def unfollow(id):
user = User.query.get_or_404(id)
if user is None:
return bad_request('User does not exist')
if user == token_auth.current_user():
return bad_request('You cannot unfollow yourself')
token_auth.current_user().unfollow(user)
db.session.commit()
return jsonify(user.to_dict(token_auth.current_user()))
def revoke_token():
"""
Method to revoke a token granted during API authentication process
:return: the response
:rtype: werkzeug.wrappers.response.Response
"""
token_auth.current_user().revoke_token()
db.session.commit()
return "", 204
def create_transaction():
data = request.get_json() or {}
if 'sender' not in data or not isinstance(data['sender'], int):
return bad_request('Sender must not be empty or incorrect value')
sender = User.query.get_or_404(data['sender'])
if token_auth.current_user().id != sender.id:
abort(403)
if 'recipient' not in data or data['recipient'] == sender.email or \
not User.query.filter_by(email=data['recipient']).first():
return bad_request('You can not transfer yourself or empty value')
if 'transfer_amount' not in data or not isinstance(data['transfer_amount'], (float, int)) or \
data['transfer_amount'] <= 0.:
return bad_request('Incorrect value of transfer amount')
recipient = User.query.filter_by(email=data['recipient']).first()
sender.bill = sender.bill - float(data['transfer_amount'])
transfer_amount_base = float(
data['transfer_amount']) / sender.currency_user.rate
recipient_bill = recipient.bill / recipient.currency_user.rate
transaction = Transaction(sender=sender.id,
recipient=recipient.email,
transfer_amount_base=transfer_amount_base,
sender_rate=sender.currency_user.rate)
recipient.bill = (recipient_bill +
transfer_amount_base) * recipient.currency_user.rate
db.session.add(transaction)
db.session.commit()
return jsonify(transaction.to_dict())
def upload_files():
user = token_auth.current_user()
if not user.verified:
return error_response(403, 'Email not confirmed')
if 'files' not in request.files:
return bad_request('No files to upload')
uploaded = []
errors = []
files = request.files.getlist('files')
for file in files:
file_data = upload_file(user, file)
if 'error' in file_data:
errors.append(file_data['error'])
continue
file_model = File()
file_model.from_dict(file_data)
db.session.add(file_model)
db.session.commit()
uploaded.append(file_model.to_dict())
response = jsonify({'uploaded_files': uploaded, 'errors': errors})
response.status_code = 201
return response
def get_user_post():
user_id = token_auth.current_user().id
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 3, type=int), 100)
data = Post.to_collection_dict(Post.query.filter_by(user_id=user_id), page,
per_page, 'api.get_posts')
return jsonify(data)
def update_user(id):
"""
API that updates a specific user data. The user is identified through its id.
:param id: the current user identifier
:type id: int
:return: the Response object containing the data (in JSON format)
:rtype: flask.wrappers.Response
"""
if token_auth.current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.get_json() or {}
if "username" in data and data["username"] == user.username and User.query.filter_by(username = data["username"]).first():
return bad_request("Please use a different username")
if "github_login" in data and data["github_login"] == user.github_login and User.query.filter_by(github_login = data["github_login"]).first():
return bad_request("Please use a different GitHub login")
if "email" in data and data["email"] == user.email and User.query.filter_by(email = data["email"]).first():
return bad_request("please use a different email address")
user.from_dict(data, new_user = False)
db.session.commit()
return jsonify(user.to_dict())
def get_pinned_music_list():
user = token_auth.current_user()
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 5, type=int), 10)
data = user.to_collection_dict(
user.pinned_music,
page, per_page, 'api.get_pinned_music_list')
return jsonify(data)
def remove_from_private_music_list(id):
user = token_auth.current_user()
music_item = MusicItem.query.get_or_404(id)
if user.is_in_private_list(music_item) is None:
return bad_request('Music video not found in private list')
user.remove_private_music_item(music_item)
db.session.commit()
return '', 200
def update_item_stock():
name = request.json['name']
stock = request.json['stock']
username = token_auth.current_user().username
try:
if update_stock(name, stock, username):
return jsonify({'message': 'Item stock Updated '})
except ItemNotFound:
return jsonify({'message': 'Item Not found'})
def update_item_price():
name = request.json['name']
price = request.json['price']
username = token_auth.current_user().username
try:
if update_price(name, price, username):
return jsonify({'message': 'Item stock Updated '})
except ItemNotFound:
return jsonify({'message': 'Item Not found'})
def get_user_home_music_list():
user = token_auth.current_user()
pinned_music_ids = db.session.query(MusicItem.id).filter(
User.pinned_music).filter(User.id == user.id)
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 20, type=int), 100)
data = MusicItem.to_collection_dict(
