def update_user(user_id):
"""
Update an user account.
"""
user = User.get(user_id)
if not user:
return api_error('User not found', 404)
form_kwargs = dict(
validate_unique_email=user.email != request.json.get('email')
)
if 'password' in request.json:
form = FullUserForm(**form_kwargs)
else:
form = BaseUserForm(**form_kwargs)
if not form.validate_on_submit():
return api_error(form.errors)
services = []
if form.role.data == 'provider':
user.services = Service.get_by_ids(form.services.data)
user.email = form.email.data
if 'password' in request.json:
user.set_password(form.password.data)
user.name = form.name.data
user.organization = form.organization.data
user.phone_number = form.phone_number.data
user.role = form.role.data
user.save()
return jsonify(user)
def delete_user(id):
"""
Delete an user.
"""
user = User.get(id)
if not user:
return api_error('User not found', 404)
if user.id == current_user.id:
return api_error('Cannot delete self', 404)
user.delete()
return '', 202
def create_user():
"""
Create an user account.
"""
form = FullUserForm()
if not form.validate_on_submit():
return api_error(form.errors)
services = []
if form.role.data == 'provider':
services = Service.get_by_ids(form.services.data)
user = User(
name=form.name.data,
organization=form.organization.data,
email=form.email.data,
password=form.password.data,
phone_number=form.phone_number.data,
role=form.role.data,
services=services
)
user.save()
return jsonify(user)
def forgot_password():
"""
Send a password reset email.
"""
form = ForgotPasswordForm(request.json_multidict)
if not form.validate_on_submit():
return api_error(form.errors)
user = User.get_by_email(form.email.data)
if user:
send_password_reset(user)
return '', 200
def login():
"""
Authenticate with the application.
"""
# TODO: issue API key here instead of cookie
form = LoginForm(request.json_multidict)
if not form.validate_on_submit():
return api_error(form.errors)
user = User.get_by_email(form.email.data.lower())
password = form.password.data
if user is not None and user.check_password(password):
login_user(user)
return jsonify(user)
return api_error(dict(form=['Invalid username/password.']))
def send_out_alert(alert_form):
"""
Send out an alert to providers.
"""
alert = Alert(
description=alert_form.description.data,
gender=alert_form.gender.data,
age=alert_form.age.data,
user=current_user,
)
alert.save()
need_ids = alert_form.needs.data
for service in Service.get_by_ids(need_ids):
need = Need(alert=alert, service=service)
need.save()
providers = User.providers_with_services(need_ids)
for provider in providers:
needs_provided = [
need_ for need_ in provider.services if need_.id in need_ids
]
gender = alert.get_gender()
needs = ", ".join(
[need_provided.name for need_provided in needs_provided])
body = ('New 15th night alert!\n'
'%d y/o%s\n'
'Needs: %s\n'
'Desc: %s\n'
'Respond at %sr/%s') % (
alert.age, gender, needs,
alert_form.description.data,
url_for('index', _external=True), str(alert.id)
)
provider_notified = ProviderNotified(
provider=provider,
alert=alert,
needs=Need.get_by_ids([need_id.id for need_id in needs_provided])
)
# TODO: test
provider_notified.save()
queue_send_message.apply_async(
kwargs=dict(
email=provider.email,
number=provider.phone_number,
subject='15th Night Alert',
body=body
)
)
def send_out_alert(alert_form):
"""
Send out an alert to providers.
"""
alert = Alert(
description=alert_form.description.data,
gender=alert_form.gender.data,
age=alert_form.age.data,
user=current_user,
)
alert.save()
need_ids = alert_form.needs.data
for service in Service.get_by_ids(need_ids):
need = Need(alert=alert, service=service)
need.save()
providers = User.providers_with_services(need_ids)
for provider in providers:
needs_provided = [
need_ for need_ in provider.services if need_.id in need_ids
]
gender = alert.get_gender()
needs = ", ".join(
[need_provided.name for need_provided in needs_provided])
body = ('New 15th night alert!\n'
'%d y/o%s\n'
'Needs: %s\n'
'Desc: %s\n'
'Respond at %sr/%s') % (
alert.age, gender, needs, alert_form.description.data,
url_for('index', _external=True), str(alert.id))
provider_notified = ProviderNotified(
provider=provider,
alert=alert,
needs=Need.get_by_ids([need_id.id for need_id in needs_provided]))
# TODO: test
provider_notified.save()
queue_send_message.apply_async(
kwargs=dict(email=provider.email,
number=provider.phone_number,
subject='15th Night Alert',
body=body))
def reset_password():
"""
Reset a user's password with valid token.
