def GetTimetable(): if 'X-App-Token' in request.headers and ApiSession.isValid(request): userId, userType = ApiSession.getUserId_req(request) else: return JsonResponse.unauthorized({ 'message': 'invalid_session', 'nice_message': 'Invalid session. Did you login?' }) if userType == 'student': return JsonResponse.ok({ 'events': Timetable.getStudentTimetable(userId, 1050194809, 1950194809) }) elif userType == 'teacher': return JsonResponse.ok({ 'events': Timetable.getTeacherTimetable(userId, 1050194809, 1950194809) }) return JsonResponse.internalServerError({ 'message': 'unexpected_user_type', 'nice_message': 'Unexpected user type. Contact system administrator.' })
def SessionLogin(): if 'X-App-Token' in request.headers and ApiSession.isValid(request): return JsonResponse.ok({'token': request.headers['X-App-Token']}) userEmail = request.form.get('email') userPassword = request.form.get('password') userType = request.form.get('user_type') # Step 1: Verify presence of values and validate them if not userEmail or not userPassword or not userType: return JsonResponse.badRequest({ 'message': 'post_property_missing', 'nice_message': 'Missing POST property.' }) if userType not in ('student', 'teacher'): return JsonResponse.badRequest({ 'message': 'invalid_user_type', 'nice_message': 'Given user type is invalid! Allowable types are: student/teacher.' }) # Step 2: Verify password if userType == 'student': user = StudentModel.findBy('email', userEmail) elif userType == 'teacher': user = TeacherModel.findBy('email', userEmail) else: return JsonResponse.internalServerError({ 'message': 'unexpected_user_type', 'nice_message': 'Unexpected user type. Contact system administrator.' }) if len(user) != 1: return JsonResponse.unauthorized({ 'message': 'invalid_credentials', 'nice_message': 'Supplied credentials (email/password) are invalid.' }) user = user[0] salt = user.getSalt() hashedPassword = Security.hashPassword(userPassword, salt) if hashedPassword != user.getPassword(): return JsonResponse.unauthorized({ 'message': 'invalid_credentials', 'nice_message': 'Supplied credentials (email/password) are invalid.' }) userId = user.getId() # Step 3: Create session ipAddress = request.remote_addr if Config.getValue('DEPLOYMENT') == 'heroku': ipAddress = request.headers['X-Forwarded-For'] token = ApiSession.create(userId, userType, ipAddress, request.headers['User-Agent']) if token: return JsonResponse.ok({'token': token}) return JsonResponse.internalServerError({ 'message': 'session_generation_failed', 'nice_message': 'Session generation failed. Contact system administrator.' })
def CreateRecurringBooking(module_id, session_id): """ Updates a module session. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator' }) # Get session object theSession = ModuleSessionModel.findById(session_id) if not theSession: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Session not found.' }) module = ModuleModel.findById(theSession.getModule()) if not module: return JsonResponse.internalServerError({ 'message': 'not_found', 'nice_message': 'Module not found.' }) enrolments = StudentModuleModel.findBy('module', module.getId()) # Get post values building_id = request.form.get('building') duration = request.form.get('duration') day = request.form.get('day') frequency = request.form.get('frequency') term_id = request.form.get('term') if not building_id or not duration or not day or not frequency or not term_id: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please enter a building, duration, day, frequency and term' }) if day not in ('1', '2', '3', '4', '5'): return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please choose a day Monday to Friday.' }) day = int(day) if frequency not in ('1', '2', '3', '4', '5', '6', '7', '8'): return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please select a frequency.' }) frequency = int(frequency) duration = int(duration) if duration <= 0 or duration > 3: return JsonResponse.badRequest({ 'message': 'bad_requst', 'nice_message': 'Please select a duration betweene 1 and 3 hours.' }) building = CampusBuildingModel.findById(building_id) if not building: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Building not found.' }) term = TermModel.findById(term_id) if not term: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Term not found.' }) #def scheduleRecurring(term_id, session_id, building_id, day_of_week, frequency, duration, sessionType): res = Scheduler.scheduleRecurring(term.getId(), theSession.getId(), building.getId(), day, frequency, duration, theSession.getType()) #if not res: # return JsonResponse.badRequest() return JsonResponse.ok()
def CreateBooking(module_id, session_id): """ Creates a new room booking. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact sytem administrator.' }) # Get session object theSession = ModuleSessionModel.findById(session_id) if not theSession: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Session not found.' }) module = ModuleModel.findById(theSession.getModule()) if not module: return JsonResponse.internalServerError({ 'message': 'not_found', 'nice_message': 'Module not found.' }) enrolments = StudentModuleModel.findBy('module', module.getId()) # Get post values building_id = request.form.get('building') duration = request.form.get('duration') day = request.form.get('day') hour = request.form.get('hour') duration = int(duration) if duration <= 0 or duration > 3: return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please enter a duration between 1 and 3.' }) if not building_id or not duration or not day or not hour: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please ensure you enter a buildng, duration and time.' }) day = day + " 03:00" # Daylight savings time fix ts = int( datetime.strptime(day + " UTC", "%Y-%m-%d %H:%M %Z").strftime("%s")) building = CampusBuildingModel.findById(building_id) if not building: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Building not found.' }) #def scheduleOneOff(building_id, duration, capacity, day, hour, sessionType = None, session = None): res = Scheduler.scheduleOneOff(building_id, duration, len(enrolments), ts, hour, theSession.getType(), theSession.getId()) if not res: return JsonResponse.badRequest({ 'message': 'booking_failed', 'nice_message': 'Booking not made.' }) return JsonResponse.ok()