QRouland/M2OLA
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

TG-124 : Modifications de la Base et adapation du code

Browse Source
This commit is contained in:
Clément ARNAUDEAU 2017-03-24 14:57:20 +01:00
parent 23478481b1
commit 1b8c71945a
10 changed files with 219 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
API_Interfaces.txt
View File

@ -20,29 +20,20 @@ GET -> Get the current logged user, return None if no one is connected
Out: Out:
200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null 200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null
########################
Redirect to cas auth (/login)
########################
Redirect to cas auth
######################## ########################
UserAPI (api/user) UserAPI (api/user)
######################## ########################
POST -> Create a user if it not already exists POST -> Create a user if it not already exists
In: In:
CASid = Login of the user caught from the CAS authentication (must be unique) email = Email and login of the user (must be unique)
role = Role of the user (can be concatenated with -) 1=secrétaire, 2=resp_formation, 3=tuteur_univ, 4=étudiant role = Role of the user (can be concatenated with -) 1=secrétaire, 2=resp_formation, 3=tuteur_univ, 4=étudiant
Out: Out:
200 -> UID = <USER_ID> : The user already exists with the id USER_ID 200 -> UID = <USER_ID> : The user already exists with the id USER_ID
201 -> UID = <USER_ID> : The user has been successfully created with the id USER_ID 201 -> UID = <USER_ID> : The user has been successfully created with the id USER_ID
400 -> ERROR = "One or more parameters are missing" : Bad request 400 -> ERROR = "One or more parameters are missing" : Bad request
405 -> ERROR = "A user with this email already exists !" : A user with this email already exists
PUT -> Modify an existing user PUT -> Modify an existing user
In: (Suffix = /byuid/<USER_ID>) In: (Suffix = /byuid/<USER_ID>)
CASid = Login of the user caught from the CAS authentication (must be unique)
role = Role of the user (can be concatenated with -) 1=secrétaire, 2=resp_formation, 3=tuteur_univ, 4=étudiant role = Role of the user (can be concatenated with -) 1=secrétaire, 2=resp_formation, 3=tuteur_univ, 4=étudiant
phone = Phone number of the user (00.00.00.00.00) phone = Phone number of the user (00.00.00.00.00)
email = Email of the user (must be unique) email = Email of the user (must be unique)
@ -50,11 +41,10 @@ PUT -> Modify an existing user
200 -> UID = <USER_ID> : The user has been modified sucessfully with the id USER_ID 200 -> UID = <USER_ID> : The user has been modified sucessfully with the id USER_ID
400 -> ERROR = "One or more parameters are missing !" : Bad request 400 -> ERROR = "One or more parameters are missing !" : Bad request
405 -> ERROR = "This user doesn't exists !" : Bad USER_ID provided 405 -> ERROR = "This user doesn't exists !" : Bad USER_ID provided
405 -> ERROR = "A user with this CASid (login) already exists !" : A user with this login already exists
405 -> ERROR = "A user with this email already exists !" : A user with this email already exists 405 -> ERROR = "A user with this email already exists !" : A user with this email already exists
GET -> Getting specified user infos GET -> Getting specified user infos
In: (Suffixes = /byuid/<USER_ID> | /bylogin/<USER_LOGIN> | /byemail/<USER_EMAIL>) In: (Suffixes = /byuid/<USER_ID> | /byemail/<USER_EMAIL>)
Out: Out:
200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null 200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null

