Home Esplora
Accedi
clementinecomputing
/
popufare
1
0
Forka 0
File Problemi 12 Pull Requests 0 Wiki
Sfoglia il codice sorgente

server api updates

* working through base functionality
clementinecomputing 4 anni fa
parent
ae66208e95
commit
7f970cc107
1 ha cambiato i file con 232 aggiunte e 69 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 232 69
      server/scripts/PopufareAPI.py

+ 232 - 69
server/scripts/PopufareAPI.py
Vedi File 

@@ -25,6 +25,7 @@ import mysql.connector
 
 import time
 
 import datetime
 
 import copy
 
+import hashlib
 
 
 #conn = mysql.connector.connect(user='bus', password='bus', host='localhost', database='busdb', port=3306)
 
 
@@ -91,6 +92,14 @@ def Request(ctx):
 
 
   return res
 
 
+
 
+##                    _ _        __       
+##   ___ __ _ _ __ __| (_)_ __  / _| ___  
+##  / __/ _` | '__/ _` | | '_ \| |_ / _ \ 
+## | (_| (_| | | | (_| | | | | |  _| (_) |
 
+##  \___\__,_|_|  \__,_|_|_| |_|_|  \___/ 
+##                                        
+
 
 def CardInfo(db, ctx):
 
   card_res = {}
 
 
@@ -111,20 +120,22 @@ def CardInfo(db, ctx):
 
     card_res = Card(db, {"action":"get", "logical_card_id": cardid})
 
     card_res["pass"] = []
 
 
-    ## through each of the passes on the card
 
-    ##
 
-    pass_query = "select user_pass_id from user_pass where logical_card_id = %s and expired = 0 order by queue_order asc"
 
-    pass_cursor = db.cursor()
 
-    pass_cursor.execute(pass_query, [card_res["logical_card_id"]])
 
-    pass_rows = pass_cursor.fetchall()
 
-    for pass_row in pass_rows:
 
+    if card_res["result"] == "success":
 
+
 
+      ## through each of the passes on the card
 
+      ##
 
+      pass_query = "select user_pass_id from user_pass where logical_card_id = %s and expired = 0 order by queue_order asc"
 
+      pass_cursor = db.cursor()
 
+      pass_cursor.execute(pass_query, [card_res["logical_card_id"]])
 
+      pass_rows = pass_cursor.fetchall()
 
+      for pass_row in pass_rows:
 
 
-      pass_res = Pass(db, {"action":"get", "user_pass_id":pass_row[0]})
 
-      card_res["pass"].append(pass_res)
 
+        pass_res = Pass(db, {"action":"get", "user_pass_id":pass_row[0]})
 
+        card_res["pass"].append(pass_res)
 
 
-    card_res["user"] = {}
 
-    if ((card_res["userid"] is not None) and (int(card_res["userid"]) >= 0)):
 
-      card_res["user"] = User(db, {"action":"get", "userid": card_res["userid"] })
 
+      card_res["user"] = {}
 
+      if ((card_res["userid"] is not None) and (int(card_res["userid"]) >= 0)):
 
+        card_res["user"] = User(db, {"action":"get", "userid": card_res["userid"] })
 
 
 
   elif action == "search":
 
@@ -134,12 +145,20 @@ def CardInfo(db, ctx):
 
     for cid in res_cardid["logical_card_ids"]:
 
       _c = CardInfo(db, {"action":"get", "logical_card_id":cid})
 
       card_res["cards"].append(_c)
 
+    card_res["result"] = "success"
 
 
   return card_res
 
 
+##                      _        __       
+##  _   _ ___  ___ _ __(_)_ __  / _| ___  
+## | | | / __|/ _ \ '__| | '_ \| |_ / _ \ 
+## | |_| \__ \  __/ |  | | | | |  _| (_) |
 
