TG-54 Merge remote-tracking branch 'origin/master' into mirror

This commit is contained in:
Sidya 2017-05-09 13:58:42 +02:00
commit f6090d45f1
27 changed files with 668 additions and 265 deletions

View File

@ -1,7 +1,10 @@
####################### #######################
LoginAPI (api/login) LoginAPI (api/login)
####################### #######################
GET -> Authentication method POST -> Authentication method
In:
email = Email and login of the user (must be unique)
password = Password of the user (secured by HTTPS)
Out: Out:
200 -> AUTH_RESULT = "OK" : Authentication sucessful 200 -> AUTH_RESULT = "OK" : Authentication sucessful
401 -> AUTH_RESULT = "AUTHENTICATION_FAILURE" : Wrong login/password 401 -> AUTH_RESULT = "AUTHENTICATION_FAILURE" : Wrong login/password
@ -20,6 +23,7 @@ GET -> Get the current logged user, return None if no one is connected
Out: Out:
200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null 200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null
######################## ########################
UserAPI (api/user) UserAPI (api/user)
######################## ########################
@ -27,6 +31,7 @@ POST -> Create a user if it not already exists
In: In:
email = Email and login of the user (must be unique) email = Email and login of the user (must be unique)
role = Role of the user (can be concatenated with -) 1=secrétaire, 2=resp_formation, 3=tuteur_univ, 4=étudiant, 5=tuteur_ent role = Role of the user (can be concatenated with -) 1=secrétaire, 2=resp_formation, 3=tuteur_univ, 4=étudiant, 5=tuteur_ent
name = Display name of the user
Out: Out:
200 -> UID = <USER_ID> : The user already exists with the id USER_ID 200 -> UID = <USER_ID> : The user already exists with the id USER_ID
201 -> UID = <USER_ID> : The user has been successfully created with the id USER_ID 201 -> UID = <USER_ID> : The user has been successfully created with the id USER_ID
@ -48,6 +53,7 @@ GET -> Getting specified user infos
Out: Out:
200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null 200 -> USER = <USER_OBJECT>|null : Dictionary containing user infos or null
######################## ########################
GroupAPI (api/group) GroupAPI (api/group)
######################## ########################
@ -98,3 +104,92 @@ OPTIONS -> Add pairs of users (student/tutor) to the group
400 -> ERROR = "A student can't be a tutor !" : The given USER_ID for tutor have the "student" role (4) and so can't be a tutor 400 -> ERROR = "A student can't be a tutor !" : The given USER_ID for tutor have the "student" role (4) and so can't be a tutor
405 -> ERROR = "This group doesn't exists !" : Bad GROUP_ID provided 405 -> ERROR = "This group doesn't exists !" : Bad GROUP_ID provided
409 -> ERROR = "Pairs are incorrectly formed !" : Bad syntax in pairs table 409 -> ERROR = "Pairs are incorrectly formed !" : Bad syntax in pairs table
########################
LivretAPI (api/livret)
########################
POST -> Create a livret if it not already exists
In:
group_id = Id of the group where this livret should be inserted in (we must have only one livret per student in a single group)
etutor_id = UID of the company tutor
company_name = Name of the company
company_address = Mail address of the company
contract_type = Type of the internship contract (1 = contrat d'alternance, 2 = contrat de professionnalisation, 3 = stage)
contract_start = Date of the contract's beginning (format : dd-mm-yyyy)
contract_end = Date of the contract's end (format : dd-mm-yyyy)
description = Description of the internship missions and activities overview
Out:
200 -> LID = <LIVRET_ID> : The livret already exists with the id LIVRET_ID
201 -> LID = <LIVRET_ID> : The livret has been successfully created with the id LIVRET_ID
400 -> ERROR = "One or more parameters are missing" : Bad request
400 -> ERROR = "The user with id <USER_ID> doesn't exists !" : The given USER_ID for etutor is not found
400 -> ERROR = "An etutor must have the 'etutor' role !" : The given USER_ID for etutor doesn't have the "etutor" role (5)
400 -> ERROR = "The contract start can't be after its end !" : The given contract's end date is anterior to it's beginning
405 -> ERROR = "The group with id GROUP_ID doesn't exists !" : The given GROUP_ID is not found
405 -> ERROR = "The The current student is not registered in the group <GROUP_ID> !" : The currently logged student is not affected to the specified GROUP_ID
PUT -> Modify an existing livret
In: (Suffix = /bylid/<LIVRET_ID>)
etutor_id = UID of the company tutor
company_name = Name of the company
company_address = Mail address of the company
contract_type = Type of the internship contract (1 = contrat d'alternance, 2 = contrat de professionnalisation, 3 = stage)
contract_start = Date of the contract's beginning (format : dd-mm-yyyy)
contract_end = Date of the contract's end (format : dd-mm-yyyy)
description = Description of the internship missions and activities overview
Out:
200 -> LID = <LIVRET_ID> : The livret has been modified successfully with the id LIVRET_ID
400 -> ERROR = "One or more parameters are missing !" : Bad request
400 -> ERROR = "The user with id <USER_ID> doesn't exists !" : The given USER_ID for etutor is not found
400 -> ERROR = "An etutor must have the 'etutor' role !" : The given USER_ID for etutor doesn't have the "etutor" role (5)
400 -> ERROR = "The contract start can't be after its end !" : The given contract's end date is anterior to it's beginning
405 -> ERROR = "This group doesn't exists !" : Bad LIVRET_ID provided
GET -> Getting specified livret infos
In: (Suffixes = /bylid/<GROUP_ID> | /bytutorship/<GROUP_ID>/<STUDENT_ID> )
Out:
200 -> LIVRET = <LIVRET_OBJECT>|null : Dictionary containing livret infos or null
########################
PeriodAPI (api/period)
########################
POST -> Create a period for all livrets in a group
In:
group_id = Id of the group where this period should be inserted in
period_type = Type of the period (1 = universitaire, 2 = entreprise)
start = Date of the period's beginning (format : dd-mm-yyyy)
end = Date of the period's end (format : dd-mm-yyyy)
Out:
200 -> RESULT = OK : The period has been successfully created in all the livrets in the given group
400 -> ERROR = "One or more parameters are missing" : Bad request
401 -> ERROR = "UNAUTHORIZED" : The current user is not allowed to modify this group (only the group's resp can do it)
400 -> ERROR = "The period's start can't be after its end !" : The given period's end date is anterior to it's beginning
405 -> ERROR = "The group with id GROUP_ID doesn't exists !" : The given GROUP_ID is not found
PUT -> Add the comments of a user in an existing period
In: (Suffix = /bypid/<PERIOD_ID>)
text = Comment added by the user about the period (student or etutor)
Out:
200 -> PID = <PERIOD_ID> : The period has been modified successfully with the id PERIOD_ID
400 -> ERROR = "One or more parameters are missing !" : Bad request
400 -> ERROR = "This period doesn't exists !" : Bad PERIOD_ID provided
401 -> ERROR = "UNAUTHORIZED" : The current user is not allowed to modify this group (only the student and his etutor can do it)
405 -> ERROR = "A tutor can't modify a university period !" : A tutor can't modify a university period :)
GET -> Getting specified period infos
In: (Suffix = /bypid/<PERIOD_ID>)
Out:
200 -> PERIOD = <PERIOD_OBJECT>|null : Dictionary containing period infos or null
########################
GetAllAPI (api/getAll)
########################
GET -> Getting specified period infos
In: (Suffix = /<WHAT>/<VALUE>)
Parameters for <WHAT>/<VALUE> :
periodsOfLivret/<LIVRET_ID> : Returns all the periods associated to the given <LIVRET_ID>
Out:
200 -> RESULT = <ARRAY_OF_OBJECTS>

