user =User(record.uid,record.username,record.password,record.active) return user def check_user_permission(user): #Fetch to see wether the user has the permission in one of the groups where he is. resource = request.endpoint.split('.')[0] permission = request.method result = GroupResourcePermission.query.join(Group,Permission, Resource)\ .filter(Permission.name == permission, Resource.name==resource).\ join(UserGroup).join(User).filter(User.uid==user.uid).all() if not result: abort(403,"Not authorized to access this resource") app = Blueprint('user',__name__,template_folder='templates') register_api(app,LoginService, 'loginService','/login/','uid') register_api(app,UserService, 'userService','/user/','uid') #Logout method @app.route('/logout/') @login_required def logout(): LoginService().delete(current_user.uid) return redirect(url_for('user.loginService'))
item=Item.query.filter_by(active=1, uid=json['uid']).first() item.title = json['title'] item.description = json['description'] item.price = json['price'] addon = False if json.has_key('addon') and bool(json.has_key('addon')): addon = bool(json['addon']) item.addon = addon menu_item = MenuItem.query.filter_by(active=1, items_uid=json['uid']).first() menu_item.menus_uid = menus_uid @login_required def delete(self, uid): menus_uid=request.args.get('menus_uid') if menus_uid is None: abort(400, 'Missing menus_uid parameter. Not allowed to delete items without a menu to be referenced') self.delete_entity(MenuItem, active=1, items_uid=uid, menus_uid=menus_uid) return self.delete_response() app = Blueprint('menus',__name__,template_folder='templates') register_api(app,MenuService, 'menuService','/menus/','uid') register_api(app,MenuItemsService, 'menuItemService','/menuItems/','uid')
from utils.entities import BaseService, register_api from models import Table from flask import Blueprint class TableService(BaseService): schema_table = Table def get(self, uid): query_result = super(TableService, self).get(uid) if type(query_result) == list: return self.get_response( [row.as_dict() for row in query_result] ) elif type(query_result) == Table: return self.get_response(query_result.as_dict()) def object_from_json(self, uid, json): return [Table(uid, json['name'])] def update_object(self, json): table = Table.query.filter_by(active=1, uid=json['uid']).first() table.name = json['name'] app = Blueprint('table',__name__,template_folder='templates') register_api(app,TableService, 'tableService','/table/','uid')