+##  \__,_|___/\___|_|  |_|_| |_|_|  \___/ 
+##                                        
 
 def UserInfo(db, ctx):
 
   res = {}
 
+  res["result"] = "fail"
 
   userid = -1
 
   if ("userid" in ctx):
 
     userid = ctx["userid"]
 
@@ -179,6 +198,7 @@ def UserInfo(db, ctx):
 
     card_res = CardInfo(db, {"logical_card_id":row[0]})
 
     res["card"].append(card_res)
 
 
+  res["result"] = "success"
 
   return res
 
 
 def _update_pass_bits(cursor, passid):
 
@@ -204,6 +224,12 @@ def _update_pass_bits(cursor, passid):
 
   "( select min(x.queue_order) from user_pass x where x.logical_card_id = %s and x.expired = 0 )"
 
   cursor.execute(q, [cardid,cardid])
 
 
+##             _           _               
+##  _ __ _   _| | ___  ___| | __ _ ___ ___ 
+## | '__| | | | |/ _ \/ __| |/ _` / __/ __|
 
+## | |  | |_| | |  __/ (__| | (_| \__ \__ \
 
+## |_|   \__,_|_|\___|\___|_|\__,_|___/___/
 
+##                                         
 
 def Ruleclass(db, ctx):
 
   res = {}
 
@@ -229,6 +255,13 @@ def Ruleclass(db, ctx):
 
   return res
 
 
 
+##
 
+##  _ __   __ _ ___ ___
 
+## | '_ \ / _` / __/ __|
 
+## | |_) | (_| \__ \__ \
 
+## | .__/ \__,_|___/___/
 
+## |_|
 
+
 
 def Pass(db, ctx):
 
   res = {}
 
   passid = -1
 
@@ -247,6 +280,7 @@ def Pass(db, ctx):
 
     row = cursor.fetchone()
 
 
     if row is not None:
 
+      res["result"] = "success"
 
       res["user_pass_id"] = passid 
       for idx,f in enumerate(pass_fields):
 
         if isinstance(row[idx], datetime.datetime):
 
@@ -254,47 +288,54 @@ def Pass(db, ctx):
 
         else:
 
           res[f] = row[idx]
 
     else:
 
+      res["result"] = "fail"
 
       res["api_comment"] = "pass not found"
 
 
 
   elif (ctx["action"] == "add"):
 
 
-    ## fill in some default values
 
-    ##
 
-    dt = time.strftime('%Y-%m-%d %H:%M:%S')
 
-    if "issued" not in ctx: ctx["issued"] = dt
 
-    if "expired" not in ctx: ctx["expired"] = 0
 
-    if "active" not in ctx: ctx["active"] = 0
 
-
 
+    if (not "logical_card_id" in ctx) or (ctx["logical_card_id"] == ''):
 
+      res["result"] = "fail"
 
+      res["api_comment"] = "must have logical_card_id to add pass"
 
+    else:
 
 
-    if "logical_card_id" in ctx:
 
-      cardid = ctx["logical_card_id"]
 
-      _q = "select queue_order from user_pass where logical_card_id = %s and expired = 0 order by queue_order desc limit 1"
 
-      _c = db.cursor()
 
-      _c.execute(_q, [cardid])
 
-      _r = _c.fetchone()
 
-      if _r is not None:
 
-        ctx["queue_order"] = int(_r[0])+1
 
+      ## fill in some default values
 
+      ##
 
+      dt = time.strftime('%Y-%m-%d %H:%M:%S')
 
+      if "issued" not in ctx: ctx["issued"] = dt
 
+      if "expired" not in ctx: ctx["expired"] = 0
 
+      if "active" not in ctx: ctx["active"] = 0
 
+
 
+
 
+      if "logical_card_id" in ctx:
 
+        cardid = ctx["logical_card_id"]
 
+        _q = "select queue_order from user_pass where logical_card_id = %s and expired = 0 order by queue_order desc limit 1"
 
+        _c = db.cursor()
 