Will send a password reset notification email to user.
"""
reset_token_life = timedelta(
hours=current_app.config.get('RESET_TOKEN_LIFE', 24))
form = ResetPasswordForm(request.json_multidict)
if not form.validate_on_submit():
return api_error(form.errors)
user = User.get_by_email(form.email.data)
if not user:
return api_error(dict(form=['Could not find user.']))
if not user.reset_token or user.reset_token != form.token.data:
return api_error(dict(form=['Invalid reset token.']))
if user.reset_created_at < datetime.utcnow() - reset_token_life:
return api_error(dict(form=['Reset token expired']))
user.set_password(form.password.data)
user.reset_token = None
user.reset_created_at = None
user.save()
send_confirm_password_reset(user)
login_user(user)
return jsonify(user)
def send_out_alert(alert_form):
"""
Send out an alert to providers.
"""
alert = Alert(
description=alert_form.description.data,
gender=alert_form.gender.data,
age=alert_form.age.data,
user=current_user,
)
alert.save()
need_ids = alert_form.needs.data
for service in Service.get_by_ids(need_ids):
need = Need(alert=alert, service=service)
need.save()
providers = User.providers_with_services(need_ids)
for provider in providers:
needs_provided = [need for need in provider.services if need.id in need_ids]
gender = " " + alert.gender if alert.gender != "unspecified" else ""
needs = ", ".join([need.name for need in needs_provided])
body = ("New 15th night alert!\n" "%d y/o%s\n" "Needs: %s\n" "Desc: %s\n" "Respond at %s/r/%s") % (
alert.age,
gender,
needs,
alert_form.description.data,
HOST_NAME,
str(alert.id),
)
provider_notified = ProviderNotified(
provider=provider, alert=alert, needs=Need.get_by_ids([need.id for need in needs_provided])
)
# TODO: test
provider_notified.save()
queue_send_message.apply_async(
kwargs=dict(email=provider.email, number=provider.phone_number, subject="15th Night Alert", body=body)
)
def seed_db():
"""Seed the database with categories and users."""
(food, shelter, clothing) = seed_services()
# Seed an admin, advocate, and a few providers
User(
'Advocate Alice', 'School District 1', '*****@*****.**', '1234', '5415551234',
[], 'advocate').save()
User('Provider Bob', 'Provider4Youth', '*****@*****.**', '1234', '5415551234',
[food, shelter, clothing], 'provider').save()
User(
'Food Provider', 'Food4Youth', '*****@*****.**', '1234',
'5415551234', [food], 'provider').save()
User(
'Clothing Provider', 'Clothes4Youth', '*****@*****.**',
'1234', '5415551234', [clothing], 'provider').save()
User(
'Shelter Provider', 'Shelter4Youth', '*****@*****.**',
'1234', '5415551234', [shelter], 'provider').save()
User(
'Admin', '15th Night', '*****@*****.**', '1234', '5415551234', [],
'admin').save()
def create_user(name, org, email, number, password, role):
user = User(
name, org, email, password, number, [], role)
user.save()
def validate_email(self, field):
if self.validate_unique_email and User.get_by_email(field.data):
raise ValidationError('This email is already in use.')
def load_user(id):
"""User loading needed by Flask-Login."""
return User.get(int(id))
def get_user(user_id):
"""
Gets a user by id.
"""
return jsonify(User.get(user_id))
def get_users():
"""
Get a list of all users.
"""
return jsonify(User.all())
def create_user(name, org, email, number, password, role):
user = User(
name, org, email, password, number, [], role)
user.save()
def validate_email(self, field):
if self.validate_unique_email and User.get_by_email(field.data):
raise ValidationError('This email is already in use.')
def load_user(id):
"""User loading needed by Flask-Login."""
return User.get(int(id))
