def update_code_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
if data:
code = data.get('code', None)
if code:
del data['code']
instance = get_instance_by_pk(query, model, data)
if info.context['auth']['data'][
'admin'] or check_row_by_user_id(
info.context['auth']['data']['user_id'], model,
instance):
instance.update(data)
if code:
code_handle(instance.one(), code)
return cls(**{model.__tablename__: instance.one()})
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(description="PERMISSION DENIED"))
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
def delete_account_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
if data:
if not info.context['auth']['data']['admin']:
data['id'] = info.context['auth']['data']['user_id']
data['password'] = hmac.new(Config.SECRET_KEY.encode(),
data['password'].encode(),
sha256).hexdigest()
instance = get_instance_by_pk(query, model, data)
if info.context['auth']['data']['admin'] or instance.one(
).password == data['password']:
tmp_instance = instance.one()
instance.delete()
image_handle("user", tmp_instance, None)
return cls(**{model.__tablename__: tmp_instance})
else:
raise CodeduExceptionHandler(
HTTPBadRequest(description="INVALID PASSWORD"))
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
def update_lesson_quiz_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
if not info.context['auth']['data']['admin']:
raise CodeduExceptionHandler(
HTTPUnauthorized(description="PERMISSION DENIED"))
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
answers_data_list = []
for i, choice in enumerate(data['choice']):
answers_data = {'content': choice, 'is_correct': 0}
if i == data['answer']: answers_data['is_correct'] = 1
answers_data_list.append(answers_data)
del data['choice']
del data['answer']
instance = get_instance_by_pk(query, model, data)
for i, answer in enumerate(instance.one().answers):
answer.content = answers_data_list[i]['content']
answer.is_correct = answers_data_list[i]['is_correct']
instance.update(data)
return cls(**{model.__tablename__: instance.one()})
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
def update_password_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
if data:
validate_user_data(data)
if not info.context['auth']['data']['admin']:
data['id'] = info.context['auth']['data']['user_id']
data['password'] = hmac.new(Config.SECRET_KEY.encode(),
data['password'].encode(),
sha256).hexdigest()
data["password_modified"] = datetime.datetime.utcnow()
instance = get_instance_by_pk(query, model, data)
if info.context['auth']['data']['admin'] or instance.one(
).password == data['password']:
data['password'] = hmac.new(Config.SECRET_KEY.encode(),
data['new_password'].encode(),
sha256).hexdigest()
del data['new_password']
instance.update(data)
return cls(**{model.__tablename__: instance.one()})
else:
raise CodeduExceptionHandler(
HTTPBadRequest(description="INVALID PASSWORD"))
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
def update_question_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
if data:
tags = data.get('tags', None)
if tags:
del data['tags']
instance = get_instance_by_pk(query, model, data)
if info.context['auth']['data']['admin'] or check_row_by_user_id(info.context['auth']['data']['user_id'], model, instance):
instance.update(data)
if tags:
db_session = info.context.get('session', None)
tags = tags.split(" ")
exist_tags = {tag.name:tag for tag in gql_models['tag'].get_query(info).filter(gql_models['tag']._meta.model.name.in_(tags)).all()}
new_tags = [gql_models['tag']._meta.model(name=tag) for tag in tags if not tag in exist_tags.keys()]
db_session.add_all(new_tags)
instance.one().tags = list(exist_tags.values())+new_tags
return cls(**{model.__tablename__:instance.one()})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED"))
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def update_user_info_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
validate_user_data(data)
if not info.context['auth']['data']['admin']:
data['id'] = info.context['auth']['data']['user_id']
data['password'] = hmac.new(Config.SECRET_KEY.encode(),
data['password'].encode(),
sha256).hexdigest()
else:
if not 'id' in data:
CodeduExceptionHandler(
HTTPBadRequest(description="INVALID PARAMETER"))
if 'password' in data: del data['password']
instance = get_instance_by_pk(query, model, data)
if info.context['auth']['data']['admin'] or (
instance.one()
and instance.one().password == data['password']):
instance.update(data)
if image_info:
image_handle('user', instance.one(), image_info[0])
return cls(**{model.__tablename__: instance.one()})
else:
raise CodeduExceptionHandler(
HTTPBadRequest(description="INVALID PASSWORD"))
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
async def process_response(self, req, res, resource, req_succeeded):
try:
db_session = req.context.get('db_session', None)
if db_session:
if not req_succeeded:
db_session.rollback()
else:
try:
db_session.commit()
except IntegrityError:
db_session.rollback()
raise CodeduExceptionHandler(HTTPBadRequest(description="INTEGRITY ERROR"))
except OperationalError:
db_session.rollback()
raise CodeduExceptionHandler(HTTPBadRequest(description="OPERATIONAL ERROR"))
else:
pass
# image_info = req.context.get('image_info', None)
# image_info['name'] = f"{instance.id:010}"
# with open(f"images/{image_info['dir']}{image_info['name']}{image_info['ext']}", 'wb') as f:
# f.write(image_info['data'])
# instance.user_img = f"{image_info['dir']}{image_info['name']}{image_info['ext']}"
db_session.close()
except Exception as e:
description = e.description if hasattr(e, 'description') else 'UNKNOWN ERROR'
if hasattr(e, 'type'):
raise globals()[e.type](description=description)