View File

@ -1,67 +1,67 @@
Page 1 : Page 1 :
MASTER : {{ nom_master }} MASTER : {{page1.nom_master }}
{{ nom_complet_master }} {{ page1.nom_complet_master }}
Année universitaire : Année universitaire :
{{ annee_1 }} {{ page1.annee_1 }}
- -
{{ annee_2 }} {{ page1.annee_2 }}
De : {{ nom_prenom }} De : {{ page1.nom_prenom }}
mail : {{ email }} mail : {{ page1.email }}
tel : {{ telephone }} tel : {{ page1.telephone }}
Alternant à : {{ entreprise }} Alternant à : {{ page1.entreprise }}
tuteur/tutrice pédagogique : {{ tuteur_pedagogique }} tuteur/tutrice pédagogique : {{ page1.tuteur_pedagogique }}
Tuteur / Tutrice entreprise : {{ tuteur_entreprise }} Tuteur / Tutrice entreprise : {{ page1.tuteur_entreprise }}
Page 2 : Page 2 :
Alternant Alternant
Type de contrat : Type de contrat :
{{ type_contrat_apprentissage | X }} {{ page2.type_contrat_apprentissage | X }}
{{ type_contrat_professionnalisation | X }} {{ page2.type_contrat_professionnalisation | X }}
{{ type_contrat_stage | X }} {{ page2.type_contrat_stage | X }}
Début de contrat : {{ debut_contrat }} Début de contrat : {{ page2.debut_contrat }}
Fin de contrat : {{ fin_contrat }} Fin de contrat : {{ page2.fin_contrat }}
tel : {{ telephone }} tel : {{ page2.telephone }}
mail : {{ email }} mail : {{ page2.email }}
compostant de formation : {{ compostant_formation }} compostant de formation : {{ page2.compostant_formation }}
responsable tuteur_pedagogique de la formation : {{ responsable_pedagogique_formation }} responsable tuteur_pedagogique de la formation : {{ page2.responsable_pedagogique_formation }}
tel : {{ tel_responsable_pedagogique_formation }} tel : {{ page2.tel_responsable_pedagogique_formation }}
mail : {{ mail_responsable_pedagogique_formation }} mail : {{ page2.mail_responsable_pedagogique_formation }}
tuteur pédagogique : tuteur pédagogique :
{{ tel_tuteur_pedagogique }} {{ page2.tel_tuteur_pedagogique }}
{{ mail_tuteur_pedagogique }} {{ page2.mail_tuteur_pedagogique }}
tuteur entreprise : tuteur entreprise :
{{ tuteur_entreprise }} {{ page2.tuteur_entreprise }}
entreprise : {{ entreprise }} entreprise : {{ page2.entreprise }}
adresse lieu Alternance : {{ adresse_entreprise }} adresse lieu Alternance : {{ page2.adresse_entreprise }}
tel : {{ tel_tuteur_entreprise }} tel : {{ page2.tel_tuteur_entreprise }}
mail : {{ mail_tuteur_entreprise }} mail : {{ page2.mail_tuteur_entreprise }}
Page 4 : Page 4 :
poste occupé : {{ poste_occupe }} poste occupé : {{ page4.poste_occupe }}
{{ poste_occupe_2 }} {{ page4.poste_occupe_2 }}
Pentreprise : Pentreprise :
{{ n_periode }} {{ PEntreprise.n_periode }}
{{ debut_periode }} {{ PEntreprise.debut_periode }}
{{ fin_periode }} {{ PEntreprise.fin_periode }}
{{ travaux_entreprise }} {{ PEntreprise.travaux_entreprise }}
{{ remarque_tuteur }} {{ PEntreprise.remarque_tuteur }}
bilan_periode : bilan_periode :
{{ n_periode }} {{ PFormation.n_periode }}
{{ bilan_periode }} {{ PFormation.bilan_periode }}

View File

@ -66,6 +66,7 @@ CREATE TABLE IF NOT EXISTS LIVRET
contract_type INT NOT NULL, contract_type INT NOT NULL,
contract_start DATE NOT NULL, contract_start DATE NOT NULL,
contract_end DATE NOT NULL, contract_end DATE NOT NULL,
description TEXT NOT NULL,
ressources_dir VARCHAR(512), ressources_dir VARCHAR(512),
opened TINYINT(1) NOT NULL, opened TINYINT(1) NOT NULL,
expire DATE NOT NULL, expire DATE NOT NULL,
@ -143,3 +144,5 @@ CREATE UNIQUE INDEX user_email
ON `USER` (`email`); ON `USER` (`email`);
CREATE UNIQUE INDEX user_hash CREATE UNIQUE INDEX user_hash
ON `USER` (`hash`); ON `USER` (`hash`);
CREATE UNIQUE INDEX tutorship_unique_bygroup
ON `TUTORSHIP` (`group_id`, `student_id`);

View File

@ -1,7 +1,7 @@
USE OLA; USE OLA;
INSERT INTO SETTINGS VALUES ('BASE_DIRECTORY', '/OLA_RESSOURCES/', 'Répertoire base pour le dépot des fichiers'); INSERT INTO SETTINGS VALUES ('BASE_DIRECTORY', '/OLA_RESSOURCES/', 'Répertoire base pour le dépot des fichiers');
INSERT INTO SETTINGS VALUES ('TEMPLATES_DIRECTORY', '/OLA_TEMPLATES/', 'Répertoire base pour le dépot des fichiers'); INSERT INTO SETTINGS VALUES ('TEMPLATES_DIRECTORY', '/OLA_TEMPLATES/', 'Répertoire base pour le dépot des fichiers');
INSERT INTO SETTINGS VALUES ('OLA_URL', 'ola.univ-tlse2.fr/', 'URL de l application'); INSERT INTO SETTINGS VALUES ('OLA_URL', 'http://ola.univ-tlse2.fr/', 'URL de l application');
INSERT INTO `USER` VALUES (1, '1', 'sec@univ-tlse2.fr', 'Secrétaire', DEFAULT, 'aZeRtYuIoP', '01.23.45.67.89'); INSERT INTO `USER` VALUES (1, '1', 'sec@univ-tlse2.fr', 'Secrétaire', DEFAULT, 'aZeRtYuIoP', '01.23.45.67.89');
INSERT INTO `USER` VALUES (2, '4', 'etu1@univ-tlse2.fr', 'Etudiant 1', DEFAULT, 'qSdFgHjKlM', '01.23.45.67.89'); INSERT INTO `USER` VALUES (2, '4', 'etu1@univ-tlse2.fr', 'Etudiant 1', DEFAULT, 'qSdFgHjKlM', '01.23.45.67.89');

