示例#1
0
    def get(self, user_id, job_id):
        user_id = str(user_id)
        is_mechanic = self.current_user_is_mechanic()
        if is_mechanic:
            mechanic_id = current_identity._get_current_object().id
        else:
            mechanic_id = None

        if (user_id != current_identity._get_current_object().id) and (
                not mechanic_id):
            abort(401, description="Unauthorized, not a mechanic or owner")

        args = self.reqparse.parse_args()
        quote_id = args.get('quote_id')
        if quote_id:
            quote = self.quotesDAO.find_quote(quote_id=quote_id,
                                              job_id=job_id,
                                              mechanic_id=mechanic_id)
            if quote:
                return quote.as_dict()
            abort(401)
        else:
            quotes_list = self.quotesDAO.find_quotes(user_id=user_id,
                                                     job_id=job_id,
                                                     mechanic_id=mechanic_id)
            return jsonify([i.as_dict() for i in quotes_list])
示例#2
0
    def put(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        args = self.reqparse.parse_args()
        if not args.get('updated_values'):
            abort(400)
        #new_values = {str(k): str(v) for k, v in args['updated_values'].items()}
        new_values = args.get('updated_values')
        if any([
                i in new_values for i in
            ['user_id', 'email_address', 'first_name', 'last_name']
        ]):
            abort(405)
        if any([
                i not in [
                    'phone_number', 'address_line', 'city', 'state', 'zipcode'
                ] for i in new_values
        ]):
            abort(400)
        update_successful = self.userDAO.update_user(user_id, new_values)
        if not update_successful:
            abort(401)
        user = self.userDAO.find_user(user_id)
        if not user:
            abort(404)
        return user.as_dict()
示例#3
0
    def put(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        args = self.reqparse.parse_args()
        job_data = args.get('job')
        job_id = args.get('job_id')
        logging.debug('Current job_data is' + str(job_data))
        logging.debug('Current job_id is ' + str(job_id))
        if not job_data:
            logging.debug('Job data missing.')
            abort(401, description='Job data field is missing')
        if not job_data.get('updated_values'):
            logging.debug('"updated_values" field is missing.')
            abort(401, description='updated_values field is missing.')
        if not job_id:
            logging.debug('Could not find a job of that given id.')
            abort(404)

        # updated_values = {str(k): str(v) for k, v in job_data['updated_values'].items()}
        updated_values = job_data.get('updated_values')
        update_successful = self.jobsDAO.update_job(user_id, job_id,
                                                    updated_values)
        if not update_successful:
            abort(404)
        job = self.jobsDAO.find_job(user_id, job_id)
        if not job:
            logging.debug('Job not found')
            abort(404)
        return job.as_dict()
示例#4
0
    def post(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        args = self.reqparse.parse_args()
        logging.debug('Current args are ... ' + str(args))
        token_inserted = args.get('tokenData')
        # if there is a problem with the inserted job format
        if not token_inserted:
            logging.debug('"tokenData" key missing in inserted token.')
            abort(401)
        logging.debug("Token inserted is " + str(token_inserted))
        if not len(
            [i for i in token_inserted.keys() if i in ['user_id', 'fcmtoken']
             ]) == 2:
            logging.debug('tokenData missing a few parameters ...')
            abort(401)
        if not self.tokenDAO.find_user(user_id):
            logging.debug('User not found, adding new token')
            insertion_successful = self.tokenDAO.insert_token(
                user_id, token_inserted['fcmtoken'])
            if not insertion_successful:
                abort(401)
            return Token(user_id, token_inserted['fcmtoken']).as_dict()
        else:
            # update token for existing user
            logging.debug('Updating token for existing user : '******'fcmtoken'])
            if not update_successful:
                abort(401)
            return Token(user_id, token_inserted['fcmtoken']).as_dict()
        abort(405)
示例#5
0
 def current_user_is_mechanic(self):
     mechanic_id = current_identity._get_current_object().id
     mechanic = self.mechanicDAO.find_mechanic(mechanic_id)
     if mechanic is None:
         return False
     else:
         return True
示例#6
0
    def put(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        args = self.reqparse.parse_args()
        if not args.get('updated_values'):
            logging.debug('Cannot find updated values.')
            abort(
                400,
                description=
                'The request is missing a few fields. Please check your request body once again.'
            )
        #new_values = {str(k): (str(v) if type(v) == str else v) for k, v in args['updated_values'].items()}
        new_values = args.get('updated_values')
        if any([i == 'user_id' for i in new_values]):
            logging.debug('"user_id" not provided by mechanic.')
            abort(
                405,
                description='The request was sent in without a "user_id" field.'
            )
        if not all([(len(i) == 5 and i.isdigit())
                    for i in new_values['serving_zipcodes']]):
            logging.debug(
                '"serving_zipcodes" may not have properly formatted zipcodes inserted.'
            )
            abort(
                400,
                description=
                'The request was sent in with invalid zipcodes in the "serving_zipcodes" field.'
            )
        if any([
                i not in [
                    'phone_number', 'address_line', 'city', 'state', 'zipcode',
                    'rate', 'rating', 'reviews', 'serving_zipcodes'
                ] for i in new_values
        ]):
            logging.debug('Mechanic has not added a few fields.')
            abort(
                400,
                description=
                'The request is missing a few fields. Please check your request body once again.'
            )

