def route_admin_users_groups_post(group_id=None, user_id=None):
current_user = get_current_user() # type: User
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
group = db_session.query(Group).filter_by(id=group_id).first() # type: Group
user = db_session.query(User).filter(User.id == user_id).first() # type: User
if not group:
return abort(400, f"The group with id: {group_id} does not exists")
if not user:
return abort(400, f"The user with id: {user_id} does not exists")
if current_user.is_superuser:
group.users_admin.append(user)
db_session.commit()
else:
abort(400, "Not authorized")
return {
"msg": f"The user with id {user_id} was sucessfully added as an admin of the group with id {group_id}"
}
def route_users_post_open(email=None,
password=None,
first_name=None,
last_name=None,
group_id=None):
if not config.USERS_OPEN_REGISTRATION:
abort(403, "Open user resgistration is forbidden on this server")
user = db_session.query(User).filter(User.email == email).first()
if user:
return abort(
400,
f"The user with this email already exists in the system: {email}")
group = db_session.query(Group).filter(Group.id == group_id).first()
if group is None:
abort(400, f'There is no group with id: "{group_id}"')
user = User(
email=email,
password=pwd_context.hash(password),
first_name=first_name,
last_name=last_name,
group=group,
)
db_session.add(user)
db_session.commit()
db_session.refresh(user)
return user
def route_groups_post(name=None):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
elif not current_user.is_superuser:
abort(400, "Not a superuser")
group = db_session.query(Group).filter(Group.name == name).first()
if group:
return abort(400, f"The group: {name} already exists in the system")
group = Group(name=name)
db_session.add(group)
db_session.commit()
return group
def route_users_post(email=None,
password=None,
first_name=None,
last_name=None,
group_id=None):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
elif not current_user.is_superuser:
abort(400, "Only a superuser can execute this action")
user = db_session.query(User).filter(User.email == email).first()
if user:
return abort(
400,
f"The user with this email already exists in the system: {email}")
group = db_session.query(Group).filter(Group.id == group_id).first()
if group is None:
abort(400, f'There is no group with id: "{group_id}"')
user = User(
email=email,
password=pwd_context.hash(password),
first_name=first_name,
last_name=last_name,
group=group,
)
db_session.add(user)
db_session.commit()
db_session.refresh(user)
return user