View File

@ -1,18 +0,0 @@
USE OLA;
INSERT INTO SETTINGS VALUES ('URL_BASE_DIRECTORY', '/OLA_RESSOURCES/', 'Répertoire base pour le dépot des fichiers');
INSERT INTO SETTINGS VALUES ('OLA_URL', 'ola.univ-tlse2.fr/', 'URL de l application');
INSERT INTO `USER` VALUES (1, 'sec', '1', 'sec@univ-tlse2.fr', '01.23.45.67.89');
INSERT INTO `USER` VALUES (2, 'etu1', '4', 'etu1@univ-tlse2.fr', '01.23.45.67.89');
INSERT INTO `USER` VALUES (3, 'etu2', '4', 'etu2@univ-tlse2.fr', '01.23.45.67.89');
INSERT INTO `USER` VALUES (4, 'etu3', '4', 'etu3@univ-tlse2.fr', '01.23.45.67.89');
INSERT INTO `USER` VALUES (5, 'resp', '2-3', 'resp@univ-tlse2.fr', '01.23.45.67.89');
INSERT INTO `USER` VALUES (6, 'tut', '3', 'tut@univ-tlse2.fr', '01.23.45.67.89');
INSERT INTO `GROUP` VALUES (1, 'M2_ICE_2016-2017_TEST', '2017', 'Master2 ICE', 'Master 2 Informatique Collaborative en Entreprise', 'Sciences du chômage proffessionnel', 5, 1, '/home/dan/PycharmProjects/OLA/backend/app/OLA_RESSOURCES/M2_ICE_2016-2017_TEST');
INSERT INTO `GROUP` VALUES (2, 'M1_ICE_2016-2017_TEST', '2017', 'Master1 ICE', 'Master 1 Informatique Collaborative en Entreprise', 'Sciences du chômage proffessionnel', 5, 1, '/home/dan/PycharmProjects/OLA/backend/app/OLA_RESSOURCES/M1_ICE_2016-2017_TEST');
INSERT INTO TUTORSHIP VALUES (DEFAULT, 1, 2, 5);
INSERT INTO TUTORSHIP VALUES (DEFAULT, 2, 4, 5);
INSERT INTO TUTORSHIP VALUES (DEFAULT, 1, 3, 6);

View File

@ -0,0 +1,82 @@
from flask_restful import Resource
from app.model import *
from app.tools.LibPdf import fusion_fichiers
class ExportPdfAPI(Resource):
def get(self, uid=0, gid=0, name=""):
if uid > 0:
user = getUser(uid=uid)
group = getGroup(gid)
if user is None:
return {"ERROR": "The user with id " + str(gid) + " does not exists !"}, 400
prenom = user["name"].split(" ", 1)
nom = user["name"].split(" ", 2)
group["name"]
annee1 = group["year"]
annee2 = int(group["year"]) + 1
promo = group["class_short"]
group["class_long"]
group["departement"]
group["resp_id"]
group["sec_id"]
group["ressources_dir"]
self.data = {
'page1.nom_master': 'Renan',
'page1.nom_complet_master': 'Husson',
'page1.annee_1': 'Husson',
'page1.annee_2': 'Jean Jaures',
'page1.nom_prenom': 'Panda',
'page1.email': 'Panda',
'page1.telephone': 'Panda',
'page1.entreprise': 'Panda',
'page1.tuteur_pedagogique': 'Panda',
'page1.tuteur_entreprise': 'Panda',
'page2.type_contrat_apprentissage': True,
'page2.type_contrat_professionnalisation': True,
'page2.type_contrat_stage': True,
'page2.debut_contrat': 'Panda',
'page2.fin_contrat': 'Panda',
'page2.telephone': 'Panda',
'page2.email': 'Panda',
'page2.compostant_formation': 'Panda',
'page2.responsable_pedagogique_formation': 'Panda',
'page2.tel_responsable_pedagogique_formation': 'Panda',
'page2.mail_responsable_pedagogique_formation': 'Panda',
'page2.tel_tuteur_pedagogique': 'Panda',
'page2.mail_tuteur_pedagogique': 'Panda',
'page2.tuteur_entreprise': 'Panda',
'page2.entreprise': 'Panda',
'page2.adresse_entreprise': 'Panda',
'page2.tel_tuteur_entreprise': 'Panda',
'page2.mail_tuteur_entreprise': 'Panda',
'page4.poste_occupe': 'Panda',
'page4.poste_occupe_2': 'Panda',
'PEntreprise.n_periode': 'Panda',
'PEntreprise.debut_periode': 'Panda',
'PEntreprise.fin_periode': 'Panda',
'PEntreprise.travaux_entreprise': 'Panda',
'PEntreprise.remarque_tuteur': 'Panda',
'pagePFormation.n_periode': 'Panda',
'pagePFormation.bilan_periode': 'Panda',
}
pdf_fusion = ["/page1.pdf", "/page2.pdf"]
chemin_pdf = "/tmp"
nom_pdf = "Livret_Alternant_BOB_Armandeau.pdf"
fusion_fichiers(chemin_pdf, nom_pdf, pdf_fusion)
# Prenom NOM
# remplir_template()

View File

@ -0,0 +1,31 @@
from flask import session
from flask_restful import Resource
from app.api.LoginAPI import login_required
from app.model import getLivret, PERIOD, getPeriod
class GetAllAPI(Resource):
"""
GetAll Api Resource
Renvoie toutes les occurences correspondant à un critère
"""
@login_required()
def get(self, what, value):
user = session.get("user")
result = []
if what == "periodsOfLivret": # Toutes les périodes associées à un livret
if value > 0:
livret = getLivret(lid=value)
if livret is None:
return {"ERROR": "This livret doesn't exists !"}, 405
query = PERIOD.select(PERIOD.c.livret_id == value)
res = query.execute()
for row in res:
result.append(getPeriod(pid=row.id))
else:
return {'ERROR': 'Unkown parameter :' + str(what)}, 200
return {'RESULT': result}, 200

