Example #1
0
 def create_user(self):
     user = AccountUser(first_name=self.first_name,
                        last_name=self.last_name,
                        email=self.email,
                        phone=self.phone,
                        password=self.password,
                        is_active=self.is_active)
     db.session.add(user)
     user.save()
     return user
Example #2
0
def my_event(msg):
    user = AccountUser.get_by_id(msg['data'])
    session = AccountUserAuthenticated.get_by_user_id(user.id)
    if session:
        session.delete()
        session.save()
    else:
        db.session.add((AccountUserAuthenticated(user.id, flask.request.sid)))
        db.session.commit()
    data = {'message': '{0} is online'.format(user.get_full_name()), 'status': 'connect', 'id': user.id}
    socketio.emit('connection response', data, namespace='/notification')
    app.logger.info('Connection established by {}'.format(msg['data']))
    online_users_data = AccountUser.get_online_users()
    socketio.emit('online users', online_users_data, namespace='/notification')
Example #3
0
 def get(self):
     q = request.args.get('q')
     page = request.args.get('page')
     article_query, article_total = Quiz.search(q, 1, 5)
     account_query, account_total = AccountUser.search(q, 1, 5)
     articles = Quiz.get_all(page)
     accounts = AccountUser.get_all(page)
     if article_total:
         results = utils.MergeDictList([articles, {"type": "quiz"}])
         return jsonify(results)
     if account_total:
         results = utils.MergeDictList([accounts, {"type": "user"}])
         return jsonify(dict_ctx=results)
     results = {"count": 0, "results": []}
     return jsonify(results)
Example #4
0
 def delete(self):
     logged_in_user = AccountUser.get_current_user()
     body = request.data
     keys = ['id']
     if not body:
         validated = validator.field_validator(keys, {})
         if not validated["success"]:
             app.logger.warning(
                 '{logged_in_user} made request with invalid fields: \n {request_body}'
                 .format(logged_in_user=logged_in_user.name,
                         request_body=body))
             return jsonify(validated['data']), 400
     if request.is_json:
         body = request.get_json()
         validated = validator.field_validator(keys, body)
         if not validated["success"]:
             app.logger.warning(
                 '{logged_in_user} made request with invalid fields: \n {request_body}'
                 .format(logged_in_user=logged_in_user.name,
                         request_body=body))
             return jsonify(validated['data']), 400
         user = AccountUser.get_by_id(body['id'])
         if user:
             try:
                 user.delete()
                 user.save()
                 app.logger.debug(
                     "Successfully deleted user with id {}".format(
                         body['id']))
                 return jsonify(message="{} successfully deleted user".
                                format(logged_in_user.name)), 200
             except Exception as e:
                 app.logger.exception(
                     'Exception occurred. Made by {}'.format(
                         logged_in_user.name))
                 return jsonify(
                     message='An error occurred. {}'.format(str(e))), 400
         app.logger.warning(
             '{} trying to delete user with id {} who does not exist'.
             format(logged_in_user.name, body['id']))
         return jsonify(message='User with id {} does not exist'.format(
             body['id'])), 404
     else:
         app.logger.warning(
             '{} submitted request with content type header not being application/json'
         )
         return jsonify(
             message='Content-type header is not application/json'), 400
Example #5
0
 def delete(self):
     body = request.data
     keys = ['id']
     if not body:
         validated = validator.field_validator(keys, {})
         if not validated["success"]:
             app.logger.warning(
                 '{current_user} made request with invalid fields: \n {request_body}'
                     .format(current_user=current_user.get_full_name, request_body=body))
             return jsonify(validated['data']), 400
     if request.is_json:
         body = request.get_json()
         validated = validator.field_validator(keys, body)
         if not validated["success"]:
             app.logger.warning(
                 '{} made request with invalid fields: \n {}'.format(current_user.get_full_name, body))
             return jsonify(validated['data']), 400
         quiz = Quiz.get_by_id(body['id'])
         current_user_roles = AccountUser.get_current_user_roles()
         if 'TUTOR' in current_user_roles or 'LEARNER' in current_user_roles:
             if quiz.creator_id != current_user.id:
                 return jsonify(message='You are not allowed to delete this quiz!'), 403
         if quiz:
             try:
                 quiz.delete()
                 quiz.save()
                 return jsonify(message='Successfully deleted!'), 200
             except Exception as e:
                 app.logger.exception('Exception occurred')
                 return jsonify(message='An error occurred. {}'.format(str(e))), 400
         app.logger.warning('{} trying to update quiz details with {} which does not exist'.
                            format(current_user.name, body['id']))
         return jsonify(message='Quiz with id {} does not exist'.format(body['id'])), 404
Example #6
0
def disconnect():
    app.logger.info("Client disconnecting...")
    session = AccountUserAuthenticated.get_by_session_id(flask.request.sid)
    session.delete()
    session.save()
    online_users_data = AccountUser.get_online_users()
    socketio.emit('online users', online_users_data, namespace='/notification')
    app.logger.info("Socket sent a message to notification namespace")
Example #7
0
 def get(self):
     logged_in_user = AccountUser.get_current_user()
     page = request.args.get('page')
     user_id = request.args.get('user_id')
     email = request.args.get('email')
     phone = request.args.get('phone')
     if user_id:
         account = AccountUser.get_by_id(user_id)
         user = AccountUser.get_user(account)
         if user:
             if user:
                 return jsonify(user)
         app.logger.warning(
             '{} submitted {} user id which does not exist'.format(
                 logged_in_user.name, user_id))
         return jsonify(message='{} does not exist'.format(user_id))
     if email:
         account = AccountUser.get_user_by_email(email)
         user = AccountUser.get_user(account)
         if user:
             return jsonify(user)
         app.logger.warning(
             '{} submitted {} email which does not exist'.format(
                 logged_in_user.name, email))
         return jsonify(message='{} does not exist'.format(email)), 404
     if phone:
         account = AccountUser.get_user_by_phone(phone)
         user = AccountUser.get_user(account)
         if user:
             return jsonify(user)
         app.logger.warning(
             '{} submitted {} phone number which does not exist'.format(
                 logged_in_user.name, phone))
         return jsonify(message='{} does not exist'.format(phone)), 404
     users = AccountUser.get_all(int(page) if page else None)
     results = []
     for v in users.items:
         del v._sa_instance_state
         results.append(v.__dict__)
     data = utils.response_dict(users, results, "/account/user/")
     return jsonify(data)
Example #8
0
    def post(self):
        if not request.is_json:
            return jsonify({"msg": "Missing JSON in request"}), 400

