def update(): #Auth check auth.authenticated_or_401() if request.method == "POST": #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'administrativo_update')): abort(401) else: post_data = request.get_json() #Form validation form = forms.ValidateLessonWithId.from_json( post_data, skip_unknown_keys=False) if not form.validate(): response_object = { 'status': 'error', 'message': 'Verifica los campos obligatorios y no ingreses valores no permitidos.' } else: Lesson.db = get_db() if Lesson.lesson_exists_not_self(post_data): response_object = { 'status': 'warning', 'message': 'La clase que quieres crear ya existe.' } else: Lesson.update(post_data) response_object = { 'status': 'success', 'message': 'Actualizaste la clase correctamente.' } return jsonify(response_object)
def update(): #Auth check auth.authenticated_or_401() if request.method == "POST": #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'instrumento_update')): abort(401) else: post_data = request.form form = forms.ValidateInstrument(post_data, skip_unknown_keys=True) if not form.validate(): response_object = {'status': 'warning', 'message': 'Verifica los campos obligatorios y no ingreses nombres no permitidos.'} else: file = request.files['image'] Instrument.db = get_db() if file: # and allowed_file(file.filename): newfile = file.read() Instrument.update_with_image(post_data, newfile) else: Instrument.update(post_data) response_object = {'status': 'success', 'message': 'Se actualizó el instrumento'} return jsonify(response_object)
def get(id_data): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'usuario_show')): abort(401) else: #Retorno de data User.db = get_db() user = User.get(id_data) roles = user_roles(user['user_id']) return_user = { 'active': user['active'], 'email': user['email'], 'google_user': user['google_user'], 'lastname': user['lastname'], 'name': user['name'], 'user_id': user['user_id'], 'username': user['username'], 'is_admin': roles['is_admin'], 'is_teacher': roles['is_teacher'], 'is_preceptor': roles['is_preceptor'] } return jsonify(return_user)
def create(): #Auth check auth.authenticated_or_401() if request.method == "POST": #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'instrumento_new')): abort(401) else: form = forms.ValidateInstrument(request.form, skip_unknown_keys=True) if form.validate(): file = request.files['image'] if file: # and allowed_file(file.filename): # filename = new_file_name(file) # file.save(os.path.abspath(UPLOAD_FOLDER+filename)) # # file.save(os.path.abspath(UPLOAD_FOLDER2+filename)) # Instrument.db = get_db() # Instrument.create(request.form, filename) newfile = file.read() Instrument.db = get_db() Instrument.create(request.form, newfile) response_object = {'status': 'success', 'message': 'Se agregó el nuevo instrumento'} else: response_object = {'status': 'warning', 'message': 'Debes subir una imagen para el instrumento.'} else: response_object = {'status': 'warning', 'message': 'Verifica los campos obligatorios y no ingreses nombres no permitidos.'} return jsonify(response_object)
def remove_student(): #Auth check auth.authenticated_or_401() if request.method == "POST": #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'asistencia_destroy')): abort(401) else: post_data = request.get_json() #Form validation form = forms.ValidateLessonStudent.from_json( post_data, skip_unknown_keys=False) if not form.validate(): response_object = { 'status': 'error', 'message': 'Verifica los campos obligatorios y no ingreses valores no permitidos.' } else: Lesson.db = get_db() Lesson.remove_student(post_data) response_object = { 'status': 'success', 'message': 'Desasignaste el estudiante correctamente.' } return jsonify(response_object)
def remove(): #Auth check auth.authenticated_or_401() if request.method == "POST": #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'horario_destroy')): abort(401) else: post_data = request.get_json() #Form validation form = forms.ValidateScheduleId.from_json(post_data, skip_unknown_keys=True) if not form.validate(): response_object = { 'status': 'error', 'message': 'Verifica los campos obligatorios y no ingreses valores no permitidos.' } else: Schedule.db = get_db() Schedule.remove(post_data['schedule_id']) response_object = { 'status': 'success', 'message': 'Eliminaste el horario correctamente.' } return jsonify(response_object)
