def post(self): """Create a new post. Required Args: topic: Topic to post to author: Username of post author body: Body text of post title: Title of the post """ args = post_parser.parse_args(strict=True) LOGGER.info({"Args": args}) if User.get_user(args.author) is None: return Fail(f"author {args.author} does not exist").to_json(), 404 if Topic.get_topic(args.topic_name) is None: return Fail(f"topic {args.topic_name} does not exist").to_json(), 404 post = Post( title=args.title, body=args.body, author=args.author, topic_name=args.topic_name, ) db.session.add(post) db.session.flush() post_uuid = post.id db.session.commit() return Success(post.to_json()).to_json(), 201
def post(self): """Create a new reply. Required Args: post_id: ID of the post to reply to author: Username of post author body: Body text of post """ args = post_parser.parse_args(strict=True) LOGGER.info({"Args": args}) if User.get_user(args.author) is None: return Fail(f"author {args.author} does not exist").to_json(), 404 if Post.get_post(args.post_id) is None: return Fail(f"topic {args.post_id} does not exist").to_json(), 404 reply = Reply(body=args.body, author=args.author, post_id=args.post_id) db.session.add(reply) db.session.flush() reply_uuid = reply.id db.session.commit() return Success(reply.to_json()).to_json(), 201
def put(self, topicName, jwt_payload=None): """Update topic info. Only available to admins and mods Args: This topic will be updated """ if not (jwt_payload.is_admin or jwt_payload.is_mod): return ( Fail("User does not have permissions for this request"). to_json(), 403, ) else: args = put_parser.parse_args(strict=True) topic = Topic.get_topic(topicName) if topic is not None: if args.descript is not None: topic.descript = args.descript db.session.commit() return Success({ "message": f"{topicName} updated" }).to_json(), 200 return Fail(f"topic {topicName} not found").to_json(), 404
def delete(self, post_id): """Delete a specific post from the database. Args: post_id: UUID of the post to delete. """ if not validate_uuid(post_id): return Fail("invalid post ID").to_json(), 400 post = Post.get_post(post_id) if post is not None: post.delete() return Success(None).to_json(), 204 return Fail(f"Post ID {post_id} does not exist").to_json(), 404
def delete(self, reply_id): """Delete a specific reply from the database. Args: reply_id: UUID of the reply to delete. """ if not validate_uuid(reply_id): return Fail("invalid reply ID").to_json(), 400 reply = Reply.get_reply(reply_id) if reply is not None: reply.delete() return Success(None).to_json(), 204 return Fail(f"Reply ID {reply_id} does not exist").to_json(), 404
def get(self, post_id, jwt_payload=None): """Get info on a specific post. Args: post_id: UUID of the post to lookup. """ if not validate_uuid(post_id): return Fail("invalid post ID").to_json(), 400 LOGGER.debug({"Requested Post": post_id}) post = Post.get_post(post_id) if post is not None: return Success({"post": post.to_json()}).to_json(), 200 return Fail(f"post with ID {post_id} not found").to_json(), 404
def get(self, reply_id, jwt_payload=None): """Get info on a specific reply. Args: reply_id: UUID of the post to lookup. """ if not validate_uuid(reply_id): return Fail("invalid reply ID").to_json(), 400 LOGGER.debug({"Requested reply": reply_id}) reply = Reply.get_reply(reply_id) if reply is not None: return Success({"reply": reply.to_json()}).to_json(), 200 return Fail(f"post with ID {reply_id} not found").to_json(), 404
def post(self): """Create a new user. Required in Payload: userame: Username of the new user to be created. password: Passowrd of the user to be created. Optional in Payload: bio: Bio of the user to be created. """ args = post_parser.parse_args(strict=True) LOGGER.info({"Args": args}) user = User.get_user(args.username) if user is None: hashed = bcrypt.hashpw(args.password.encode("utf8"), bcrypt.gensalt()) record = User( username=args.username, pw_hash=hashed, bio=args.bio, displayName=args.displayName, ) record.save() data = {"message": f"user {args.username} created"} return Success(data).to_json(), 201 return Fail(f"user {args.username} exists").to_json(), 400