+        _c.execute(_q, [cardid])
 
+        _r = _c.fetchone()
 
+        if _r is not None:
 
+          ctx["queue_order"] = int(_r[0])+1
 
+        else:
 
+          ctx["active"] = 1
 
+          ctx["queue_order"] = 0
 
       else:
 
-        ctx["active"] = 1
 
         ctx["queue_order"] = 0
 
-    else:
 
-      ctx["queue_order"] = 0
 
 
-    for f in pass_fields:
 
-      if f in ctx:  field_vals.append(ctx[f])
 
-      else:         field_vals.append(None)
 
+      for f in pass_fields:
 
+        if f in ctx:  field_vals.append(ctx[f])
 
+        else:         field_vals.append(None)
 
 
-    query = "insert into user_pass (" + ",".join(fields) + ") values (" + ",".join(["%s"]*len(fields)) + ")"
 
+      query = "insert into user_pass (" + ",".join(fields) + ") values (" + ",".join(["%s"]*len(fields)) + ")"
 
 
-    #print(query)
 
-    #print(fields, field_vals)
 
+      print(query)
 
+      print(fields, field_vals)
 
 
-    cursor.execute(query, field_vals)
 
+      cursor.execute(query, field_vals)
 
 
-    res["user_pass_id"] = cursor.lastrowid
 
+      res["user_pass_id"] = cursor.lastrowid
 
+      res["result"] = "success"
 
 
-    _update_pass_bits(cursor, passid);
 
+      _update_pass_bits(cursor, passid);
 
 
   elif (ctx["action"] == "update"):
 
     update_field = []
 
@@ -309,6 +350,7 @@ def Pass(db, ctx):
 
     query = "update user_pass set " + ",".join(update_field) + " where user_pass_id = %s"
 
     cursor.execute(query, update_val)
 
     res["user_pass_id"] = passid
 
+    res["result"] = "success"
 
 
     _update_pass_bits(cursor, passid);
 
 
@@ -327,16 +369,25 @@ def Pass(db, ctx):
 
 
     _update_pass_bits(cursor, passid);
 
     res["user_pass_id"] = passid
 
+    res["result"] = "success"
 
 
 
   elif (ctx["action"] == "delete"):
 
     query = "delete from user_pass where user_pass_id = %s"
 
     cursor.execute(query, [passid])
 
     _update_pass_bits(cursor, passid);
 
+    res["result"] = "success"
 
 
   db.commit()
 
   return res
 
 
+##                    _ 
+##   ___ __ _ _ __ __| |
 
+##  / __/ _` | '__/ _` |
 
+## | (_| (_| | | | (_| |
 
+##  \___\__,_|_|  \__,_|
 
+##                      
+
 
 def Card(db, ctx):
 
 
   card_fields = CARD_FIELDS.copy()
 
@@ -361,7 +412,9 @@ def Card(db, ctx):
 
           res[f] = row[idx].strftime("%Y-%m-%d %H:%M:%S")
 
         else:
 
           res[f] = row[idx]
 
+      res["result"] = "success"
 
     else:
 
+      res["result"] = "fail"
 
       res["api_comment"] = "card not found"
 
 
   elif (ctx["action"] == "add"):
 
@@ -375,25 +428,46 @@ def Card(db, ctx):
 
     query = "insert into user_card (" + ",".join(fields) + ") values (" + ",".join(["%s"]*len(fields)) + ")"
 
     cursor.execute(query, field_vals)
 
     res["logical_card_id"] = cursor.lastrowid
 
+    res["result"] = "success"
 
 
   elif (ctx["action"] == "update"):
 
-    update_field = []
 
-    update_val = []
 
+    if not "logical_card_id" in ctx:
 
+      res["result"] = "fail"
 
+      res["api_comment"] = "must supply a logical_card_id"
 
+    else:
 
 
-    for f in card_fields:
 
-      if f in ctx:
 
-        update_field.append(f + "= %s")
 