else:
raise HTTPBadRequest(description=e.args)
def create_lesson_quiz_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
if not info.context['auth']['data']['admin']:
raise CodeduExceptionHandler(
HTTPUnauthorized(description="PERMISSION DENIED"))
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
answers = []
for i, choice in enumerate(data['choice']):
answers_data = {'content': choice, 'is_correct': 0}
if i == data['answer']: answers_data['is_correct'] = 1
answers.append(
gql_models['lesson_quiz_answer']._meta.model(
**answers_data))
del data['choice']
del data['answer']
db_session = info.context.get('session', None)
if db_session:
instance = model(**data)
db_session.add(instance)
db_session_flush(db_session)
for answer in answers:
answer.lesson_quiz_id = instance.id
db_session.add_all(answers)
db_session_flush(db_session)
return cls(**{model.__tablename__: instance})
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
def login_mutate(cls, info, model=None, **kwargs):
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', {})
if 'email' in data and 'password' in data:
try:
user = query.filter(model.email == data['email']).one()
except NoResultFound:
raise CodeduExceptionHandler(
HTTPBadRequest(description="USER NOT FOUND"))
if user.password == hmac.new(Config.SECRET_KEY.encode(),
data['password'].encode(),
sha256).hexdigest():
encoded_jwt = jwt.encode(
{
'iat': datetime.datetime.utcnow(),
'user_id': user.id,
'email': data['email'],
'admin': user.admin,
# 'exp':datetime.datetime.utcnow() + datetime.timedelta(seconds=30),
},
Config.SECRET_KEY,
algorithm='HS256')
return cls(**{'user': user, 'token': encoded_jwt.decode()})
else:
raise CodeduExceptionHandler(
HTTPBadRequest(description="INVALID PASSWORD"))
else:
raise CodeduExceptionHandler(
HTTPBadRequest(description="INVALID PARAMETER"))
def db_session_flush(db_session):
try:
db_session.flush()
except IntegrityError:
db_session.rollback()
raise CodeduExceptionHandler(HTTPBadRequest(description="INTEGRITY ERROR"))
except OperationalError:
db_session.rollback()
print_exc()
raise CodeduExceptionHandler(HTTPBadRequest(description="OPERATIONAL ERROR"))
except:
db_session.rollback()
print_exc()
raise CodeduExceptionHandler(HTTPBadRequest(description="UNKNOWN ERROR"))
def delete_question_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
if data:
instance = get_instance_by_pk(query, model, data)
if info.context['auth']['data']['admin'] or check_row_by_user_id(info.context['auth']['data']['user_id'], model, instance):
tmp_instance = instance.one()
instance.delete()
return cls(**{model.__tablename__:tmp_instance})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED"))
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def delete_subchapter_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED"))
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
if data:
instance = get_instance_by_pk(query, model, data)
tmp_instance = instance.one()
instance.delete()
if tmp_instance.token:
shutil.rmtree(f"{root_path}/images/subchapter/{tmp_instance.token}")
return cls(**{model.__tablename__:tmp_instance})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def update_like_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
base_model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
tablename = data['type']
model = gql_models[f"{tablename}_like"]._meta.model
data['user_id'] = info.context['auth']['data']['user_id']
data[f"{tablename}_id"] = data['id']
del data['type']
del data['id']
db_session = info.context.get('session', None)
if db_session:
# instance = get_instance_by_pk(query, model, data)
instance = query.filter(
and_(
model.user_id == data['user_id'],
getattr(
model,
f"{tablename}_id") == data[f'{tablename}_id']))
if not instance or not instance.first():
tmp_instance = model(**data)
db_session.add(tmp_instance)
db_session_flush(db_session)
else:
tmp_instance = instance.one()
instance.delete(synchronize_session='fetch')
return cls(**{base_model.__tablename__: tmp_instance})
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
def update_subchapter_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED"))
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
instance = get_instance_by_pk(query, model, data)
instance.update(data)
if image_info:
image_handle('subchapter', instance.one(), image_info)
return cls(**{model.__tablename__:instance.one()})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def create_subchapter_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED"))
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
db_session = info.context.get('session', None)
if db_session:
instance = model(**data)
db_session.add(instance)
db_session_flush(db_session)
if image_info:
image_handle('subchapter', instance, image_info)
return cls(**{model.__tablename__:instance})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def validate_user_data(data):
username_validation = re.match(r"^(?=.*[가-힣A-Za-z_$])[가-힣A-Za-z_\d]{2,32}$", data['username']) if 'username' in data else True
password_validation = re.match(r"^(?=.*[A-Za-z$])(?=.*\d)[A-Za-z@$!%*#?&\d]{8,}$", data['password']) if 'password' in data else True
email_validation = re.match(r"^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$", data['email']) if 'email' in data else True
if not email_validation:
raise CodeduExceptionHandler(HTTPBadRequest(description="INVALID EMAIL ADDRESS"))
if not username_validation:
# 포함하면 안 되는 문자 있는지 체크
username_validation_2 = re.search(r"[^가-힣A-Za-z_\d]+", data['username'])
if username_validation_2:
raise CodeduExceptionHandler(HTTPBadRequest(description="Username can only contain 한글, alphanumeric characters and underscore."))