        email = request.json.get('email', None)
        password = request.json.get('password', None)
        if not email:
            return jsonify({"msg": "Missing email parameter"}), 400
        if not password:
            return jsonify({"msg": "Missing password parameter"}), 400

        user = AccountUser.get_user_by_email(email)
        if user:
            if utils.check_password_hash(user.password, password):
                app.logger.info(
                    "Logged in user with the email {0}".format(email))
                # Identity can be any data that is json serializable
                access_token = create_access_token(identity=email,
                                                   expires_delta=False)
                refresh_token = create_refresh_token(identity=email)
                results = dict(
                    access_token=access_token,
                    refresh_token=refresh_token,
                    user=dict(id=user.id,
                              full_name="{} {}".format(user.first_name,
                                                       user.last_name),
                              email=user.email,
                              roles=[v.role.name for v in user.roles]))
                return jsonify(results), 200
            else:
                app.logger.warning(
                    "User with the email {0} does not exist".format(email),
                    extra={'stack': True})
                return jsonify({"msg": "Bad username or password"}), 401
        else:
            app.logger.warning(
                "User with the email {0} does not exist".format(email),
                extra={'stack': True})
            return jsonify({"msg": "Bad username or password"}), 401
Example #9
0
 def post(self):
     body = request.data
     keys = [
         'first_name', 'last_name', 'email', 'phone', 'password', 'role'
     ]
     if not body:
         validated = validator.field_validator(keys, {})
         if not validated["success"]:
             app.logger.warning(
                 'User made request with invalid fields: \n {}'.format(
                     body))
             return jsonify(validated['data']), 400
     if request.is_json:
         body = request.get_json()
         validated = validator.field_validator(keys, body)
         if not validated["success"]:
             app.logger.warning(
                 'User made request with invalid fields: \n {}'.format(
                     body))
             return jsonify(jsonify=validated['data'])
         first_name = body['first_name']
         middle_name = body['middle_name'] if 'middle_name' in body else None
         last_name = body['last_name']
         email = body['email']
         phone = body['phone']
         password = utils.generate_password_hash(
             body['password'], app.config.get('BCRYPT_LOG_ROUNDS'))
         user_by_email = AccountUser.get_user_by_email(email=email)
         if user_by_email:
             message = 'User with the email {} exists'.format(email)
             app.logger.warning(message)
             return jsonify(message=message), 400
         user_by_phone = AccountUser.get_user_by_phone(phone=phone)
         if user_by_phone:
             message = 'User with the phone {} exists'.format(phone)
             app.logger.warning(message)
             return jsonify(message=message), 400
         role = AccountRole.get_by_name(body['role'])
         if role == 'ADMIN' or role == 'SUPERUSER':
             current_user_roles = AccountUser.get_current_user_roles()
             if not 'ADMIN' in current_user_roles or not 'SUPERUSER' in current_user_roles:
                 return jsonify(
                     message='Forbidden to create user with the roles'), 403
         try:
             account_user = AccountUser(first_name=first_name,
                                        middle_name=middle_name,
                                        last_name=last_name,
                                        email=email,
                                        phone=phone,
                                        password=password)
             account_user = account_user.create(account_user)
             account_user_role = AccountUserRole(user_id=account_user.id,
                                                 role_id=role.id)
             account_user_role.create(account_user_role)
             account_user_role.save()
             app.logger.debug("Successfully saved new user with")
             return jsonify(message="Successfully created!"), 201
         except Exception as e:
             Base.revert()
             app.logger.exception('Exception occurred')
             return jsonify(
                 message='An error occurred. {}'.format(str(e))), 400
     else:
         app.logger.warning(
             'User submitted request with content type header not being application/json'
         )
         return jsonify(
             message='Content-type header is not application/json'), 400
Example #10
0
    def put(self):
        body = request.data
        keys = ['id']
        if not body:
            validated = validator.field_validator(keys, {})
            if not validated["success"]:
                app.logger.warning(
                    '{logged_in_user} made request with invalid fields: \n {request_body}'
                    .format(logged_in_user=current_user.full_name,
                            request_body=body))
                return jsonify(validated['data']), 400
        if request.is_json:
            body = request.get_json()
            validated = validator.field_validator(keys, body)
            if not validated["success"]:
                app.logger.warning(
                    '{} made request with invalid fields: \n {}'.format(
                        current_user.full_name, body))
                return jsonify(validated['data']), 400
            account_user = AccountUser.get_by_id(body['id'])
            if account_user:
                first_name = body['first_name']
                middle_name = body['middle_name']
                last_name = body['last_name']
                email = body['email']
                phone = body['phone']
                old_password = body['old_password']
                new_password = body['new_password']