-        update_val.append(ctx[f])
 
-    update_val.append(cardid)
 
+      update_field = []
 
+      update_val = []
 
 
-    query = "update user_card set " + ",".join(update_field) + " where logical_card_id = %s"
 
+      query_card_id = ctx["logical_card_id"]
 
+      cursor.execute("select logical_card_id from user_card where logical_card_id = %s", [query_card_id])
 
+      rows = cursor.fetchall()
 
+      if len(rows) == 0:
 
+        res["result"] = "fail"
 
+        res["api_comment"] = "card not found"
 
+      else:
 
 
-    cursor.execute(query, update_val)
 
-    res["logical_card_id"] = cardid
 
+        print(">>>>", len(rows))
 
+
 
+        for row in rows:
 
+          logical_card_id = row[0]
 
+
 
+        for f in card_fields:
 
+          if f in ctx:
 
+            update_field.append(f + "= %s")
 
+            update_val.append(ctx[f])
 
+        update_val.append(cardid)
 
+
 
+        query = "update user_card set " + ",".join(update_field) + " where logical_card_id = %s"
 
+
 
+        cursor.execute(query, update_val)
 
+        res["logical_card_id"] = cardid
 
+        res["result"] = "success"
 
 
   elif (ctx["action"] == "delete"):
 
     query = "delete from user_card where logical_card_id = %s"
 
     cursor.execute(query, [cardid])
 
+    res["result"] = "success"
 
 
   elif (ctx["action"] == "search"):
 
 
@@ -431,10 +505,19 @@ def Card(db, ctx):
 
       for row in rows:
 
         res["logical_card_ids"].append(row[0])
 
 
+    res["result"] = "success"
 
+
 
   db.commit()
 
 
   return res
 
 
+##                              
+##   __ _ _ __ ___  _   _ _ __  
+##  / _` | '__/ _ \| | | | '_ \ 
+## | (_| | | | (_) | |_| | |_) |
 
+##  \__, |_|  \___/ \__,_| .__/ 
+##  |___/                |_|    
+
 
 def Group(db,ctx):
 
   group_res = { }
 
 
@@ -459,6 +542,13 @@ def Group(db,ctx):
 
   return group_res
 
 
 
+##                      
+##  _   _ ___  ___ _ __ 
+## | | | / __|/ _ \ '__|
 
+## | |_| \__ \  __/ |   
+##  \__,_|___/\___|_|   
+##                      
+
 
 def User(db, ctx):
 
   user_fields = USER_FIELDS.copy()
 
   res = {}
 
@@ -469,6 +559,11 @@ def User(db, ctx):
 
 
   userid = -1
 
   if "userid" in ctx: userid = ctx["userid"]
 
+
 
+  print("cp.user")
 
+
 
+  ## USER GET
 
+  ##
 
   
   if (ctx["action"] == "get"):
 
     query = "select " + ",".join(user_fields) + " from users where userid = %s"
 
@@ -482,46 +577,114 @@ def User(db, ctx):
 
           res[f] = row[idx].strftime("%Y-%m-%d %H:%M:%S")
 
         else:
 
           res[f] = row[idx]
 
+      res["result"] = "success"
 
     else:
 
+      res["result"] = "fail"
 
       res["api_comment"] = "user not found"
 
 
+  ## USER ADD
 
+  ##
 
 
   elif (ctx["action"] == "add"):
 
-    fields.append("active")
 
-    fields.append("created")
 
-    for f in user_fields:
 
-      if f in ctx:  user_vals.append(ctx[f])
 
-      else:         user_vals.append(None)
 
-    user_vals.append(1)
 
-    user_vals.append(time.strftime('%Y-%m-%d %H:%M:%S'))
 
 
-    query = "insert into users (" + ",".join(fields) + ") values (" + ",".join(["%s"]*len(fields)) + ")"
 
-    cursor.execute(query, user_vals)
 
