def put(self, username):
# gets current identity (username, password, admin, super_user)
identity = current_identity
# loads json data and parses looking for args
data = User.parser.parse_args()
# existing user needed to query if a change being made to username already exists
existing_user = UserModel.find_by_username(data['username'])
# looks for current username passed in '/user/<name>' exists and if not create
user = UserModel.find_by_username(username)
if identity.super_user == 0 and identity.username != username:
return {'message': 'You are not authorized.'}, 403
if user is None:
user = UserModel(data['username'].lower(), data['password'],
data['site_location'].lower(), data['admin'],
data['super_user'], identity.username.lower())
else:
# it existed, now we must check a few other things to update a record
# user is admin and no existing user
if identity.super_user == 1 and existing_user is None:
user.username = data['username'].lower()
user.password = data['password']
user.site_location = data['site_location'].lower()
user.admin = data['admin']
user.super_user = data['super_user']
user.created_by = identity.username.lower()
# user is updating his record but changing his username
elif identity.username == username and existing_user is None:
user.username = data['username'].lower()
user.password = data['password']
user.site_location = data['site_location'].lower()
user.admin = user.admin
user.super_user = user.super_user
user.created_by = identity.username.lower()
# user is updating his user record without a name change
elif identity.username == existing_user.username:
user.username = data['username'].lower()
user.password = data['password']
user.site_location = data['site_location'].lower()
if identity.super_user == 1:
user.admin = data['admin']
user.super_user = data['super_user']
else:
user.admin = user.admin
user.super_user = user.super_user
user.created_by = identity.username.lower()
else:
return {'message': 'Username is already in use'}, 400
user.save_to_db()
return user.json()
def put(self, event_id):
data = parser.parse_args()
owner = UserModel.find_by_username(get_jwt_identity())
event: EventModel = EventModel.find_by_id(event_id)
if not event:
abort(400, message=EVENT_DOESNT_EXIST)
if owner != event.owner:
abort(401, message=UNAUTHORIZED)
if not data['end'] > data['start']:
abort(400, message=END_MUST_BE_AFTER_START)
event.title = data['title']
event.description = data['description']
event.start = data['start']
event.end = data['end']
try:
event.persist()
return event, 200
except:
abort(500, message=INTERNAL_SERVER_ERROR)
def post(self):
data = invitation_parser.parse_args()
user = UserModel.find_by_username(data['user'])
community = CommunityModel.find_by_id(data['community'])
if not user:
abort(404, message=USER_DOESNT_EXIST)
if not community:
abort(404, message=COMMUNIY_DOESNT_EXIST)
if user in community.users:
abort(400, message=USER_ALREADY_INVITED)
new_community_user_link = CommunityUserLinkModel(
user_id=user.id,
community_id=community.id,
invitation_accepted=False,
is_owner=False)
try:
new_community_user_link.persist()
return SimpleMessage(COMMUNIY_INVITATION_SENT), 200
except:
abort(500, message=INTERNAL_SERVER_ERROR)
def post(self):
data = post_parser.parse_args()
founder = UserModel.find_by_username(get_jwt_identity())
car = CarModel.find_by_id(data['car'])
if not car:
abort(404, message=CAR_DOESNT_EXIST)
if not car.owner.id == founder.id:
abort(400, message=CANNOT_CREATE_COMMUNITY_WITH_FOREIGN_CAR)
if CommunityModel.find_by_car_id(car.id):
abort(400, message=COMMUNIY_WITH_THIS_CAR_ALREADY_EXISTS)
new_community = CommunityModel(name=data['name'],
car=car,
users=[founder])
try:
new_community.persist()
faved_community: CommunityUserLinkModel = assure_favourite_community(
founder.id)
if faved_community and faved_community.community_id == new_community.id:
new_community.is_favourite = faved_community.is_favourite
return new_community, 201
except:
abort(500, message=INTERNAL_SERVER_ERROR)
def post(self, community_id):
data = parser.parse_args()
owner = UserModel.find_by_username(get_jwt_identity())
community: CommunityModel = CommunityModel.find_by_id(community_id)
if not community:
abort(400, message=COMMUNIY_DOESNT_EXIST)
if owner.id not in [u.id for u in community.users]:
abort(401, message=UNAUTHORIZED)
new_refuel = RefuelModel(
owner=owner,
community=community,
costs=round(data['costs'], 2),
liters=data['liters'],
gas_station_name=data['gas_station_name'],
)
try:
new_refuel.persist()
return new_refuel, 201
except:
abort(500, message=INTERNAL_SERVER_ERROR)
def post(self, username):
data = self.parser.parse_args()
required_access = 3
current_user = current_identity # type: UserModel
admin = AdminModel.find_by_id(current_user.id)
if not admin:
return {'message': 'No admin access.'}, 400
if admin.access_level < required_access:
return {
'message': f'Access level {required_access} required.'