MusicItem.query.filter(~MusicItem.id.in_(pinned_music_ids)),
page, per_page, 'api.get_user_home_music_list')
return jsonify(data)
def ne_plus_suivre(id):
current_user = token_auth.current_user()
user = Utilisateur.query.filter_by(id=id).first()
print(user.id)
if user is None:
return jsonify({'erreur': "utilisateur inexistant"})
if user.id == current_user.id:
return jsonify({'erreur': "utilisateur ne peut pas ne plus se suivre"})
current_user.ne_plus_etre_partisan(user)
db.session.commit()
return jsonify({'suivre': 'ne_plus_suivre'})
def download_file(filename):
user = token_auth.current_user()
if not user.verified:
return error_response(403, 'Email not confirmed')
file = File.query.filter_by(fullname=filename, user_id=user.id).first()
if not file:
return error_response(404, 'File {} does not exist'.format(filename))
return send_from_directory(user.get_dir(),
file.fullname,
as_attachment=True)
def list_files():
user = token_auth.current_user()
if not user.verified:
return error_response(403, 'Email not confirmed')
files = File.query.filter_by(user_id=user.id).all()
response = {'files': []}
if files:
files_dict = [file.to_dict() for file in files]
response['files'] = files_dict
return response
def insert():
name = request.json['name']
price = request.json['price']
stock = request.json['stock']
username = token_auth.current_user().username
try:
if insert(name, price, stock, username):
return jsonify({'message': 'Item inserted'})
except ItemExists:
return jsonify({'message': 'Item Already Exists'})
def get_transactions(id):
if token_auth.current_user().id != id:
abort(403)
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 10, type=int), 100)
data = Transaction.to_collection_dict(
Transaction.query.filter_by(sender=id),
page,
per_page,
'api.get_transactions',
id=id)
return jsonify(data)
def create_post():
data = request.form.to_dict() or {}
post = Post()
if request.files:
image = request.files["file"]
image.save(os.path.join(
current_app.config["IMAGE_UPLOADS"], image.filename))
post.image_url = image.filename
if 'title' not in data or 'body' not in data:
return bad_request('must include title and body fields')
post.user_id = token_auth.current_user().id
post.from_dict(data)
db.session.add(post)
db.session.commit()
response = jsonify(post.to_dict(token_auth.current_user()))
response.status_code = 201
response.headers['Location'] = url_for('api.get_post', id=post.id)
return response
def update_post(id):
post = Post.query.get_or_404(id)
data = request.form.to_dict() or {}
if request.files:
image = request.files["file"]
image.save(os.path.join(
current_app.config["IMAGE_UPLOADS"], image.filename))
post.image_url = image.filename
else:
post.image_url = ''
post.from_dict(data)
db.session.commit()
return jsonify(post.to_dict(token_auth.current_user()))
def unpin_music(id):
user = token_auth.current_user()
music_item = MusicItem.query.get_or_404(id)
if user.is_pinned(music_item) is None:
return bad_request('Music video not found in pinned list')
if music_item.pin_count is None:
music_item.pin_count = 0
else:
setattr(music_item, 'pin_count', MusicItem.pin_count - 1)
db.session.add(music_item)
user.unpin_music_item(music_item)
db.session.commit()
return '', 204
def update_post(id):
post = Post.query.get_or_404(id)
if token_auth.current_user().id != post.user_id:
abort(403)
data = request.get_json() or {}
if 'body' not in data:
return bad_request('Must include body field')
post.from_dict(data, new_post=False)
db.session.commit()
return jsonify(post.to_dict())
def update_user(id):
if token_auth.current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.get_json() or {}
if 'username' not in data and 'about_me' not in data:
return bad_request('include username or about_me')
if 'username' in data and User.query.filter_by(
username=data['username']).first():
return bad_request('This username already exists')
user.from_dict(data)
db.session.commit()
return jsonify(user.to_dict())
def update_user(id):
if token_auth.current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.get_json() or {}
if ("username" in data and data["username"] != user.username
and User.query.filter_by(username=data["username"]).first()):
return bad_request("please use a different username")
if ("email" in data and data["email"] != user.email
and User.query.filter_by(email=data["email"]).first()):
return bad_request("please use a different email address")
user.from_dict(data, new_user=False)
db.session.commit()
return jsonify(user.to_dict())
def delete_file(filename):
user = token_auth.current_user()
if not user.verified:
return error_response(403, 'Email not confirmed')
file = File.query.filter_by(fullname=filename, user_id=user.id).first()
if not file:
return error_response(404, 'File {} does not exist'.format(filename))
filepath = Path(file.path)
filepath.unlink()
db.session.delete(file)
db.session.commit()
return '', 204
def update_user(id):
if token_auth.current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.get_json() or {}
if 'username' in data and data['username'] != user.username and \
User.query.filter_by(username=data['username'].lower()).first():
return bad_request('please use a different username.')
