Ejemplos de is_admin en Python

Ejemplo n.º 1

 def post(self, resp):
     post_data = request.get_json()
     response_object = {
         'status': 'fail',
         'message': 'Invalid payload.'
     }
     if not is_admin(resp):
         response_object['message'] = \
             'You do not have the permission to do that.'
         return response_object, 401
     if not post_data:
         return response_object, 400
     username = post_data.get('username')
     email = post_data.get('email')
     password = post_data.get('password')
     try:
         user = User.query.filter_by(email=email).first()
         if not user:
             db.session.add(User(
                 username=username, email=email, password=password))
             db.session.commit()
             response_object['status'] = 'success'
             response_object['message'] = f'{email} was added!'
             return response_object, 201
         else:
             response_object['message'] = 'Sorry. ' \
                 'That email already exists.'
             return response_object, 400
     except (exc.IntegrityError, ValueError):
         db.session.rollback()
         return response_object, 400

Ejemplo n.º 2

    def post(self, resp):
        post_data = request.get_json()
        response_object = {"status": "fail", "message": "Invalid payload"}
        if not is_admin(resp):
            response_object["message"] =\
                "You do not have permission to do that"
            return response_object, 401

        if not post_data:
            return response_object, 400

        username = post_data.get("username")
        email = post_data.get("email")
        password = post_data.get("password")
        try:
            user = User.query.filter_by(email=email).first()
            if not user:
                db.session.add(
                    User(username=username, email=email, password=password))
                db.session.commit()
                response_object["status"] = "success"
                response_object["message"] = f"{email} was added!"
                return response_object, 201

            response_object["message"] = "Sorry. That email already exists"
            return response_object, 400

        except exc.IntegrityError:
            db.session.rollback()
            return response_object, 400

        except (exc.IntegrityError, ValueError):
            db.session.rollback()
            return response_object, 400

Ejemplo n.º 3

Archivo: users.py Proyecto: boheepark/ezasdf-users

def post_users(user_id):
    """ POST /users
    Adds a new user.
    model:
        username,
        email,
        password,
        active,
        admin,
        created_at

    :param user_id:
    :return: Flask Response
    """

    if not is_admin(user_id):
        return error_response('You do not have permission to do that.'), 401
    data = request.get_json()
    if not data:
        return error_response(), 400
    username = data.get('username')
    email = data.get('email')
    password = data.get('password')
    # TODO setup validation
    try:
        if not User.query.filter(
                or_(User.username == username, User.email == email)).first():
            add_user(username, email, password)
            return success_response(
                '{email} was added!'.format(email=email)), 201
        return error_response('User already exists.'), 400
    except (exc.IntegrityError, ValueError):
        db.session.rollback()
        return error_response(), 400

Ejemplo n.º 4

def add_user(resp):
    """Add a user to the database."""
    post_data = request.get_json()
    response_object = {
        'status': 'fail',
        'message': 'Invalid payload.'
    }
    if not is_admin(resp):
        response_object['message'] = 'You do not have permission to do that.'
        return jsonify(response_object), 401
    if not post_data:
        return jsonify(response_object), 400
    username = post_data.get('username')
    email = post_data.get('email')
    password = post_data.get('password')
    try:
        user = User.query.filter_by(email=email).first()
        if not user:
            db.session.add(
                User(username=username, email=email, password=password)
            )
            db.session.commit()
            response_object = {
                'status': 'success',
                'message': '{email} was added!'.format(email=email)
            }
            return jsonify(response_object), 201
        else:
            response_object['message'] = 'Sorry. That email already exists.'
            return jsonify(response_object), 400
    except (exc.IntegrityError, ValueError) as e:
        db.session.rollback()
        return jsonify(response_object), 400

