def deleteProject(filename):
project = Project.query.filter_by(filename=filename).first()
if project.owner != g.current_user.id:
return errorResponse(401, 'action not allowed for this user')
if project is None:
return errorResponse(404, 'resource does not exist')
db.session.delete(project)
db.session.commit()
return jsonify({'message': 'delete success'})
def upload():
if 'input_file' not in request.files:
return badRequest('no input file')
file = request.files['input_file']
if Project.allowed_file(file.filename):
errors = []
for field in ['project_title', 'authors']:
if request.form.get(field) is None:
errors.append(f"{field} field missing in request")
if errors != []:
return badRequest(errors)
filename = secure_filename(file.filename)
new_project = Project()
new_project.owner = current_user.id
new_project.authors = request.form.get('authors')
new_project.title = request.form.get('project_title')
new_project.hashFilename(filename)
new_project.file_data = file.read()
new_project.pdf_page_count = request.form.get('pdf_page_count')
db.session.add(new_project)
db.session.commit()
return jsonify('upload success'), 201
return errorResponse(415, 'upload a .pdf file!')
def updateUser(username):
student = User.query.filter_by(username=username).first()
if student is None:
return badRequest('user does not exist')
if request.method == 'POST':
try:
request.get_json()
except:
return badRequest('content-type must be json')
data = request.get_json()
if data == {}:
return badRequest('no details provided')
if current_user.username != student.username:
return errorResponse(401, 'You cannot perform this action')
if data:
for key in data:
setattr(student, key, data[key])
db.session.commit()
return jsonify({'message': 'user updated'})
elif request.method == 'GET':
return jsonify({'username': student.username, 'email': student.email})
def getUserUploads(username):
student = User.query.filter_by(username=username).first()
if student is None:
return badRequest('user does not exist')
if g.current_user.id != student.id:
return errorResponse(401, 'You cannot perform this action')
#user = User.query.filter_by(username=username).first_or_404()
projects = Project.query.filter_by(author=g.current_user)\
.order_by(Project.submit_date.desc())
if projects is None:
return jsonify({'message': 'No project uploaded yet!'})
output = []
for project in projects:
project_data = {}
project_data['title'] = project.title
project_data['authors'] = project.authors
project_data['filename'] = project.filename
project_data['size'] = len(project.file_data)
project_data['date_created'] = project.date_created
project_data['pdf_page_count'] = project.pdf_page_count
output.append(project_data)
return jsonify(output)
def deleteProject(filename):
project = Project.query.filter_by(filename=filename).first()
if project is None:
return errorResponse(404, 'resource does not exist')
db.session.delete(project)
db.session.commit()
return jsonify({'message': 'delete success'})
def deleteUser(username):
user = User.query.filter_by(username=username).first()
if user != current_user:
return errorResponse(403, 'You cannot perform this action')
db.session.delete(user)
db.session.commit()
return jsonify({'message': 'account deleted'})
def download(filename):
project = Project.query.filter_by(filename=filename).first()
if project is None:
return errorResponse(404, 'resource does not exist')
return send_file(BytesIO(project.file_data),
mimetype='application/pdf',
attachment_filename=project.title + '.pdf',
as_attachment=True)
def getUserUploads(username):
student = User.query.filter_by(username=username).first()
if student is None:
return badRequest('user does not exist')
if current_user.username != student.username:
return errorResponse(403, 'You cannot perform this action')
user = User.query.filter_by(username=username).first_or_404()
payload = Project.query.filter_by(author=user)\
.order_by(Project.submit_date.desc())
return jsonify(payload)
def getProjectInfo(filename):
project = Project.query.filter_by(filename=filename).first()
if project is None:
return errorResponse(404, 'resource does not exist')
project_data = {}
project_data['title'] = project.title
project_data['authors'] = project.authors
project_data['filename'] = project.filename
project_data['size'] = len(project.file_data)
project_data['submit_date'] = project.submit_date
return jsonify(project_data)
def requestPasswordReset():
try:
req_data = request.get_json()
except:
return badRequest('no details provided')
if 'email' not in req_data:
return badRequest('user email required')
user = User.query.filter_by(email=req_data['email']).first()
if user:
try:
sendPaswordRequest(user)
return jsonify({'message': 'please check your email'})
except:
return errorResponse(502, 'mail not sent')
return badRequest('email not registered')
def upload():
if 'input_file' not in request.files:
return badRequest('no input file')
file = request.files['input_file']
if Project.allowed_file(file.filename):
errors = []
for field in ['project_title', 'authors']:
if request.form.get(field) is None:
errors.append(f"{field} field missing in request")
if errors != []:
return badRequest(errors)
try:
date_in_req = datetime.strptime(request.form.get('date_created'),
'%Y-%m-%d')
except:
return badRequest('invalid date format. expected "yyyy-mm-dd"')
filename = secure_filename(file.filename)
new_project = Project()
#try:
new_project.owner = g.current_user.id
new_project.authors = request.form.get('authors')
new_project.title = request.form.get('project_title')
new_project.supervisor = request.form.get('supervisor')
new_project.tags = request.form.get('tags')
new_project.date_created = date_in_req
new_project.hashFilename(filename)
#new_project.author = g.current_user
try:
new_project.file_data = file.read()
except:
return jsonify({"message": "file not found"})
new_project.pdf_page_count = request.form.get('pdf_page_count')
db.session.add(new_project)
db.session.commit()
return jsonify('upload success'), 201
#except:
#return jsonify({"message":"failed"})
return errorResponse(415, 'upload a .pdf file!')
def basicAuthError():
return errorResponse(401)