def create_account(username, password, confirm, role, nickname, token=None): if token is None or not is_admin(token): return abort(403) if password != confirm: return { "message": "password not conformity" } if Account.objects(username=username).first() is not None: return { "message": "username has been register" } if str(role) == '1': role = 'admin' else: role = 'stuff' account = Account( username=username, nickname=nickname, password=Account.create_password(password), role=role, ).save() token = Token( user_id=str(account.id), token=create_token(), ).save() return { 'id': account.id, 'success': 1, 'token': token.token }
def create_sales_record(count, seller_id, book_id, purchaser_id, token=None): if token is None or not is_stuff(token): return abort(403) book = Book.objects(id=book_id).first() if book is None: return {'message': 'Missing parameter book, or book id is wrong.'} if book.remaining < count: return {'message': 'This book is not enough'} price = book.price seller = Account.objects(id=seller_id).first() if seller is None: return {'message': 'Missing parameter seller, or seller id is wrong.'} try: purchaser = Vip.objects(id=purchaser_id).first() except ValidationError: purchaser = None if purchaser is not None: price *= 0.8 book.remaining -= count book.sales += count book.save() sales_record = SalesRecord( count=count, price=price, book=book, seller=seller, purchaser=purchaser, ).save() return {'id': sales_record.id, 'success': 1}
def update_account(account_id, nickname, des, old_password, new_password, confirm, token=None): if token is None or not (is_admin(token) or is_self(account_id, token)): return abort(403) account = Account.objects(id=account_id).first() if account is None or account.username == 'root': return abort(403) if des is None: des = "" password = account.password if new_password or confirm: if new_password == confirm: if Account.check_password(account, old_password): password = Account.create_password(new_password) else: return {'success': 0, 'message': 'wrong password'} else: return {'success': 0, 'message': 'pwd != confirm'} account.update( nickname=nickname, description=des, password=password, ) account.save() return { 'success': 1, 'id': account_id, 'message': 'user\'s profile update successfully!' }
def update_account(account_id, nickname, des, old_password, new_password, confirm, token=None): if token is None or not (is_admin(token) or is_self(account_id, token)): return abort(403) account = Account.objects(id=account_id).first() if account is None or account.username == 'root': return abort(403) if des is None: des = "" password = account.password if new_password or confirm: if new_password == confirm: if Account.check_password(account, old_password): password = Account.create_password(new_password) else: return { 'success': 0, 'message': 'wrong password' } else: return { 'success': 0, 'message': 'pwd != confirm' } account.update( nickname=nickname, description=des, password=password, ) account.save() return { 'success': 1, 'id': account_id, 'message': 'user\'s profile update successfully!' }
def create_sales_record(count, seller_id, book_id, purchaser_id, token=None): if token is None or not is_stuff(token): return abort(403) book = Book.objects(id=book_id).first() if book is None: return {'message': 'Missing parameter book, or book id is wrong.'} if book.remaining < count: return {'message': 'This book is not enough'} price = book.price seller = Account.objects(id=seller_id).first() if seller is None: return {'message': 'Missing parameter seller, or seller id is wrong.'} try: purchaser = Vip.objects(id=purchaser_id).first() except ValidationError: purchaser = None if purchaser is not None: price *= 0.8 book.remaining -= count book.sales += count book.save() sales_record = SalesRecord( count=count, price=price, book=book, seller=seller, purchaser=purchaser, ).save() return { 'id': sales_record.id, 'success': 1 }
def is_stuff(token): token = Token.objects(token=token).first() if token is None: return False account = Account.objects(id=token.user_id).first() if account is None: return False return True
def get_all_accounts(token=None): if token is None or not is_stuff(token): return abort(403) if is_admin(token): condition = Q(username__ne='root') else: condition = Q(username__ne='root') & Q(role='stuff') accounts = Account.objects(condition) return accounts
def is_root(token): token = Token.objects(token=token).first() if token is None: return False account = Account.objects(id=token.user_id).first() if account is None: return False if account.username == 'root': return True return False
def get_account_by_id(account_id, token=None): if token is None or not is_stuff(token): return abort(403) condition = Q(id=account_id) if is_admin(token) and not is_root(token): condition &= Q(username__ne='root') elif not is_root(token): condition = Q(username__ne='root') & Q(role='stuff') account = Account.objects(condition).first() return account
def is_admin(token): token = Token.objects(token=token).first() if token is None: return False account = Account.objects(id=token.user_id).first() if account is None: return False if account.role == 'stuff': return False return True
def rm_account(account_id, token=None): if token is None or not is_admin(token): return abort(403) account = Account.objects(id=account_id).first() if account is None: return {'message': 'this account has been deleted'} if account.role == 'admin': if not is_root(token): return abort(403) account.delete() return {'success': 1}
def get_accounts(args, token=None): if token is None or not is_stuff(token): return abort(403) if is_admin(token): condition = Q(username__ne='root') else: condition = Q(username__ne='root') & Q(role='stuff') if 'username' in args: condition &= Q(username=args['username']) if 'nickname' in args: condition &= Q(nickname=args['nickname']) accounts = Account.objects(condition) return accounts
def login(username, password): account = Account.objects(username=username).first() if account is None: return {'message': 'this account does not exist'} if Account.check_password(account, password): new_token = create_token() token = Token.objects(user_id=str(account.id)).first() if token is None: Token(user_id=str(account.id), token=new_token).save() else: token.update(token=new_token) return {'id': account.id, 'success': 1, 'token': new_token} else: return {'message': 'password is wrong.'}
def login(username, password): account = Account.objects(username=username).first() if account is None: return {'message': 'this account does not exist'} if Account.check_password(account, password): new_token = create_token() token = Token.objects(user_id=str(account.id)).first() if token is None: Token(user_id=str(account.id), token=new_token).save() else: token.update(token=new_token) return { 'id': account.id, 'success': 1, 'token': new_token } else: return { 'message': 'password is wrong.' }
def create_account(username, password, confirm, role, nickname, token=None): if token is None or not is_admin(token): return abort(403) if password != confirm: return {"message": "password not conformity"} if Account.objects(username=username).first() is not None: return {"message": "username has been register"} if str(role) == '1': role = 'admin' else: role = 'stuff' account = Account( username=username, nickname=nickname, password=Account.create_password(password), role=role, ).save() token = Token( user_id=str(account.id), token=create_token(), ).save() return {'id': account.id, 'success': 1, 'token': token.token}
def get_sales_records_by_account(account_id, token=None): if token is None or not is_stuff(token): return abort(403) account = Account.objects(id=account_id).first() sales_records = SalesRecord.objects(seller=account) return sales_records