36
backend/OLA.mysql
View File

@ -38,9 +38,11 @@ CREATE TABLE IF NOT EXISTS `GROUP`
CREATE TABLE IF NOT EXISTS `USER` CREATE TABLE IF NOT EXISTS `USER`
( (
id BIGINT NOT NULL AUTO_INCREMENT, id BIGINT NOT NULL AUTO_INCREMENT,
`login` VARCHAR(128) NOT NULL,
`role` VARCHAR(10) NOT NULL, `role` VARCHAR(10) NOT NULL,
email VARCHAR(256) NOT NULL, email VARCHAR(128) NOT NULL,
name VARCHAR(128) NOT NULL,
psw VARCHAR(256) DEFAULT NULL,
hash VARCHAR(128),
phone VARCHAR(15), phone VARCHAR(15),
PRIMARY KEY(id) PRIMARY KEY(id)
) ENGINE = INNODB; ) ENGINE = INNODB;
@ -57,10 +59,8 @@ CREATE TABLE IF NOT EXISTS TUTORSHIP
CREATE TABLE IF NOT EXISTS LIVRET CREATE TABLE IF NOT EXISTS LIVRET
( (
id BIGINT NOT NULL AUTO_INCREMENT, id BIGINT NOT NULL AUTO_INCREMENT,
tutorship_id BIGINT, tutorship_id BIGINT NOT NULL,
etutor_name VARCHAR(128) NOT NULL, etutor_id BIGINT NOT NULL,
etutor_email VARCHAR(256) NOT NULL,
etutor_phone VARCHAR(15) NOT NULL,
company_name VARCHAR(256) NOT NULL, company_name VARCHAR(256) NOT NULL,
company_address VARCHAR(512) NOT NULL, company_address VARCHAR(512) NOT NULL,
contract_type INT NOT NULL, contract_type INT NOT NULL,
@ -85,14 +85,6 @@ CREATE TABLE IF NOT EXISTS PERIOD
PRIMARY KEY (id) PRIMARY KEY (id)
) ENGINE = INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS HASHTABLE
(
token VARCHAR(255) NOT NULL,
exipre DATE NOT NULL,
period_id BIGINT NOT NULL,
PRIMARY KEY(token)
) ENGINE = INNODB;
# Create FKs # Create FKs
ALTER TABLE `GROUP` ALTER TABLE `GROUP`
@ -128,6 +120,10 @@ REFERENCES TUTORSHIP (id)
ON UPDATE CASCADE ON UPDATE CASCADE
; ;
ALTER TABLE LIVRET
ADD FOREIGN KEY (etutor_id)
REFERENCES `USER` (id);
ALTER TABLE LIVRET ALTER TABLE LIVRET
ADD FOREIGN KEY (tutorship_id) ADD FOREIGN KEY (tutorship_id)
REFERENCES TUTORSHIP (id) REFERENCES TUTORSHIP (id)
@ -141,13 +137,9 @@ REFERENCES LIVRET (id)
ON DELETE CASCADE ON DELETE CASCADE
ON UPDATE CASCADE; ON UPDATE CASCADE;
ALTER TABLE HASHTABLE
ADD FOREIGN KEY (period_id)
REFERENCES PERIOD (id)
ON DELETE CASCADE
ON UPDATE CASCADE
;
# Create Indexes # Create Indexes
CREATE INDEX tutor_email ON LIVRET(etutor_email); CREATE UNIQUE INDEX user_email
CREATE INDEX user_login ON `USER`(`login`); ON `USER` (`email`);
CREATE UNIQUE INDEX user_hash
ON `USER` (`hash`);

24
backend/OLA_DATA.mysql Normal file
View File

@ -0,0 +1,24 @@
USE OLA;
INSERT INTO SETTINGS VALUES ('URL_BASE_DIRECTORY', '/OLA_RESSOURCES/', 'Répertoire base pour le dépot des fichiers');
INSERT INTO SETTINGS VALUES ('OLA_URL', 'ola.univ-tlse2.fr/', 'URL de l application');
INSERT INTO `USER` VALUES (1, '1', 'sec@univ-tlse2.fr', 'Secrétaire', DEFAULT, 'aZeRtYuIoP', '01.23.45.67.89');
INSERT INTO `USER` VALUES (2, '4', 'etu1@univ-tlse2.fr', 'Etudiant 1', DEFAULT, 'qSdFgHjKlM', '01.23.45.67.89');
INSERT INTO `USER` VALUES (3, '4', 'etu2@univ-tlse2.fr', 'Etudiant 2', DEFAULT, 'wXcVbN', '01.23.45.67.89');
INSERT INTO `USER` VALUES (4, '4', 'etu3@univ-tlse2.fr', 'Etudiant 3', DEFAULT, 'pOiUyTrEzA', '01.23.45.67.89');
INSERT INTO `USER` VALUES (5, '2-3', 'resp@univ-tlse2.fr', 'Responsable', DEFAULT, 'mLkJhGfDsQ', '01.23.45.67.89');
INSERT INTO `USER` VALUES (6, '3', 'tut@univ-tlse2.fr', 'Tuteur Pédagogique', DEFAULT, 'nBvCxW', '01.23.45.67.89');
INSERT INTO `GROUP` VALUES
(1, 'M2_ICE_2016-2017_TEST', '2017', 'Master2 ICE', 'Master 2 Informatique Collaborative en Entreprise',
'Sciences du chômage proffessionnel', 5, 1,
'/home/dan/PycharmProjects/OLA/backend/app/OLA_RESSOURCES/M2_ICE_2016-2017_TEST');
INSERT INTO `GROUP` VALUES
(2, 'M1_ICE_2016-2017_TEST', '2017', 'Master1 ICE', 'Master 1 Informatique Collaborative en Entreprise',
'Sciences du chômage proffessionnel', 5, 1,
'/home/dan/PycharmProjects/OLA/backend/app/OLA_RESSOURCES/M1_ICE_2016-2017_TEST');
INSERT INTO TUTORSHIP VALUES (DEFAULT, 1, 5, 2);
INSERT INTO TUTORSHIP VALUES (DEFAULT, 2, 5, 4);
INSERT INTO TUTORSHIP VALUES (DEFAULT, 1, 6, 3);

