def test_addNewUser(self): email = "*****@*****.**" name = "TESTNAME" password = "******" salt = "$2b$12$IB/erL6YpE48btg6pQnDF." userIDAdmin = 1 self.assertTrue(dbhandler.addNewUser(userIDAdmin, email, name, password, salt)) self.assertEqual(1, dbhandler.checkEmail(email)) info = dbhandler.getLogin(email) self.assertEqual(info['password'], password) self.assertEqual(info['salt'], salt) ID = dbhandler.getUserID(email)['ID'] self.assertEqual(name, dbhandler.getUserNameFromID(ID)['name']) userID = 2 self.assertFalse(dbhandler.addNewUser(userID, email, name, password, salt)) # Clean up the mess made here ^ connection = dbhandler.makeConnection() try: with connection.cursor() as cursor: sql = ("DELETE FROM users WHERE email = '{0}'") cursor.execute(sql.format(email)) connection.commit() except Exception as e: return("Error: {0}. Error code is {1}".format(e, e.args[0])) finally: connection.close()
def post(self): # Form all elements from form into a list. info = [] for argument in [ "email1", "email2", "userName", "userPass1", "userPass2" ]: info.append(self.get_argument(argument)) logging.info("Attempt to add new user: {0}".format(info)) userEmail = (self.get_secure_cookie("email").decode("utf-8")) chatNames = dbhandler.getChatNameID(userEmail) alerts = [] if self.get_argument("email1") != self.get_argument("email2"): alerts.append("Emails do not match") if self.get_argument("userPass1") != self.get_argument( "userPass2"): alerts.append("Passwords do not match") logging.info("Failed to add new user; neither match") self.render("homeAdmin.html", email=userEmail, chats=chatNames, alerts=alerts) else: self.render("homeAdmin.html", email=userEmail, chats=chatNames, alerts=alerts) logging.info("Failed to add new user; emails don't match") elif self.get_argument("userPass1") != self.get_argument("userPass2"): alerts.append("Passwords do not match") logging.info("Failed to add new user; pwds don't match") self.render("homeAdmin.html", email=userEmail, chats=chatNames, alerts=alerts) else: userID = dbhandler.getUserID(userEmail)['ID'] newEmail = self.get_argument("email1") name = self.get_argument("userName") salt = (bcrypt.gensalt()).decode("utf-8") password = (hashPwd(self.get_argument("userPass1"), salt)).decode("utf-8") returnValue = dbhandler.addNewUser(userID, newEmail, name, password, salt) if returnValue == True: self.render("homeAdmin.html", email=userEmail, chats=chatNames, alerts=[ "Success", ]) logging.info("Added new user successfully") else: logging.error("Failed to add a new user") logging.error(returnValue) self.render("homeAdmin.html", email=userEmail, chats=chatNames, alerts=[ "Failed to add new user", ])
def get(self, url): # Validate user exists. email = self.get_secure_cookie("email").decode("utf-8") userID = dbhandler.getUserID(email) if userID != None: userID = userID['ID'] else: self.redirect("/home") # Validate that the shift being edited belongs to that user. shiftID = url.rsplit("/", 1) shiftID = (shiftID[(len(shiftID) - 1)]) shiftUserID = dbhandler.getShiftUserID(shiftID) if shiftUserID != None: shiftUserID = shiftUserID['userID'] else: self.redirect("/home") # Get shift info to be rendered to document. shift = dbhandler.getShiftInfo(shiftID) shiftInfo = { 'date' : shift['startTime'].strftime("%d/%m/%Y"), 'startTime' : shift['startTime'].strftime("%H:%M"), 'endTime' : shift['endTime'].strftime("%H:%M"), 'breakLength' : (shift['break_length'] * 60), 'pay' : calculatePay(shift['startTime'], shift['endTime'], shift['break_length'], shift['pay']) } if shiftUserID == userID: self.render("editShift.html", info = shiftInfo) else: self.redirect("/home")