-    res["userid"] = cursor.lastrowid
 
+
 
+    if ((not "password" in ctx) or
 
+        (not "username" in ctx) ):
 
+      res["api_comment"] = "invalid parameters, need username and password to create account"
 
+      res["result"] = "fail"
 
+    else:
 
+      uname = ctx["username"]
 
+      pword = ctx["password"]
 
+
 
+      fields.append("active")
 
+      fields.append("created")
 
+      for f in user_fields:
 
+        if f in ctx:  user_vals.append(ctx[f])
 
+        elif f == "passwordhash":
 
+          ha = hashlib.sha256()
 
+          ha.update(str.encode(uname))
 
+          ha.update(str.encode(pword))
 
+          user_vals.append(ha.hexdigest())
 
+        else:         user_vals.append(None)
 
+      user_vals.append(1)
 
+      user_vals.append(time.strftime('%Y-%m-%d %H:%M:%S'))
 
+
 
+      query = "insert into users (" + ",".join(fields) + ") values (" + ",".join(["%s"]*len(fields)) + ")"
 
+      cursor.execute(query, user_vals)
 
+      res["userid"] = cursor.lastrowid
 
+      res["result"] = "success"
 
+
 
+  ## USER UPDATE
 
+  ##
 
 
   elif (ctx["action"] == "update"):
 
 
-    update_field = []
 
-    update_val = []
 
+    if not "userid" in ctx:
 
+      res["result"] = "fail"
 
+      res["api_comment"] = "no userid specified"
 
+    else:
 
 
-    for f in user_fields:
 
-      if f in ctx:
 
-        update_field.append(f + "= %s")
 
-        update_val.append(ctx[f])
 
-    update_val.append(userid)
 
+      uname = ''
 
+      query = "select username from users where userid = %s";
 
+      cursor.execute(query, [userid])
 
+      rows = cursor.fetchall()
 
+      for row in rows:
 
+        uname = row[0]
 
 
-    query = "update users set " + ",".join(update_field) + " where userid = %s"
 
-    cursor.execute(query, update_val)
 
-    res["userid"] = userid
 
+      if uname == '':
 
+        res["result"] = "fail"
 
+        res["api_comment"] = "could not find username"
 
+      else:
 
+
 
+        update_field = []
 
+        update_val = []
 
+
 
+        print("user_field:", user_fields)
 
+        print("ctx:", ctx)
 
+
 
+        for f in user_fields:
 
+          if (f == "passwordhash") and ("password" in ctx):
 
+            update_field.append(" passwordhash = %s ")
 
+            ha = hashlib.sha256()
 
+            ha.update(str.encode(uname))
 
+            ha.update(str.encode(ctx["password"]))
 
+            update_val.append(ha.hexdigest())
 
+          elif f in ctx:
 
+            update_field.append(f + "= %s")
 
+            update_val.append(ctx[f])
 
+          else:
 
+            pass
 
+            #update_val.append(None)
 
+        update_val.append(userid)
 
+
 
+        if len(update_field) == 0:
 
+          print("NOPE")
 
+
 
+        print("manage_user.update>>>", userid, ":".join(update_field), ":".join(update_val), len(update_field))
 
+
 
+        query = "update users set " + ",".join(update_field) + " where userid = %s"
 
+
 
+        print("WTFFF???", query)
 
+
 
+        cursor.execute(query, update_val)
 
+        res["userid"] = userid
 
+        res["result"] = "success"
 
+
 
+  ## USER DELETE
 
+  ##
 
 
   elif (ctx["action"] == "delete"):
 
     query = "delete from users where userid = %s"
 
     cursor.execute(query, [userid])
 
 
+  ## USER SEARCH
 
+  ##
 
+
 
   elif (ctx["action"] == "search"):
 
 
     res["userids"] = []
 
     res["userid"] = userid
 
+    res["result"] = "success"
 
 
     search_field = []
 
     search_val = []