69
backend/app/api/GroupAPI.py
View File

@ -24,7 +24,7 @@ class GroupAPI(Resource):
department = args['department'] department = args['department']
resp_id = args['resp_id'] resp_id = args['resp_id']
sec_id = args['sec_id'] sec_id = args['sec_id']
res_dir = app.config['BASE_RESSOURCES_DIR'] + name + "/" res_dir = getParam('URL_BASE_DIRECTORY') + name + "/"
group = getGroup(name=name) group = getGroup(name=name)
if group is not None: if group is not None:
@ -34,6 +34,18 @@ class GroupAPI(Resource):
if user is None: if user is None:
return {"ERROR": "The user with id " + str(resp_id) + " does not exists !"}, 400 return {"ERROR": "The user with id " + str(resp_id) + " does not exists !"}, 400
else: else:
query = USER.select(USER.c.id == user["id"])
rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_RESP_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("RESP_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL')})
send_mail(mail[0], user["email"], mail[1])
if "2" not in user['role'].split('-'): if "2" not in user['role'].split('-'):
role = user['role'] + "-2" role = user['role'] + "-2"
query = USER.update().values(role=role).where(USER.c.id == resp_id) query = USER.update().values(role=role).where(USER.c.id == resp_id)
@ -43,6 +55,18 @@ class GroupAPI(Resource):
if user is None: if user is None:
return {"ERROR": "The user with id " + str(sec_id) + " does not exists !"}, 400 return {"ERROR": "The user with id " + str(sec_id) + " does not exists !"}, 400
else: else:
query = USER.select(USER.c.id == user["id"])
rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_SEC_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("SEC_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL')})
send_mail(mail[0], user["email"], mail[1])
if "1" not in user['role'].split('-'): if "1" not in user['role'].split('-'):
role = user['role'] + "-1" role = user['role'] + "-1"
query = USER.update().values(role=role).where(USER.c.id == sec_id) query = USER.update().values(role=role).where(USER.c.id == sec_id)
@ -59,14 +83,14 @@ class GroupAPI(Resource):
if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args): if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args):
return {"ERROR": "One or more parameters are missing !"}, 400 return {"ERROR": "One or more parameters are missing !"}, 400
name = args['name'] name = args['name'].replace(" ", "_").replace("/", "-")
year = args['year'] year = args['year']
class_short = args['class_short'] class_short = args['class_short']
class_long = args['class_long'] class_long = args['class_long']
department = args['department'] department = args['department']
resp_id = args['resp_id'] resp_id = args['resp_id']
sec_id = args['sec_id'] sec_id = args['sec_id']
res_dir = app.config['BASE_RESSOURCES_DIR'] + name + "/" res_dir = getParam('URL_BASE_DIRECTORY') + name + "/"
group = getGroup(gid=gid) group = getGroup(gid=gid)
if group is None: if group is None:
@ -80,6 +104,18 @@ class GroupAPI(Resource):
if user is None: if user is None:
return {"ERROR": "The user with id " + str(resp_id) + " does not exists !"}, 400 return {"ERROR": "The user with id " + str(resp_id) + " does not exists !"}, 400
else: else:
query = USER.select(USER.c.id == user["id"])
rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_RESP_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("RESP_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL')})
send_mail(mail[0], user["email"], mail[1])
if "2" not in user['role'].split('-'): if "2" not in user['role'].split('-'):
role = user['role'] + "-2" role = user['role'] + "-2"
query = USER.update().values(role=role).where(USER.c.id == resp_id) query = USER.update().values(role=role).where(USER.c.id == resp_id)
@ -89,6 +125,18 @@ class GroupAPI(Resource):
if user is None: if user is None:
return {"ERROR": "The user with id " + str(sec_id) + " does not exists !"}, 400 return {"ERROR": "The user with id " + str(sec_id) + " does not exists !"}, 400
else: else:
query = USER.select(USER.c.id == user["id"])
rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_SEC_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("SEC_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL')})
send_mail(mail[0], user["email"], mail[1])
if "1" not in user['role'].split('-'): if "1" not in user['role'].split('-'):
role = user['role'] + "-1" role = user['role'] + "-1"
query = USER.update().values(role=role).where(USER.c.id == sec_id) query = USER.update().values(role=role).where(USER.c.id == sec_id)
@ -143,9 +191,18 @@ class GroupAPI(Resource):
query = TUTORSHIP.insert().values(group_id=gid, student_id=p[0], ptutor_id=p[1]) query = TUTORSHIP.insert().values(group_id=gid, student_id=p[0], ptutor_id=p[1])
query.execute() query.execute()
mail = mailsModels.getMailContent("NEW_TO_GROUP", {"GROUP": group["name"],
"URL": "ola.univ-tlse2.fr/registration/" query = USER.select(USER.c.id == stud["id"])
+ get_random_string()}) rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_STUD_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("STUD_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL')})
send_mail(mail[0], stud["email"], mail[1]) send_mail(mail[0], stud["email"], mail[1])
return {"RESULT": "Pairs added successfully"}, 200 return {"RESULT": "Pairs added successfully"}, 200

