ScoDoc/app/api/sco_api.py

# -*- mode: python -*-
# -*- coding: utf-8 -*-

##############################################################################
#
# Gestion scolarite IUT
#
# Copyright (c) 1999 - 2021 Emmanuel Viennet.  All rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
#   Emmanuel Viennet      emmanuel.viennet@viennet.net
#
##############################################################################

"""API ScoDoc 9
"""
# PAS ENCORE IMPLEMENTEE, juste un essai
# Pour P. Bouron, il faudrait en priorité l'équivalent de
# Scolarite/Notes/moduleimpl_withmodule_list (alias scodoc7 do_moduleimpl_withmodule_list)
# Scolarite/Notes/evaluation_create
# Scolarite/Notes/evaluation_delete
# Scolarite/Notes/formation_list
# Scolarite/Notes/formsemestre_list
# Scolarite/Notes/formsemestre_partition_list
# Scolarite/Notes/groups_view
# Scolarite/Notes/moduleimpl_status
# Scolarite/setGroups
from datetime import datetime

from flask import jsonify, request, g, send_file
from sqlalchemy.sql import func

from app import db, log
from app.api import bp
from app.api.auth import token_auth
from app.api.errors import error_response
from app import models
from app.models import FormSemestre, FormSemestreInscription, Identite
from app.scodoc.sco_logos import list_logos, find_logo
from app.scodoc.sco_permissions import Permission


@bp.route("list_depts", methods=["GET"])
@token_auth.login_required
def list_depts():
    depts = models.Departement.query.filter_by(visible=True).all()
    data = [d.to_dict() for d in depts]
    return jsonify(data)


@bp.route("/etudiants/courant", methods=["GET"])
@token_auth.login_required
def etudiants():
    """Liste de tous les étudiants actuellement inscrits à un semestre
    en cours.
    """
    # Vérification de l'accès: permission Observateir sur tous les départements
    # (c'est un exemple à compléter)
    if not g.current_user.has_permission(Permission.ScoObservateur, None):
        return error_response(401, message="accès interdit")

    query = db.session.query(Identite).filter(
        FormSemestreInscription.formsemestre_id == FormSemestre.id,
        FormSemestreInscription.etudid == Identite.id,
        FormSemestre.date_debut <= func.now(),
        FormSemestre.date_fin >= func.now(),
    )
    return jsonify([e.to_dict_bul(include_urls=False) for e in query])


def format_required(default_format="json", allowed_formats=None):
    """Extract required format from a request.
    * default value is json. a list of allowed formats may be provided
    (['json'] considered if not provided).
    * if the required format is not in allowed list, returns None.
    NB: if json in not in allowed_formats, format specification is mandatory."""
    format_type = request.args.get("format", default_format)
    if format_type in (allowed_formats or ["json"]):
        return format_type
    return None


def get_dept_id(dept_name=None):
    dept = models.Departement.query.filter_by(acronym=dept_name).first_or_404()
    return dept.id


@bp.route("/logos", methods=["GET"])
@token_auth.login_required
def api_get_glob_logos():
    if not g.current_user.has_permission(Permission.ScoSuperAdmin, None):
        return error_response(401, message="accès interdit")
    required_format = format_required()  # json only
    if required_format is None:
        return error_response(400, "Illegal format")
    logos = list_logos()[None]
    return jsonify(list(logos.keys()))


@bp.route("/logos/<string:logoname>", methods=["GET"])
@token_auth.login_required
def api_get_glob_logo(logoname):
    if not g.current_user.has_permission(Permission.ScoSuperAdmin, None):
        return error_response(401, message="accès interdit")
    logo = find_logo(logoname=logoname)
    if logo is None:
        return error_response(404, message="logo not found")
    logo.select()
    return send_file(
        logo.filepath,
        mimetype=f"image/{logo.suffix}",
        last_modified=datetime.now(),
    )


@bp.route("/departements/<string:departement>/logos", methods=["GET"])
@token_auth.login_required
def api_get_local_logos(departement):
    dept_id = get_dept_id(departement)
    if not g.current_user.has_permission(Permission.ScoChangePreferences, departement):
        return error_response(401, message="accès interdit")
    logos = list_logos().get(dept_id, dict())
    return jsonify(list(logos.keys()))


@bp.route("/departements/<string:departement>/logos/<string:logoname>", methods=["GET"])
@token_auth.login_required
def api_get_local_logo(departement, logoname):
    # format = format_required("jpg", ['png', 'jpg'])
    dept_id = get_dept_id(departement)
    if not g.current_user.has_permission(Permission.ScoChangePreferences, departement):
        return error_response(401, message="accès interdit")
    logo = find_logo(logoname=logoname, dept_id=dept_id)
    if logo is None:
        return error_response(404, message="logo not found")
    logo.select()
    return send_file(
        logo.filepath,
        mimetype=f"image/{logo.suffix}",
        last_modified=datetime.now(),
    )