View File

@ -3,8 +3,9 @@ import os
from flask_restful import Resource, request from flask_restful import Resource, request
from app.api import mailsModels from app.api import mailsModels
from app.model import * from app.api.LoginAPI import login_required
from app.utils import * from app.model import Roles, getGroup, getParam, getUser, USER, GROUP, TUTORSHIP
from app.utils import send_mail, checkParams
class GroupAPI(Resource): class GroupAPI(Resource):
@ -12,6 +13,7 @@ class GroupAPI(Resource):
Group Api Resource Group Api Resource
""" """
@login_required(roles=[Roles.resp_formation])
def post(self): def post(self):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args): if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args):
@ -47,8 +49,8 @@ class GroupAPI(Resource):
"URL": getParam('OLA_URL')}) "URL": getParam('OLA_URL')})
mails.append((user["email"], mail)) mails.append((user["email"], mail))
if "2" not in user['role'].split('-'): if str(Roles.resp_formation) not in user['role'].split('-'):
role = user['role'] + "-2" role = user['role'] + "-" + str(Roles.resp_formation)
query = USER.update().values(role=role).where(USER.c.id == resp_id) query = USER.update().values(role=role).where(USER.c.id == resp_id)
query.execute() query.execute()
@ -68,8 +70,8 @@ class GroupAPI(Resource):
"URL": getParam('OLA_URL')}) "URL": getParam('OLA_URL')})
mails.append((user["email"], mail)) mails.append((user["email"], mail))
if "1" not in user['role'].split('-'): if str(Roles.secretaire) not in user['role'].split('-'):
role = user['role'] + "-1" role = user['role'] + "-" + str(Roles.secretaire)
query = USER.update().values(role=role).where(USER.c.id == sec_id) query = USER.update().values(role=role).where(USER.c.id == sec_id)
query.execute() query.execute()
@ -85,6 +87,7 @@ class GroupAPI(Resource):
return {"GID": res.lastrowid}, 201 return {"GID": res.lastrowid}, 201
@login_required(roles=Roles.resp_formation)
def put(self, gid): def put(self, gid):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args): if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args):
@ -124,8 +127,8 @@ class GroupAPI(Resource):
"URL": getParam('OLA_URL')}) "URL": getParam('OLA_URL')})
mails.append((user["email"], mail)) mails.append((user["email"], mail))
if "2" not in user['role'].split('-'): if str(Roles.resp_formation) not in user['role'].split('-'):
role = user['role'] + "-2" role = user['role'] + "-" + str(Roles.resp_formation)
query = USER.update().values(role=role).where(USER.c.id == resp_id) query = USER.update().values(role=role).where(USER.c.id == resp_id)
query.execute() query.execute()
@ -145,8 +148,8 @@ class GroupAPI(Resource):
"URL": getParam('OLA_URL')}) "URL": getParam('OLA_URL')})
mails.append((user["email"], mail)) mails.append((user["email"], mail))
if "1" not in user['role'].split('-'): if str(Roles.secretaire) not in user['role'].split('-'):
role = user['role'] + "-1" role = user['role'] + "-" + str(Roles.secretaire)
query = USER.update().values(role=role).where(USER.c.id == sec_id) query = USER.update().values(role=role).where(USER.c.id == sec_id)
query.execute() query.execute()
@ -165,12 +168,14 @@ class GroupAPI(Resource):
return {"GID": gid}, 200 return {"GID": gid}, 200
@login_required()
def get(self, gid=0, name=""): def get(self, gid=0, name=""):
if gid > 0: if gid > 0:
return {'GROUP': getGroup(gid=gid)}, 200 return {'GROUP': getGroup(gid=gid)}, 200
elif name != "": elif name != "":
return {'GROUP': getGroup(name=name)}, 200 return {'GROUP': getGroup(name=name)}, 200
@login_required(roles=Roles.resp_formation)
def options(self, gid): def options(self, gid):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['pairs'], args): if not checkParams(['pairs'], args):
@ -187,16 +192,16 @@ class GroupAPI(Resource):
stud = getUser(uid=p[0]) stud = getUser(uid=p[0])
if stud is None: if stud is None:
return {"ERROR": "The user with id " + str(p[0]) + " does not exists !"}, 400 return {"ERROR": "The user with id " + str(p[0]) + " does not exists !"}, 400
elif stud['role'] != "4": elif stud['role'] != str(Roles.etudiant):
return {"ERROR": "A student must have the 'student' role !"}, 400 return {"ERROR": "A student must have the 'student' role !"}, 400
tutor = getUser(uid=p[1]) tutor = getUser(uid=p[1])
if tutor is None: if tutor is None:
return {"ERROR": "The user with id " + str(p[1]) + " does not exists !"}, 400 return {"ERROR": "The user with id " + str(p[1]) + " does not exists !"}, 400
elif tutor['role'] == "4": elif tutor['role'] == str(Roles.etudiant):
return {"ERROR": "A student can't be a tutor !"}, 400 return {"ERROR": "A student can't be a tutor !"}, 400
elif "3" not in tutor['role'].split('-'): elif "3" not in tutor['role'].split('-'):
role = tutor['role'] + "-3" role = tutor['role'] + "-" + str(Roles.tuteur_univ)
query = USER.update().values(role=role).where(USER.c.id == p[1]) query = USER.update().values(role=role).where(USER.c.id == p[1])
query.execute() query.execute()
except IndexError: except IndexError:

View File

@ -1,10 +1,13 @@
import os import os
from datetime import datetime, timedelta
from flask import session
from flask_restful import Resource, request from flask_restful import Resource, request
from app.api import mailsModels from app.api import mailsModels
from app.model import * from app.api.LoginAPI import login_required
from app.utils import * from app.model import Roles, getParam, getGroup, getUser, USER, LIVRET, getLivret, getTutorship
from app.utils import send_mail, checkParams
class LivretAPI(Resource): class LivretAPI(Resource):
@ -12,69 +15,73 @@ class LivretAPI(Resource):
Livret Api Resource Livret Api Resource
""" """
@login_required(roles=[Roles.etudiant])
def post(self): def post(self):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args): if not checkParams(['group_id', 'etutor_id', 'company_name', 'company_address', 'contract_type',
'contract_start', 'contract_end', 'description'], args):
return {"ERROR": "One or more parameters are missing !"}, 400 return {"ERROR": "One or more parameters are missing !"}, 400
name = args['name'] user = session.get("user")
year = args['year'] group_id = args['group_id']
class_short = args['class_short'] etutor_id = args['etutor_id']
class_long = args['class_long'] company_name = args['company_name']
department = args['department'] company_address = args['company_address']
resp_id = args['resp_id'] contract_type = int(args['contract_type'])
sec_id = args['sec_id'] contract_start = datetime.strptime(args['contract_start'], "%d-%m-%Y")
res_dir = getParam('BASE_DIRECTORY') + name + "/" contract_end = datetime.strptime(args['contract_end'], "%d-%m-%Y")
description = args['description']
mails = [] mails = []
group = getGroup(name=name) group = getGroup(gid=group_id)
if group is not None: if group is None:
return {"GID": group["id"]}, 200 return {"ERROR": "This group with id " + str(group_id) + "does not exists !"}, 405
user = getUser(uid=resp_id) tutorship = getTutorship(gid=group_id, student=user["id"])
if user is None:
return {"ERROR": "The user with id " + str(resp_id) + " does not exists !"}, 400 if tutorship is None:
return {"ERROR": "The current student is not registered in the group" + str(group_id) + " !"}, 405
tutorship_id = tutorship["id"]
livret = getLivret(group_id=group_id, student_id=user["id"])
if livret is not None:
return {"LID": livret["id"]}, 200
# On vérifie que l'utilisateur actuel a le droit de modifier ce livret
if user["id"] != livret["tutorship_id"]["student_id"]:
return {"ERROR": "UNAUTHORIZED"}, 401
user2 = getUser(uid=etutor_id)
if user2 is None:
return {"ERROR": "The user with id " + str(etutor_id) + " does not exists !"}, 400
else: else:
query = USER.select(USER.c.id == user["id"]) query = USER.select(USER.c.id == user2["id"])
rows = query.execute() rows = query.execute()
res = rows.first() res = rows.first()
if res.hash is not None and len(res.hash) > 0: if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_RESP_OF_GROUP", {"GROUP": name, mail = mailsModels.getMailContent("NEW_ETUTOR_ADDED", {"GROUPE": group["name"],
"URL": getParam('OLA_URL') + "registration/" "URL": getParam('OLA_URL') + "registration/"
+ res.hash}) + res.hash})
else: else:
mail = mailsModels.getMailContent("RESP_OF_GROUP", {"GROUP": name, mail = mailsModels.getMailContent("ETUTOR_ADDED", {"GROUPE": group["name"],
"URL": getParam('OLA_URL')}) "URL": getParam('OLA_URL')})
mails.append((user["email"], mail)) mails.append((user2["email"], mail))
if "2" not in user['role'].split('-'): if str(Roles.tuteur_entreprise) not in user2['role'].split('-'):
role = user['role'] + "-2" return {"ERROR": "The user with id " + str(etutor_id) +
query = USER.update().values(role=role).where(USER.c.id == resp_id) " doesn't have the 'etutor' role (" + str(Roles.tuteur_entreprise) + ") !"}, 400
query.execute()
user = getUser(uid=sec_id) if contract_start > contract_end:
if user is None: return {"ERROR": "The contract start can't be after its end !"}, 400
return {"ERROR": "The user with id " + str(sec_id) + " does not exists !"}, 400
else:
query = USER.select(USER.c.id == user["id"])
rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_SEC_OF_GROUP", {"GROUP": name,
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("SEC_OF_GROUP", {"GROUP": name,
"URL": getParam('OLA_URL')})
mails.append((user["email"], mail)) res_dir = group["ressources_dir"] + "/" + str(user['id']) + "/"
if "1" not in user['role'].split('-'): expire = datetime.now() + timedelta(days=365)
role = user['role'] + "-1"
query = USER.update().values(role=role).where(USER.c.id == sec_id)
query.execute()
query = GROUP.insert().values(name=name, year=year, class_short=class_short, class_long=class_long, query = LIVRET.insert().values(tutorship_id=tutorship_id, etutor_id=etutor_id, company_name=company_name,
department=department, resp_id=resp_id, sec_id=sec_id, ressources_dir=res_dir) company_address=company_address, contract_type=contract_type,
contract_start=contract_start, contract_end=contract_end,
description=description, ressources_dir=res_dir, opened='1', expire=expire)
res = query.execute() res = query.execute()
os.mkdir(res_dir) os.mkdir(res_dir)
@ -83,139 +90,74 @@ class LivretAPI(Resource):
mail = m[1] mail = m[1]
send_mail(mail[0], addr, mail[1]) send_mail(mail[0], addr, mail[1])
return {"GID": res.lastrowid}, 201 return {"LID": res.lastrowid}, 201
def put(self, gid): @login_required(roles=[Roles.etudiant])
def put(self, lid):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['name', 'year', 'class_short', 'class_long', 'department', 'resp_id', 'sec_id'], args): if not checkParams(['etutor_id', 'company_name', 'company_address', 'contract_type',
'contract_start', 'contract_end', 'description'], args):
return {"ERROR": "One or more parameters are missing !"}, 400 return {"ERROR": "One or more parameters are missing !"}, 400
name = args['name'].replace(" ", "_").replace("/", "-") etutor_id = args['etutor_id']
year = args['year'] company_name = args['company_name']
class_short = args['class_short'] company_address = args['company_address']
class_long = args['class_long'] contract_type = int(args['contract_type'])
department = args['department'] contract_start = datetime.strptime(args['contract_start'], "%d-%m-%Y")
resp_id = args['resp_id'] contract_end = datetime.strptime(args['contract_end'], "%d-%m-%Y")
sec_id = args['sec_id'] description = args['description']
res_dir = getParam('BASE_DIRECTORY') + name + "/"
mails = [] mails = []
group = getGroup(gid=gid) livret = getLivret(lid=lid)
if group is None: if livret is None:
return {"ERROR": "This group does not exists !"}, 405 return {"ERROR": "This livret does not exists !"}, 405
group2 = getGroup(name=name) # On vérifie que l'utilisateur actuel a le droit de modifier ce livret
if group2 is not None: user = session.get("user")
return {"ERROR": "A group with this name already exists !"}, 405 if user["id"] != livret["tutorship_id"]["student_id"]:
return {"ERROR": "UNAUTHORIZED"}, 401
user = getUser(uid=resp_id) user = getUser(uid=etutor_id)
if user is None: if user is None:
return {"ERROR": "The user with id " + str(resp_id) + " does not exists !"}, 400 return {"ERROR": "The user with id " + str(etutor_id) + " does not exists !"}, 400
else: else:
query = USER.select(USER.c.id == user["id"]) query = USER.select(USER.c.id == user["id"])
rows = query.execute() rows = query.execute()
res = rows.first() res = rows.first()
if res.hash is not None and len(res.hash) > 0: if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_RESP_OF_GROUP", {"GROUP": group["name"], mail = mailsModels.getMailContent("NEW_ETUTOR_ADDED",
{"GROUPE": livret["tutorship_id"]["group_id"]["name"],
"URL": getParam('OLA_URL') + "registration/" "URL": getParam('OLA_URL') + "registration/"
+ res.hash}) + res.hash})
else: else:
mail = mailsModels.getMailContent("RESP_OF_GROUP", {"GROUP": group["name"], mail = mailsModels.getMailContent("ETUTOR_ADDED", {"GROUPE": livret["tutorship_id"]["group_id"]["name"],
"URL": getParam('OLA_URL')}) "URL": getParam('OLA_URL')})
mails.append((user["email"], mail)) mails.append((user["email"], mail))
if "2" not in user['role'].split('-'): if str(Roles.tuteur_entreprise) not in user['role'].split('-'):
role = user['role'] + "-2" return {"ERROR": "The user with id " + str(etutor_id) +
query = USER.update().values(role=role).where(USER.c.id == resp_id) " doesn't have the 'etutor' role (" + str(Roles.tuteur_entreprise) + ") !"}, 400
if contract_start > contract_end:
return {"ERROR": "The contract start can't be after its end !"}, 400
query = LIVRET.update().values(etutor_id=etutor_id, company_name=company_name,
company_address=company_address, contract_type=contract_type,
contract_start=contract_start, contract_end=contract_end,
description=description) \
.where(LIVRET.c.id == lid)
query.execute() query.execute()
user = getUser(uid=sec_id)
if user is None:
return {"ERROR": "The user with id " + str(sec_id) + " does not exists !"}, 400
else:
query = USER.select(USER.c.id == user["id"])
rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_SEC_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("SEC_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL')})
mails.append((user["email"], mail))
if "1" not in user['role'].split('-'):
role = user['role'] + "-1"
query = USER.update().values(role=role).where(USER.c.id == sec_id)
query.execute()
query = GROUP.update().values(name=name, year=year, class_short=class_short, class_long=class_long,
department=department, resp_id=resp_id, sec_id=sec_id, ressources_dir=res_dir) \
.where(GROUP.c.id == gid)
query.execute()
if group["ressources_dir"] != res_dir:
os.rename(group["ressources_dir"], res_dir)
for m in mails: for m in mails:
addr = m[0] addr = m[0]
mail = m[1] mail = m[1]
send_mail(mail[0], addr, mail[1]) send_mail(mail[0], addr, mail[1])
return {"GID": gid}, 200 return {"LID": lid}, 200
def get(self, gid=0, name=""): @login_required()
if gid > 0: def get(self, lid=0, group_id=0, student_id=0):
return {'GROUP': getGroup(gid=gid)}, 200 if lid > 0:
elif name != "": return {'LIVRET': getLivret(lid=lid)}, 200
return {'GROUP': getGroup(name=name)}, 200 elif group_id > 0 and student_id > 0:
return {'LIVRET': getLivret(group_id=group_id, student_id=student_id)}, 200
def options(self, gid):
args = request.get_json(cache=False, force=True)
if not checkParams(['pairs'], args):
return {"ERROR": "One or more parameters are missing !"}, 400
pairs = args["pairs"]
group = getGroup(gid=gid)
if group is None:
return {"ERROR": "This group does not exists !"}, 405
for p in pairs:
try:
stud = getUser(uid=p[0])
if stud is None:
return {"ERROR": "The user with id " + str(p[0]) + " does not exists !"}, 400
elif stud['role'] != "4":
return {"ERROR": "A student must have the 'student' role !"}, 400
tutor = getUser(uid=p[1])
if tutor is None:
return {"ERROR": "The user with id " + str(p[1]) + " does not exists !"}, 400
elif tutor['role'] == "4":
return {"ERROR": "A student can't be a tutor !"}, 400
elif "3" not in tutor['role'].split('-'):
role = tutor['role'] + "-3"
query = USER.update().values(role=role).where(USER.c.id == p[1])
query.execute()
except IndexError:
return {"ERROR": "Pairs are incorrectly formed !"}, 409
query = TUTORSHIP.insert().values(group_id=gid, student_id=p[0], ptutor_id=p[1])
query.execute()
query = USER.select(USER.c.id == stud["id"])
rows = query.execute()
res = rows.first()
if res.hash is not None and len(res.hash) > 0:
mail = mailsModels.getMailContent("NEW_STUD_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL') + "registration/"
+ res.hash})
else:
mail = mailsModels.getMailContent("STUD_OF_GROUP", {"GROUP": group["name"],
"URL": getParam('OLA_URL')})
send_mail(mail[0], stud["email"], mail[1])
return {"RESULT": "Pairs added successfully"}, 200

