def patch(self, user_id): user = Users.query.filter_by(id=user_id).first_or_404() data = request.get_json() data["id"] = user_id # Admins should not be able to ban themselves if data["id"] == session["id"] and (data.get("banned") is True or data.get("banned") == "true"): return ( { "success": False, "errors": { "id": "You cannot ban yourself" } }, 400, ) schema = UserSchema(view="admin", instance=user, partial=True) response = schema.load(data) if response.errors: return {"success": False, "errors": response.errors}, 400 db.session.commit() response = schema.dump(response.data) db.session.close() clear_user_session(user_id=user_id) clear_standings() return {"success": True, "data": response}
def patch(self, user_id): user = Users.query.filter_by(id=user_id).first_or_404() data = request.get_json() data["id"] = user_id # Admins should not be able to ban themselves if data["id"] == session["id"] and (data.get("banned") is True or data.get("banned") == "true"): return ( { "success": False, "errors": { "id": "You cannot ban yourself" } }, 400, ) schema = UserSchema(view="admin", instance=user, partial=True) response = schema.load(data) if response.errors: return {"success": False, "errors": response.errors}, 400 # This generates the response first before actually changing the type # This avoids an error during User type changes where we change # the polymorphic identity resulting in an ObjectDeletedError # https://github.com/CTFd/CTFd/issues/1794 response = schema.dump(response.data) db.session.commit() db.session.close() clear_user_session(user_id=user_id) clear_standings() return {"success": True, "data": response.data}
def patch(self): user = get_current_user() data = request.get_json() schema = UserSchema(view="self", instance=user, partial=True) response = schema.load(data) if response.errors: return {"success": False, "errors": response.errors}, 400 db.session.commit() response = schema.dump(response.data) db.session.close() clear_standings() return {"success": True, "data": response.data}
def post(self): req = request.get_json() schema = UserSchema('admin') response = schema.load(req) if response.errors: return {'success': False, 'errors': response.errors}, 400 db.session.add(response.data) db.session.commit() clear_standings() response = schema.dump(response.data) return {'success': True, 'data': response.data}
def patch(self, user_id): user = Users.query.filter_by(id=user_id).first_or_404() data = request.get_json() data["id"] = user_id schema = UserSchema(view="admin", instance=user, partial=True) response = schema.load(data) if response.errors: return {"success": False, "errors": response.errors}, 400 db.session.commit() response = schema.dump(response.data) db.session.close() clear_standings() return {"success": True, "data": response}
def post(self): req = request.get_json() schema = UserSchema("admin") response = schema.load(req) if response.errors: return {"success": False, "errors": response.errors}, 400 db.session.add(response.data) db.session.commit() if request.args.get("notify"): name = response.data.name password = req.get("password") clear_standings() response = schema.dump(response.data) return {"success": True, "data": response.data}
def post(self): req = request.get_json() schema = UserSchema('admin') response = schema.load(req) if response.errors: return {'success': False, 'errors': response.errors}, 400 db.session.add(response.data) db.session.commit() if request.args.get('notify'): name = response.data.name email = response.data.email password = req.get('password') user_created_notification(addr=email, name=name, password=password) clear_standings() response = schema.dump(response.data) return {'success': True, 'data': response.data}