def put(self, recipe_id):
# print(request.files)
file = request.files.get("cover")
if not file:
return {"message": "Not a valid image"}, HTTPStatus.BAD_REQUEST
if not allowed_file(file.filename):
return {
"message": "File type not allowed."
}, HTTPStatus.BAD_REQUEST
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {"message": "Recipe not found"}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {"message": "Access is not allowed"}, HTTPStatus.FORBIDDEN
if recipe.cover_image:
cover_path = os.path.join(os.environ.get("UPLOAD_RECIPES_FOLDER"),
recipe.cover_image)
if os.path.exists(cover_path):
os.remove(cover_path)
filename = save_image(image=file, folder="recipes")
recipe.cover_image = filename
recipe.save()
clear_cache("/recipes")
return recipe_cover_schema.dump(recipe), HTTPStatus.OK
def patch(self, recipe_id):
json_data = request.get_json()
try:
data = recipe_schema.load(data=json_data, partial=('name', ))
except ValidationError as errors:
return {
'message': 'Validation errors',
'errors': errors.messages
}, HTTPStatus.BAD_REQUEST
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if not recipe:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.name = data.get('name') or recipe.name
recipe.description = data.get('description') or recipe.description
recipe.num_of_servings = data.get(
'num_of_servings') or recipe.num_of_servings
recipe.cook_time = data.get('cook_time') or recipe.cook_time
recipe.directions = data.get('directions') or recipe.directions
recipe.ingredients = data.get('ingredients') or recipe.ingredients
recipe.save()
clear_cache('/recipes')
return recipe_schema.dump(recipe), HTTPStatus.OK
def patch(self, recipe_id):
"""This method has got the logic to update the recipe details"""
json_data = request.get_json()
data, errors = recipe_schema.load(data=json_data, partial=('name',))
if errors:
return {'message': 'Validation errors', 'errors': errors}, HTTPStatus.BAD_REQUEST
recipe = Recipe.get_by_id(recipe_id=recipe_id)
# Check whether the recipe exists and whether the user has update privileges
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
# Update the recipe details and then save them in the database
recipe.name = data.get('name') or recipe.name
recipe.description = data.get('description') or recipe.description
recipe.num_of_servings = data.get('num_of_servings') or recipe.num_of_servings
recipe.cook_time = data.get('cook_time') or recipe.cook_time
recipe.ingredients = data.get('ingredients') or recipe.ingredients
recipe.directions = data.get('directions') or recipe.directions
recipe.save()
# Clear cache
clear_cache('/recipes')
# Finally, return the recipe in a JSON format and with status code HTTP 200 OK
return recipe_schema.dump(recipe).data, HTTPStatus.OK
def patch(self, recipe_id):
json_data = request.get_json()
try:
data = recipe_schema.load(data=json_data, partial=("name", ))
except Exception as errors:
return (
{
"message": "Validation errors",
"errors": errors.messages
},
HTTPStatus.BAD_REQUEST,
)
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {"message": "Recipe not found"}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {"message": "access is not allowed."}, HTTPStatus.FORBIDDEN