View File

@ -49,3 +49,14 @@ class LoginAPI(Resource):
session['user'] = None session['user'] = None
return {'AUTH_RESULT': 'OK'}, 200 return {'AUTH_RESULT': 'OK'}, 200
def login_required(roles=[]):
def my_login_required(func):
def wrapper(*args, **kvargs):
current_user = session.get('user', None)
if current_user is None or (len(roles) != 0 and not sum([1 for x in current_user['role'].split("-") if int(x) in roles]) > 0):
return {"ERROR": "UNAUTHORIZED"}, 401
return func(*args, **kvargs)
return wrapper
return my_login_required

View File

@ -1,29 +1,29 @@
import os
from flask import request
from flask_restful import Resource from flask_restful import Resource
from flask_restful.reqparse import RequestParser from flask_restful.reqparse import RequestParser
from app.tools.LibPdf import delete_file
from model import getParam from model import getParam
from werkzeug.utils import secure_filename
from app.model import getGroup from app.model import getGroup
from app.tools.LibPdf import delete_file, upload_file, allowed_file from app.tools.LibPdf import upload_file, allowed_file
from app.api.LoginAPI import login_required
import os
import request
class PdfAPI(Resource): class PdfAPI(Resource):
""" """
Pdf Api Resource Pdf Api Resource
""" """
@login_required()
def delete(self): def delete(self):
parser = RequestParser() parser = RequestParser()
parser.add_argument('templateName', required=True, help="Template name is required !") parser.add_argument('templateName', required=True, help="Template name is required !")
args = parser.parse_args() args = parser.parse_args()
if ".." in args: delete_file(os.path.join(getParam('TEMPLATES_DIRECTORY'), secure_filename(args['templateName'])))
return {"msg": ".. not allowed in path"}, 400
delete_file(os.path.join(getParam('TEMPLATES_DIRECTORY'), args['templateName']))
@login_required()
def post(self): def post(self):
""" """
Upload d'un template Upload d'un template

View File

@ -0,0 +1,116 @@
import os
from datetime import datetime
from flask import session
from flask_restful import Resource, request
from sqlalchemy import select, and_
from app.api import mailsModels
from app.api.LoginAPI import login_required
from app.model import Roles, getParam, getGroup, getUser, LIVRET, getLivret, TUTORSHIP, PERIOD, getPeriod, \
TypesPeriode
from app.utils import send_mail, checkParams, get_random_string
class PeriodAPI(Resource):
"""
Period Api Resource
"""
@login_required(roles=[Roles.resp_formation])
def post(self):
args = request.get_json(cache=False, force=True)
if not checkParams(['group_id', 'period_type', 'start', 'end'], args):
return {"ERROR": "One or more parameters are missing !"}, 400
group_id = args['group_id']
period_type = args['period_type']
start = datetime.strptime(args['start'], "%d-%m-%Y")
end = datetime.strptime(args['end'], "%d-%m-%Y")
# On vérifie que le groupe existe
group = getGroup(gid=group_id)
if group is None:
return {"ERROR": "This group with id " + str(group_id) + "does not exists !"}, 405
if start > end:
return {"ERROR": "The period's start can't be after its end !"}, 400
# On vérifie que l'utilisateur actuel a le droit de modifier ce groupe
user = session.get("user")
if user["id"] != group["resp_id"]:
return {"ERROR": "UNAUTHORIZED"}, 401
# On récupère tous les livrets de ce groupe
query = select([LIVRET.c.id, TUTORSHIP.c.student_id]).where(
and_(TUTORSHIP.c.id == LIVRET.c.tutorship_id, TUTORSHIP.c.group_id == group_id))
res = query.execute()
# Pour chaque livret du groupe on ajoute la période et on prévient l'étudiant
for row in res:
# On crée un répertoire avec un nom aléatoire
res_dir = group["ressources_dir"] + "/" + str(row.student_id) + "/" + get_random_string() + "/"
while os.path.exists(res_dir):
res_dir = group["ressources_dir"] + "/" + str(row.student_id) + "/" + get_random_string() + "/"
# Enregistrement des infos en base
query = PERIOD.insert().values(livret_id=row.id, type=period_type, start=start, end=end,
ressources_dir=res_dir)
query.execute()
os.mkdir(res_dir)
# Envoi d'un mail
mail = mailsModels.getMailContent("NEW_PERIOD", {"GROUPE": group["name"],
"URL": getParam('OLA_URL') + "mon_livret"})
send_mail(mail[0], getUser(row.student_id)["email"], mail[1])
return {"RESULT": "OK"}, 201
@login_required(roles=[Roles.etudiant, Roles.tuteur_entreprise])
def put(self, pid):
args = request.get_json(cache=False, force=True)
if not checkParams(['text'], args):
return {"ERROR": "One or more parameters are missing !"}, 400
text = args['text']
user = session.get("user")
mails = []
# On vérifie que la période existe
period = getPeriod(pid)
if period is None:
return {"ERROR": "This period does not exists !"}, 405
# On vérifie que l'utilisateur actuel a le droit de modifier ce livret (étudiant ou tuteur)
livret = getLivret(lid=period["livret_id"])
if user["id"] != livret["etutor_id"]["id"] and user["id"] != livret["tutorship_id"]["student_id"]["id"]:
return {"ERROR": "UNAUTHORIZED"}, 401
# Si c'est le commentaire de l'étudiant, on prévient le tuteur
if user["role"] == str(Roles.etudiant):
mail = mailsModels.getMailContent("STUD_COMMENT_ADDED", {"ETUDIANT": user["name"],
"URL": getParam('OLA_URL')})
mails.append((user["email"], mail))
query = PERIOD.update().values(student_desc=text).where(PERIOD.c.id == pid)
else: # Sinon on vérifie que c'est une période d'entreprise
if period["type"] == TypesPeriode.universitaire:
return {"ERROR": "A tutor can't modify a university period !"}, 405
mail = mailsModels.getMailContent("ETUTOR_COMMENT_ADDED", {"TUTEUR": user["name"],
"URL": getParam('OLA_URL')})
mails.append((user["email"], mail))
query = PERIOD.update().values(etutor_desc=text).where(PERIOD.c.id == pid)
query.execute()
for m in mails:
addr = m[0]
mail = m[1]
send_mail(mail[0], addr, mail[1])
return {"PID": pid}, 200
@login_required()
def get(self, pid):
if pid > 0:
return {'PERIOD': getPeriod(pid=pid)}, 200

