def update_code_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) if data: code = data.get('code', None) if code: del data['code'] instance = get_instance_by_pk(query, model, data) if info.context['auth']['data'][ 'admin'] or check_row_by_user_id( info.context['auth']['data']['user_id'], model, instance): instance.update(data) if code: code_handle(instance.one(), code) return cls(**{model.__tablename__: instance.one()}) else: raise CodeduExceptionHandler( HTTPUnauthorized(description="PERMISSION DENIED")) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
def delete_account_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) if data: if not info.context['auth']['data']['admin']: data['id'] = info.context['auth']['data']['user_id'] data['password'] = hmac.new(Config.SECRET_KEY.encode(), data['password'].encode(), sha256).hexdigest() instance = get_instance_by_pk(query, model, data) if info.context['auth']['data']['admin'] or instance.one( ).password == data['password']: tmp_instance = instance.one() instance.delete() image_handle("user", tmp_instance, None) return cls(**{model.__tablename__: tmp_instance}) else: raise CodeduExceptionHandler( HTTPBadRequest(description="INVALID PASSWORD")) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
def update_lesson_quiz_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler( HTTPUnauthorized(description="PERMISSION DENIED")) query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: answers_data_list = [] for i, choice in enumerate(data['choice']): answers_data = {'content': choice, 'is_correct': 0} if i == data['answer']: answers_data['is_correct'] = 1 answers_data_list.append(answers_data) del data['choice'] del data['answer'] instance = get_instance_by_pk(query, model, data) for i, answer in enumerate(instance.one().answers): answer.content = answers_data_list[i]['content'] answer.is_correct = answers_data_list[i]['is_correct'] instance.update(data) return cls(**{model.__tablename__: instance.one()}) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
def update_password_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) if data: validate_user_data(data) if not info.context['auth']['data']['admin']: data['id'] = info.context['auth']['data']['user_id'] data['password'] = hmac.new(Config.SECRET_KEY.encode(), data['password'].encode(), sha256).hexdigest() data["password_modified"] = datetime.datetime.utcnow() instance = get_instance_by_pk(query, model, data) if info.context['auth']['data']['admin'] or instance.one( ).password == data['password']: data['password'] = hmac.new(Config.SECRET_KEY.encode(), data['new_password'].encode(), sha256).hexdigest() del data['new_password'] instance.update(data) return cls(**{model.__tablename__: instance.one()}) else: raise CodeduExceptionHandler( HTTPBadRequest(description="INVALID PASSWORD")) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
def update_question_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) if data: tags = data.get('tags', None) if tags: del data['tags'] instance = get_instance_by_pk(query, model, data) if info.context['auth']['data']['admin'] or check_row_by_user_id(info.context['auth']['data']['user_id'], model, instance): instance.update(data) if tags: db_session = info.context.get('session', None) tags = tags.split(" ") exist_tags = {tag.name:tag for tag in gql_models['tag'].get_query(info).filter(gql_models['tag']._meta.model.name.in_(tags)).all()} new_tags = [gql_models['tag']._meta.model(name=tag) for tag in tags if not tag in exist_tags.keys()] db_session.add_all(new_tags) instance.one().tags = list(exist_tags.values())+new_tags return cls(**{model.__tablename__:instance.one()}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED")) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def update_user_info_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: validate_user_data(data) if not info.context['auth']['data']['admin']: data['id'] = info.context['auth']['data']['user_id'] data['password'] = hmac.new(Config.SECRET_KEY.encode(), data['password'].encode(), sha256).hexdigest() else: if not 'id' in data: CodeduExceptionHandler( HTTPBadRequest(description="INVALID PARAMETER")) if 'password' in data: del data['password'] instance = get_instance_by_pk(query, model, data) if info.context['auth']['data']['admin'] or ( instance.one() and instance.one().password == data['password']): instance.update(data) if image_info: image_handle('user', instance.one(), image_info[0]) return cls(**{model.__tablename__: instance.one()}) else: raise CodeduExceptionHandler( HTTPBadRequest(description="INVALID PASSWORD")) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
