def employeeAuthController(): errorString = '' if ('employee' in session): return redirect(url_for('backoffice')) if request.method == 'POST' and ('username' in request.form) and ('password' in request.form): if request.form['username'] and request.form['password']: hash = hashlib.sha256( request.form['password'].encode()).hexdigest().upper() currentUser = Employee.objects(login=request.form['username'], password=hash).first() if currentUser: if currentUser.active == 1: session['employee'] = currentUser return redirect(url_for('backoffice')) else: errorString = "Your account is not active" else: errorString = "Wrong data, unable to execute login" else: errorString = "Please insert username and password" return render_template('auth/login_employee.html', errorString=errorString)
def get(self): dept_slug = request.args.get('department_slug') job = request.args.get('job') if dept_slug: dept = Department.objects(slug=dept_slug).first() if job == 'lecturer': employees = Lecturer.objects(department=dept) else: employees = Employee.objects(department=dept) else: if job == 'lecturer': employees = Lecturer.objects else: employees = Employee.objects return employees.to_json(), 200, {'Content-type': 'application/json'}
def post(self): data = request.get_json() authors = data['authors'].split(',') cdate = datetime.strptime(data['cover_date'], '%Y-%m-%d') article = ResearchArticle(title=data['title'], publisher=data['publisher'], author_list=data['authors'], status=data['status'], cover_date=cdate ) article_authors = [] for au in authors: au = au.lstrip().rstrip() # trim whitespaces fname, lname = au.split() e = Employee.objects(__raw__={'first_name_en': fname, 'last_name_en': lname}).first() if e: article_authors.append(e) else: continue article.authors = article_authors article.save() return jsonify(data="success")
def employeeController(action=None,resourceId=None): #keep non-logged users outside if ('employee' not in session): return redirect(url_for('backoffice_auth')) if not session['employee']['superAdmin'] and not resourceId: return redirect(url_for('backoffice_auth')) #check resourceId validity employeeData = None if resourceId: if ObjectId.is_valid(str(resourceId)): employeeData = Employee.objects(id=ObjectId(str(resourceId))).first() if not session['employee']['superAdmin'] and not (action == 'edit' and resourceId == session['employee']['_id']['$oid']): return render_template('404.html',errorString="Cannot access this area") if not employeeData: return render_template('404.html',errorString="This Employee does not exist") else: return render_template('404.html',errorString="This EmployeeId is not valid") errorString = '' employeeList = [] evaluatedEmployee = None parkingList = [] validationErrors = [] pageTitle = "" #switch action cases (add,edit,delete,list) if action == 'add' or action == 'edit': pageTitle = "Add Employee" if action == "add" else "Edit Employee" templatePath = 'employees/add.html' if request.method == 'POST' and ('submit' in request.form): #validate username if 'login' in request.form: if not request.form['login']: validationErrors.append("Field username is empty") else: if len(request.form['login']) < 5: validationErrors.append("Username field should be min. 5 chars") if action == 'add': if len(Employee.objects(login=request.form['login'])) > 0: validationErrors.append("The username you've choose already exists") else: if len(Employee.objects(login=request.form['login'],login__ne=employeeData.login)) > 0: validationErrors.append("The username you've choose already exists") else: validationErrors.append("Missing field username in request") #validate name if 'name' in request.form: if not request.form['name']: validationErrors.append("Field name is empty") else: validationErrors.append("Missing field name in request") #validate password if 'password' in request.form: if not request.form['password']: if(action == 'edit'): hash = employeeData.password #keep old password else: validationErrors.append("Field password is empty") else: if len(request.form['password']) < 8: validationErrors.append("Password field should be min. 8 chars") else: hash = hashlib.sha256(request.form['password'].encode()).hexdigest().upper()#make new hash else: validationErrors.append("Missing field password in request") active = 0 superAdmin = 0 if 'active' in request.form: active = (True if int(request.form['active']) == 1 else False) if 'superAdmin' in request.form: superAdmin = (True if int(request.form['superAdmin']) == 1 else False) #validate parking if not (action == 'edit' and resourceId and not session['employee']['superAdmin'] and str(session['employee']['_id']['$oid']) == resourceId): if 'relatedParking' in request.form: #request.form['relatedParking'] if request.form['relatedParking'] and ObjectId.is_valid(str(request.form['relatedParking'])): if not Parking.objects(id=ObjectId(str(request.form['relatedParking']))).first(): validationErrors.append("The parking you are referencing is not existing") else: relatedParking = str(request.form['relatedParking']) else: validationErrors.append("The parking you are referencing is not valid") else: validationErrors.append("Missing parking reference in request") else: relatedParking = session['employee']['relatedParking']['$oid'] active = session['employee']['active'] superAdmin = session['employee']['superAdmin'] #validate active if len(validationErrors) == 0: #save if action == 'add': result = Employee(name = request.form['name'], login = request.form['login'], password = hash, relatedParking = ObjectId(str(relatedParking)), active = active, superAdmin = superAdmin ).save() if result: lastEmployee = Employee.objects(login=request.form['login']).first() return redirect(url_for('employees',action='edit',resourceId=lastEmployee.id)) else: validationErrors.append("Unable to write this record") else: result = Employee.objects(id=ObjectId(str(resourceId))).update(name = request.form['name'], login = request.form['login'], password = hash, relatedParking = ObjectId(str(relatedParking)), active = active, superAdmin = superAdmin ) return redirect(url_for('employees',action='edit',resourceId=resourceId)) else: errorString ='|'.join(validationErrors) elif action == 'delete': pageTitle = "Employees" templatePath = 'employees/list.html' Employee.objects(id=ObjectId(str(resourceId))).delete() employeeList = Employee.objects().order_by('name') else: pageTitle = "Employees" templatePath = 'employees/list.html' employeeList = Employee.objects().order_by('name') parkingList = Parking.objects().order_by('name') return render_template( templatePath, pageTitle=pageTitle, employee=session['employee'], userType='employee', errorString=errorString, evaluatedEmployee=evaluatedEmployee, employeeList=employeeList, parkingList=parkingList, employeeData=employeeData, action=action, resourceId=resourceId )
def get(self, employee_id): emp = Employee.objects(id=employee_id).first() articles = ResearchArticle.objects(authors=emp) return articles.to_json(), 200, {'Content-type': 'application/json'}
def get(self, employee_id): emp = Employee.objects(id=employee_id).first() response = make_response(emp.photo.read()) response.mimetype = emp.photo.content_type return response
def get(self, employee_id): emp = Employee.objects(id=employee_id).first() return emp.to_json(), 200, {'Content-type': 'application/json'}
def retrive(request): employList = Employee.objects(email=request.POST['email']) context = { 'employList':employList } return render(request, 'testApp/employ.html', context)