Ejemplo n.º 5

Archivo: questions.py Proyecto: bmdoil125/code-bites

    def delete(self, sub, user_id, question_id):
        """ Delete question_id, must be admin or the correct user """
        response = {'status': 'fail', 'message': 'Question does not exist'}
        if not is_admin(sub) and not is_same_user(sub, user_id):
            response[
                'message'] = 'You do not have permission to delete this question'
            return response, 403
        try:
            question = Question.query.filter_by(
                id=int(question_id), author_id=int(user_id)).first()
            if not question:
                return response, 404
            else:
                db.session.query(Question).filter(
                    Question.id == int(question_id)).delete()
                db.session.commit()
                # get updated object
                deleted_question = Question.query.filter_by(
                    id=int(question_id)).first()
                if not deleted_question:
                    delete_response = {
                        "status": "success",
                        "message": "Deleted"
                    }
                    return delete_response, 204
                else:
                    response['message'] = 'Server error'
                    return response, 500

        except ValueError:
            return response, 404

Ejemplo n.º 6

    def post(self, sub):
        post_data = request.get_json()
        response = {'status': 'fail', 'message': 'Invalid payload'}
        if not is_admin(sub):
            response['message'] = 'Forbidden'
            return response, 403
        #  empty request
        if not post_data:
            response['message'] = 'Empty payload'
            return response, 400

        username = post_data.get('username')
        email = post_data.get('email')
        password = post_data.get('password')

        #  test User constraints
        try:
            user = User.query.filter_by(
                email=email).first()  # get first record that matches email
            if not user:
                db.session.add(
                    User(username=username, email=email,
                         password=password))  #  add new user
                db.session.commit()  # commit to db
                response['status'] = 'success'
                response['message'] = f'{email} added.'
                return response, 201
            else:
                response['message'] = 'Email already exists'
                return response, 400
        #  Handle db exception
        except (exc.IntegrityError, ValueError):
            db.session.rollback()  #  must rollback any changes
            return response, 400

Ejemplo n.º 7

Archivo: questions.py Proyecto: bmdoil125/code-bites

 def put(self, sub, user_id, question_id):
     """ Update question_id, must be admin or the correct user """
     put_data = request.get_json()
     response = {'status': 'fail', 'message': 'Question does not exist'}
     # If user sending req is not admin and not updating their own question, fail
     if not is_admin(sub) and not is_same_user(sub, user_id):
         response[
             'message'] = 'You do not have permission to update this question'
         return response, 403
     try:
         question = Question.query.filter_by(
             id=int(question_id), author_id=int(user_id)).first()
         if not question:
             return response, 404
         else:
             for key, value in put_data.items():
                 setattr(question, key, value)
             db.session.commit()
             updated_question = Question.query.filter_by(
                 id=int(question_id), author_id=int(user_id)).first()
             put_response = {
                 'status': 'success',
                 'data': updated_question.to_json()
             }
             return put_response, 201
     except ValueError:
         return response, 404

Ejemplo n.º 8

 def delete(self, sub, user_id):
     """ Delete user_id, must be admin or the correct user """
     response = {'status': 'fail', 'message': 'User does not exist'}
     # If user sending request is not admin and not the user deleting their own profile return 403
     if not is_admin(sub) and not is_same_user(sub, user_id):
         response[
             'message'] = 'You do not have permission to delete this user'
         return response, 403
     try:
         user = User.query.filter_by(id=int(user_id)).first()
         if not user:
             return response, 404
         else:
             db.session.query(User).filter(User.id == user_id).delete()
             db.session.commit()
             # get updated object
             deleted_user = User.query.filter_by(id=int(user_id)).first()
             if not deleted_user:
                 delete_response = {
                     "status": "success",
                     "message": "Deleted"
                 }
                 return delete_response, 204
             else:
                 response['message'] = 'Server error'
                 return response, 500
     except ValueError:
         return response, 404

Ejemplo n.º 9

 def put(self, sub, user_id):
     """ Update user_id, must be admin or the correct user """
     put_data = request.get_json()
     response = {'status': 'fail', 'message': 'User does not exist'}
     # If user sending request is not admin and not the user updating their own profile
     if not is_admin(sub) and not is_same_user(sub, user_id):
         response[
             'message'] = 'You do not have permission to update this user'
         return response, 403
     try:
         user = User.query.filter_by(id=int(user_id)).first()
         if not user:
             return response, 404
         else:
             for key, value in put_data.items():
                 setattr(user, key, value)
             db.session.commit()
             # get updated object
             updated_user = User.query.filter_by(id=int(user_id)).first()
             put_response = {
                 "status": "success",
                 "data": updated_user.to_json()
             }
             return put_response, 201
     except ValueError:
         return response, 404

