def route_users_post_open(email=None,
password=None,
first_name=None,
last_name=None,
group_id=None):
if not config.USERS_OPEN_REGISTRATION:
abort(403, "Open user resgistration is forbidden on this server")
user = db_session.query(User).filter(User.email == email).first()
if user:
return abort(
400,
f"The user with this email already exists in the system: {email}")
group = db_session.query(Group).filter(Group.id == group_id).first()
if group is None:
abort(400, f'There is no group with id: "{group_id}"')
user = User(
email=email,
password=pwd_context.hash(password),
first_name=first_name,
last_name=last_name,
group=group,
)
db_session.add(user)
db_session.commit()
db_session.refresh(user)
return user
def update(
user_obj,
email=None,
password=None,
first_name=None,
last_name=None,
is_active=None,
is_superuser=None,
role_id=None
):
if email:
user_obj.email = email
if password:
user_obj.password = pwd_context.hash(password)
if first_name:
user_obj.first_name = first_name
if last_name:
user_obj.last_name = last_name
if is_active is not None:
user_obj.is_active = is_active
if is_superuser is not None:
user_obj.is_superuser = is_superuser
if role_id:
user_obj.role_id = role_id
base_provider.db_session.commit()
base_provider.db_session.refresh(user_obj)
return user_obj
def route_users_post(email=None,
password=None,
first_name=None,
last_name=None,
group_id=None):
current_user = get_current_user()
if not current_user:
abort(400, 'Could not authenticate user with provided token')
elif not current_user.is_active:
abort(400, 'Inactive user')
elif not current_user.is_superuser:
abort(400, 'Only a superuser can execute this action')
user = db_session.query(User).filter(User.email == email).first()
if user:
return abort(
400,
f'The user with this email already exists in the system: {email}')
group = db_session.query(Group).filter(Group.id == group_id).first()
if group is None:
abort(400, f'There is no group with id: "{group_id}"')
user = User(email=email,
password=pwd_context.hash(password),
first_name=first_name,
last_name=last_name,
group=group)
db_session.add(user)
db_session.commit()
db_session.refresh(user)
return user
def init_db(db_session):
# Tables should be created with Alembic migrations
# But if you don't want to use migrations, create
# the tables uncommenting the next line
# Base.metadata.create_all(bind=engine)
group = db_session.query(Group).filter(Group.name == 'default').first()
if not group:
group = Group(name='default')
db_session.add(group)
user = db_session.query(User).filter(
User.email == config.FIRST_SUPERUSER).first()
if not user:
user = User(email=config.FIRST_SUPERUSER,
password=pwd_context.hash(config.FIRST_SUPERUSER_PASSWORD),
group=group,
is_superuser=True)
user.groups_admin.append(group)
db_session.add(user)
db_session.commit()
def create(
email,
password,
first_name=None,
last_name=None,
is_active=True,
is_superuser=False,
role_code=data.ROLE_DEFAULT
):
role_obj = role_provider.get_by_code(code=role_code)
new_user_obj = User(
created_at=datetime_now(),
email=email,
password=pwd_context.hash(password),
first_name=first_name,
last_name=last_name,
is_active=is_active,
is_superuser=is_superuser,
role=role_obj
)
return base_provider.create(obj=new_user_obj)