# updates object with dicts attributes !
for key, value in data.items():
setattr(recipe, key, value)
recipe.save()
clear_cache("/recipes")
return recipe_schema.dump(recipe), HTTPStatus.OK
def put(self, recipe_id):
file = request.files.get('cover')
if not file:
return {'message': 'Not a valid image'}, HTTPStatus.BAD_REQUEST
if not image_set.file_allowed(file, file.filename):
return {'message': 'File type not allowed'}, HTTPStatus.BAD_REQUEST
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
if recipe.cover_image:
cover_path = image_set.path(folder='recipes',
filename=recipe.cover_image)
if os.path.exists(cover_path):
os.remove(cover_path)
filename = save_image(image=file, folder='recipes')
recipe.cover_image = filename
recipe.save()
return recipe_cover_schema.dump(recipe).data, HTTPStatus.OK
def patch(self, recipe_id):
json_data = request.get_json()
data, errors = recipe_schema.load(data=json_data, partial=('name', ))
if errors:
return {
'message': 'Validation errors',
'errors': errors
}, HTTPStatus.BAD_REQUEST
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.name = data.get('name') or recipe.name
recipe.description = data.get('description') or recipe.description
recipe.num_of_servings = data.get(
'num_of_servings') or recipe.num_of_servings
recipe.cook_time = data.get('cook_time') or recipe.cook_time
recipe.directions = data.get('directions') or recipe.directions
recipe.save()
return recipe_schema.dump(recipe).data, HTTPStatus.OK
def show_single_recipe(id):
recipe = Recipe.get_by_id(id)
step = Step.select().where(Step.recipe_id == id)
recipe_ingredient = RecipeIngredient.select().where(
RecipeIngredient.recipe_id == id)
if recipe:
step_data = []
for s in step:
data = {"number": s.number, "description": s.description}
step_data.append(data)
ingredient_data = []
for i in recipe_ingredient:
data = {"name": i.name}
ingredient_data.append(data)
results = {
"id": recipe.id,
"name": recipe.name,
"image": recipe.image,
"step": step_data,
"ingredient": ingredient_data
}
return jsonify({"data": results})
def get(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if not recipe:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if not recipe.is_publish and recipe.user_id != current_user:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
return recipe_schema.dump(recipe), HTTPStatus.OK
def delete(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {"message": "recipe not found"}, HTTPStatus.NOT_FOUND
recipe.is_publish = False
recipe.save()
clear_cache("/recipes")
return {"message": "recipe will not published"}, HTTPStatus.OK
def get(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id)
if recipe is None:
return {"message": "recipe not found"}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if recipe.is_publish == False and current_user != recipe.user_id:
return {"message": "access not allowed"}, HTTPStatus.FORBIDDEN
return recipe_schema.dump(recipe), HTTPStatus.OK
def delete(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.delete()
return {}, HTTPStatus.NO_CONTENT
def get(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if recipe.is_publish == False and recipe.user_id != current_user:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
return recipe.data(), HTTPStatus.OK
def object(self):
if self.type in [self.TYPE_USER_FOLLOWED]:
return UserPrefs.get_by_id(self.object_id)
elif self.type in [self.TYPE_RECIPE_CREATED,
self.TYPE_RECIPE_EDITED,
self.TYPE_RECIPE_CLONED,
self.TYPE_RECIPE_LIKED]:
from models.recipe import Recipe
return Recipe.get_by_id(self.object_id)
def object(self):
if self.type in [self.TYPE_USER_FOLLOWED]:
return UserPrefs.get_by_id(self.object_id)
elif self.type in [
self.TYPE_RECIPE_CREATED, self.TYPE_RECIPE_EDITED,
self.TYPE_RECIPE_CLONED, self.TYPE_RECIPE_LIKED
]:
from models.recipe import Recipe
return Recipe.get_by_id(self.object_id)
def delete(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {"message": "recipe not found"}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {"message": "access not allowed"}, HTTPStatus.FORBIDDEN
recipe.delete()
clear_cache("/recipes")
return {"recipe deleted": recipe.id}, HTTPStatus.OK
def delete(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'recipe not found'}, HTTPStatus.NOT_FOUND
if get_jwt_identity() != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.is_public = False
recipe.save()
clear_cache('/recipes')
return {}, HTTPStatus.NO_CONTENT
def put(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'recipe not found'}, HTTPStatus.NOT_FOUND
if get_jwt_identity() != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.is_public = True
recipe.save()
clear_cache('/recipes')
return recipe_schema.dump(recipe).data, HTTPStatus.OK
def get(self, username):
"""
Render a user page.