Ejemplo n.º 10

def flower_user(resp):
    print("hello")
    post_data = request.get_json()
    response_object = {'message': 'Invalid payload'}

    if not is_admin(resp):
        response_object['message'] = 'You do not have permission to do that.'
        return jsonify(response_object), 401
    # check for post_data
    # import pdb; pdb.set_trace()
    if not post_data:
        return jsonify(response_object), 400

    username = post_data.get('username')
    email = post_data.get('email')
    password = post_data.get('password')

    try:
        user = User.query.filter_by(email=email).first()
        if not user:
            db.session.add(
                User(username=username, email=email, password=password))
            db.session.commit()
            response_object['message'] = f'{email} was added'
            return jsonify(response_object), 201
        else:
            response_object['message'] = 'Sorry. That email already exists'
            return jsonify(response_object), 400
    except (exc.IntegrityError, ValueError) as e:
        db.session.rollback()
        response_object['ValueError'] = 'ValueError'
        return jsonify(response_object), 400

Ejemplo n.º 11

Archivo: users.py Proyecto: ivanberry/myblog-users

def add_user(resp):
    # pdb.set_trace()
    if not is_admin(resp):
        response_object = {
            'status': 'error',
            'message': 'You do not have permission to do that.'
        }
        return make_response(jsonify(response_object)), 401
    post_data = request.get_json()
    # handler the empty post
    if not post_data:
        response_object = {'status': 'fail', 'message': 'Invalid payload.'}

        # 返回
        return make_response(jsonify(response_object)), 400
    username = post_data.get('username')
    email = post_data.get('email')
    password = post_data.get('password')

    try:
        # handler the duplicate email post
        user = User.query.filter_by(email=email).first()

        # not duplicate email
        if not user:
            db.session.add(
                User(username=username, email=email, password=password))
            db.session.commit()

            response_object = {
                'status': 'success',
                'message': f'{email} was added!'
            }
            return make_response(jsonify(response_object)), 201
        else:
            response_object = {
                'status': 'fail',
                'message': 'Sorry, That email has already exist.'
            }
            return make_response(jsonify(response_object)), 400
    except exc.IntegrityError as e:
        db.session.rollback()
        response_object = {'status': 'fail', 'message': 'Invalid payload.'}
        return make_response(jsonify(response_object)), 400

    except ValueError as e:
        db.session.rollback()
        response_object = {'status': 'fail', 'message': 'Invalid payload.'}

        return make_response(jsonify(response_object)), 400

Ejemplo n.º 12

Archivo: questions.py Proyecto: bmdoil125/code-bites

 def get(self, sub, user_id, question_id):
     """ Get single question by user id """
     response = {'status': 'fail', 'message': 'Question does not exist'}
     if not is_admin(sub) and not is_same_user(sub, user_id):
         response[
             'message'] = 'You do not have permission to view this question'
         return response, 403
     try:
         question = Question.query.filter_by(
             id=int(question_id), author_id=int(user_id)).first()
         if not question:
             return response, 404
         else:
             response = {'status': 'success', 'data': question.to_json()}
             return response, 200
     except ValueError:
         return response, 404

Ejemplo n.º 13

Archivo: tasks_resources.py Proyecto: grimjak/pipey

    def post(resp, self):
        jsonrequest = request.get_json()
        result = TaskSchema().load(jsonrequest)

        if result.errors:
            return result.errors, 400

        if not is_admin(resp):
            response_object = {
                'status': 'fail',
                'message': 'You do not have permission to do that.'
            }
            return response_object, 401
        try:
            result.data.save()
        except (ValueError) as e:
            response_object = {'status': 'fail', 'message': 'Invalid payload'}
            return response_object, 400
        return TaskSchema().dump(result.data).data, 201