45
backend/app/api/UserAPI.py
View File

@ -1,7 +1,9 @@
from hashlib import sha256
from flask_restful import Resource, request from flask_restful import Resource, request
from app.model import * from app.model import *
from app.utils import checkParams from app.utils import checkParams, get_random_string
class UserAPI(Resource): class UserAPI(Resource):
@ -11,55 +13,54 @@ class UserAPI(Resource):
def post(self): def post(self):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['CASid', 'role'], args): if not checkParams(['role', 'email', 'name'], args):
return {"ERROR": "One or more parameters are missing !"}, 400 return {"ERROR": "One or more parameters are missing !"}, 400
CASid = args['CASid']
role = args['role'] role = args['role']
email = self.getEmailFromCAS(CASid) email = args['email']
name = args['name']
phone = None phone = None
user = getUser(login=CASid) user = getUser(email=email)
hashpass = get_random_string()
while hashExists(hashpass):
hashpass = get_random_string()
if user is not None: if user is not None:
return {"UID": user["id"]}, 200 return {"UID": user["id"]}, 200
if getUser(email=email) is not None: query = USER.insert().values(email=email, role=role, phone=phone, name=name, hash=hashpass)
return {"ERROR": "A user with this email (" + email + ") already exists !"}, 405
query = USER.insert().values(login=CASid, email=email, role=role, phone=phone)
res = query.execute() res = query.execute()
return {"UID": res.lastrowid}, 201 return {"UID": res.lastrowid}, 201
def put(self, uid): def put(self, uid):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['CASid', 'role', 'email', 'phone'], args): if not checkParams(['role', 'email', 'phone', 'name', 'password'], args):
return {"ERROR": "One or more parameters are missing !"}, 400 return {"ERROR": "One or more parameters are missing !"}, 400
CASid = args['CASid']
role = args['role'] role = args['role']
email = args['email'] email = args['email']
phone = args['phone'] phone = args['phone']
name = args['name']
psw = args['password']
if psw is None or len(psw) < 8:
return {"ERROR": "Password can't be empty or less than 8 characters !"}, 400
password = sha256(psw).hexdigest()
if getUser(uid=uid) is None: if getUser(uid=uid) is None:
return {"ERROR": "This user doesn't exists !"}, 405 return {"ERROR": "This user doesn't exists !"}, 405
if getUser(login=CASid) is not None:
return {"ERROR": "A user with this CASid (login) already exists !"}, 405
if getUser(email=email) is not None: if getUser(email=email) is not None:
return {"ERROR": "A user with this email already exists !"}, 405 return {"ERROR": "A user with this email already exists !"}, 405
query = USER.update().values(login=CASid, email=email, role=role, phone=phone).where(USER.c.id == uid) query = USER.update().values(email=email, role=role, phone=phone, name=name, psw=password, hash=None) \
.where(USER.c.id == uid)
query.execute() query.execute()
return {"UID": uid}, 200 return {"UID": uid}, 200
def get(self, uid=0, login="", email=""): def get(self, uid=0, email=""):
if uid > 0: if uid > 0:
return {'USER': getUser(uid=uid)}, 200 return {'USER': getUser(uid=uid)}, 200
elif login != "":
return {'USER': getUser(login=login)}, 200
elif email != "": elif email != "":
return {'USER': getUser(email=email)}, 200 return {'USER': getUser(email=email)}, 200
@staticmethod
def getEmailFromCAS(CASid):
return CASid + "@ola.com"

