def route_admin_users_groups_post(group_id=None, user_id=None): current_user = get_current_user() # type: User if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") group = db_session.query(Group).filter_by(id=group_id).first() # type: Group user = db_session.query(User).filter(User.id == user_id).first() # type: User if not group: return abort(400, f"The group with id: {group_id} does not exists") if not user: return abort(400, f"The user with id: {user_id} does not exists") if current_user.is_superuser: group.users_admin.append(user) db_session.commit() else: abort(400, "Not authorized") return { "msg": f"The user with id {user_id} was sucessfully added as an admin of the group with id {group_id}" }
def route_users_post_open(email=None, password=None, first_name=None, last_name=None, group_id=None): if not config.USERS_OPEN_REGISTRATION: abort(403, "Open user resgistration is forbidden on this server") user = db_session.query(User).filter(User.email == email).first() if user: return abort( 400, f"The user with this email already exists in the system: {email}") group = db_session.query(Group).filter(Group.id == group_id).first() if group is None: abort(400, f'There is no group with id: "{group_id}"') user = User( email=email, password=pwd_context.hash(password), first_name=first_name, last_name=last_name, group=group, ) db_session.add(user) db_session.commit() db_session.refresh(user) return user
def route_groups_post(name=None): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") elif not current_user.is_superuser: abort(400, "Not a superuser") group = db_session.query(Group).filter(Group.name == name).first() if group: return abort(400, f"The group: {name} already exists in the system") group = Group(name=name) db_session.add(group) db_session.commit() return group
def route_users_post(email=None, password=None, first_name=None, last_name=None, group_id=None): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") elif not current_user.is_superuser: abort(400, "Only a superuser can execute this action") user = db_session.query(User).filter(User.email == email).first() if user: return abort( 400, f"The user with this email already exists in the system: {email}") group = db_session.query(Group).filter(Group.id == group_id).first() if group is None: abort(400, f'There is no group with id: "{group_id}"') user = User( email=email, password=pwd_context.hash(password), first_name=first_name, last_name=last_name, group=group, ) db_session.add(user) db_session.commit() db_session.refresh(user) return user