"""
publicuser = UserPrefs.all().filter('name =', username).get()
if not publicuser:
self.abort(404)
recipes = Recipe.all()\
.filter('owner =', publicuser)\
.order('name')\
.run(limit=25)
actions = UserAction.all()\
.filter('owner =', publicuser)\
.order('-created')\
.fetch(15)
object_ids = UserAction.gather_object_ids(actions)
user_map = {publicuser.key().id(): publicuser}
for user in UserPrefs.get_by_id(object_ids['users']):
user_map[user.key().id()] = user
recipes = [r for r in recipes]
recipe_ids = [recipe.key().id() for recipe in recipes]
object_ids['recipes'] = [
id for id in object_ids['recipes'] if id not in recipe_ids
]
recipe_map = {}
for recipe in recipes:
recipe.owner = publicuser
recipe_map[recipe.key().id()] = recipe
for recipe in Recipe.get_by_id(object_ids['recipes']):
recipe_map[recipe.key().id()] = recipe
brew_map = {}
for brew in Brew.get_by_id(object_ids['brews']):
brew_map[brew.key().id()] = brew
self.render(
'user.html', {
'publicuser': publicuser,
'recipes': recipes,
'actions': actions,
'user_map': user_map,
'recipe_map': recipe_map,
'brew_map': brew_map
})
def put(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if not recipe:
return {'message': 'recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.is_publish = True
recipe.save()
clear_cache('/recipes')
return {}, HTTPStatus.NO_CONTENT
def get(self, username):
"""
Render a user page.
"""
publicuser = UserPrefs.all().filter('name =', username).get()
if not publicuser:
self.abort(404)
recipes = Recipe.all()\
.filter('owner =', publicuser)\
.order('name')\
.run(limit=25)
actions = UserAction.all()\
.filter('owner =', publicuser)\
.order('-created')\
.fetch(15)
object_ids = UserAction.gather_object_ids(actions)
user_map = {
publicuser.key().id(): publicuser
}
for user in UserPrefs.get_by_id(object_ids['users']):
user_map[user.key().id()] = user
recipes = [r for r in recipes]
recipe_ids = [recipe.key().id() for recipe in recipes]
object_ids['recipes'] = [id for id in object_ids['recipes'] if id not in recipe_ids]
recipe_map = {}
for recipe in recipes:
recipe.owner = publicuser
recipe_map[recipe.key().id()] = recipe
for recipe in Recipe.get_by_id(object_ids['recipes']):
recipe_map[recipe.key().id()] = recipe
brew_map = {}
for brew in Brew.get_by_id(object_ids['brews']):
brew_map[brew.key().id()] = brew
self.render('user.html', {
'publicuser': publicuser,
'recipes': recipes,
'actions': actions,
'user_map': user_map,
'recipe_map': recipe_map,
'brew_map': brew_map
})
def delete_recipe(recipe_id):
that_recipe = Recipe.get_by_id(recipe_id)
that_user = User.get_by_id(that_recipe.user_id)
if that_recipe.user_id != current_user.id:
flash("Permission denied as you are not the original owner of the recipe", "warning")
return redirect(url_for('users.that_profile', user=that_user))
else:
that_recipe.delete_instance()
flash(f"Recipe {that_recipe.id} deleted", "success")
return render_template('display_user.html', user=that_user)
# return redirect(url_for('users.that_profile', user_id=that_user.id))
# return redirect(url_for('users.that_profile', user=that_recipe.user_id))
return render_template('display_user.html', user=that_user)
def delete(self, recipe_id):
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {"message": "Recipe doesn't exist."}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is denied'}, HTTPStatus.FORBIDDEN
recipe.delete()
return {}, HTTPStatus.NO_CONTENT
def get(self, recipe_id):
"""This method has got the logic to get a specific recipe"""
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
# We use an access control. If the current user is not the owner of the recipe and if
# the recipe is not published
if recipe.is_publish is False and recipe.user_id != current_user:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
# Finally, return the recipe in a JSON format and with status code HTTP 200 OK
return recipe_schema.dump(recipe).data, HTTPStatus.OK
def put(self, recipe_id):
# modify the recipe
json_data = request.get_json()
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.name = json_data['name']
recipe.description = json_data['description']
recipe.num_of_servings = json_data['num_of_servings']
recipe.cook_time = json_data['cook_time']