async def process_response(self, req, res, resource, req_succeeded): try: db_session = req.context.get('db_session', None) if db_session: if not req_succeeded: db_session.rollback() else: try: db_session.commit() except IntegrityError: db_session.rollback() raise CodeduExceptionHandler(HTTPBadRequest(description="INTEGRITY ERROR")) except OperationalError: db_session.rollback() raise CodeduExceptionHandler(HTTPBadRequest(description="OPERATIONAL ERROR")) else: pass # image_info = req.context.get('image_info', None) # image_info['name'] = f"{instance.id:010}" # with open(f"images/{image_info['dir']}{image_info['name']}{image_info['ext']}", 'wb') as f: # f.write(image_info['data']) # instance.user_img = f"{image_info['dir']}{image_info['name']}{image_info['ext']}" db_session.close() except Exception as e: description = e.description if hasattr(e, 'description') else 'UNKNOWN ERROR' if hasattr(e, 'type'): raise globals()[e.type](description=description) else: raise HTTPBadRequest(description=e.args)
def create_lesson_quiz_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler( HTTPUnauthorized(description="PERMISSION DENIED")) model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: answers = [] for i, choice in enumerate(data['choice']): answers_data = {'content': choice, 'is_correct': 0} if i == data['answer']: answers_data['is_correct'] = 1 answers.append( gql_models['lesson_quiz_answer']._meta.model( **answers_data)) del data['choice'] del data['answer'] db_session = info.context.get('session', None) if db_session: instance = model(**data) db_session.add(instance) db_session_flush(db_session) for answer in answers: answer.lesson_quiz_id = instance.id db_session.add_all(answers) db_session_flush(db_session) return cls(**{model.__tablename__: instance}) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
def login_mutate(cls, info, model=None, **kwargs): query = model.get_query(info) model = model._meta.model data = kwargs.get('data', {}) if 'email' in data and 'password' in data: try: user = query.filter(model.email == data['email']).one() except NoResultFound: raise CodeduExceptionHandler( HTTPBadRequest(description="USER NOT FOUND")) if user.password == hmac.new(Config.SECRET_KEY.encode(), data['password'].encode(), sha256).hexdigest(): encoded_jwt = jwt.encode( { 'iat': datetime.datetime.utcnow(), 'user_id': user.id, 'email': data['email'], 'admin': user.admin, # 'exp':datetime.datetime.utcnow() + datetime.timedelta(seconds=30), }, Config.SECRET_KEY, algorithm='HS256') return cls(**{'user': user, 'token': encoded_jwt.decode()}) else: raise CodeduExceptionHandler( HTTPBadRequest(description="INVALID PASSWORD")) else: raise CodeduExceptionHandler( HTTPBadRequest(description="INVALID PARAMETER"))
def db_session_flush(db_session): try: db_session.flush() except IntegrityError: db_session.rollback() raise CodeduExceptionHandler(HTTPBadRequest(description="INTEGRITY ERROR")) except OperationalError: db_session.rollback() print_exc() raise CodeduExceptionHandler(HTTPBadRequest(description="OPERATIONAL ERROR")) except: db_session.rollback() print_exc() raise CodeduExceptionHandler(HTTPBadRequest(description="UNKNOWN ERROR"))
def delete_question_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) if data: instance = get_instance_by_pk(query, model, data) if info.context['auth']['data']['admin'] or check_row_by_user_id(info.context['auth']['data']['user_id'], model, instance): tmp_instance = instance.one() instance.delete() return cls(**{model.__tablename__:tmp_instance}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED")) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def delete_subchapter_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED")) query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) if data: instance = get_instance_by_pk(query, model, data) tmp_instance = instance.one() instance.delete() if tmp_instance.token: shutil.rmtree(f"{root_path}/images/subchapter/{tmp_instance.token}") return cls(**{model.__tablename__:tmp_instance}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def update_like_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) base_model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: tablename = data['type'] model = gql_models[f"{tablename}_like"]._meta.model data['user_id'] = info.context['auth']['data']['user_id'] data[f"{tablename}_id"] = data['id'] del data['type'] del data['id'] db_session = info.context.get('session', None) if db_session: # instance = get_instance_by_pk(query, model, data) instance = query.filter( and_( model.user_id == data['user_id'], getattr( model, f"{tablename}_id") == data[f'{tablename}_id'])) if not instance or not instance.first(): tmp_instance = model(**data) db_session.add(tmp_instance) db_session_flush(db_session) else: tmp_instance = instance.one() instance.delete(synchronize_session='fetch') return cls(**{base_model.__tablename__: tmp_instance}) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