View File

@ -1,8 +1,10 @@
from hashlib import sha256 from hashlib import sha256
from flask import session
from flask_restful import Resource, request from flask_restful import Resource, request
from app.model import * from app.api.LoginAPI import login_required
from app.model import Roles, getUser, hashExists, USER
from app.utils import checkParams, get_random_string from app.utils import checkParams, get_random_string
@ -11,6 +13,7 @@ class UserAPI(Resource):
User Api Resource User Api Resource
""" """
@login_required(roles=[Roles.resp_formation, Roles.etudiant])
def post(self): def post(self):
args = request.get_json(cache=False, force=True) args = request.get_json(cache=False, force=True)
if not checkParams(['role', 'email', 'name'], args): if not checkParams(['role', 'email', 'name'], args):
@ -52,9 +55,14 @@ class UserAPI(Resource):
password = sha256(psw.encode('utf-8')).hexdigest() password = sha256(psw.encode('utf-8')).hexdigest()
if getUser(uid=uid) is None: user = getUser(uid=uid)
if user is None:
return {"ERROR": "This user doesn't exists !"}, 405 return {"ERROR": "This user doesn't exists !"}, 405
# On n'autorise pas de modifcation anonyme d'un profil s'il est déjà activé (si il a un mdp)
if user["password"] is not None and user["password"] != "" and session.get("user", None) is None:
return {"msg": "UNAUTHORIZED"}, 401
if getUser(email=email) is not None: if getUser(email=email) is not None:
return {"ERROR": "A user with this email already exists !"}, 405 return {"ERROR": "A user with this email already exists !"}, 405
@ -64,9 +72,11 @@ class UserAPI(Resource):
return {"UID": uid}, 200 return {"UID": uid}, 200
def get(self, uid=0, email="", hashcode=""): def get(self, uid=0, email="", hashcode=""):
if session.get('user', None) is not None:
if uid > 0: if uid > 0:
return {'USER': getUser(uid=uid)}, 200 return {'USER': getUser(uid=uid)}, 200
elif email != "": elif email != "":
return {'USER': getUser(email=email)}, 200 return {'USER': getUser(email=email)}, 200
elif hashcode != "":
if hashcode != "":
return {'USER': getUser(hashcode=hashcode)}, 200 return {'USER': getUser(hashcode=hashcode)}, 200

View File

@ -1,7 +1,7 @@
from flask import session from flask import session
from flask_restful import Resource from flask_restful import Resource
from app.model import * from app.model import LIVRET, TUTORSHIP, and_
class UserInfoAPI(Resource): class UserInfoAPI(Resource):
@ -18,7 +18,6 @@ class UserGroupsAPI(Resource):
""" """
UserGroups Api Resource UserGroups Api Resource
""" """
def get(self): def get(self):
user = session.get("user", None) user = session.get("user", None)
if user is not None: if user is not None:

View File

@ -11,7 +11,7 @@ _STUD_OF_GROUP = (
_NEW_RESP_OF_GROUP = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du " _NEW_RESP_OF_GROUP = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du "
"Livret de l'Alternant en tant que responsable du groupe <b>#GROUPE</b>. Vous pouvez dès " "Livret de l'Alternant en tant que responsable du groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant l'activer, en vous rendant à l'adresse : <br/>" "maintenant l'activer en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>") "<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_RESP_OF_GROUP = ( _RESP_OF_GROUP = (
@ -22,7 +22,7 @@ _RESP_OF_GROUP = (
_NEW_SEC_OF_GROUP = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du " _NEW_SEC_OF_GROUP = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du "
"Livret de l'Alternant en tant que secrétaire du groupe <b>#GROUPE</b>. Vous pouvez dès " "Livret de l'Alternant en tant que secrétaire du groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant l'activer, en vous rendant à l'adresse : <br/>" "maintenant l'activer en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>") "<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_SEC_OF_GROUP = ( _SEC_OF_GROUP = (
@ -31,6 +31,36 @@ _SEC_OF_GROUP = (
"maintenant y accéder en vous rendant à l'adresse : <br/>" "maintenant y accéder en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>") "<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_NEW_ETUTOR_ADDED = ("Votre compte OLA a été créé !", "Bonjour,<br/><p>Votre compte vient d'être créé dans l'Outil du "
"Livret de l'Alternant de l'Université Toulouse Jean-Jaurès en tant que tuteur dans le groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant l'activer en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_ETUTOR_ADDED = (
"Vous avez été déclaré comme tuteur dans OLA !", "Bonjour,<br/><p>Votre compte vient d'être ajouté dans l'Outil du "
"Livret de l'Alternant de l'Université Toulouse Jean-Jaurès en tant que tuteur dans le groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant accéder à votre compte en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_NEW_PERIOD = (
"Nouvelle période ouverte dans OLA !", "Bonjour,<br/><p>Une nouvelle période vient d'être crée sur l'Outil du "
"Livret de l'Alternant dans le groupe <b>#GROUPE</b>. Vous pouvez dès "
"maintenant entrer vos commentaires en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_STUD_COMMENT_ADDED = (
"Livret de l'alternant mis à jour !", "Bonjour,<br/><p>#ETUDIANT vient de mettre à jour son livret sur l'Outil du "
"Livret de l'Alternant. Vous pouvez dès "
"maintenant entrer à votre tour vos commentaires en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
_ETUTOR_COMMENT_ADDED = (
"Livret de l'alternant mis à jour !", "Bonjour,<br/><p>#TUTEUR vient de mettre à jour son livret sur l'Outil du "
"Livret de l'Alternant. Vous pouvez visualiser ces modifcations"
" en vous rendant à l'adresse : <br/>"
"<a href='#URL'>#URL</a></p><p>Bonne journée !</p>")
def getMailContent(mail_type, args): def getMailContent(mail_type, args):
if mail_type == "NEW_STUD_OF_GROUP": if mail_type == "NEW_STUD_OF_GROUP":
@ -45,9 +75,21 @@ def getMailContent(mail_type, args):
mail = _NEW_SEC_OF_GROUP mail = _NEW_SEC_OF_GROUP
elif mail_type == "SEC_OF_GROUP": elif mail_type == "SEC_OF_GROUP":
mail = _SEC_OF_GROUP mail = _SEC_OF_GROUP
elif mail_type == "NEW_ETUTOR_ADDED":
mail = _NEW_ETUTOR_ADDED
elif mail_type == "ETUTOR_ADDED":
mail = _ETUTOR_ADDED
elif mail_type == "NEW_PERIOD":
mail = _NEW_PERIOD
elif mail_type == "STUD_COMMENT_ADDED":
mail = _STUD_COMMENT_ADDED
elif mail_type == "ETUTOR_COMMENT_ADDED":
mail = _ETUTOR_COMMENT_ADDED
else: else:
raise Exception("Unknown mail type !") raise Exception("Unknown mail type : " + str(mail_type))
obj = mail[0]
content = str(mail[1])
for key, value in args.items(): for key, value in args.items():
mail[1].replace("#" + key, value) content = content.replace("#" + key, value)
return mail return (obj, content)

View File

@ -45,3 +45,9 @@ def after_login():
# import api resources # import api resources
importlib.import_module("app.urls") importlib.import_module("app.urls")
@app.teardown_request
def shutdown_session(exception=None):
engine.dispose()
db.session.remove()