if 'email' in data and data['email'] != user.email and \
User.query.filter_by(email=data['email']).first():
return bad_request('Please use a different email address.')
user.from_dict(data, new_user=False)
db.session.commit()
return jsonify(user.to_dict())
def create_post():
data = request.get_json() or {}
data['user_id'] = token_auth.current_user().id
if 'body' not in data:
return bad_request('Must include body field')
post = Post()
post.from_dict(data, new_post=True)
db.session.add(post)
db.session.commit()
response = jsonify(user.to_dict())
response.status_code = 201
response.headers['Location'] = url_for('api.get_post', id=post.id)
return response
def update_user(id):
if token_auth.current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.get_json() or {}
if 'username' in data and user.username != data['username']:
if User.query.filter_by(username=data['username']).first():
return bad_request('Username already taken')
if 'email' in data and user.email != data['email']:
if User.query.filter_by(email=data['email']).first():
return bad_request('Email already taken')
user.from_dict(data)
db.session.commit()
return jsonify(user.to_dict())
def update_user(id):
if token_auth.current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.form.to_dict() or {}
if request.files and request.files["file"]:
image = request.files["file"]
image.save(
os.path.join(current_app.config["IMAGE_UPLOADS"], image.filename))
user.image_url = image.filename
elif request.files and request.files["filename"]:
user.image_url = request.files["filename"]
else:
user.image_url = None
if 'username' in data and data['username'] != user.username and \
User.query.filter_by(username=data['username']).first():
return bad_request('please use a different username')
if 'email' in data and data['email'] != user.email and \
User.query.filter_by(email=data['email']).first():
return bad_request('please use a different email address')
user.from_dict(data, new_user=False)
db.session.commit()
return jsonify(user.to_dict(token_auth.current_user()))
def get_user(id):
"""
API that returns the data for a specific user identified through its id
:param id: the current user identifier
:type id: int
:return: the Response object containing the data (in JSON format)
:rtype: flask.wrappers.Response
"""
if token_auth.current_user().id != id:
abort(403)
return jsonify(User.query.get_or_404(id).to_dict())
def update_user(id):
""" Modify a user.
Args:
id (int): User ID.
"""
if token_auth.current_user().id != id:
abort(403)
user = User.query.get_or_404(id)
data = request.get_json() or {}
if 'username' in data and data['username'] != user.username and \
User.query.filter_by(username=data['username']).first():
return bad_request('please use a different username')
user.from_dict(data, new_user=False)
db.session.commit()
return jsonify(user.to_dict())
def create_music_item():
data = request.get_json() or {}
user = token_auth.current_user()
if 'resource_type' not in data or 'resource_id' not in data:
return bad_request('must include resource type and resource id fields')
music_item = MusicItem.query.filter_by(resource_type=data['resource_type'],
resource_id=data['resource_id']).first()
if music_item:
if music_item.private == False:
return bad_request('Music video already publicly avaliable')
if user.is_in_private_list(music_item):
return bad_request('Music video is already in private list')
if music_item is None:
music_item = MusicItem()
music_item.from_dict(data, private=True)
user.create_private_music_item(music_item)
db.session.commit()
return '', 201