def put(self, username, jwt_payload=None): """Update user info. Args: username: The user to be updated. jwt_payload: The payload data of the JWT passed in the request """ args = put_parser.parse_args(strict=True) user = User.get_user(username) if user is not None: if args.is_admin is not None and jwt_payload.is_admin: user.is_admin = args.is_admin if args.is_mod is not None and jwt_payload.is_mod: user.is_mod = args.is_mod if not user.is_admin else True if args.displayName is not None and username == jwt_payload.username: user.displayName = args.displayName if args.bio is not None and username == jwt_payload.username: user.bio = args.bio if args.password is not None and username == jwt_payload.username: user.pw_hash = bcrypt.hashpw(args.password.encode("utf8"), bcrypt.gensalt()) db.session.commit() data = {"message": f"{username} updated"} return Success(data).to_json(), 200 return Fail(f"user {username} does not exist").to_json(), 404
def put(self, reply_id): """Update info for a specific reply. Args: reply_id: UUID of the reply to update. """ if not validate_uuid(reply_id): return Fail("invalid reply ID").to_json(), 400 reply = Reply.get_reply(reply_id) if reply is not None: args = put_parser.parse_args(strict=True) reply.body = args.body reply.edited = True reply.save() return Success(f"reply with ID {reply_id} updated").to_json(), 200 return Fail(f"reply with ID {reply_id} not found").to_json(), 404
def put(self, post_id): """Update info for a specific post. Args: post_id: UUID of the post to update. """ if not validate_uuid(post_id): return Fail("invalid post ID").to_json(), 400 post = Post.get_post(post_id) if post is not None: args = put_parser.parse_args(strict=True) post.body = args.body post.edited = True post.save() return Success(f"post with ID {post_id} updated").to_json(), 200 return Fail(f"post with ID {post_id} not found").to_json(), 404
def delete(self, topicName, jwt_payload=None): """ Delete a topic Only an admin has permission to delete (others should not be shown the option) :param topicName: :return: """ if not jwt_payload.is_admin: return Fail("User does not have permission").to_json(), 403 else: topic = Topic.get_topic(topicName) if topic is not None: topic.delete() return Success({ "message": f"{topicName} deleted" }).to_json(), 204 return Fail(f"topic {topicName} not found").to_json(), 404
def delete(self, reply_id, jwt_payload=None): """Delete a specific reply from the database. Args: reply_id: UUID of the reply to delete. """ if not validate_uuid(reply_id): return Fail("invalid reply ID").to_json(), 400 reply = Reply.get_reply(reply_id) if reply is None: return Fail(f"Reply ID {reply_id} does not exist").to_json(), 404 if not (jwt_payload.is_admin or jwt_payload.is_mod or jwt_payload.username == reply.author): return Fail( "You do not have permission to delete replies").to_json(), 403 else: if reply is not None: reply.delete() return Success(None).to_json(), 204
def delete(self, username, jwt_payload=None): """Delete a user. Args: username: The user to be deleted. """ user = User.get_user(username) if user is None: return Fail(f"user {username} does not exist").to_json(), 404 if user.username == jwt_payload.username or jwt_payload.is_admin: user.delete() return Success(None).to_json(), 204 return ( Fail(f"Invalid permissions, cannot delete user {username}"). to_json(), 403, )
def delete(self, topicName): """ :param topicName: :return: """ topic = Topic.get_topic(topicName) if topic is not None: topic.delete() return Success(f"{topicName} deleted").to_json(), 204 return Fail(f"topic {topicName} not found").to_json(), 404
def delete(self, username): """Delete a user. Args: username: The user to be deleted. """ user = User.get_user(username) if user is not None: user.delete() return Success(None).to_json(), 204 return Fail(f"user {username} does not exist").to_json(), 404