def update_subchapter_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED")) query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: instance = get_instance_by_pk(query, model, data) instance.update(data) if image_info: image_handle('subchapter', instance.one(), image_info) return cls(**{model.__tablename__:instance.one()}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def create_subchapter_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: if not info.context['auth']['data']['admin']: raise CodeduExceptionHandler(HTTPUnauthorized(description="PERMISSION DENIED")) model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: db_session = info.context.get('session', None) if db_session: instance = model(**data) db_session.add(instance) db_session_flush(db_session) if image_info: image_handle('subchapter', instance, image_info) return cls(**{model.__tablename__:instance}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def validate_user_data(data): username_validation = re.match(r"^(?=.*[가-힣A-Za-z_$])[가-힣A-Za-z_\d]{2,32}$", data['username']) if 'username' in data else True password_validation = re.match(r"^(?=.*[A-Za-z$])(?=.*\d)[A-Za-z@$!%*#?&\d]{8,}$", data['password']) if 'password' in data else True email_validation = re.match(r"^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$", data['email']) if 'email' in data else True if not email_validation: raise CodeduExceptionHandler(HTTPBadRequest(description="INVALID EMAIL ADDRESS")) if not username_validation: # 포함하면 안 되는 문자 있는지 체크 username_validation_2 = re.search(r"[^가-힣A-Za-z_\d]+", data['username']) if username_validation_2: raise CodeduExceptionHandler(HTTPBadRequest(description="Username can only contain 한글, alphanumeric characters and underscore.")) else: raise CodeduExceptionHandler(HTTPBadRequest(description="Username must be at least 2 characters long and including at least one letter.")) if not password_validation: # 포함하면 안 되는 문자 있는지 체크 password_validation_2 = re.search(r"[^A-Za-z@$!%*#?&\d]+", data['password']) if password_validation_2: raise CodeduExceptionHandler(HTTPBadRequest(description="Password contains characters that cannot be included.")) else: raise CodeduExceptionHandler(HTTPBadRequest(description="Password must be at least 8 characters long and including at least one letter and one number."))
def simple_update_view_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: instance = get_instance_by_pk(query, model, data) data = {"view": instance.one().view + 1} instance.update(data) return cls(**{model.__tablename__:instance.one()}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def simple_create_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: data['user_id'] = info.context['auth']['data']['user_id'] db_session = info.context.get('session', None) if db_session: instance = model(**data) db_session.add(instance) db_session_flush(db_session) return cls(**{model.__tablename__:instance}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))
def resolve_model(self, info, model, **kwargs): query = model.get_query(info) search = info.context.get('search', None) if 'password' in kwargs: raise CodeduExceptionHandler( HTTPBadRequest( description="you can't find user with password")) for arg, value in kwargs.items(): if search: print('search') query = query.filter( getattr(model._meta.model, arg).like(f"%{value}%")) else: print('match') query = query.filter(getattr(model._meta.model, arg) == value) user = query.all() return user
def update_post_like_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: query = model.get_query(info) model = model._meta.model data = kwargs.get('data', None) image_info = info.context.get('image_info', None) if data: data['user_id'] = info.context['auth']['data']['user_id'] db_session = info.context.get('session', None) if db_session: instance = get_instance_by_pk(query, model, data) if not instance.first(): tmp_instance = model(**data) db_session.add(tmp_instance) db_session_flush(db_session) else: tmp_instance = instance.one() instance.delete() return cls(**{model.__tablename__: tmp_instance}) else: raise CodeduExceptionHandler( HTTPUnauthorized( description=info.context['auth']['description']))
async def on_post(self, req, res): try: result = await self.graphql_execute(req, res) image_info = req.context.get('image_info', None) if not result.errors: res.status = HTTP_200 res.body = json.dumps(result.data) else: if image_info: for image in image_info: if os.path.isfile(image['full_path']): os.remove(image['full_path']) raise CodeduExceptionHandler(result.errors[0].args[0]) print(result.errors) except Exception as e: description = e.description if hasattr( e, 'description') else 'UNKNOWN ERROR' if hasattr(e, 'type'): raise globals()[e.type](description=description) else: print_exc() raise HTTPBadRequest(description=e.args)
def create_question_mutate(cls, info, model=None, **kwargs): if info.context['auth']['data']: model = model._meta.model data = kwargs.get('data', None) if data: tags = data.get('tags', None) if tags: del data['tags'] data['user_id'] = info.context['auth']['data']['user_id'] db_session = info.context.get('session', None) if db_session: instance = model(**data) if tags: tags = tags.split(" ") exist_tags = {tag.name:tag for tag in gql_models['tag'].get_query(info).filter(gql_models['tag']._meta.model.name.in_(tags)).all()} new_tags = [gql_models['tag']._meta.model(name=tag) for tag in tags if not tag in exist_tags.keys()] db_session.add_all(new_tags) instance.tags = list(exist_tags.values())+new_tags db_session.add(instance) db_session_flush(db_session) return cls(**{model.__tablename__:instance}) else: raise CodeduExceptionHandler(HTTPUnauthorized(description=info.context['auth']['description']))