_REQUEST
if userId in users:
user = users[userId]
database.child('users').child(userId).remove()
users.pop(userId)
if len(users) == 0:
database.update({"users": ""})
return jsonify({"message": "user '" + user["emial"] + "' successfully removed.", "data": {"user": users}}), status.HTTP_200_OK
return jsonify({"message": "Error: user '" + userId + "' do not exist."}), status.HTTP_400_BAD_REQUEST
def userServices(userId, serviceId):
form = request.form.to_dict(flat=True)
users = app.getDict(database.child('users'))
actualUser = app.getActualUser(request.headers.get("Authorization"), users)
params = {
"name": {
"type": str,
"mandatory": True,
"default": None
},
"accessToken": {
"type": str,
"mandatory": False,
"default": ""
}
}
if not actualUser:
return jsonify({"message":
"User not authorized"}), status.HTTP_401_UNAUTHORIZED
if request.method != "GET" and request.method != "DELETE":
paramTypeError = app.checkParamsType(form, params)
if paramTypeError != None:
return paramTypeError
if request.method == "POST":
paramMandatoryError = app.checkParamsMandatory(form, params)
if paramMandatoryError != None:
return paramMandatoryError
user = database.child('users').child(userId)
if user.get().val() == None:
return jsonify({
"message": "Error: user '" + userId + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
userServices = app.getDict(
database.child('users').child(userId).child('services'))
with open('about.json', 'r') as json_file:
jsonData = json.load(json_file)["server"]["services"]
if request.method == "GET" and not serviceId:
return List(userServices, userId, actualUser)
elif request.method == "GET" and serviceId:
return Get(userServices, userId, serviceId, actualUser)
elif request.method == "POST" and not serviceId:
return Post(userServices, form, params, jsonData, userId, actualUser)
elif request.method == "PUT" and serviceId:
return Put(userServices, form, jsonData, userId, serviceId, actualUser)
elif request.method == "DELETE" and serviceId:
return Delete(userServices, userId, serviceId, actualUser)
def Post(users, form, params, actualUser):
if "isAdmin" in form and form["isAdmin"] == "true" and not actualUser["value"]["isAdmin"]:
return jsonify({"message": "Error: user '" + actualUser["value"]["email"] + "' cannot create a user with administrator permissions"}), status.HTTP_400_BAD_REQUEST
for user in users.values():
if user["email"].lower() == form["email"].lower():
return jsonify({"message": "Error: user '" + form["email"] + "' already exist"}), status.HTTP_400_BAD_REQUEST
for paramName, param in params.items():
if not paramName in form:
form[paramName] = param["default"]
form["services"] = ""
database.child('users').push(form)
return jsonify({"message": "user '" + form["email"] + "' successfully created", "data": {"user": form}}), status.HTTP_200_OK
def Put(users, form, userId, actualUser):
if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
return jsonify({"message": "Error: user '" + actualUser["value"]["email"] + "' cannot update an other user"}), status.HTTP_400_BAD_REQUEST
if "email" in form:
for user in users.values():
if user["email"].lower() == form["email"].lower():
return jsonify({"message": "Error: user '" + form["email"] + "' already exist"}), status.HTTP_400_BAD_REQUEST
if userId in users:
user = users[userId]
if "isAdmin" in form and not actualUser["value"]["isAdmin"]:
return jsonify({"message": "Error: user '" + userId + "' cannot set himself as administrator"}), status.HTTP_400_BAD_REQUEST
database.child('users').child(userId).update(form)
return jsonify({"message": "user '" + user["email"] + "' successfully updated.", "data": {"user": form}}), status.HTTP_200_OK
return jsonify({"message": "Error: user '" + userId + "' do not exist."}), status.HTTP_400_BAD_REQUEST
def Put(userServices, form, jsonData, userId, serviceId, actualUser):
if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
return jsonify({
"message":
"Error: user '" + actualUser["value"]["email"] +
"' cannot update a user's service"
}), status.HTTP_400_BAD_REQUEST
if "name" in form:
serviceExist = False
for serviceJsonData in jsonData:
if serviceJsonData["name"].lower() == form["name"].lower():
serviceExist = True
if not serviceExist:
return jsonify({
"message":
"Error: Service '" + form["name"].lower() + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
for userService in userServices.values():
if userService["name"].lower() == form["name"].lower():
return jsonify({
"message":
"Error: User's service '" + form["name"].lower() +
"' already exist"
}), status.HTTP_400_BAD_REQUEST
if serviceId in userServices:
userService = userServices[serviceId]
database.child('users').child(userId).child('services').child(
serviceId).update(form)
return jsonify({
"message": "User's service '" + userService["name"] +
"' successfully updated.",
"data": {
"services": form
}
}), status.HTTP_200_OK
return jsonify({
"message":
"Error: User's service '" + serviceId + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
def Put(userWidgets, form, jsonData, userId, serviceId, widgetId, actualUser):
if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
return jsonify({
"message":
"Error: user '" + actualUser["value"]["email"] +
"' cannot update a user's widget"
}), status.HTTP_400_BAD_REQUEST
if "name" in form:
widgetExist = False
for widgetJsonData in jsonData:
if widgetJsonData["name"].lower() == form["name"].lower():
widgetExist = True
if not widgetExist:
return jsonify({
"message":
"Error: Widget '" + form["name"].lower() + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
for userWidget in userWidgets.values():
if userWidget["name"].lower() == form["name"].lower():
return jsonify({
"message":
"Error: User's widget '" + form["name"] + "' already exist"
}), status.HTTP_400_BAD_REQUEST
if widgetId in userWidgets:
userWidget = userWidgets[widgetId]
database.child('users').child(userId).child('services').child(
serviceId).child('widgets').child(widgetId).update(form)
return jsonify({
"message": "User's widget '" + userWidget["name"] +
"' successfully configured.",
"data": {
"widgets": form
}
}), status.HTTP_200_OK
return jsonify({
"message":
"Error: User's widget '" + widgetId + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
def login():
body = request.form
users = app.getDict(database.child('users'))
if not body["email"] or not body["password"]:
return jsonify({"message": "Error: One of the credentials is empty"
}), status.HTTP_400_BAD_REQUEST
for userName, user in users.items():
if user["email"] == body["email"] and user["password"] == body[
"password"]:
accessToken = secrets.token_hex(16)
database.child('users').child(userName).update(
{"accessToken": accessToken})
return jsonify({
"message": "User successfully connected",
"data": {
"accessToken": accessToken
}
}), status.HTTP_200_OK
return jsonify({"message": "One of the credentials is invalid."
}), status.HTTP_400_BAD_REQUEST
def Post(userServices, form, params, jsonData, userId, actualUser):
if actualUser["key"] != userId and not actualUser["value"]["isAdmin"]:
return jsonify({
"message":
"Error: user '" + actualUser["value"]["email"] +
"' cannot create a user's service"
}), status.HTTP_400_BAD_REQUEST
serviceExist = False
for serviceJsonData in jsonData:
if serviceJsonData["name"].lower() == form["name"].lower():
serviceExist = True
if not serviceExist:
return jsonify({
"message":
"Error: Service '" + form["name"].lower() + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
for userService in userServices.values():
if userService["name"].lower() == form["name"].lower():
return jsonify({
"message":
"Error: User's service '" + form["name"] + "' already exist"
}), status.HTTP_400_BAD_REQUEST
for paramName, param in params.items():
if not paramName in form:
form[paramName] = param["default"]
form["widgets"] = ""
database.child('users').child(userId).child('services').push(form)
return jsonify({
"message":
"User's service '" + form["name"] + "' successfully connected.",
"data": {
"services": form
}
}), status.HTTP_200_OK
def users(userId):
form = request.form.to_dict(flat=True)
users = app.getDict(database.child('users'))
actualUser = app.getActualUser(request.headers.get("Authorization"), users)