else:
raise CodeduExceptionHandler(HTTPBadRequest(description="Username must be at least 2 characters long and including at least one letter."))
if not password_validation:
# 포함하면 안 되는 문자 있는지 체크
password_validation_2 = re.search(r"[^A-Za-z@$!%*#?&\d]+", data['password'])
if password_validation_2:
raise CodeduExceptionHandler(HTTPBadRequest(description="Password contains characters that cannot be included."))
else:
raise CodeduExceptionHandler(HTTPBadRequest(description="Password must be at least 8 characters long and including at least one letter and one number."))
def simple_update_view_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
instance = get_instance_by_pk(query, model, data)
data = {"view": instance.one().view + 1}
instance.update(data)
return cls(**{model.__tablename__:instance.one()})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def simple_create_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
data['user_id'] = info.context['auth']['data']['user_id']
db_session = info.context.get('session', None)
if db_session:
instance = model(**data)
db_session.add(instance)
db_session_flush(db_session)
return cls(**{model.__tablename__:instance})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def resolve_model(self, info, model, **kwargs):
query = model.get_query(info)
search = info.context.get('search', None)
if 'password' in kwargs:
raise CodeduExceptionHandler(
HTTPBadRequest(
description="you can't find user with password"))
for arg, value in kwargs.items():
if search:
print('search')
query = query.filter(
getattr(model._meta.model, arg).like(f"%{value}%"))
else:
print('match')
query = query.filter(getattr(model._meta.model, arg) == value)
user = query.all()
return user
def update_post_like_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
query = model.get_query(info)
model = model._meta.model
data = kwargs.get('data', None)
image_info = info.context.get('image_info', None)
if data:
data['user_id'] = info.context['auth']['data']['user_id']
db_session = info.context.get('session', None)
if db_session:
instance = get_instance_by_pk(query, model, data)
if not instance.first():
tmp_instance = model(**data)
db_session.add(tmp_instance)
db_session_flush(db_session)
else:
tmp_instance = instance.one()
instance.delete()
return cls(**{model.__tablename__: tmp_instance})
else:
raise CodeduExceptionHandler(
HTTPUnauthorized(
description=info.context['auth']['description']))
async def on_post(self, req, res):
try:
result = await self.graphql_execute(req, res)
image_info = req.context.get('image_info', None)
if not result.errors:
res.status = HTTP_200
res.body = json.dumps(result.data)
else:
if image_info:
for image in image_info:
if os.path.isfile(image['full_path']):
os.remove(image['full_path'])
raise CodeduExceptionHandler(result.errors[0].args[0])
print(result.errors)
except Exception as e:
description = e.description if hasattr(
e, 'description') else 'UNKNOWN ERROR'
if hasattr(e, 'type'):
raise globals()[e.type](description=description)
else:
print_exc()
raise HTTPBadRequest(description=e.args)
def create_question_mutate(cls, info, model=None, **kwargs):
if info.context['auth']['data']:
model = model._meta.model
data = kwargs.get('data', None)
if data:
tags = data.get('tags', None)
if tags:
del data['tags']
data['user_id'] = info.context['auth']['data']['user_id']
db_session = info.context.get('session', None)
if db_session:
instance = model(**data)
if tags:
tags = tags.split(" ")
exist_tags = {tag.name:tag for tag in gql_models['tag'].get_query(info).filter(gql_models['tag']._meta.model.name.in_(tags)).all()}
new_tags = [gql_models['tag']._meta.model(name=tag) for tag in tags if not tag in exist_tags.keys()]
db_session.add_all(new_tags)
instance.tags = list(exist_tags.values())+new_tags
db_session.add(instance)
db_session_flush(db_session)
return cls(**{model.__tablename__:instance})
else:
raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