recipe.directions = json_data['directions']
recipe.save()
return recipe.data(), HTTPStatus.OK
def delete(self, recipe_id):
# recipe = next((recipe for recipe in recipe_list if recipe.id == recipe_id), None)
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'recipe not found'}, HTTPStatus.NOT_FOUND
# we will further check whether it matches the identity of the user ID in the JWT
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
# recipe_list.remove(recipe)
recipe.delete()
return {}, HTTPStatus.NO_CONTENT
def get(self, recipe_id):
# recipe = next((recipe for recipe in recipe_list if recipe.id == recipe_id and recipe.is_publish == True),
# None)
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'recipe not found'}, HTTPStatus.NOT_FOUND
# we will further check whether it matches the identity of the user ID in the JWT
current_user = get_jwt_identity()
if recipe.is_publish == False and recipe.user_id != current_user:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
# return recipe.data, HTTPStatus.OK
return recipe_schema.dump(recipe), HTTPStatus.OK
def get(self, recipe_id):
"""
This function sends the command GET to the backend server in order to get the requested recipe.
:param:
recipe_id : the id of the recipe.
"""
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if recipe.is_publish == False and recipe.user_id != current_user:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
return recipe_schema.dump(recipe).data, HTTPStatus.OK
def delete(self, recipe_id):
"""
Delete a pre-existing recipe.
:params:
recipe_id : id of the recipe subject to deletion.
"""
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is no allowed'}, HTTPStatus.FORBIDDEN
recipe.delete()
clear_cache('/recipes') # clears old cache data when updated
return {}, HTTPStatus.NO_CONTENT
def put(self, recipe_id):
"""
:param
"""
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'recipe not found'}, HTTPStatus.NOT_FOUND
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.is_publish = True
#recipe.is_publish = True
recipe.save()
clear_cache('/recipes') # clears old cache data when updated
return {}, HTTPStatus.NO_CONTENT
def put(self, recipe_id):
"""This method has got the logic to put the cover image of the recipe."""
file = request.files.get('cover')
# Check if cover image exists and whether the file extension is permitted
if not file:
return {'message': 'Not a valid image'}, HTTPStatus.BAD_REQUEST
if not image_set.file_allowed(file, file.filename):
return {'message': 'File type not allowed'}, HTTPStatus.BAD_REQUEST
# Retrieved the Recipe object
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
# Check right to modify the recipe
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
if recipe.cover_image:
cover_path = image_set.path(folder='recipes', filename=recipe.cover_image)
if os.path.exists(cover_path):
os.remove(cover_path)
# Save the uploaded image
filename = save_image(image=file, folder='recipes')
recipe.cover_image = filename
# Save the recipe
recipe.save()
# Clear cache
clear_cache('/recipes')
# Finally, return the URL image in a JSON format and with status code HTTP 200 OK
return recipe_cover_schema.dump(recipe).data, HTTPStatus.OK
def delete(self, recipe_id):
"""This method has got the logic to unpublish a previously published recipe."""
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
# Only an authenticated user can unpublished the recipe
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.is_publish = False
recipe.save()
# Clear cache
clear_cache('/recipes')
# And return an empty JSON with status code HTTP NO_CONTENT
return {}, HTTPStatus.NO_CONTENT
def put(self, recipe_id):
"""This method has got the logic to publish a recipe"""
recipe = Recipe.get_by_id(recipe_id=recipe_id)
if recipe is None:
return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
# Only users who have logged in can publish their own recipes
current_user = get_jwt_identity()
if current_user != recipe.user_id:
return {'message': 'Access is not allowed'}, HTTPStatus.FORBIDDEN
recipe.is_publish = True
recipe.save()
# Clear cache
clear_cache('/recipes')
# And return an empty JSON with status code HTTP NO_CONTENT
return {}, HTTPStatus.NO_CONTENT
