From 73ad404713c20b92fbaee9b5e9ab201d0a15aafb Mon Sep 17 00:00:00 2001 From: abhijith Date: Wed, 8 Nov 2017 14:10:29 +0530 Subject: [PATCH 1/2] Untabified API_USER --- gkcore/views/api_user.py | 608 +++++++++++++++++++-------------------- 1 file changed, 304 insertions(+), 304 deletions(-) diff --git a/gkcore/views/api_user.py b/gkcore/views/api_user.py index 42c828a..e4bc566 100644 --- a/gkcore/views/api_user.py +++ b/gkcore/views/api_user.py @@ -10,7 +10,7 @@ Copyright (C) 2013, 2014, 2015, 2016 Digital Freedom Foundation GNUKhata is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public @@ -35,7 +35,7 @@ from sqlalchemy.engine.base import Connection from sqlalchemy import and_, exc from pyramid.request import Request from pyramid.response import Response -from pyramid.view import view_defaults, view_config +from pyramid.view import view_defaults, view_config import jwt import gkcore from gkcore.views.api_login import authCheck @@ -44,312 +44,312 @@ from gkcore.views.api_login import authCheck def getUserRole(userid): - try: - con = Connection - con = eng.connect() - uid=userid - user=con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == uid )) - row = user.fetchone() - User = {"userrole":row["userrole"]} - con.close(); - return {"gkstatus": gkcore.enumdict["Success"], "gkresult":User} - except: - return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } + try: + con = Connection + con = eng.connect() + uid=userid + user=con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == uid )) + row = user.fetchone() + User = {"userrole":row["userrole"]} + con.close(); + return {"gkstatus": gkcore.enumdict["Success"], "gkresult":User} + except: + return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } @view_defaults(route_name='users') class api_user(object): - def __init__(self,request): - self.request = Request - self.request = request - self.con = Connection + def __init__(self,request): + self.request = Request + self.request = request + self.con = Connection - @view_config(request_method='POST',renderer='json') - def addUser(self): - """ - purpose - adds a user in the users table. - description: - this function takes username and role as basic parameters. - It may also have a list of goids for the godowns associated with this user. - This is only true if goflag is True. - The frontend must send the role as godownkeeper for this. + @view_config(request_method='POST',renderer='json') + def addUser(self): + """ + purpose + adds a user in the users table. + description: + this function takes username and role as basic parameters. + It may also have a list of goids for the godowns associated with this user. + This is only true if goflag is True. + The frontend must send the role as godownkeeper for this. """ - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"] == False: - return {"gkstatus": enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - user=self.con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == authDetails["userid"] )) - userRole = user.fetchone() - dataset = self.request.json_body - if userRole[0]==-1 or (userRole[0]==0 and dataset["userrole"]==1): - dataset["orgcode"] = authDetails["orgcode"] - if dataset["userrole"]== 3: - golist = tuple(dataset.pop("golist")) - result = self.con.execute(gkdb.users.insert(),[dataset]) - userdata = self.con.execute(select([gkdb.users.c.userid]).where(and_( gkdb.users.c.username == dataset["username"],gkdb.users.c.orgcode == dataset["orgcode"]))) - userRow = userdata.fetchone() - lastid = userRow["userid"] - for goid in golist: - godata = {"userid":lastid,"goid":goid,"orgcode":dataset["orgcode"]} - result = self.con.execute(gkdb.usergodown.insert(),[godata]) - else: - result = self.con.execute(gkdb.users.insert(),[dataset]) - return {"gkstatus":enumdict["Success"]} - else: - return {"gkstatus": enumdict["BadPrivilege"]} - except exc.IntegrityError: - return {"gkstatus":enumdict["DuplicateEntry"]} - except: - return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } - finally: - self.con.close() - @view_config(route_name='user', request_method='GET',renderer='json') - def getUser(self): - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"] == False: - return {"gkstatus": enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - result = self.con.execute(select([gkdb.users]).where(gkdb.users.c.userid == authDetails["userid"] )) - row = result.fetchone() - User = {"userid":row["userid"], "username":row["username"], "userrole":row["userrole"], "userquestion":row["userquestion"], "useranswer":row["useranswer"], "userpassword":row["userpassword"]} - if User["userrole"] == 3: - usgo = self.con.execute(select([gkdb.usergodown.c.goid]).where(gkdb.users.c.userid == authDetails["userid"])) - goids = usgo.fetchall() - userGodowns = {} - for g in goids: - godownid = g["goid"] - godownData = self.con.execute(select([gkdb.godown.c.goname]).where(gkdb.godown.c.goid == godownid)) - gNameRow = godownData.fetchone() - userGodowns[godownid] = gNameRow["goname"] - User["godowns"] = userGodowns + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + user=self.con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == authDetails["userid"] )) + userRole = user.fetchone() + dataset = self.request.json_body + if userRole[0]==-1 or (userRole[0]==0 and dataset["userrole"]==1): + dataset["orgcode"] = authDetails["orgcode"] + if dataset["userrole"]== 3: + golist = tuple(dataset.pop("golist")) + result = self.con.execute(gkdb.users.insert(),[dataset]) + userdata = self.con.execute(select([gkdb.users.c.userid]).where(and_( gkdb.users.c.username == dataset["username"],gkdb.users.c.orgcode == dataset["orgcode"]))) + userRow = userdata.fetchone() + lastid = userRow["userid"] + for goid in golist: + godata = {"userid":lastid,"goid":goid,"orgcode":dataset["orgcode"]} + result = self.con.execute(gkdb.usergodown.insert(),[godata]) + else: + result = self.con.execute(gkdb.users.insert(),[dataset]) + return {"gkstatus":enumdict["Success"]} + else: + return {"gkstatus": enumdict["BadPrivilege"]} + except exc.IntegrityError: + return {"gkstatus":enumdict["DuplicateEntry"]} + except: + return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } + finally: + self.con.close() + @view_config(route_name='user', request_method='GET',renderer='json') + def getUser(self): + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + result = self.con.execute(select([gkdb.users]).where(gkdb.users.c.userid == authDetails["userid"] )) + row = result.fetchone() + User = {"userid":row["userid"], "username":row["username"], "userrole":row["userrole"], "userquestion":row["userquestion"], "useranswer":row["useranswer"], "userpassword":row["userpassword"]} + if User["userrole"] == 3: + usgo = self.con.execute(select([gkdb.usergodown.c.goid]).where(gkdb.users.c.userid == authDetails["userid"])) + goids = usgo.fetchall() + userGodowns = {} + for g in goids: + godownid = g["goid"] + godownData = self.con.execute(select([gkdb.godown.c.goname]).where(gkdb.godown.c.goid == godownid)) + gNameRow = godownData.fetchone() + userGodowns[godownid] = gNameRow["goname"] + User["godowns"] = userGodowns - return {"gkstatus": gkcore.enumdict["Success"], "gkresult":User} - except: - return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } - finally: - self.con.close() - @view_config(request_method='PUT', renderer='json') - def editUser(self): - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"] == False: - return {"gkstatus": enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - user=self.con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == authDetails["userid"] )) - userRole = user.fetchone() - dataset = self.request.json_body - if userRole[0]==-1 or int(authDetails["userid"])==int(dataset["userid"]): - result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==dataset["userid"]).values(dataset)) - return {"gkstatus":enumdict["Success"]} - else: - return {"gkstatus": enumdict["BadPrivilege"]} - except: - return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } - finally: - self.con.close() - @view_config(request_method='GET', renderer ='json') - def getAllUsers(self): - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"] == False: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - #there is only one possibility for a catch which is failed connection to db. - result = self.con.execute(select([gkdb.users.c.username,gkdb.users.c.userid,gkdb.users.c.userrole]).where(gkdb.users.c.orgcode==authDetails["orgcode"]).order_by(gkdb.users.c.username)) - users = [] - for row in result: - users.append({"userid":row["userid"], "username":row["username"], "userrole":row["userrole"]}) - return {"gkstatus": gkcore.enumdict["Success"], "gkresult":users } - except: - return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } - finally: - self.con.close() - #This method makes a list of users. If the user is godown incharge then its respective godowns is also added in list. This method will be used to make list of users report. - @view_config(request_method='GET', request_param = "type=list", renderer ='json') - def getListofUsers(self): - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"] == False: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - result = self.con.execute(select([gkdb.users.c.username,gkdb.users.c.userid,gkdb.users.c.userrole]).where(gkdb.users.c.orgcode==authDetails["orgcode"]).order_by(gkdb.users.c.username)) - users = [] - srno = 1 - for row in result: - godowns = [] - urole = "" - if(row["userrole"] == -1): - urole = "Admin" - elif(row["userrole"] == 0): - urole = "Manager" - elif(row["userrole"] == 1): - urole = "Operator" - elif(row["userrole"] == 2): - urole = "Internal Auditor" - else: - urole = "Godown In Charge" - godownresult = self.con.execute(select([gkdb.usergodown.c.goid]).where(and_(gkdb.usergodown.c.orgcode==authDetails["orgcode"], gkdb.usergodown.c.userid==row["userid"]))) - for goid in godownresult: - godownnameres = self.con.execute(select([gkdb.godown.c.goname, gkdb.godown.c.goaddr]).where(gkdb.godown.c.goid==goid[0])) - goname = godownnameres.fetchone() - godowns.append(str(goname["goname"] + "(" +goname["goaddr"]+")")) - users.append({"srno": srno, "userid":row["userid"], "username":row["username"], "userrole":urole, "godowns":godowns, "noofgodowns": len(godowns)}) - srno += 1 - return {"gkstatus": gkcore.enumdict["Success"], "gkresult":users } - except: - return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } - finally: - self.con.close() + return {"gkstatus": gkcore.enumdict["Success"], "gkresult":User} + except: + return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } + finally: + self.con.close() + @view_config(request_method='PUT', renderer='json') + def editUser(self): + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + user=self.con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == authDetails["userid"] )) + userRole = user.fetchone() + dataset = self.request.json_body + if userRole[0]==-1 or int(authDetails["userid"])==int(dataset["userid"]): + result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==dataset["userid"]).values(dataset)) + return {"gkstatus":enumdict["Success"]} + else: + return {"gkstatus": enumdict["BadPrivilege"]} + except: + return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } + finally: + self.con.close() + @view_config(request_method='GET', renderer ='json') + def getAllUsers(self): + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + #there is only one possibility for a catch which is failed connection to db. + result = self.con.execute(select([gkdb.users.c.username,gkdb.users.c.userid,gkdb.users.c.userrole]).where(gkdb.users.c.orgcode==authDetails["orgcode"]).order_by(gkdb.users.c.username)) + users = [] + for row in result: + users.append({"userid":row["userid"], "username":row["username"], "userrole":row["userrole"]}) + return {"gkstatus": gkcore.enumdict["Success"], "gkresult":users } + except: + return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } + finally: + self.con.close() + #This method makes a list of users. If the user is godown incharge then its respective godowns is also added in list. This method will be used to make list of users report. + @view_config(request_method='GET', request_param = "type=list", renderer ='json') + def getListofUsers(self): + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + result = self.con.execute(select([gkdb.users.c.username,gkdb.users.c.userid,gkdb.users.c.userrole]).where(gkdb.users.c.orgcode==authDetails["orgcode"]).order_by(gkdb.users.c.username)) + users = [] + srno = 1 + for row in result: + godowns = [] + urole = "" + if(row["userrole"] == -1): + urole = "Admin" + elif(row["userrole"] == 0): + urole = "Manager" + elif(row["userrole"] == 1): + urole = "Operator" + elif(row["userrole"] == 2): + urole = "Internal Auditor" + else: + urole = "Godown In Charge" + godownresult = self.con.execute(select([gkdb.usergodown.c.goid]).where(and_(gkdb.usergodown.c.orgcode==authDetails["orgcode"], gkdb.usergodown.c.userid==row["userid"]))) + for goid in godownresult: + godownnameres = self.con.execute(select([gkdb.godown.c.goname, gkdb.godown.c.goaddr]).where(gkdb.godown.c.goid==goid[0])) + goname = godownnameres.fetchone() + godowns.append(str(goname["goname"] + "(" +goname["goaddr"]+")")) + users.append({"srno": srno, "userid":row["userid"], "username":row["username"], "userrole":urole, "godowns":godowns, "noofgodowns": len(godowns)}) + srno += 1 + return {"gkstatus": gkcore.enumdict["Success"], "gkresult":users } + except: + return {"gkstatus":gkcore.enumdict["ConnectionFailed"] } + finally: + self.con.close() - @view_config(request_method='DELETE', renderer ='json') - def deleteuser(self): - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"]==False: - return {"gkstatus":enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - user=self.con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == authDetails["userid"] )) - userRole = user.fetchone() - dataset = self.request.json_body - if userRole[0]==-1: - result = self.con.execute(gkdb.users.delete().where(gkdb.users.c.userid==dataset["userid"])) - return {"gkstatus":enumdict["Success"]} - else: - return {"gkstatus": enumdict["BadPrivilege"]} - except exc.IntegrityError: - return {"gkstatus":enumdict["ActionDisallowed"]} - except: - return {"gkstatus":enumdict["ConnectionFailed"] } - finally: - self.con.close() - @view_config(route_name='forgotpassword', request_method='GET',renderer='json') - def getquestion(self): - try: - self.con = eng.connect() - orgcode = self.request.params["orgcode"] - username = self.request.params["username"] - result = self.con.execute(select([gkdb.users]).where(and_(gkdb.users.c.username==username, gkdb.users.c.orgcode==orgcode))) - if result.rowcount > 0: - row = result.fetchone() - User = {"userquestion":row["userquestion"], "userid":row["userid"]} - return {"gkstatus": gkcore.enumdict["Success"], "gkresult": User} - else: - return {"gkstatus":enumdict["BadPrivilege"]} - except: - return {"gkstatus": enumdict["ConnectionFailed"]} - finally: - self.con.close() - @view_config(route_name='forgotpassword', request_method='GET', request_param='type=securityanswer', renderer='json') - def verifyanswer(self): - try: - self.con = eng.connect() - userid = self.request.params["userid"] - useranswer = self.request.params["useranswer"] - result = self.con.execute(select([gkdb.users]).where(gkdb.users.c.userid==userid)) - row = result.fetchone() - if useranswer==row["useranswer"]: - return {"gkstatus":enumdict["Success"]} - else: - return {"gkstatus":enumdict["BadPrivilege"]} - except: - return {"gkstatus": enumdict["ConnectionFailed"]} - finally: - self.con.close() - @view_config(route_name='forgotpassword', request_method='PUT', renderer='json') - def verifypassword(self): - try: - self.con = eng.connect() - dataset = self.request.json_body - user = self.con.execute(select([gkdb.users]).where(and_(gkdb.users.c.userid==dataset["userid"], gkdb.users.c.useranswer==dataset["useranswer"]))) - if user.rowcount > 0: - result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==dataset["userid"]).values(dataset)) - return {"gkstatus":enumdict["Success"]} - else: - return {"gkstatus":enumdict["BadPrivilege"]} - except: - return {"gkstatus":enumdict["ConnectionFailed"]} - finally: - self.con.close() - @view_config(route_name='user', request_method='PUT', request_param='type=theme', renderer='json') - def addtheme(self): - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"] == False: - return {"gkstatus": enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - dataset = self.request.json_body - result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==authDetails["userid"]).values(dataset)) - return {"gkstatus":enumdict["Success"]} - except: - try: - self.con.execute("alter table users add column themename text default 'Default'") - dataset = self.request.json_body - result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==authDetails["userid"]).values(dataset)) - return {"gkstatus":enumdict["Success"]} - except: - return {"gkstatus": enumdict["ConnectionFailed"]} - finally: - self.con.close() - @view_config(route_name='user', request_method='GET', request_param='type=theme', renderer='json') - def gettheme(self): - try: - token = self.request.headers["gktoken"] - except: - return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} - authDetails = authCheck(token) - if authDetails["auth"] == False: - return {"gkstatus": enumdict["UnauthorisedAccess"]} - else: - try: - self.con = eng.connect() - result = self.con.execute(select([gkdb.users.c.themename]).where(gkdb.users.c.userid == authDetails["userid"] )) - row = result.fetchone() - return {"gkstatus": gkcore.enumdict["Success"], "gkresult":row["themename"]} - except: - try: - self.con = eng.connect() - self.con.execute("alter table users add column themename text default 'Default'") - result = self.con.execute(select([gkdb.users.c.themename]).where(gkdb.users.c.userid == authDetails["userid"] )) - row = result.fetchone() - return {"gkstatus": gkcore.enumdict["Success"], "gkresult":row["themename"]} - except: - return {"gkstatus": enumdict["ConnectionFailed"]} - finally: - self.con.close() + @view_config(request_method='DELETE', renderer ='json') + def deleteuser(self): + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"]==False: + return {"gkstatus":enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + user=self.con.execute(select([gkdb.users.c.userrole]).where(gkdb.users.c.userid == authDetails["userid"] )) + userRole = user.fetchone() + dataset = self.request.json_body + if userRole[0]==-1: + result = self.con.execute(gkdb.users.delete().where(gkdb.users.c.userid==dataset["userid"])) + return {"gkstatus":enumdict["Success"]} + else: + return {"gkstatus": enumdict["BadPrivilege"]} + except exc.IntegrityError: + return {"gkstatus":enumdict["ActionDisallowed"]} + except: + return {"gkstatus":enumdict["ConnectionFailed"] } + finally: + self.con.close() + @view_config(route_name='forgotpassword', request_method='GET',renderer='json') + def