50
backend/app/api/mailsModels.py
View File

@ -1,13 +1,53 @@
_NEW_USER = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du " _NEW_STUD_OF_GROUP = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du "
"Livret de l'Alternant dans le groupe #GROUPE. Vous pouvez dès " "Livret de l'Alternant dans le groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant l'activer, puis créer un livret en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_STUD_OF_GROUP = (
"Vous avez été ajouté à un groupe OLA !", "Bonjour,<br/><p>Votre compte vient d'être ajouté dans l'Outil du "
"Livret de l'Alternant au groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant créer un livret en vous rendant à l'adresse : <br/>" "maintenant créer un livret en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>") "<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_NEW_RESP_OF_GROUP = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du "
"Livret de l'Alternant en tant que responsable du groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant l'activer, en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_RESP_OF_GROUP = (
"Vous avez été ajouté à un groupe OLA !", "Bonjour,<br/><p>Votre compte vient d'être ajouté dans l'Outil du "
"Livret de l'Alternant en tant que responsable du groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant y accéder en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_NEW_SEC_OF_GROUP = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du "
"Livret de l'Alternant en tant que secrétaire du groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant l'activer, en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_SEC_OF_GROUP = (
"Vous avez été ajouté à un groupe OLA !", "Bonjour,<br/><p>Votre compte vient d'être ajouté dans l'Outil du "
"Livret de l'Alternant en tant que secrétaire du groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant y accéder en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
def getMailContent(mail_type, args): def getMailContent(mail_type, args):
mail = None if mail_type == "NEW_STUD_OF_GROUP":
if mail_type == "NEW_USER": mail = _NEW_STUD_OF_GROUP
mail = _NEW_USER elif mail_type == "STUD_OF_GROUP":
mail = _STUD_OF_GROUP
elif mail_type == "NEW_RESP_OF_GROUP":
mail = _NEW_RESP_OF_GROUP
elif mail_type == "RESP_OF_GROUP":
mail = _RESP_OF_GROUP
elif mail_type == "NEW_SEC_OF_GROUP":
mail = _NEW_SEC_OF_GROUP
elif mail_type == "SEC_OF_GROUP":
mail = _SEC_OF_GROUP
else:
raise Exception("Unknown mail type !")
for key, value in args: for key, value in args:
mail[1].replace("#" + key, value) mail[1].replace("#" + key, value)
return mail return mail

