def deleteProject(filename): project = Project.query.filter_by(filename=filename).first() if project.owner != g.current_user.id: return errorResponse(401, 'action not allowed for this user') if project is None: return errorResponse(404, 'resource does not exist') db.session.delete(project) db.session.commit() return jsonify({'message': 'delete success'})
def upload(): if 'input_file' not in request.files: return badRequest('no input file') file = request.files['input_file'] if Project.allowed_file(file.filename): errors = [] for field in ['project_title', 'authors']: if request.form.get(field) is None: errors.append(f"{field} field missing in request") if errors != []: return badRequest(errors) filename = secure_filename(file.filename) new_project = Project() new_project.owner = current_user.id new_project.authors = request.form.get('authors') new_project.title = request.form.get('project_title') new_project.hashFilename(filename) new_project.file_data = file.read() new_project.pdf_page_count = request.form.get('pdf_page_count') db.session.add(new_project) db.session.commit() return jsonify('upload success'), 201 return errorResponse(415, 'upload a .pdf file!')
def updateUser(username): student = User.query.filter_by(username=username).first() if student is None: return badRequest('user does not exist') if request.method == 'POST': try: request.get_json() except: return badRequest('content-type must be json') data = request.get_json() if data == {}: return badRequest('no details provided') if current_user.username != student.username: return errorResponse(401, 'You cannot perform this action') if data: for key in data: setattr(student, key, data[key]) db.session.commit() return jsonify({'message': 'user updated'}) elif request.method == 'GET': return jsonify({'username': student.username, 'email': student.email})
def getUserUploads(username): student = User.query.filter_by(username=username).first() if student is None: return badRequest('user does not exist') if g.current_user.id != student.id: return errorResponse(401, 'You cannot perform this action') #user = User.query.filter_by(username=username).first_or_404() projects = Project.query.filter_by(author=g.current_user)\ .order_by(Project.submit_date.desc()) if projects is None: return jsonify({'message': 'No project uploaded yet!'}) output = [] for project in projects: project_data = {} project_data['title'] = project.title project_data['authors'] = project.authors project_data['filename'] = project.filename project_data['size'] = len(project.file_data) project_data['date_created'] = project.date_created project_data['pdf_page_count'] = project.pdf_page_count output.append(project_data) return jsonify(output)
def deleteProject(filename): project = Project.query.filter_by(filename=filename).first() if project is None: return errorResponse(404, 'resource does not exist') db.session.delete(project) db.session.commit() return jsonify({'message': 'delete success'})
def deleteUser(username): user = User.query.filter_by(username=username).first() if user != current_user: return errorResponse(403, 'You cannot perform this action') db.session.delete(user) db.session.commit() return jsonify({'message': 'account deleted'})
def download(filename): project = Project.query.filter_by(filename=filename).first() if project is None: return errorResponse(404, 'resource does not exist') return send_file(BytesIO(project.file_data), mimetype='application/pdf', attachment_filename=project.title + '.pdf', as_attachment=True)
def getUserUploads(username): student = User.query.filter_by(username=username).first() if student is None: return badRequest('user does not exist') if current_user.username != student.username: return errorResponse(403, 'You cannot perform this action') user = User.query.filter_by(username=username).first_or_404() payload = Project.query.filter_by(author=user)\ .order_by(Project.submit_date.desc()) return jsonify(payload)
def getProjectInfo(filename): project = Project.query.filter_by(filename=filename).first() if project is None: return errorResponse(404, 'resource does not exist') project_data = {} project_data['title'] = project.title project_data['authors'] = project.authors project_data['filename'] = project.filename project_data['size'] = len(project.file_data) project_data['submit_date'] = project.submit_date return jsonify(project_data)
def requestPasswordReset(): try: req_data = request.get_json() except: return badRequest('no details provided') if 'email' not in req_data: return badRequest('user email required') user = User.query.filter_by(email=req_data['email']).first() if user: try: sendPaswordRequest(user) return jsonify({'message': 'please check your email'}) except: return errorResponse(502, 'mail not sent') return badRequest('email not registered')
def upload(): if 'input_file' not in request.files: return badRequest('no input file') file = request.files['input_file'] if Project.allowed_file(file.filename): errors = [] for field in ['project_title', 'authors']: if request.form.get(field) is None: errors.append(f"{field} field missing in request") if errors != []: return badRequest(errors) try: date_in_req = datetime.strptime(request.form.get('date_created'), '%Y-%m-%d') except: return badRequest('invalid date format. expected "yyyy-mm-dd"') filename = secure_filename(file.filename) new_project = Project() #try: new_project.owner = g.current_user.id new_project.authors = request.form.get('authors') new_project.title = request.form.get('project_title') new_project.supervisor = request.form.get('supervisor') new_project.tags = request.form.get('tags') new_project.date_created = date_in_req new_project.hashFilename(filename) #new_project.author = g.current_user try: new_project.file_data = file.read() except: return jsonify({"message": "file not found"}) new_project.pdf_page_count = request.form.get('pdf_page_count') db.session.add(new_project) db.session.commit() return jsonify('upload success'), 201 #except: #return jsonify({"message":"failed"}) return errorResponse(415, 'upload a .pdf file!')
def basicAuthError(): return errorResponse(401)