def getFormData(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'estudiante_index')): abort(401) else: Neighborhood.db = get_db() Level.db = get_db() Gender.db = get_db() School.db = get_db() DocumentType.db = get_db() Location.db = get_db() ResponsableType.db = get_db() response_json = { 'neighborhoods': Neighborhood.all(), 'levels': Level.all(), 'genders': Gender.all(), 'schools': School.all(), 'document_types': DocumentType.all(), 'locations': Location.all(), 'responsable_types': ResponsableType.all(), } return response_json
def update(): #Auth check auth.authenticated_or_401() if request.method == "POST": User.db = get_db() if (not User.has_permission(session['id'],'usuario_update')): abort(401) else: post_data = request.get_json() #Obtención de información errors = [] #Errores #Chequeo username if User.find_by_username_not_self(post_data): errors.append({'name': 'username', 'message': 'El nombre de usuario ingresado ya existe'}) #Chequeo email if User.find_by_email_not_self(post_data): errors.append({'name': 'email', 'message': 'El email ingresado ya existe'}) form = forms.ValidateUserWithOutPassword.from_json(post_data, skip_unknown_keys=True) if (form.validate() and len(errors) == 0): User.update(post_data) new_user = User.find_by_email(post_data['email']) update_roles(new_user['user_id'], post_data) response_object = {'status': 'success', 'message': 'Se actualizó el nuevo usuario'} else: if (not form.validate()): err = {'name': 'fields', 'message': 'Verifica los campos obligatorios y no ingreses nombres no permitidos.'} errors.append(err) response_object = errors return jsonify(response_object)
def update(): #Auth check auth.authenticated_or_401() if request.method == 'POST': #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'configuration_all')): abort(401) else: #Chequea el metodo y valida el formulario post_data = request.get_json() form = forms.ValidateConfiguration.from_json( post_data, skip_unknown_keys=False) if not form.validate(): response_object = { 'status': 'warning', 'message': 'Informacion inválida, solo puede ingresarse un titulo(máximo 255 char), email(máximo 255 char) y descripción(máximo 1000 char)' } else: Configuration.db = get_db() Configuration.update(post_data) response_object = { 'status': 'success', 'message': 'Se actualizó la información del sitio correctamente' } return jsonify(response_object)
def create(): #Auth check auth.authenticated_or_401() if request.method == "POST": #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'administrativo_new')): abort(401) else: post_data = request.get_json() #Form validation form = forms.ValidateWorkshop.from_json(post_data, skip_unknown_keys=True) if not form.validate(): response_object = { 'status': 'warning', 'message': 'Verifica los campos obligatorios y no ingreses valores no permitidos.' } else: Workshop.db = get_db() if Workshop.workshop_exists(post_data): response_object = { 'status': 'warning', 'message': 'El taller ya existe.' } else: Workshop.create(post_data) response_object = { 'status': 'success', 'message': 'Creaste el taller correctamente.' } return jsonify(response_object)
def has_role(): #Auth check auth.authenticated_or_401() #User routes User.db = get_db() roles_object = {'status': True} if not User.has_roles(session['id']): roles_object = {'status': False} return jsonify(roles_object)
def get_image(instrument_id): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'instrumento_show')): abort(401) else: Instrument.db = get_db() return Instrument.get_image(instrument_id)['image']
def all(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'instrumento_index')): abort(401) else: Instrument.db = get_db() return jsonify(Instrument.all())
def routes(): def get_routes(): user_routes = [] #Cargado de información nucleos = {'name': 'Núcleos', 'url': '/cores', 'icon': 'fas fa-map-marker-alt'} user_routes.append(nucleos) if (User.has_permission(session['id'],'estudiante_index')): new = {'name': 'Estudiantes', 'url': '/students', 'icon': 'fas fa-user-graduate'} user_routes.append(new) if (User.has_permission(session['id'],'docente_index')): new = {'name': 'Docentes', 'url': '/teachers', 'icon': 'fas fa-user'} user_routes.append(new) if (User.has_permission(session['id'],'instrumento_index')): new = {'name': 'Instrumentos', 'url': '/instruments', 'icon': 'fas fa-guitar'} user_routes.append(new) if (User.has_permission(session['id'],'administrativo_index')): new = {'name': 'Ciclos lectivos', 'url': '/cycles', 'icon': 'far fa-calendar-alt'} user_routes.append(new) new = {'name': 'Talleres', 'url': '/workshops', 'icon': 'fas fa-school'} user_routes.append(new) new = {'name': 'Talleres asignados', 