def on_message(self, message): userEmail = self.get_secure_cookie("email") userEmail = userEmail.decode("utf-8") userID = dbhandler.getUserID(userEmail)['ID'] # logging.warn(("USERNAME on_message:", userName)) # logging.warn(("USERID on_message:", userID)) if dbhandler.checkChatPrivileges(userID, self.chatID) != False: message = tornado.escape.json_decode(message)['body'] # logging.warn(message) messageID = dbhandler.setMessage(userID, self.chatID, message) # logging.info(("MESSAGE ID: ", messageID)) if isinstance(messageID, int) == True: logging.info("Successfully saved message") newChatMessage = { 'id': messageID, 'content': message, 'uName': dbhandler.getUserNameFromID(userID)['name'] } newChatMessage['html'] = tornado.escape.to_basestring( self.render_string('newMessage.html', message=newChatMessage)) # logging.info(newChatMessage) # logging.info(self.chatID) WSocketHandler.sendMessages(newChatMessage, self.chatID) else: logging.error("Error saving message") else: logging.warn( "Message attempt with incorrect privileges. User: {0}, Chat:{1}" .format(userID, self.chatID))
def get(self, url): url = WSocketHandler.stripUrl(url) userEmail = self.get_secure_cookie("email") if userEmail != None: userEmail = userEmail.decode("utf-8") if dbhandler.checkEmail(userEmail) == True: userID = dbhandler.getUserID(userEmail)['ID'] if dbhandler.checkChatPrivileges(userID, url) != False: messageList = dbhandler.getRecentMessages(url) if messageList != False: messageList.reverse() # For every message, add the human name. for m in messageList: userName = dbhandler.getUserName(m['memberID']) m['uName'] = userName['name'] else: messageList = [] isAdmin = dbhandler.checkChatAdmin(userID, url) if isAdmin == True: self.render("chatAdmin.html", messages=messageList, chatname=url, signuplink=url) else: self.render("chat.html", messages=messageList, chatname=url) else: self.redirect("/home") else: self.redirect("/") else: self.redirect("/")
def post(self, url): newEmail = self.get_argument("newEmail") doesEmailExist = dbhandler.checkEmail(newEmail) chatID = WSocketHandler.stripUrl(url) # If the email exists, procede to check if the actioner is admin etc. if doesEmailExist == 1: actioningUserEmail = self.get_secure_cookie("email").decode( "utf-8") actioningUserID = dbhandler.getUserID(actioningUserEmail)['ID'] isAdmin = dbhandler.checkChatAdmin(actioningUserID, url) if isAdmin == True: newUserID = dbhandler.getUserID(newEmail)['ID'] dbhandler.setPrivileges(newUserID, { chatID: False, }) self.redirect("/chat/{0}".format(chatID)) else: self.redirect("/chat/{0}".format(chatID)) else: self.redirect("/chat/{0}".format(chatID))
def post(self): adminUserEmail = self.get_secure_cookie("email").decode("utf-8") adminUserID = dbhandler.getUserID(adminUserEmail)['ID'] if dbhandler.checkAdmin(adminUserID) == True: chatName = self.get_argument("newChatName") chatID = dbhandler.addNewChat(chatName) # Chat ID's should always be an integer, if not, probably error. if isinstance(chatID, int) == True: userEmail = self.get_argument("initialChatUser") if dbhandler.checkEmail(userEmail) == 1: userID = dbhandler.getUserID(userEmail)['ID'] url = ("/chat/{0}".format(chatID)) self.redirect(url) else: url = ("/chat/{0}".format(chatID)) self.redirect(url) else: logging.error(chatID) else: self.redirect("/home")
def get(self): if not self.get_secure_cookie("email"): self.redirect("/login") return else: userEmail = (self.get_secure_cookie("email").decode("utf-8")) chatNames = dbhandler.getChatNameID(userEmail) if dbhandler.checkAdmin( dbhandler.getUserID(userEmail)['ID']) == True: self.render("homeAdmin.html", email=userEmail, chats=chatNames, alerts=[]) else: self.render("home.html", email=userEmail, chats=chatNames)
