def put(self, username):
user = get_user_by_username_or_404(username)
if g.user != user:
return None, 403
is_modified = False
data = request.get_json()
# unique fields, hence the query to check
for field in ['username', 'email']:
mod_val = data.get(field, getattr(user, field))
if mod_val and mod_val != getattr(user, field):
if User.query(getattr(User, field) == mod_val).get() is None:
setattr(user, field, mod_val)
is_modified = True
else:
return None, 400
# non-unique fields
for field in ['full_name', 'bio']:
mod_val = data.get(field, getattr(user, field))
if mod_val and mod_val != getattr(user, field):
setattr(user, field, mod_val)
is_modified = True
if is_modified:
user.last_updated = datetime.now()
user.put()
return (
None,
201,
{'Location': api.url_for(UserAPI, username=user.username)}
)
def post(self, username):
user = get_user_by_username_or_404(username)
if g.user != user:
return None, 403
password = request.get_json().get('password', '')
if not user.verify_password(password):
return None, 401
else:
UserDeleteMixin.delete_cascade(self, user)
return None, 204
def put(self, username):
user = get_user_by_username_or_404(username)
if g.user != user:
return None, 403
password = request.get_json().get('password', '')
if not user.verify_password(password):
return None, 401
else:
user.is_active = False
user.last_updated = datetime.now()
user.put()
return None, 201
def put(self, username):
user = get_user_by_username_or_404(username)
if g.user != user:
return None, 403
old_password = request.get_json().get('old_password', '')
if not user.verify_password(old_password):
return None, 401
# don't commit changes if passwords are the same
new_password = request.get_json().get('new_password', '')
if old_password == new_password:
return None, 204
else:
user.hash_password(new_password)
user.last_updated = datetime.now()
user.put()
return None, 201
def get(self, username):
user = get_user_by_username_or_404(username)
replies = CommentReply \
.query(CommentReply.user == user.key) \
.order(-CommentReply.created)
return self.get_replies_context(replies)
def get(self, username):
user = get_user_by_username_or_404(username)
comments = Comment \
.query(Comment.user == user.key) \
.order(-Comment.created)
return self.get_comments_context(comments)
def get(self, username):
user = get_user_by_username_or_404(username)
reactions = Reaction \
.query(Reaction.user == user.key) \
.order(-Reaction.timestamp)
return self.get_reactions_context(reactions)
def get(self, username):
user = get_user_by_username_or_404(username)
posts = Post.query(Post.author == user.key).order(-Post.created)
return [self.get_post_context(p) for p in posts]
def get(self, username):
user = get_user_by_username_or_404(username)
return self.get_user_base_context(user)