        mechanic = self.mechanicDAO.find_mechanic(user_id)
        if mechanic is None:
            insertion_successful = self.mechanicDAO.insert_mechanic(user_id)
            if not insertion_successful:
                logging.debug('Could not insert mechanic data')
                abort(401)
        update_successful = self.mechanicDAO.update_mechanic(
            user_id, new_values)
        if not update_successful:
            abort(401)
        mechanic = self.mechanicDAO.find_mechanic(user_id)
        if not mechanic:
            abort(401)
        return mechanic.as_dict()
示例#7
0
    def get(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        token_data = self.tokenDAO.find_token(user_id)
        if token_data:
            return token_data.as_dict()
        abort(401)
示例#8
0
    def get(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        user = self.userDAO.find_user(user_id)
        if not user:
            abort(404)
        return user.as_dict()
示例#9
0
    def delete(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        delete_successful = self.userDAO.delete_one(user_id)
        if not delete_successful:
            abort(404)
        return {'success': "User has been deleted successfully."}
示例#10
0
    def get(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        mechanic = self.mechanicDAO.find_mechanic(user_id)
        if mechanic is None:
            abort(404,
                  description=
                  "The mechanic you are searching for probably doesn't exist")
        return mechanic.as_dict()
示例#11
0
def create_game_session():
    try:
        _jwt_required(None)
    except:
        pass
    identity = None
    token = None

    _current_identity = current_identity._get_current_object()

    if _current_identity is None or _current_identity[0] == 'session':
        recaptcha_token = request.json.get('recaptcha')

        if recaptcha_token is None:
            return make_response(jsonify(ok=False,
                                         error='Recaptcha missing'),
                                 400)

        if not is_human(recaptcha_token):
            return make_response(jsonify(ok=False,
                                         error='Bad recaptcha'),
                                 400)
        category = _get_random_category()
        category_id = category.id
    else:
        category_id = request.json.get('category_id') if request.json is not None else None
        user_or_session, identity = _current_identity

    collection_id = request.json.get('collection_id') if request.json is not None else None
    cursor = _create_cursor(0,
                            collection_id=collection_id,
                            category_id=category_id)

    game_session = Session(id=str(uuid4()),
                           game_type='gender',
                           user_id=identity,
                           cursor=cursor)
    db.session.add(game_session)
    db.session.commit()
    db.session.refresh(game_session)

