def update_user_by_id(user_id): if request.method == 'POST': password = request.form.get('confirm_password') user = authenticate_by_id(user_id, password) if user is None: return cors_response(("Unauthorized Access.", 401)) # Update fields firstName = request.form.get('firstName') lastName = request.form.get('lastName') email = request.form.get('email') password = request.form.get('password') university = request.form.get('university') grad_year = request.form.get('grad_year') major = request.form.get('major') courses = request.form.get('classes') bio = request.form.get('bio') if (firstName): user.firstName = firstName if (lastName): user.lastName = lastName if (email): user.email = email if (password): user.password = bcrypt.generate_password_hash(password) if (university): user.university = university if (grad_year): user.profile.grad_year = grad_year if (major): user.profile.major = major if (courses): courseList = json.loads(courses) user.courses = ",".join(courseList) if (bio): user.profile.bio = bio db.session.commit() return cors_response((jsonify(user = user.serialize), 200)) else: return cors_response(("User not found"))
def delete_user(user_id): if request.method == 'POST': password = request.form.get('password') user = authenticate_by_id(user_id, password) if (user is not None): if user.role == ROLE_ADMIN: return cors_response(("Admin cannot delete own account.", 403)) else: db.session.delete(user) db.session.commit() return cors_response(("User deleted", 200)) else: return cors_response(("User not found.", 404)) else: pass
def delete_card(card_id): if request.method == 'POST': card = Card.query.get(int(card_id)) author_id = card.user_id author = models.User.query.get(author_id) #get the author id from db password = request.form.get('password') # get password that was passed back user = authenticate_by_id(author_id, password) # just make sure the user is good if (user): if (card): db.session.delete(card) db.session.commit() return cors_response(("Card deleted.", 200)) elif (card is None): return cors_response(("No card found.", 204)) else: return cors_response(("Unauthorized access", 403)) else: pass
def deleteCard(card_id): if request.method == 'POST': card = models.Card.query.get(int(card_id)) if (card): admin_id = request.form.get("admin_id") admin_password = request.form.get("admin_password") if (admin_id and admin_password): admin = authenticate_by_id(admin_id, admin_password) if (admin): db.session.delete(card) db.session.commit() return cors_response(("Card deleted.", 200)) else: return cors_response(("Unauthorized.", 403)) else: return cors_response(("Bad Request.", 400)) else: return cors_response(("Card not found.", 404)) else: pass
def deleteUser(user_id): if request.method == 'POST': user = models.User.query.get(int(user_id)) if (user): admin_id = request.form.get("admin_id") admin_password = request.form.get("admin_password") if (admin_id and admin_password): admin = authenticate_by_id(admin_id, admin_password) if (admin): db.session.delete(user) db.session.commit() return cors_response(("User deleted.", 200)) else: return cors_response(("Unauthorized.", 403)) else: return cors_response(("Bad Request.", 400)) else: return cors_response(("User not found.", 404)) else: pass
def makeUser(user_id): if request.method == 'POST': user = models.User.query.get(int(user_id)) if (user): admin_id = request.form.get("admin_id") admin_password = request.form.get("admin_password") if (admin_id and admin_password): admin = authenticate_by_id(admin_id, admin_password) if (admin): user.role = ROLE_USER db.session.commit() return cors_response(("User is no longer a moderator.", 200)) else: return cors_response(("Unauthorized.", 403)) else: return cors_response(("Bad Request.", 400)) else: return cors_response(("User not found.", 404)) else: pass
def makeModerator(user_id): if request.method == 'POST': user = models.User.query.get(int(user_id)) if (user): admin_id = request.form.get("admin_id") admin_password = request.form.get("admin_password") if (admin_id and admin_password): admin = authenticate_by_id(admin_id, admin_password) if (admin): user.role = ROLE_MOD notification = models.Notification(from_id = admin_id, card_id = -1, content = "made you a moderator") user.notifications.append(notification) db.session.commit() return cors_response(("User is now a moderator.", 200)) else: return cors_response(("Unauthorized.", 403)) else: return cors_response(("Bad Request.", 400)) else: return cors_response(("User not found.", 404)) else: pass