def decorated_function(*args, **kwargs): try: token = request.headers.get("authorization").split(" ")[1] LOGGER.debug({"Token": token}) decoded = jwt.decode(token, SECRET_KEY, algorithms=["HS256"]) LOGGER.debug({"Decoded": decoded}) except Exception as e: LOGGER.debug({"Message": str(e)}) return Fail("Invalid or missing JWT").to_json(), 401 return f(jwt_payload=JWTPayload(decoded), *args, **kwargs)
def put(self, reply_id, jwt_payload=None): """Update info for a specific reply. Args: reply_id: UUID of the reply to update. """ if not validate_uuid(reply_id): return Fail("invalid reply ID").to_json(), 400 reply = Reply.get_reply(reply_id) if reply is None: return Fail(f"reply with ID {reply_id} not found").to_json(), 404 if jwt_payload.username != reply.author: return Fail( "Replies can only be updated by their creators").to_json(), 403 if reply is not None: args = put_parser.parse_args(strict=True) reply.body = args.body reply.edited = True reply.save() return Success(f"reply with ID {reply_id} updated").to_json(), 200
def get(self, topicName): """Get info on a topic Args: topicName: Topic to lookup """ LOGGER.debug({"Requested Topic": topicName}) topic = Topic.get_topic(topicName) if topic is not None: topic_json = topic.to_json(posts=True) return Success({"topic": topic_json}).to_json(), 200 return Fail(f"topic {topicName} not found").to_json(), 404
def get(self, username, jwt_payload=None): """Get info on a user. Args: username: Username to lookup. """ LOGGER.debug({"Requested user": username}) user = User.get_user(username) if user is not None: user_json = user.to_json() return Success(user_json).to_json(), 200 return Fail(f"user {username} not found").to_json(), 404
def put(self, topicName): """Update topic info Args: This topic will be updated """ args = put_parser.parse_args(strict=True) topic = Topic.get_topic(topicName) if topic is not None: if args.descript is not None: topic.descript = args.descript db.session.commit() return Success(f"{topicName} updated").to_json(), 200 return Fail(f"topic {topicName} not found").to_json(), 404
def delete(self, post_id, jwt_payload=None): """Delete a specific post from the database. Only available to admin, mod, and author Args: post_id: UUID of the post to delete. """ post = Post.get_post(post_id) if post is None: return Fail(f"Post ID {post_id} does not exist").to_json(), 404 if jwt_payload.username != post.author or not (jwt_payload.is_mod or jwt_payload.is_admin): return ( Fail("Permission denied, you can not delete other's posts"). to_json(), 403, ) else: if not validate_uuid(post_id): return Fail("invalid post ID").to_json(), 400 if post is not None: post.delete() return Success(None).to_json(), 204
def post(self, jwt_payload=None): """Create a new post. Required Args: topic: Topic to post to body: Body text of post title: Title of the post """ args = post_parser.parse_args(strict=True) LOGGER.info({"Args": args}) user = User.get_user(jwt_payload.username) if user is None: return Fail(f"author does not exist").to_json(), 404 if Topic.get_topic(args.topic_name) is None: return Fail( f"topic {args.topic_name} does not exist").to_json(), 404 post = Post( title=args.title, body=args.body, author=user.username, topic_name=args.topic_name, ) db.session.add(post) db.session.flush() post_uuid = post.id db.session.commit() user.post_count += 1 user.save() return Success(post.to_json()).to_json(), 201
def post(self, jwt_payload=None): """Create a new Topic.""" args = post_parser.parse_args(strict=True) LOGGER.info({"Args": args}) topic = Topic.get_topic(args.name) if topic is None: try: record = Topic(name=args.name, descript=args.descript) record.save() return Success({ "message": f"topic {args.name} created" }).to_json(), 200 except Exception as e: LOGGER.error({"Exception": e}) return Error(str(e)).to_json(), 500 return Fail(f"topic {args.name} exists").to_json(), 400