def update_user_by_id(user_id):
if request.method == 'POST':
password = request.form.get('confirm_password')
user = authenticate_by_id(user_id, password)
if user is None:
return cors_response(("Unauthorized Access.", 401))
# Update fields
firstName = request.form.get('firstName')
lastName = request.form.get('lastName')
email = request.form.get('email')
password = request.form.get('password')
university = request.form.get('university')
grad_year = request.form.get('grad_year')
major = request.form.get('major')
courses = request.form.get('classes')
bio = request.form.get('bio')
if (firstName):
user.firstName = firstName
if (lastName):
user.lastName = lastName
if (email):
user.email = email
if (password):
user.password = bcrypt.generate_password_hash(password)
if (university):
user.university = university
if (grad_year):
user.profile.grad_year = grad_year
if (major):
user.profile.major = major
if (courses):
courseList = json.loads(courses)
user.courses = ",".join(courseList)
if (bio):
user.profile.bio = bio
db.session.commit()
return cors_response((jsonify(user = user.serialize), 200))
else:
return cors_response(("User not found"))
def delete_user(user_id):
if request.method == 'POST':
password = request.form.get('password')
user = authenticate_by_id(user_id, password)
if (user is not None):
if user.role == ROLE_ADMIN:
return cors_response(("Admin cannot delete own account.", 403))
else:
db.session.delete(user)
db.session.commit()
return cors_response(("User deleted", 200))
else:
return cors_response(("User not found.", 404))
else:
pass
def delete_card(card_id):
if request.method == 'POST':
card = Card.query.get(int(card_id))
author_id = card.user_id
author = models.User.query.get(author_id) #get the author id from db
password = request.form.get('password') # get password that was passed back
user = authenticate_by_id(author_id, password) # just make sure the user is good
if (user):
if (card):
db.session.delete(card)
db.session.commit()
return cors_response(("Card deleted.", 200))
elif (card is None):
return cors_response(("No card found.", 204))
else:
return cors_response(("Unauthorized access", 403))
else:
pass
def deleteCard(card_id):
if request.method == 'POST':
card = models.Card.query.get(int(card_id))
if (card):
admin_id = request.form.get("admin_id")
admin_password = request.form.get("admin_password")
if (admin_id and admin_password):
admin = authenticate_by_id(admin_id, admin_password)
if (admin):
db.session.delete(card)
db.session.commit()
return cors_response(("Card deleted.", 200))
else:
return cors_response(("Unauthorized.", 403))
else:
return cors_response(("Bad Request.", 400))
else:
return cors_response(("Card not found.", 404))
else:
pass
def deleteUser(user_id):
if request.method == 'POST':
user = models.User.query.get(int(user_id))
if (user):
admin_id = request.form.get("admin_id")
admin_password = request.form.get("admin_password")
if (admin_id and admin_password):
admin = authenticate_by_id(admin_id, admin_password)
if (admin):
db.session.delete(user)
db.session.commit()
return cors_response(("User deleted.", 200))
else:
return cors_response(("Unauthorized.", 403))
else:
return cors_response(("Bad Request.", 400))
else:
return cors_response(("User not found.", 404))
else:
pass
def makeUser(user_id):
if request.method == 'POST':
user = models.User.query.get(int(user_id))
if (user):
admin_id = request.form.get("admin_id")
admin_password = request.form.get("admin_password")
if (admin_id and admin_password):
admin = authenticate_by_id(admin_id, admin_password)
if (admin):
user.role = ROLE_USER
db.session.commit()
return cors_response(("User is no longer a moderator.", 200))
else:
return cors_response(("Unauthorized.", 403))
else:
return cors_response(("Bad Request.", 400))
else:
return cors_response(("User not found.", 404))
else:
pass
def makeModerator(user_id):
if request.method == 'POST':
user = models.User.query.get(int(user_id))
if (user):
admin_id = request.form.get("admin_id")
admin_password = request.form.get("admin_password")
if (admin_id and admin_password):
admin = authenticate_by_id(admin_id, admin_password)
if (admin):
user.role = ROLE_MOD
notification = models.Notification(from_id = admin_id,
card_id = -1,
content = "made you a moderator")
user.notifications.append(notification)
db.session.commit()
return cors_response(("User is now a moderator.", 200))
else:
return cors_response(("Unauthorized.", 403))
else:
return cors_response(("Bad Request.", 400))
else:
return cors_response(("User not found.", 404))
else:
pass