    if identity is None:
        iat = datetime.utcnow()
        token = jwt.encode(dict(sub='session:{}'.format(game_session.id),
                                iat=iat,
                                nbf=iat + timedelta(seconds=5),
                                exp=iat + timedelta(minutes=10)
                                ),
                           JWT_SECRET, algorithm='HS256').decode()

    return make_response(jsonify(ok=True,
                                 session=game_session,
                                 token=token),
                         201)
示例#12
0
def forward_request_to_service(request, service, endpoint):
    """Forward incoming request to a Service and then returns the result."""
    url = "{}{}".format(service.host, endpoint)
    request_method = getattr(requests, request.method.lower())
    headers = dict(request.headers)

    if current_identity._get_current_object() is not None:
        headers['User-Id'] = str(current_identity['id'])

    params = request.args
    resp = request_method(url, params=params, json=request.json,
                          headers=headers)

    return resp.text, resp.status_code
示例#13
0
    def delete(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        args = self.reqparse.parse_args()
        job_id = args.get('job_id')
        if not job_id:
            logging.debug('Cannot find job_id')
            abort(404)
        delete_successful = self.jobsDAO.delete_one(user_id, job_id)
        if not delete_successful:
            return jsonify({"failure": "Job not found."})
        return jsonify({"success": "Job deleted succesfully."})
示例#14
0
    def delete(self, user_id, job_id):
        user_id = str(user_id)
        is_mechanic = self.current_user_is_mechanic()
        if is_mechanic:
            mechanic_id = current_identity._get_current_object().id
        else:
            abort(401, description="Unauthorized, not a mechanic")

        args = self.reqparse.parse_args()
        quote_id = args.get('quote_id')
        if quote_id:
            delete_successful = self.quotesDAO.delete_one(
                quote_id, job_id, mechanic_id)
        else:
            delete_successful = self.quotesDAO.delete_quotes(
                job_id, mechanic_id)
        if delete_successful:
            return jsonify({"success": "Quote/s deleted succesfully."})
        else:
            return jsonify({"failure": "Quote/s not found."})
示例#15
0
    def get(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        args = self.reqparse.parse_args()
        job_id = args.get('job_id')
        if job_id:
            job = self.jobsDAO.find_job(user_id=user_id, job_id=job_id)
            if job:
                return job.as_dict()
            abort(401)
        else:
            mechanic = self.mechanicDAO.find_mechanic(user_id)
            if mechanic is None:
                jobs_list = self.jobsDAO.find_job(user_id=user_id)
            else:
                jobs_list = self.jobsDAO.find_job(
                    zipcodes=mechanic.serving_zipcodes)

            return jsonify([i.as_dict() for i in jobs_list])
示例#16
0
 def post(self, user_id, job_id):
     user_id = str(user_id)
     if user_id == current_identity._get_current_object().id:
         f = request.files.get('imagefile')
         if not f:
             abort(401)
         if f.filename == '':
             abort(401)
         content_type = f.content_type
         # with tempfile.NamedTemporaryFile() as fp:
         #     f.save(fp.name)
         #     fp.seek(0, 0)
         image_data = Binary(f.stream.read())
         update_result = self.jobsDAO.update_images(user_id, job_id,
                                                    image_data, f.filename,
                                                    content_type)
         if update_result:
             result = self.jobsDAO.find_job(user_id, job_id)
             return jsonify(results=result.__dict__)
         else:
             abort(401)
示例#17
0
 def get(self, user_id, job_id):
     user_id = str(user_id)
     if user_id == current_identity._get_current_object().id:
         args = self.reqparse.parse_args()
         picture_id = args.get('picture_id')
         if picture_id:
             image_data = self.jobsDAO.get_image(user_id, job_id,
                                                 picture_id)
             if image_data:
                 pil_image = Image.open(
                     io.BytesIO(image_data)).convert('RGB')
                 temp_img_io = io.BytesIO()
                 pil_image.save(temp_img_io, 'JPEG', quality=70)
                 temp_img_io.seek(0)
                 return send_file(temp_img_io, mimetype='image/jpeg')
             else:
                 abort(401)
         else:
             abort(401)
     else:
         abort(401)
示例#18
0
    def post(self, user_id):
        user_id = str(user_id)
        if user_id != current_identity._get_current_object().id:
            abort(401)