params = {
"email": {
"type": str,
"mandatory": True,
"default": None
},
"password": {
"type": str,
"mandatory": True,
"default": None
},
"isAdmin": {
"type": bool,
"mandatory": False,
"default": False
},
"accessToken": {
"type": str,
"mandatory": False,
"default": ""
},
}
if not actualUser:
return jsonify({"message": "User not authorized"}), status.HTTP_401_UNAUTHORIZED
if request.method != "GET" and request.method != "DELETE":
paramTypeError = app.checkParamsType(form, params)
if paramTypeError != None:
return paramTypeError
if request.method == "POST":
paramMandatoryError = app.checkParamsMandatory(form, params)
if paramMandatoryError != None:
return paramMandatoryError
if request.method == "GET" and not userId:
return List(users, actualUser)
elif request.method == "GET" and userId:
return Get(users, userId, actualUser)
elif request.method == "POST" and not userId:
return Post(users, form, params, actualUser)
elif request.method == "PUT" and userId:
return Put(users, form, userId, actualUser)
elif request.method == "DELETE" and userId:
return Delete(users, userId, actualUser)
def userWidgets(userId, serviceId, widgetId):
form = request.form.to_dict(flat=True)
users = app.getDict(database.child('users'))
actualUser = app.getActualUser(request.headers.get("Authorization"), users)
params = {
"name": {
"type": str,
"mandatory": True,
"default": None
},
"params": {
"type": object,
"mandatory": True,
"default": None
},
"timer": {
"type": float,
"mandatory": True,
"default": None
},
"x": {
"type": int,
"mandatory": False,
"default": 0
},
"y": {
"type": int,
"mandatory": False,
"default": 0
},
"w": {
"type": int,
"mandatory": False,
"default": 4
},
"h": {
"type": int,
"mandatory": False,
"default": 7
}
}
if not actualUser:
return jsonify({"message":
"User not authorized"}), status.HTTP_401_UNAUTHORIZED
if request.method != "GET" and request.method != "DELETE":
paramTypeError = app.checkParamsType(form, params)
if paramTypeError != None:
return paramTypeError
if request.method == "POST":
paramMandatoryError = app.checkParamsMandatory(form, params)
if paramMandatoryError != None:
return paramMandatoryError
user = database.child('users').child(userId)
if user.get().val() == None:
return jsonify({
"message": "Error: user '" + userId + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
userService = database.child('users').child(userId).child(
'services').child(serviceId)
if userService.get().val() == None:
return jsonify({
"message":
"Error: user's service '" + serviceId + "' do not exist."
}), status.HTTP_400_BAD_REQUEST
userWidgets = app.getDict(
database.child('users').child(userId).child('services').child(
serviceId).child('widgets'))
serviceName = app.getDict(
database.child('users').child(userId).child('services').child(
serviceId))["name"]
with open('about.json', 'r') as json_file:
jsonData = json.load(json_file)["server"]
for service in jsonData["services"]:
if service["name"].lower() == serviceName.lower():
jsonData = service["widgets"]
if request.method == "GET" and not widgetId:
return List(userWidgets, userId, actualUser)
elif request.method == "GET" and widgetId:
return Get(userWidgets, userId, widgetId, actualUser)
elif request.method == "POST" and not widgetId:
return Post(userWidgets, form, params, jsonData, userId, serviceId,
actualUser)
elif request.method == "PUT" and widgetId:
return Put(userWidgets, form, jsonData, userId, serviceId, widgetId,
actualUser)
elif request.method == "DELETE" and widgetId:
return Delete(userWidgets, userId, serviceId, widgetId, actualUser)
def getServiceAccesToken(userId, serviceName):
services = getDict(database.child('users').child(userId).child("services"))
for service in services.values():
if service["name"] == serviceName:
return service["accessToken"]
def setServiceAccesToken(userId, serviceName, accessToken):
services = getDict(database.child('users').child(userId).child("services"))
for (serviceId, service) in services.items():
if service["name"] == serviceName:
database.child('users').child(userId).child("services").child(
serviceId).update({"accessToken": accessToken})