def get_user(public_id: int):
"""
HTTP `GET`/`HEAD` route for a single user resource.
Args:
public_id (int): Public ID user.
Raises:
ManagerGetError: When the selected user does not exists.
Notes:
Calling the route over HTTP HEAD method will result in an empty body.
Returns:
GetSingleResponse: Which includes the json data of a UserModel.
"""
user_manager: UserManager = UserManager(
database_manager=current_app.database_manager)
try:
user: UserModel = user_manager.get(public_id)
except ManagerGetError as err:
return abort(404, err.message)
api_response = GetSingleResponse(UserModel.to_dict(user),
url=request.url,
model=UserModel.MODEL,
body=request.method == 'HEAD')
return api_response.make_response()
def to_dict(cls, instance: 'LoginResponse') -> dict:
return {
'user': UserModel.to_dict(instance.user),
'token': instance.token.decode('UTF-8'),
'token_issued_at': instance.token_issued_at,
'token_expire': instance.token_expire
}
def change_user_password(public_id: int):
"""
HTTP `PATCH` route for updating a single user password.
Args:
public_id (int): Public ID of the user.
Raises:
ManagerGetError: When the user with the `public_id` was not found.
ManagerUpdateError: When something went wrong during the updated.
Returns:
UpdateSingleResponse: User with new password
"""
user_manager: UserManager = UserManager(
database_manager=current_app.database_manager)
security_manager: SecurityManager = SecurityManager(
database_manager=current_app.database_manager)
try:
user = user_manager.get(public_id=public_id)
password = security_manager.generate_hmac(request.json.get('password'))
user.password = password
user_manager.update(public_id=PublicID(public_id), user=user)
api_response = UpdateSingleResponse(result=UserModel.to_dict(user),
url=request.url,
model=UserModel.MODEL)
except ManagerGetError as err:
return abort(404, err.message)
except ManagerUpdateError as err:
return abort(400, err.message)
return api_response.make_response()
def delete_user(public_id: int):
"""
HTTP `DELETE` route for delete a single user resource.
Args:
public_id (int): Public ID of the user.
Raises:
ManagerGetError: When the user with the `public_id` was not found.
ManagerDeleteError: When something went wrong during the deletion.
Returns:
DeleteSingleResponse: Delete result with the deleted user as data.
"""
user_manager: UserManager = UserManager(
database_manager=current_app.database_manager)
try:
deleted_group = user_manager.delete(public_id=PublicID(public_id))
api_response = DeleteSingleResponse(
raw=UserModel.to_dict(deleted_group), model=UserModel.MODEL)
except ManagerGetError as err:
return abort(404, err.message)
except ManagerDeleteError as err:
return abort(404, err.message)
return api_response.make_response()
def update_user(public_id: int, data: dict):
"""
HTTP `PUT`/`PATCH` route for update a single user resource.
Args:
public_id (int): Public ID of the updatable user.
data (UserModel.SCHEMA): New user data to update.
Raises:
ManagerGetError: When the user with the `public_id` was not found.
ManagerUpdateError: When something went wrong during the update.
Returns:
UpdateSingleResponse: With update result of the new updated user.
"""
user_manager: UserManager = UserManager(
database_manager=current_app.database_manager)
try:
user = UserModel.from_data(data=data)
user_manager.update(public_id=PublicID(public_id), user=user)
api_response = UpdateSingleResponse(result=UserModel.to_dict(user),
url=request.url,
model=UserModel.MODEL)
except ManagerGetError as err:
return abort(404, err.message)
except ManagerUpdateError as err:
return abort(400, err.message)
return api_response.make_response()
def insert_user(data: dict):
"""
HTTP `POST` route for insert a single user resource.
Args:
data (UserModel.SCHEMA): Insert data of a new user.
Raises:
ManagerGetError: If the inserted user could not be found after inserting.
ManagerInsertError: If something went wrong during insertion.
Returns:
InsertSingleResponse: Insert response with the new user and its public_id.
"""
user_manager: UserManager = UserManager(
database_manager=current_app.database_manager)
security_manager: SecurityManager = SecurityManager(
database_manager=current_app.database_manager)
try:
data['password'] = security_manager.generate_hmac(data['password'])
result_id: PublicID = user_manager.insert(data)
user = user_manager.get(public_id=result_id)
except ManagerGetError as err:
return abort(404, err.message)
except ManagerInsertError as err:
return abort(400, err.message)
api_response = InsertSingleResponse(result_id=result_id,
raw=UserModel.to_dict(user),
url=request.url,
model=UserModel.MODEL)
return api_response.make_response(prefix='users')
def _decorate(*args, **kwargs):
if auth:
if not auth_is_valid():
return abort(401)
if auth and right:
if not user_has_right(right):
if excepted:
with current_app.app_context():
user_manager = UserManager(
current_app.database_manager)
token = parse_authorization_header(
request.headers['Authorization'])
try:
decrypted_token = TokenValidator(
current_app.database_manager).decode_token(
token)
except ValidationError as err:
return abort(401)
try:
user_id = decrypted_token['DATAGERRY'][
'value']['user']['public_id']
user_dict: dict = UserModel.to_dict(
user_manager.get(user_id))
if excepted:
for exe_key, exe_value in excepted.items():
try:
route_parameter = kwargs[exe_value]
except KeyError:
return abort(
403,
f'User has not the required right {right}'
)
if exe_key not in user_dict.keys():
return abort(
403,
f'User has not the required right {right}'
)
if user_dict[
exe_key] == route_parameter:
return f(*args, **kwargs)
except ManagerGetError:
return abort(404)
return abort(
403, f'User has not the required right {right}')
return f(*args, **kwargs)
def get_users(params: CollectionParameters):
"""
HTTP `GET`/`HEAD` route for getting a iterable collection of resources.
Args:
params (CollectionParameters): Passed parameters over the http query string
Returns:
GetMultiResponse: Which includes a IterationResult of the UserModel.
Notes:
Calling the route over HTTP HEAD method will result in an empty body.
Raises:
ManagerIterationError: If the collection could not be iterated.
ManagerGetError: If the collection/resources could not be found.
"""
user_manager: UserManager = UserManager(
database_manager=current_app.database_manager)
try:
iteration_result: IterationResult[UserModel] = user_manager.iterate(
filter=params.filter,
limit=params.limit,
skip=params.skip,
sort=params.sort,
order=params.order)
users = [UserModel.to_dict(user) for user in iteration_result.results]
api_response = GetMultiResponse(users,
total=iteration_result.total,
params=params,
url=request.url,
model=UserModel.MODEL,
body=request.method == 'HEAD')
except ManagerIterationError as err:
return abort(400, err.message)
except ManagerGetError as err:
return abort(404, err.message)
return api_response.make_response()