def post(self): email = self.get_secure_cookie("email").decode("utf-8") shiftStartDate = str(self.get_argument("shiftStartDate")) shiftStartTime = str(self.get_argument("shiftStartTime")) startDateTime = shiftStartDate + " " + shiftStartTime shiftEndDate = str(self.get_argument("shiftEndDate")) shiftEndTime = str(self.get_argument("shiftEndTime")) endDateTime = shiftEndDate + " " + shiftEndTime try: startDateTime = datetime.datetime.strptime(startDateTime, '%Y-%m-%d %H:%M') endDateTime = datetime.datetime.strptime(endDateTime, '%Y-%m-%d %H:%M') except: self.redirect("/newShift") breakLength = float(self.get_argument("breakLength")) wage = float(self.get_argument("hourlyWage")) userID = dbhandler.getUserID(email)['ID'] returnValue = dbhandler.addNewShift(startDateTime, endDateTime, breakLength, wage, userID) if returnValue != True: logging.error(returnValue) self.render("newShifts.html") else: self.redirect("/home")
def post(self, url): # Validate user exists. email = self.get_secure_cookie("email").decode("utf-8") userID = dbhandler.getUserID(email) if userID != None: userID = userID['ID'] else: self.redirect("/home") # Validate that the shift being edited belongs to that user. shiftID = url.rsplit("/", 1) shiftID = (shiftID[(len(shiftID) - 1)]) shiftUserID = dbhandler.getShiftUserID(shiftID) if shiftUserID != None: shiftUserID = shiftUserID['userID'] else: self.redirect("/home") # Get change info from form. shiftStartDate = str(self.get_argument("shiftStartDate")) shiftStartTime = str(self.get_argument("shiftStartTime")) startDateTime = shiftStartDate + " " + shiftStartTime shiftEndDate = str(self.get_argument("shiftEndDate")) shiftEndTime = str(self.get_argument("shiftEndTime")) endDateTime = shiftEndDate + " " + shiftEndTime try: startDateTime = datetime.datetime.strptime(startDateTime, '%Y-%m-%d %H:%M') endDateTime = datetime.datetime.strptime(endDateTime, '%Y-%m-%d %H:%M') except: self.redirect("/newShift") breakLength = float(self.get_argument("breakLength")) wage = float(self.get_argument("hourlyWage")) # Attempt to commit changes to database. returnValue = dbhandler.editShiftInfo(shiftID, startDateTime, endDateTime, breakLength, wage) if returnValue != True: logging.error(returnValue) self.redirect("/editShift/{0}".format(shiftID)) else: self.redirect("/editShift/{0}".format(shiftID))
def get(self, url): email = self.get_secure_cookie("email").decode("utf-8") userID = dbhandler.getUserID(email)['ID'] # Get the ID of the payday from the url and then get the date from the # startTime database entry. payDateTime = ((dbhandler.getShiftInfo((url.rsplit("/", 1))[(len(url.rsplit("/", 1)) - 1)]))['startTime']) payDate = payDateTime.strftime("%d/%m/%Y") prevPayDateTime = payDateTime - datetime.timedelta(days=28) shifts = dbhandler.getShifts(userID, payDateTime, prevPayDateTime) shiftInfo = [] payInfo = { 'date' : payDate, 'pay' : calculatePayDay(shifts) } for shift in shifts: shiftInfo.append( { "startDate" : shift['startTime'].strftime("%d/%m/%Y"), "startTime" : shift['startTime'].strftime("%H:%M"), "endTime" : shift['endTime'].strftime("%H:%M"), "ID" : shift['ID'] } ) self.render("payday.html", shifts = shiftInfo, payInfo = payInfo)
def get(self): if not self.get_secure_cookie("email"): self.redirect("/signup") else: email = self.get_secure_cookie("email").decode("utf-8") userID = dbhandler.getUserID(email)['ID'] maxDate = datetime.datetime.now() + datetime.timedelta(seconds = 2419200) shifts = dbhandler.getShiftsAndPaydays(userID, maxDate) formatedShifts = [] for shift in shifts: if shift['pdflag'] == 1: # Code for if shift is a payday formatedShifts.append( { "ID" : shift['ID'], "startDate" : shift['startTime'].strftime("%d/%m/%Y"), "pdflag" : True } ) pass elif shift['pdflag'] == 0: # Code for if shift is a regular shift formatedShifts.append( { "startDate" : shift['startTime'].strftime("%d/%m/%Y"), "startTime" : shift['startTime'].strftime("%H:%M"), "endTime" : shift['endTime'].strftime("%H:%M"), "ID" : shift['ID'], "pdflag" : False } ) else: # DATABASE ERROR logging.error("Big error with getting shifts: {0}".format(shifts)) break self.render("home.html", shifts = formatedShifts)
def test_getUserID(self): self.assertEqual(4, dbhandler.getUserID("*****@*****.**")['ID'])