3
backend/app/config.py.example
View File

@ -31,7 +31,6 @@ class Config:
CAS_LOGIN_ROUTE = "/login" CAS_LOGIN_ROUTE = "/login"
CAS_LOGOUT_ROUTE = "/logout" CAS_LOGOUT_ROUTE = "/logout"
CAS_VALIDATE_ROUTE = "/serviceValidate" CAS_VALIDATE_ROUTE = "/serviceValidate"
BASE_RESSOURCES_DIR = "/OLA_RESSOURCES/"
MAILER = True MAILER = True
@ -44,7 +43,6 @@ class Debug(Config):
DEBUG = True DEBUG = True
SESSION_COOKIE_SECURE = False SESSION_COOKIE_SECURE = False
SQLALCHEMY_DATABASE_URI = 'mysql://ola:XXX@localhost/OLA' SQLALCHEMY_DATABASE_URI = 'mysql://ola:XXX@localhost/OLA'
BASE_RESSOURCES_DIR = os.path.abspath(os.path.dirname(__file__))+"/OLA_RESSOURCES/"
class Test(Config): class Test(Config):
@ -52,5 +50,4 @@ class Test(Config):
BASE_DIR = os.path.abspath(os.path.dirname(__file__)) BASE_DIR = os.path.abspath(os.path.dirname(__file__))
SQLALCHEMY_DATABASE_URI = \ SQLALCHEMY_DATABASE_URI = \
'sqlite:///' + os.path.join(BASE_DIR, '../test.db') 'sqlite:///' + os.path.join(BASE_DIR, '../test.db')
BASE_RESSOURCES_DIR = os.path.abspath(os.path.dirname(__file__))+"/OLA_RESSOURCES/"
MAILER = False MAILER = False

8
backend/app/core.py
View File

@ -1,16 +1,16 @@
import importlib import importlib
from datetime import timedelta from datetime import timedelta
from flask_cas import CAS
from app.config import Config
from flask import Flask, session, redirect from flask import Flask, session, redirect
from flask_cas import CAS
from flask_restful import Api from flask_restful import Api
from flask_sqlalchemy import SQLAlchemy from flask_sqlalchemy import SQLAlchemy
from sqlalchemy import MetaData from sqlalchemy import MetaData
from sqlalchemy import create_engine from sqlalchemy import create_engine
from sqlalchemy.ext.automap import automap_base from sqlalchemy.ext.automap import automap_base
from app.config import Config
# initialization Flask # initialization Flask
app = Flask(__name__) app = Flask(__name__)
app.config.from_object(Config.ACTIVE_CONFIG) app.config.from_object(Config.ACTIVE_CONFIG)
@ -20,6 +20,7 @@ app.permanent_session_lifetime = \
minutes=app.config['SESSION_VALIDITY_DURATION_WITHOUT_ACTIVITY_MIN'] minutes=app.config['SESSION_VALIDITY_DURATION_WITHOUT_ACTIVITY_MIN']
) )
@app.before_request @app.before_request
def before_request(): def before_request():
session.modified = True session.modified = True
@ -37,6 +38,7 @@ api = Api(app)
# Cas Flask # Cas Flask
cas = CAS(app) cas = CAS(app)
@app.route('/redirect') @app.route('/redirect')
def after_login(): def after_login():
return redirect("/api/login") return redirect("/api/login")