View File

@ -75,10 +75,21 @@ def getGroup(gid=0, name=""):
return None return None
def getTutorshipForStudent(gid, student): def getTutorship(tid=0, gid=0, student=0):
if tid == 0 and gid == 0 and student == 0:
raise Exception("getGroup must be called with at least one argument !")
else:
if gid != 0:
query = TUTORSHIP.select(and_(TUTORSHIP.c.group_id == gid, TUTORSHIP.c.student_id == student)) query = TUTORSHIP.select(and_(TUTORSHIP.c.group_id == gid, TUTORSHIP.c.student_id == student))
rows = query.execute() rows = query.execute()
res = rows.first() res = rows.first()
elif tid != 0:
query = TUTORSHIP.select(TUTORSHIP.c.id == tid)
rows = query.execute()
res = rows.first()
else:
raise Exception("getTutorship must be called with two parameter for group+student search !")
if res is not None: if res is not None:
return {"id": res.id, "group_id": getGroup(gid=res.group_id), "student_id": getUser(uid=res.student_id), return {"id": res.id, "group_id": getGroup(gid=res.group_id), "student_id": getUser(uid=res.student_id),
"ptutor_id": getUser(uid=res.ptutor_id)} "ptutor_id": getUser(uid=res.ptutor_id)}
@ -86,8 +97,67 @@ def getTutorshipForStudent(gid, student):
return None return None
def getLivret(lid=0, group_id=0, student_id=0):
res = None
if lid == 0 and student_id == "":
raise Exception("getLivret must be called with at least one argument !")
else:
if lid != 0:
query = LIVRET.select(LIVRET.c.id == lid)
rows = query.execute()
res = rows.first()
elif student_id != 0 and group_id != 0:
tutorship = getTutorship(gid=group_id, student=student_id)
if tutorship is None:
return None
query = LIVRET.select(LIVRET.c.tutorship_id == tutorship["id"])
rows = query.execute()
res = rows.first()
else:
raise Exception("getLivret must be called with two parameter for group+student search !")
if res is not None:
return {"id": res.id, "tutorship_id": getTutorship(tid=res.tutorship_id),
"etutor_id": getUser(uid=res.etutor_id), "company_name": res.company_name,
"company_address": res.company_address, "contract_type": res.contract_type,
"contract_start": res.contract_start.strftime('%d-%m-%Y'),
"contract_end": res.contract_end.strftime('%d-%m-%Y'),
"ressources_dir": res.ressources_dir, "opened": res.opened,
"expire": res.expire.strftime('%d-%m-%Y')}
else:
return None
def getPeriod(pid):
query = PERIOD.select(PERIOD.c.id == pid)
rows = query.execute()
res = rows.first()
if res is not None:
return {"id": res.id, "livret_id": res.livret_id, "type": res.type, "start": res.start.strftime('%d-%m-%Y'),
"end": res.end.strftime('%d-%m-%Y'), "student_desc": res.student_desc, "etutor_desc": res.etutor_desc,
"ressources_dir": res.ressources_dir}
else:
return None
def hashExists(test): def hashExists(test):
query = USER.select(USER.c.hash == test) query = USER.select(USER.c.hash == test)
rows = query.execute() rows = query.execute()
res = rows.first() res = rows.first()
return res is not None return res is not None
class Roles:
secretaire = 1
resp_formation = 2
tuteur_univ = 3
etudiant = 4
tuteur_entreprise = 5
class TypesPeriode:
universitaire = 1
entreprise = 2

View File

@ -55,15 +55,14 @@ def allowed_file(filename):
def upload_file(file_to_upload, upload_folder): def upload_file(file_to_upload, upload_folder):
""" """
rep de l'etu avec id televersement d'un fichier
:param file: :param file_to_upload:
:param upload_folder: :param upload_folder:
:return: :return:
""" """
file_to_upload.save(os.path.join(upload_folder, secure_filename(file_to_upload.filename))) file_to_upload.save(os.path.join(upload_folder, secure_filename(file_to_upload.filename)))
def delete_file(pdf_path): def delete_file(pdf_path):
if os.path.exists(pdf_path): if os.path.exists(pdf_path):
os.remove(pdf_path) os.remove(pdf_path)

View File

@ -1,6 +1,8 @@
from app.api.GetAllAPI import GetAllAPI
from app.api.GroupAPI import GroupAPI from app.api.GroupAPI import GroupAPI
from app.api.LivretAPI import LivretAPI from app.api.LivretAPI import LivretAPI
from app.api.LoginAPI import LoginAPI from app.api.LoginAPI import LoginAPI
from app.api.PeriodAPI import PeriodAPI
from app.api.UserAPI import UserAPI from app.api.UserAPI import UserAPI
from app.api.UserInfoAPI import UserInfoAPI, UserGroupsAPI from app.api.UserInfoAPI import UserInfoAPI, UserGroupsAPI
from app.api.exampleapi import SomeApi from app.api.exampleapi import SomeApi
@ -14,4 +16,7 @@ api.add_resource(UserGroupsAPI, '/api/userGroups')
api.add_resource(UserAPI, '/api/user', '/api/user/byuid/<int:uid>', '/api/user/byemail/<string:email>', api.add_resource(UserAPI, '/api/user', '/api/user/byuid/<int:uid>', '/api/user/byemail/<string:email>',
'/api/user/byhash/<string:hashcode>') '/api/user/byhash/<string:hashcode>')
api.add_resource(GroupAPI, '/api/group', '/api/group/bygid/<int:gid>', '/api/group/byname/<string:name>') api.add_resource(GroupAPI, '/api/group', '/api/group/bygid/<int:gid>', '/api/group/byname/<string:name>')
api.add_resource(LivretAPI, '/api/livret', '/api/livret/byuid/<int:uid>') api.add_resource(LivretAPI, '/api/livret', '/api/livret/bylid/<int:lid>',
'/api/livret/bytutorship/<int:group_id>/<int:student_id>')
api.add_resource(PeriodAPI, '/api/period', '/api/period/bypid/<int:pid>')
api.add_resource(GetAllAPI, '/api/getAll/<string:what>/<int:value>')

View File

@ -1,20 +1,25 @@
import filecmp
import os import os
import unittest import unittest
from pathlib import Path
from werkzeug.datastructures import FileStorage from werkzeug.datastructures import FileStorage
from app.tools.LibPdf import upload_file from app.tools.LibPdf import upload_file, allowed_file
class TestFusionTestCase(unittest.TestCase): class TestFusionTestCase(unittest.TestCase):
def setUp(self): def setUp(self):
self.datadir = os.path.join(os.path.dirname(__file__)) self.datadir = "upload/page1.pdf"
self.file_name = "page1.pdf"
def test_fusion(self): def test_fusion(self):
with open("page1.pdf", 'rb') as fp: with open(self.file_name, 'rb') as fp:
file = FileStorage(fp) file = FileStorage(fp)
upload_file(file, "upload") upload_file(file, "upload")
# self.assertTrue(Path(self.datadir + "/testFusion.pdf").is_file(), "Pdf fusionne inexistant") self.assertTrue(Path(self.datadir).is_file(), "Pdf upload inexistant")
# self.assertTrue(len(get_pdf_from_directory(self.datadir)) > 0, "pdf non trouve") self.assertTrue(filecmp.cmp(self.datadir, self.file_name), "fichiers non identique")
# os.remove(self.datadir + "/testFusion.pdf") self.assertTrue(allowed_file(self.file_name), "format non conforme")
os.remove(self.datadir)