getquestion(self): + try: + self.con = eng.connect() + orgcode = self.request.params["orgcode"] + username = self.request.params["username"] + result = self.con.execute(select([gkdb.users]).where(and_(gkdb.users.c.username==username, gkdb.users.c.orgcode==orgcode))) + if result.rowcount > 0: + row = result.fetchone() + User = {"userquestion":row["userquestion"], "userid":row["userid"]} + return {"gkstatus": gkcore.enumdict["Success"], "gkresult": User} + else: + return {"gkstatus":enumdict["BadPrivilege"]} + except: + return {"gkstatus": enumdict["ConnectionFailed"]} + finally: + self.con.close() + @view_config(route_name='forgotpassword', request_method='GET', request_param='type=securityanswer', renderer='json') + def verifyanswer(self): + try: + self.con = eng.connect() + userid = self.request.params["userid"] + useranswer = self.request.params["useranswer"] + result = self.con.execute(select([gkdb.users]).where(gkdb.users.c.userid==userid)) + row = result.fetchone() + if useranswer==row["useranswer"]: + return {"gkstatus":enumdict["Success"]} + else: + return {"gkstatus":enumdict["BadPrivilege"]} + except: + return {"gkstatus": enumdict["ConnectionFailed"]} + finally: + self.con.close() + @view_config(route_name='forgotpassword', request_method='PUT', renderer='json') + def verifypassword(self): + try: + self.con = eng.connect() + dataset = self.request.json_body + user = self.con.execute(select([gkdb.users]).where(and_(gkdb.users.c.userid==dataset["userid"], gkdb.users.c.useranswer==dataset["useranswer"]))) + if user.rowcount > 0: + result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==dataset["userid"]).values(dataset)) + return {"gkstatus":enumdict["Success"]} + else: + return {"gkstatus":enumdict["BadPrivilege"]} + except: + return {"gkstatus":enumdict["ConnectionFailed"]} + finally: + self.con.close() + @view_config(route_name='user', request_method='PUT', request_param='type=theme', renderer='json') + def addtheme(self): + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + dataset = self.request.json_body + result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==authDetails["userid"]).values(dataset)) + return {"gkstatus":enumdict["Success"]} + except: + try: + self.con.execute("alter table users add column themename text default 'Default'") + dataset = self.request.json_body + result = self.con.execute(gkdb.users.update().where(gkdb.users.c.userid==authDetails["userid"]).values(dataset)) + return {"gkstatus":enumdict["Success"]} + except: + return {"gkstatus": enumdict["ConnectionFailed"]} + finally: + self.con.close() + @view_config(route_name='user', request_method='GET', request_param='type=theme', renderer='json') + def gettheme(self): + try: + token = self.request.headers["gktoken"] + except: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + else: + try: + self.con = eng.connect() + result = self.con.execute(select([gkdb.users.c.themename]).where(gkdb.users.c.userid == authDetails["userid"] )) + row = result.fetchone() + return {"gkstatus": gkcore.enumdict["Success"], "gkresult":row["themename"]} + except: + try: + self.con = eng.connect() + self.con.execute("alter table users add column themename text default 'Default'") + result = self.con.execute(select([gkdb.users.c.themename]).where(gkdb.users.c.userid == authDetails["userid"] )) + row = result.fetchone() + return {"gkstatus": gkcore.enumdict["Success"], "gkresult":row["themename"]} + except: + return {"gkstatus": enumdict["ConnectionFailed"]} + finally: + self.con.close() -- GitLab From 650ba92e3d254029cf0cbf9fcae076837a9a6b66 Mon Sep 17 00:00:00 2001 From: abhijith Date: Wed, 8 Nov 2017 14:30:41 +0530 Subject: [PATCH 2/2] API for getting userrole --- gkcore/views/api_user.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/gkcore/views/api_user.py b/gkcore/views/api_user.py index e4bc566..9bd222f 100644 --- a/gkcore/views/api_user.py +++ b/gkcore/views/api_user.py @@ -353,3 +353,23 @@ class api_user(object): return {"gkstatus": enumdict["ConnectionFailed"]} finally: self.con.close() + + @view_config(route_name='user', request_method='GET', request_param='type=role', renderer='json') + def getRole(self): + try: + token=self.request.headers["gktoken"] + except: + return {"gkstatus": gkcore.enumdict["UnauthorisedAccess"]} + authDetails = authCheck(token) + if authDetails["auth"] == False: + return {"gkstatus": enumdict["UnauthorisedAccess"]} + else: + try: + userrole = getUserRole(authDetails["userid"]) + if userrole["gkstatus"] == 0: + return {"gkresult":userrole["gkresult"]["userrole"], "gkstatus":userrole["gkstatus"]} + else: + return {"gkstatus":userrole["gkstatus"]} + + except: + return {"gkstatus": enumdict["ConnectionFailed"]} -- GitLab