}, 400
other_user = UserModel.find_by_username(username)
if not other_user:
return {'message': f'User {username} doesn\'t exist.'}, 400
if other_user.is_admin():
return {'message': f'User {username} is already admin.'}, 400
access_level = data['access_level']
if admin.access_level <= access_level:
return {'message': 'Access level must be lower than self.'}, 400
if access_level < 1:
return {'message' 'Invalid access level.'}, 400
new_admin = AdminModel(other_user.id, access_level)
new_admin.save()
return {'admin': new_admin.json()}, 201
def put(self, community_id, id):
data = finish_tour_parser.parse_args()
tour = TourModel.find_by_id(id)
user = UserModel.find_by_username(get_jwt_identity())
community: CommunityModel = CommunityModel.find_by_id(community_id)
community_member_ids = [m.id for m in community.users]
if not tour:
abort(404, message=TOUR_NOT_FOUND)
if not user.id == tour.owner.id:
abort(401, message=UNAUTHORIZED)
if tour.end_km:
abort(400, message=TOUR_HAS_ALREADY_BEEN_FINISHED)
passengers = []
if data['passengers']:
for passenger_id in set(data['passengers']):
if passenger_id not in community_member_ids:
abort(400, message=PASSENGERS_MUST_BE_COMMUNITY_MEMBERS)
else:
passengers.append([u for u in community.users if u.id == passenger_id][0])
tour.end_time = datetime.datetime.now(pytz.utc)
tour.passengers = passengers
tour.end_km = data['end_km']
tour.comment = data['comment']
tour.parking_position = data['parking_position']
tour.persist()
create_km_triggered_task_instances(community_id, tour.end_km)
return tour, 200
def post(self, community_id):
data = parser.parse_args()
owner = UserModel.find_by_username(get_jwt_identity())
community: CommunityModel = CommunityModel.find_by_id(community_id)
community_member_ids = [m.id for m in community.users]
if not community:
abort(400, message=COMMUNIY_DOESNT_EXIST)
if owner.id not in community_member_ids:
abort(401, message=UNAUTHORIZED)
if not data['end'] > data['start']:
abort(400, message=END_MUST_BE_AFTER_START)
new_event = EventModel(owner=owner,
title=data['title'],
description=data['description'],
start=data['start'],
end=data['end'],
community_id=community.id)
try:
new_event.persist()
return new_event, 201
except:
abort(500, message=INTERNAL_SERVER_ERROR)
def post(self):
user_data = UserRegister.parser.parse_args()
if UserModel.find_by_username(username=user_data['username']):
return {'message': 'A user with username already exists'}, 400
user = UserModel(user_data['username'], user_data['password'])
user.save_to_db()
return {"message": "user created successfully"}, 201
def get(self):
user = UserModel.find_by_username(get_jwt_identity())
cul = CommunityUserLinkModel.find_favourite_by_user(user.id)
if not cul:
abort(404, message=NO_FAVOURITE_COMMUNITY_FOUND)
return cul.community, 200
def get(self, community_id):
user = UserModel.find_by_username(get_jwt_identity())
community = CommunityModel.find_by_id(community_id)
if user not in community.users:
abort(401, message=UNAUTHORIZED)
return community.users, 200
def test_register_user(self):
with self.app() as c:
with self.app_context():
r = c.post('/register', data={'username': '******', 'password': '******'})
self.assertEqual(r.status_code, 201)
self.assertIsNotNone(UserModel.find_by_username('test'))
self.assertDictEqual(d1={'message': 'User created successfully.'},
d2=json.loads(r.data))
def post(self):
data = request.json
if UserModel.find_by_username(data['username']):
return {'message': 'A user with that username already exists'}, 400
user = UserModel(data['username'], data['password'])
user.save_to_db()
return 201
def get(self, username):
identity = current_identity
if identity == None:
return {"message": "You are not logged in"}, 400
if identity.username != username and identity.super_user != 1:
return {'message': "You are not authorized."}, 403
user = UserModel.find_by_username(username)
return user.json()
def post(self):
data = _user_parser.parse_args()
if UserModel.find_by_username(data['username']):
return {'message': 'username is already exists'}, 400
user = UserModel(**data)
user.save_to_db()
return {'message': 'User created successully.'}, 201
def post(self):
data = UserRegister.parser.parse_args()
if UserModel.find_by_username(data['username']):
return {"message": "Un utilizator cu acest nume deja exista"}, 400
user = UserModel(**data)
user.save_to_db()
return {"message": "Utilizatorul a fost creat."}, 201
def post(self):
data = _user_parser.parse_args()
if UserModel.find_by_username(data['username']):
return {"message": "A user with that username already exists"}, 400
user = UserModel(data['username'], data['password'])
user.save_to_db()
return {"message": "User created successfully."}, 201
def post(self):
data = UserRegister.parser.parse_args()
if UserModel.find_by_username(data['username']) is not None:
return {"message": "User with this name already exists!"}, 400
password_hash = generate_password_hash(data['password'])
user = UserModel(data['username'], password_hash)
user.save_to_db()
return {"message": "User created successfully"}, 201
def post(self):
data = self.parser.parse_args()
username = data['username']
if username == "admin":
if UserModel.set_master_admin(data['password'], 4):
return {
'user': UserModel.find_by_username(username).json()
}, 201
else:
return {'message': 'Admin already set.'}, 400
if UserModel.find_by_username(username):
return {"message": f"User {username} already exists."}, 400
user = UserModel(**data)
user.save()
return {"message": f"User {username} registered."}, 201
def test_crud(self):
with self.app_context():
user = UserModel('test_username', 'A12345678')
self.assertIsNone(
UserModel.find_by_username('test_username'),
"Found an user with name 'test_username' before save_to_db")
self.assertIsNone(UserModel.find_by_id(1),
"Found an user with id '1' before save_to_db")
user.save_to_db()
self.assertIsNotNone(
UserModel.find_by_username('test_username'),
"Did not find an user with name 'test_username' after save_to_db"
)
self.assertIsNotNone(
UserModel.find_by_id(1),
"Did not find an user with id '1' after save_to_db")
def post(self):
user = UserModel.find_by_username(ns.payload.get('username'))
if not user:
ns.abort(404)
if safe_str_cmp(user.password, ns.payload.get('password')):
return dict(access_token=create_access_token(user.id),
refresh_token=create_refresh_token(user.id))
else:
ns.abort(403)
def get(self, community_id, id):
user = UserModel.find_by_username(get_jwt_identity())
refuel = RefuelModel.find_by_id(id)
if not refuel:
abort(404, message=REFUEL_DOESNT_EXIST)
if user.id not in [u.id for u in refuel.community.users]:
abort(401, message=UNAUTHORIZED)
return refuel, 200
def post(self):
request_data = request.get_json()
username = request_data['username']
password = request_data['password']
user = UserModel.find_by_username(username)
# check the SHA256 hash of given and stored to password to see if they match
if user and check_password_hash(user.password, password):
access_token = create_access_token(identity=user.id)
return {"access_token": access_token}, 200
return {"message": "Invalid Login data"}, 400
def get(self, community_id):
user = UserModel.find_by_username(get_jwt_identity())
community = CommunityModel.find_by_id(community_id)
if not community:
abort(400, message=COMMUNIY_DOESNT_EXIST)
if user.id not in [u.id for u in community.users]:
abort(401, message=UNAUTHORIZED)
return TourModel.find_running_by_community(community_id), 200
def get(self, community_id, id):
tour = TourModel.find_by_id(id)
user = UserModel.find_by_username(get_jwt_identity())
if not tour:
abort(404, message=TOUR_NOT_FOUND)
if user.id not in [u.id for u in tour.community.users]:
abort(401, message=UNAUTHORIZED)
return tour, 200
def get(self, community_id):
tasks: List[TaskModel] = TaskModel.find_by_community(community_id)
community: CommunityModel = CommunityModel.find_by_id(community_id)
community_member_ids = [m.id for m in community.users]
user = UserModel.find_by_username(get_jwt_identity())
if user.id not in community_member_ids:
abort(401, message=UNAUTHORIZED)
set_km_to_next_instance(tasks)
return tasks, 200
def post(cls):
data = _user_parser.parse_args()
user = UserModel.find_by_username(data['username'])
# this is what 'authenticate used to do
if user and safe_str_cmp(user.password, data['password']):
# identity = what the 'identity' function used to do
access_token = create_access_token(identity=user.id, fresh=True)
refresh_token = create_refresh_token(user.id)
return {
'access_token': access_token,
'refresh_token': refresh_token
}, 200
return {'message': 'Invalid credentials.'}, 401
def get(self, id):
community = CommunityModel.find_by_id(id)
user = UserModel.find_by_username(get_jwt_identity())
if not community:
abort(404, message=COMMUNIY_DOESNT_EXIST)
if user.id not in [u.id for u in community.users]:
abort(401, message=UNAUTHORIZED)
debts = DebtModel.find_unsettled_by_community(id)
return debts, 200
def delete(self, username):
identity = current_identity
if identity.super_user != 1:
return {'message': 'You are not authorized.'}, 403
if identity.username == username:
return {'message': 'You cannot delete yourself.'}, 500
user = UserModel.find_by_username(username)
if user:
user.delete_from_db()
return {'message': 'User deleted.'}
def get(self):
user = UserModel.find_by_username(get_jwt_identity())
all_communities = CommunityModel.return_all()
user_communities = [
c for c in all_communities if user.id in [u.id for u in c.users]
]
task_instances = []
for c in user_communities:
task_instances += TaskInstanceModel.find_by_community(c.id)
open_task_instances = [i for i in task_instances if i.is_open]
return open_task_instances, 200