                if old_password and new_password:
                    confirm_password = utils.check_password_hash(
                        account_user.password, old_password)
                    if not confirm_password:
                        app.logger.warning(
                            '{} submitted password which does not match existing password'
                            .format(current_user.full_name))
                        return jsonify(
                            message=
                            'Old password does not match existing password'
                        ), 400

                password = utils.generate_password_hash(
                    body['new_password'], app.config.get('BCRYPT_LOG_ROUNDS'))
                user_by_email = AccountUser.get_user_with_unique(email=email)
                if user_by_email:
                    message = 'User with the email {} exists'.format(email)
                    app.logger.warning(message)
                    return jsonify(message=message), 400
                user_by_phone = AccountUser.get_user_with_unique(phone=phone)
                if user_by_phone:
                    message = 'User with the phone {} exists'.format(phone)
                    app.logger.warning(message)
                    return jsonify(message=message), 400
                try:
                    if account_user.id == current_user.id:
                        account_user.first_name = first_name if first_name else account_user.first_name
                        account_user.middle_name = middle_name if middle_name else account_user.middle_name
                        account_user.last_name = last_name if last_name else account_user.last_name
                        account_user.email = email if email else account_user.email
                        account_user.phone = phone if phone else account_user.phone
                        account_user.password = password if password else account_user.password
                        account_user.save()
                        user = {
                            "id": account_user.id,
                            "name": account_user.name,
                            "email": account_user.email
                        }
                        app.logger.debug(
                            "Successfully updated my user profile with the details: \n{}"
                            .format(body))
                        return jsonify({"user": user}), 201
                except Exception as e:
                    app.logger.exception('Exception occurred')
                    return jsonify(
                        message='An error occurred. {}'.format(str(e))), 400
            app.logger.warning(
                '{} trying to update user details with {} who does not exist'.
                format(current_user.first_name, body['id']))
            return jsonify(message='User with id {} does not exist'.format(
                body['id'])), 404
        else:
            app.logger.warning(
                'User submitted request with content type header not being application/json'
            )
            return jsonify(
                message='Content-type header is not application/json'), 400
Example #11
0
def user_loader_callback(identity):

    if not AccountUser.get_user_by_email(identity):
        return None

    return AccountUser.get_user_by_email(identity)
Example #12
0
def handle_my_custom_event(data):
    user = AccountUser.get_current_user()
    emit('my response', {'message': '{0} has joined'.format(user.name)}, broadcast=True)
Example #13
0
 def get(self):
     data = AccountUser.get_online_users()
     if data:
         return jsonify(data)
     return jsonify({"count": 0, "results": []})