def post(self, **params):
"""Logic for creating a team"""
team = Team(**params).save()
user = User.find_by(id_=get_jwt_identity())
team.members.connect(user) # pylint:disable=no-member
_notify_of_team_creation(team)
return team
def build_relations(self, props, override_tags):
"""Create all relations on the artifact object as described in props."""
self._set_full_tags(props, override_tags)
if props.get("team_id") is not None:
self._connect_relation(self.neo.team, Team.find(props["team_id"]))
if props.get("user_id") is not None:
self._connect_relation(self.neo.user, User.find(props["user_id"]))
def post(self, **params):
"""Logic for creating a user"""
try:
user = User(**params).save()
except exceptions.UniqueProperty:
return abort(409, "Username or Email already taken")
return user
def post(self, **params):
current_user = User.find(get_jwt_identity())
if (not current_user.google) or (not current_user.google.has_offline_access):
abort(403, "No google account connected")
team_id = params.pop("team_id")
drive = Drive(**params).save()
try:
team = Team.find(team_id)
team.drive_rel.connect(drive)
team.save()
except AttemptedCardinalityViolation:
drive.delete()
abort(409, "Team already has drive connected")
drive.owner_rel.connect(User.find(get_jwt_identity()))
drive.save()
return drive
def put(self, **params):
user = User.find(params["id"])
try:
google_oauth = GoogleOAuth.create_from_id_token(params["id_token"])
google_oauth.user_rel.connect(user)
return user
except GoogleOAuthConflict as err:
abort(409, err.message)
def patch(self, **params):
"""Logic for updating a user"""
user = User.find_by(id_=params.pop("id"))
if "password" in params:
if not user.check_password(params.pop("old_password", None)):
return users_validator.raise_old_password_was_wrong()
user.update(**params)
return user
def patch(self, **params):
user = User.find(params["id"])
google_auth = user.google
if not google_auth:
abort(404, "google oauth not found")
google_auth.set_credentials(params["auth_code"])
google_auth.save()
return user
def _get_user_from_google_token(token):
"""Checks if a user can be obtained with the given token
and if not, creates a new user.
:param token: id_token returned by google login
:return: instance of User
"""
google_id, email = validate_google_id_token(token)
google_auth = GoogleOAuth.find_by(user_id=google_id, force=False)
if not google_auth:
user = User.find_by(email=email, force=False)
if not user:
user = User(email=email, username=email, password=None).save()
google_auth = GoogleOAuth(user_id=google_id).save()
google_auth.user_rel.connect(user) # pylint:disable=no-member
else:
user = google_auth.user
return user
def delete(self, **params):
drive = Drive.find_by(id_=params["drive_id"])
if drive.owner == User.find_by(id_=get_jwt_identity()):
try:
Drive.find_by(id_=params["drive_id"]).delete()
return no_content()
except Drive.NotFound:
abort(404, "Drive not Found")
else:
abort(403)
def post(self, **params):
"""Returns a cookie and a csrf token for double submit CSRF protection."""
if "id_token" in params:
user = _get_user_from_google_token(params["id_token"])
else:
user = User.find_by_email_or_username(params["email_or_username"])
if not validate_user(user, params["password"]):
return {"error": "Bad username or password"}, 401
return _build_login_response(user, params["set_cookies"])
def delete(self, **params):
user = User.find(params["id"])
google_auth = user.google
if not google_auth:
abort(404, "google oauth not found")
try:
google_auth.revoke_access()
except EmptyCredentialsError:
abort(404, "google oauth has no offline access")
except RequestError:
abort(502, "could not revoke access")
return user
def post(self, **params):
"""Logic for adding a single team member"""
user = User.find_by(id_=get_jwt_identity())
team = Team.find_by(join_key=params["join_key"], force=False)
if not team:
return abort(404, "this invite link is not valid")
if user in team.members:
return abort(409, "user already in team")
team.members.connect(user)
return team
def build_user(cls, username="******", email="*****@*****.**"):
return User(username=username, email=email, password="******")
def get(self, **params): # pylint: disable=W0613
"""Logic for querying several teams"""
user = User.find_by(id_=get_jwt_identity())
teams = list(user.teams)
return teams
def get(self, **params): # pylint: disable=W0613
"""Logic for querying several users"""
return User.all()
def delete(self, **params):
"""Logic for deleting a user"""
user = User.find(params["id"])
user.delete()
return no_content()
def get(self, **params):
"""get a single user"""
return User.find(params["id"])