'url': '/cycle_workshops', 'icon': 'fas fa-school'} user_routes.append(new) if (User.has_permission(session['id'],'horario_index')): new = {'name': 'Clases', 'url': '/lessons', 'icon': 'fas fa-chalkboard-teacher'} user_routes.append(new) if (User.has_permission(session['id'],'asistencia_index')): new = {'name': 'Asistencia', 'url': '/assistances', 'icon': 'fas fa-user-plus'} user_routes.append(new) if (User.has_permission(session['id'],'usuario_index')): new = {'name': 'Usuarios', 'url': '/users', 'icon': 'fas fa-user-friends'} user_routes.append(new) if (User.has_permission(session['id'],'configuration_all')): new = {'name': 'Administrativo', 'url': '/configuration', 'icon': 'fas fa-cog'} user_routes.append(new) return user_routes #Auth check auth.authenticated_or_401() #Listado de rutas routes = [] User.db = get_db() if (not User.has_roles(session['id'])): return jsonify(routes) else: routes = get_routes() #Returning data return jsonify(routes)
def get(lesson_id): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'horario_show')): abort(401) else: Lesson.db = get_db() return jsonify(Lesson.get(lesson_id))
def all(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (User.has_permission(session['id'],'estudiante_index')): Student.db = get_db() return jsonify(Student.all_reduced()) else: abort(401)
def all_cycle_workshop(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'administrativo_index')): abort(401) else: CycleWorkshop.db = get_db() return jsonify(CycleWorkshop.all())
def get_assistances(lesson_id): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'administrativo_index')): abort(401) else: Assistance.db = get_db() return jsonify(Assistance.all(lesson_id))
def get_schedules(lesson_id): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'horario_index')): abort(401) else: Schedule.db = get_db() return jsonify(Schedule.all(lesson_id))
def get(cycle_id): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'administrativo_show')): abort(401) else: Cycle.db = get_db() return jsonify(Cycle.get(cycle_id))
def students(lesson_id): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'asistencia_index')): abort(401) else: Student.db = get_db() return jsonify(Student.all_by_lesson(lesson_id))
def all(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'docente_index')): abort(401) else: Teacher.db = get_db() return jsonify(Teacher.all_reduced())
def get(id_data): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'estudiante_show')): abort(401) else: Teacher.db = get_db() return jsonify(Teacher.get(id_data))
def getFormData(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'administrativo_index')): abort(401) else: Semester.db = get_db() response_json = {'semesters': Semester.all()} return response_json
def getFormData(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'instrumento_index')): abort(401) else: InstrumentType.db = get_db() response_json = {'instrument_types': InstrumentType.all()} return response_json
def permissions(): #Auth check auth.authenticated_or_401() #Listado de rutas user_permissions = [] User.db = get_db() if (not User.has_roles(session['id'])): return jsonify(user_permissions) else: user_permissions = User.permissions(session['id']) #Returning data return jsonify(user_permissions)
def students_for_assistance(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'],'asistencia_new')): abort(401) else: post_data = request.get_json() Lesson.db = get_db() return jsonify(Lesson.students_for_assistance(post_data))
def delete(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (User.has_permission(session['id'],'estudiante_destroy')): abort(401) else: Student.db = get_db() Student.delete(request.get_json()['student_id']) response_object = {'status': 'success', 'message': 'Se eliminó el estudiante'} return jsonify(response_object)
def getFormData(): #Auth check auth.authenticated_or_401() #Chequea permiso User.db = get_db() if (not User.has_permission(session['id'], 'horario_index')): abort(401) else: Core.db = get_db() Day.db = get_db() response_json = {'cores': Core.all(), 'days': Day.all()} return response_json
def update_user_status(): #Auth check auth.authenticated_or_401() if request.method == "POST": User.db = get_db() #Chequea permiso if (User.has_permission(session['id'],'usuario_update')): #Valida campos if (request.form['active'] == '0' or request.form['active'] == '1'): User.update_user_status(request.form) return {'status': 'success', 'message': 'Se actualizó el estado del usuario'} else: abort(401)