class Profile(Resource):
method_decorators = [require_auth('get:profile')]
def get(self, jwt_payload):
try:
token = get_token_auth_header()
auth_domain = os.getenv('AUTH_DOMAIN')
req_url = f'{auth_domain}userinfo'
headers = {'Authorization': f'Bearer {token}'}
profile = requests.get(req_url, headers=headers)
if not profile:
raise AuthError(
{
'status': 'unauthorized_fetch_profile',
'description': 'fetching the profile failed'
}, 401)
json_profile = profile.json()
return {'success': True, 'profile': json_profile}
except AuthError:
abort(401)
except requests.exceptions.RequestException:
print(sys.exc_info())
abort(400)
class Workspace(Resource):
method_decorators = [require_auth('get:workspace')]
def get(self, jwt_payload, project_id, workspace_id):
try:
user_id = get_token_user_id(jwt_payload)
workspace = db.get_workspace_by_id_project_id_and_user_id(
user_id, project_id, workspace_id)
if not workspace:
print(sys.exc_info())
abort(404)
workitems = db.get_all_workitems_by_workspace_id(workspace_id)
res_workitems = []
for workitem in workitems:
res_workitems.append({
'id': workitem.id,
'name': workitem.name,
'description': workitem.description,
'duration': workitem.duration,
})
return {
'success': True,
'workspace': workspace.format(),
'workitems': res_workitems
}
except werkzeug.exceptions.NotFound:
abort(404)
except AuthError:
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
class Workspaces(Resource):
method_decorators = [require_auth('get:workspaces')]
def get(self, jwt_payload, project_id):
try:
user_id = get_token_user_id(jwt_payload)
is_users_project = db.check_project_ownership(user_id, project_id)
if not is_users_project:
raise AuthError(
{
'status': 'invalid_project_permission',
'description': 'action is not allowed for this user'
}, 401)
workspaces = db.get_all_workspaces_by_project_and_user(
user_id, project_id)
res = []
for workspace in workspaces:
res.append({
"id": workspace.id,
"name": workspace.name,
"description": workspace.description,
"price": workspace.price,
"project_id": workspace.project_id
})
return jsonify({"success": True, "workspaces": res})
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
method_decorators = [require_auth('post:workspaces')]
def post(self, jwt_payload, project_id):
try:
user_id = get_token_user_id(jwt_payload)
req_data = request.get_json()
name = req_data['name']
description = req_data['description']
price = req_data['price']
is_users_project = db.check_project_ownership(user_id, project_id)
if not is_users_project:
raise AuthError(
{
'status': 'invalid_project_permission',
'description': 'action is not allowed for this user'
}, 401)
new_workspace = db_Workspace(name=name,
description=description,
price=price,
project_id=project_id)
db_Workspace.insert(new_workspace)
workspaces = db.get_all_workspaces_by_project_and_user(
user_id, project_id)
if not workspaces:
print(sys.exc_info())
abort(404)
res = []
for workspace in workspaces:
res.append({
"name": workspace.name,
"description": workspace.description,
"price": workspace.price,
"project_id": workspace.project_id
})
return jsonify({"success": True, "workspaces": res})
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
class Project(Resource):
method_decorators = [require_auth('get:project')]
def get(self, jwt_payload, project_id):
try:
user_id = get_token_user_id(jwt_payload)
project = db.get_project_by_id_and_user(user_id, project_id)
if not project:
print(sys.exc_info())
abort(404)
project_workspaces = []
workspaces = db.get_all_workspaces_by_project_and_user(
user_id, project_id)
for workspace in workspaces:
project_workspaces.append({
"id": workspace.id,
"name": workspace.name,
"description": workspace.description,
"price": workspace.price,
"project_id": workspace.project_id
})
return jsonify({
'success': True,
'project': project.format(),
'workspaces': project_workspaces
})
except werkzeug.exceptions.NotFound:
print(sys.exc_info())
abort(404)
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
method_decorators = [require_auth('delete:project')]
def delete(self, jwt_payload, project_id):
try:
user_id = get_token_user_id(jwt_payload)
project = db.get_project_by_id_and_user(user_id, project_id)
