From fb9a3fc2efdfe9961781000af7cf0773f44e2185 Mon Sep 17 00:00:00 2001
From: Istiak Ferdous <30789544+istiak101@users.noreply.github.com>
Date: Fri, 22 May 2020 11:29:36 +0600
Subject: [PATCH] Update views.py

---
 api/views.py | 37 +++++++++++++++++++++++++++++++++----
 1 file changed, 33 insertions(+), 4 deletions(-)

diff --git a/api/views.py b/api/views.py
index e80fa5927..49758343e 100755
--- a/api/views.py
+++ b/api/views.py
@@ -19,6 +19,7 @@ from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging
 from plogical.processUtilities import ProcessUtilities
 from django.views.decorators.csrf import csrf_exempt
 from userManagment.views import submitUserCreation as suc
+from userManagment.views import submitUserDeletion as duc
 # Create your views here.
 
 @csrf_exempt
@@ -119,7 +120,6 @@ def changeUserPassAPI(request):
 
             data = json.loads(request.body)
 
-
             websiteOwner = data['websiteOwner']
             ownerPassword = data['ownerPassword']
 
@@ -155,6 +155,37 @@ def changeUserPassAPI(request):
         json_data = json.dumps(data_ret)
         return HttpResponse(json_data)
 
+@csrf_exempt
+def submitUserDeletion(request):
+    try:
+        if request.method == 'POST':
+
+            data = json.loads(request.body)
+
+            adminUser = data['adminUser']
+            adminPass = data['adminPass']
+
+            admin = Administrator.objects.get(userName=adminUser)
+
+            if admin.api == 0:
+                data_ret = {"status": 0, 'error_message': "API Access Disabled."}
+                json_data = json.dumps(data_ret)
+                return HttpResponse(json_data)
+
+            if hashPassword.check_password(admin.password, adminPass):
+                request.session['userID'] = admin.pk
+                return duc(request)
+            else:
+                data_ret = {"status": 0,
+                            'error_message': "Could not authorize access to API"}
+                json_data = json.dumps(data_ret)
+                return HttpResponse(json_data)
+
+    except BaseException as msg:
+        data_ret = {'submitUserDeletion': 0, 'error_message': str(msg)}
+        json_data = json.dumps(data_ret)
+        return HttpResponse(json_data)
+
 @csrf_exempt
 def changePackageAPI(request):
     try:
@@ -189,8 +220,6 @@ def changePackageAPI(request):
             website.package = pack
             website.save()
 
-
-
             data_ret = {'changePackage': 1, 'error_message': "None"}
             json_data = json.dumps(data_ret)
             return HttpResponse(json_data)
@@ -623,4 +652,4 @@ def submitUserCreation(request):
     except BaseException as msg:
         data_ret = {'changeStatus': 0, 'error_message': str(msg)}
         json_data = json.dumps(data_ret)
-        return HttpResponse(json_data)
\ No newline at end of file
+        return HttpResponse(json_data)