50
backend/app/model.py
View File

@ -1,11 +1,10 @@
from sqlalchemy import Table from sqlalchemy import Table
from sqlalchemy import or_ from sqlalchemy import and_
from app.core import meta, db, Base from app.core import meta, Base
USER = Table('USER', meta, autoload=False) USER = Table('USER', meta, autoload=False)
SETTINGS = Table('SETTINGS', meta, autoload=False) SETTINGS = Table('SETTINGS', meta, autoload=False)
HASHTABLE = Table('HASHTABLE', meta, autoload=False)
GROUP = Table('GROUP', meta, autoload=False) GROUP = Table('GROUP', meta, autoload=False)
TUTORSHIP = Table('TUTORSHIP', meta, autoload=False) TUTORSHIP = Table('TUTORSHIP', meta, autoload=False)
PERIOD = Table('PERIOD', meta, autoload=False) PERIOD = Table('PERIOD', meta, autoload=False)
@ -13,17 +12,22 @@ LIVRET = Table('LIVRET', meta, autoload=False)
user_class = Base.classes.USER user_class = Base.classes.USER
settings_class = Base.classes.SETTINGS settings_class = Base.classes.SETTINGS
hashtable_class = Base.classes.HASHTABLE
group_class = Base.classes.GROUP group_class = Base.classes.GROUP
tutorship_class = Base.classes.TUTORSHIP tutorship_class = Base.classes.TUTORSHIP
period_class = Base.classes.PERIOD period_class = Base.classes.PERIOD
livret_class = Base.classes.LIVRET livret_class = Base.classes.LIVRET
def getUser(uid=0, login="", email=""): def getParam(key):
query = SETTINGS.select(SETTINGS.c.key == key)
rows = query.execute()
return rows.first().value
def getUser(uid=0, email=""):
res = None res = None
if uid == 0 and login == "" and email == "": if uid == 0 and email == "":
raise Exception("getUser must be called with one argument !") raise Exception("getUser must be called with one argument !")
else: else:
if uid != 0: if uid != 0:
@ -31,34 +35,22 @@ def getUser(uid=0, login="", email=""):
rows = query.execute() rows = query.execute()
res = rows.first() res = rows.first()
elif login != "":
query = USER.select(USER.c.login == login)
rows = query.execute()
res = rows.first()
elif email != "": elif email != "":
query = USER.select(USER.c.email == email) query = USER.select(USER.c.email == email)
rows = query.execute() rows = query.execute()
res = rows.first() res = rows.first()
if res is not None: if res is not None:
return {"id": res.id, "login": res.login, "email": res.email, "role": res.role, "phone": res.phone} return {"id": res.id, "email": res.email, "role": res.role, "phone": res.phone, "name": res.name}
else: else:
return None return None
def isUserAllowed(uid):
query = db.session.query(group_class, tutorship_class).join(tutorship_class) \
.filter(or_(tutorship_class.student_id == uid, group_class.resp_id == uid))
res = query.all()
return res is not None and len(res) > 0
def getGroup(gid=0, name=""): def getGroup(gid=0, name=""):
res = None res = None
if gid == 0 and name == "": if gid == 0 and name == "":
raise Exception("getUser must be called with one argument !") raise Exception("getGroup must be called with one argument !")
else: else:
if gid != 0: if gid != 0:
query = GROUP.select(GROUP.c.id == gid) query = GROUP.select(GROUP.c.id == gid)
@ -76,3 +68,21 @@ def getGroup(gid=0, name=""):
"sec_id": getUser(uid=res.sec_id), "ressources_dir": res.ressources_dir} "sec_id": getUser(uid=res.sec_id), "ressources_dir": res.ressources_dir}
else: else:
return None return None
def getTutorshipForStudent(gid, student):
query = TUTORSHIP.select(and_(TUTORSHIP.c.group_id == gid, TUTORSHIP.c.student_id == student))
rows = query.execute()
res = rows.first()
if res is not None:
return {"id": res.id, "group_id": getGroup(gid=res.group_id), "student_id": getUser(uid=res.student_id),
"ptutor_id": getUser(uid=res.ptutor_id)}
else:
return None
def hashExists(test):
query = USER.select(USER.c.hash == test)
rows = query.execute()
res = rows.first()
return res is not None

3
backend/app/urls.py
View File

@ -9,6 +9,5 @@ from app.core import api
api.add_resource(SomeApi, '/api/someapi', '/api/someapi/<int:id>') api.add_resource(SomeApi, '/api/someapi', '/api/someapi/<int:id>')
api.add_resource(LoginAPI, '/api/login') api.add_resource(LoginAPI, '/api/login')
api.add_resource(UserInfoAPI, '/api/userInfo') api.add_resource(UserInfoAPI, '/api/userInfo')
api.add_resource(UserAPI, '/api/user', '/api/user/byuid/<int:uid>', '/api/user/bylogin/<string:login>', api.add_resource(UserAPI, '/api/user', '/api/user/byuid/<int:uid>', '/api/user/byemail/<string:email>')
'/api/user/byemail/<string:email>')
api.add_resource(GroupAPI, '/api/group', '/api/group/bygid/<int:gid>', '/api/group/byname/<string:name>') api.add_resource(GroupAPI, '/api/group', '/api/group/bygid/<int:gid>', '/api/group/byname/<string:name>')