if not project:
print(sys.exc_info())
abort(404)
delete = project.delete()
if not delete:
print(sys.exc_info())
updated_projects = db.get_all_projects_by_user_id(user_id)
res_data = []
for project in updated_projects:
res_data.append({
'id': project.id,
'name': project.name,
'description': project.description,
'user_id': project.user_id,
'start_date': project.start_date,
'end_date': project.end_date
})
return jsonify({'success': True, 'projects': res_data})
except werkzeug.exceptions.NotFound:
print(sys.exc_info())
abort(404)
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
class Projects(Resource):
method_decorators = [require_auth('get:projects')]
def get(self, jwt_payload):
projects = []
try:
jwt_subject = jwt_payload['sub']
user_id = jwt_subject.split('|')[1]
projects_from_db = db.get_all_projects_by_user_id(user_id)
except SQLAlchemyError:
print(sys.exc_info())
abort(404)
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
for project in projects_from_db:
projects.append({
'id': project.id,
'name': project.name,
'description': project.description,
'start_date': project.start_date,
'end_date': project.end_date,
'user_id': project.user_id
})
return jsonify({'success': True, 'projects': projects})
method_decorators = [require_auth('post:projects')]
def post(self, jwt_payload):
try:
req_data = request.get_json()
if not req_data:
print(sys.exc_info())
abort(400)
name = req_data['name']
description = req_data['description']
start_date = datetime.now().date()
end_date = start_date + timedelta(days=14)
user_id = get_token_user_id(jwt_payload)
new_project = Project(name=name,
description=description,
start_date=start_date,
end_date=end_date,
user_id=user_id)
Project.insert(new_project)
projects = db.get_all_projects_by_user_id(user_id)
if not projects:
print(sys.exc_info())
abort(404)
res = []
for project in projects:
res.append({
"name":
project.name,
"description":
project.description,
"start_date":
json.dumps(project.start_date,
indent=4,
sort_keys=True,
default=str),
"end_date":
json.dumps(project.end_date,
indent=4,
sort_keys=True,
default=str),
"user_id":
project.user_id
})
return {"success": True, "projects": res}
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
class Workitems(Resource):
method_decorators = [require_auth('post:workitems')]
def post(self, jwt_payload, project_id, workspace_id):
try:
user_id = get_token_user_id(jwt_payload)
is_users_project = db.check_project_and_workspace_ownership(
user_id, project_id, workspace_id)
if not is_users_project:
raise AuthError(
{
'status': 'invalid_project_and_workspace_permission',
'description': 'action is not allowed for this user'
}, 401)
req_data = request.get_json()
name = req_data['name']
description = req_data['description']
duration = req_data['duration']
new_item = db_Workitem(name=name,
description=description,
duration=duration,
workspace_id=workspace_id)
db_Workitem.insert(new_item)
workitems = db.get_all_workitems_by_workspace_id(workspace_id)
if not workitems:
print(sys.exc_info())
abort(404)
res_data = []
for workitem in workitems:
res_data.append({
"name": workitem.name,
"description": workitem.description,
"duration": workitem.duration,
"workspace_id": workitem.workspace_id
})
return {"success": True, "workitems": res_data}
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)
method_decorators = [require_auth('get:workitems')]
def get(self, jwt_payload, project_id, workspace_id):
try:
user_id = get_token_user_id(jwt_payload)
is_users_project = db.check_project_and_workspace_ownership(
user_id, project_id, workspace_id)
if not is_users_project:
raise AuthError(
{
'status': 'invalid_project_and_workspace_permission',
'description': 'action is not allowed for this user'
}, 401)
workitems = db.get_all_workitems_by_workspace_id(workspace_id)
res_data = []
for workitem in workitems:
res_data.append({
"id": workitem.id,
"name": workitem.name,
"description": workitem.description,
"duration": workitem.duration,
"workspace_id": workitem.workspace_id
})
return {"success": True, "workitems": res_data}
except AuthError:
print(sys.exc_info())
abort(401)
except Exception:
print(sys.exc_info())
abort(500)