        args = self.reqparse.parse_args()
        job_inserted = args.get('job')
        # if there is a problem with the inserted job format
        if not job_inserted:
            logging.debug('"job" key missing in inserted job.')
            abort(400)
        if not all(
                list(
                    map(job_inserted.get, [
                        'make', 'model', 'year', 'options', 'summary',
                        'description', 'status', 'address_line', 'city',
                        'state', 'zipcode'
                    ]))):
            logging.debug('Job missing a few parameters.')
            abort(400)
        if not type(job_inserted['options']) is dict:
            logging.debug('"options" field is not dict')
            abort(400)

        insertion_successful, job_id = self.jobsDAO.insert_job(
            user_id, job_inserted['make'], job_inserted['model'],
            job_inserted['year'], job_inserted['options'],
            job_inserted['summary'], job_inserted['description'],
            JobStatus.submitted.name, job_inserted['address_line'],
            job_inserted['city'], job_inserted['state'],
            job_inserted['zipcode'])
        if not insertion_successful:
            abort(500)
        job = self.jobsDAO.find_job(user_id, job_id)
        if not job:
            abort(404)
        self.send_notifications(job_inserted)
        return job.as_dict()
示例#19
0
    def post(self, user_id, job_id):
        user_id = str(user_id)

        if not self.current_user_is_mechanic():
            abort(401, description="User is not a mechanic")
        else:
            mechanic_id = current_identity._get_current_object().id

        job = self.jobsDAO.find_job(user_id=user_id, job_id=job_id)
        if job:
            job = job.as_dict()
        else:
            abort(404, description='Job not found')

        args = self.reqparse.parse_args()
        quote_details = args.get('quote')
        if not quote_details:
            logging.debug('"quote" key missing in inserted job.')
            abort(400)

        if not all(list(map(quote_details.get, ['labor_cost', 'part_cost']))):
            logging.debug('Quote missing a few parameters')
            abort(400)

        if not type(quote_details['labor_cost']) is dict:
            logging.debug('"labor_cost" field is not dict')
            abort(400)
        else:
            labor_cost = quote_details['labor_cost']

        if not type(quote_details['part_cost']) is dict:
            logging.debug('"labor_cost" field is not dict')
            abort(400)
        else:
            part_cost = quote_details['part_cost']

        if 'onsite_service_charges' in quote_details:
            onsite_service_charges = quote_details['onsite_service_charges']
        else:
            onsite_service_charges = 0

        if 'comments' in quote_details:
            comments = quote_details['comments']
        else:
            comments = None

        insertion_successful, quote_id = self.quotesDAO.insert_quote(
            job_id, user_id, mechanic_id, labor_cost, part_cost,
            onsite_service_charges, comments, QuoteStatus.submitted.name)
        if not insertion_successful:
            abort(500)
        quote_inserted = self.quotesDAO.find_quote(quote_id, job_id,
                                                   mechanic_id)
        if not quote_inserted:
            abort(404)
        number_of_quotes = self.quotesDAO.getNumberOfQuotes(job_id, user_id)
        self.jobsDAO.update_job(
            user_id, job_id, {
                "status": JobStatus.quotes_available.name,
                "number_of_quotes": number_of_quotes
            })
        self.send_notifications(user_id)  ## TODO find why it is failing
        return quote_inserted.as_dict()
示例#20
0
def is_anonymous(view, view_args, view_kwargs, *args, **kwargs):
    if current_identity._get_current_object() is not None:
        raise ForbiddenException('Anonymous access is required',
                                 {'source': 'id'})