def user(id: int = None, username: str = None) -> Tuple[Any, int]:
user = get_user(id if id else username.lower() if username else None)
if not user:
return make_resp(NOT_FOUND)
if request.method == "GET":
return jsonify(data=user_schema.dump(user) if get_user() == user else other_user_schema.dump(user)), 200
elif request.method == "PUT":
if user != get_user():
return make_resp(FORBIDDEN)
if not request.is_json:
return make_resp(NO_JSON)
try:
user_schema.context["user_id"] = user.id
user = user_schema.load(request.get_json(), instance=user)
user_schema.context.pop("user_id")
except ValidationError as errors:
return errors.messages, 422
db.session.commit()
return jsonify(data=user_schema.dump(user)), 200
elif request.method == "DELETE":
if user != get_user():
return make_resp(FORBIDDEN)
db.session.delete(user)
db.session.commit()
return make_resp(({"msg": "success"}, 200))
def project(id: int = None, name: str = None) -> Tuple[Any, int]:
project = Project.query.get(id) if id else Project.query.filter(
Project.name == name.lower()).first()
if not project:
return make_resp(NOT_FOUND)
if request.method == "GET":
return jsonify(data=project_schema.dump(project)), 200
elif request.method == "PUT":
if project.user != get_user():
return make_resp(FORBIDDEN)
if not request.is_json:
return make_resp(NO_JSON)
try:
project_schema.context["project_id"] = project.id
project = project_schema.load(request.get_json(), instance=project)
project.last_modified = datetime.datetime.utcnow()
project_schema.context.pop("project_id")
except ValidationError as errors:
return errors.messages, 422
db.session.commit()
return jsonify(data=project_schema.dump(project)), 200
elif request.method == "DELETE":
if project.user != get_user():
return make_resp(FORBIDDEN)
db.session.delete(project)
db.session.commit()
return make_resp(({"msg": "success"}, 200))
def projects(user_id: int = None, username: str = None) -> Tuple[Any, int]:
user = get_user(
user_id if user_id else username.lower() if username else None)
if not user:
return make_resp(NOT_FOUND)
if request.method == "GET":
return jsonify(data=project_schema.dump(Project.query.filter(
Project.user_id == user.id).all(),
many=True)), 200
elif request.method == "POST":
if get_user() is None:
return make_resp(UNAUTHORIZED)
if not request.is_json:
return make_resp(NO_JSON)
try:
project = project_schema.load(request.get_json())
project.user = get_user()
project.root_directory = Directory(name="root")
project.root_directory.block_files = [
BlockFile(name="app.py", block_xml="")
]
project.last_modified = datetime.datetime.utcnow()
except ValidationError as errors:
return errors.messages, 422
db.session.add(project)
db.session.commit()
return jsonify(data=project_schema.dump(project)), 200
def move():
_from = request.args.get("from")
_to = request.args.get("to")
if not _from:
log('User %r tried to move, but forgot "from" argument', get_user())
return '<h1>Missing "from" argument</h1>', 400
if not _to:
log('User %r tried to move, but forgot "to" argument', get_user())
return '<h1>Missing "to" argument</h1>', 400
real_from = cfg.CLOUD_PATH / _from
real_to = cfg.CLOUD_PATH / _to
try:
shutil.move(real_from, real_to)
log("User %r moved file %r to %r", get_user(), _from, _to)
return "<h1>File moved correctly</h1>", 200
except (FileNotFoundError, FileExistsError) as err:
log(
"User %r tried to move file %r to %r, but failed (%r)",
get_user(),
_from,
_to,
err,
)
return "File not found", 400
def upload_files():
folder = get_post_arg("folder")
log("User %r made a POST request to /upload", get_user())
if folder is None:
flash("No folder supplied or an invalid folder was supplied", "danger")
return redirect("/")
folders = get_folders()
try:
folder = folders[int(folder)]
except (IndexError, ValueError):
flash("Invalid index folder (index %r)" % folder, "danger")
return redirect("/")
files = request.files.getlist("files[]")
if not files:
flash("No files supplied", "danger")
return redirect("/")
log_files = []
for file in files:
filename = secure_filename(file.filename)
if not filename:
continue
log_files.append(filename)
filename = cfg.CLOUD_PATH / folder / filename
try:
file.save(filename.as_posix())
except PermissionError as exc:
flash("Permission Error: %s" % exc, "danger")
log("User %r encoutered a PermissionError: %r" % (get_user(), exc))
return redirect("/")
if not log_files:
flash("Supplied only %d empty files" % len(files), "danger")
return redirect("/")
log(
"User %r upload files to folder %r: %s",
get_user(),
folder.as_posix(),
log_files,
)
flash("Files uploaded successfully", "success")
return redirect("/")
def delete(filepath):
filepath = cfg.CLOUD_PATH / filepath
try:
if filepath.is_dir():
shutil.rmtree(filepath)
log("User %r removed tree %r", get_user(), filepath.as_posix())
return "<h1>Tree removed</h1> %s" % filepath.as_posix(), 200
else:
os.remove(filepath)
log("User %r removed file %r", get_user(), filepath.as_posix())
return "<h1>File deleted</h1> %s" % filepath.as_posix(), 200
except FileNotFoundError:
log("User %r tried to incorrectly remove %r", get_user(), filepath.as_posix())
return "<h1>File not found</h1> %s" % filepath.as_posix(), 404
def example3post():
user = get_user()
if user is not None:
message = request.POST['message']
if message:
Message.objects.create(user, message)
redirect('/example3/')
else:
redirect('/example3/login/')
def example3():
user = get_user()
if user is not None:
count = len(Message.objects.filter(lambda m: user in m.users_notify))
msgs = Message.objects.filter(lambda m: user in m.users, owner=user)
return template('example3logged',
dict(user=user, messages=msgs, newsCount=count))
else:
return template('example3', {})
def users_post() -> Tuple[Any, int]:
if get_user() is not None:
return make_resp(FORBIDDEN)
if not request.is_json:
return make_resp(NO_JSON)
try:
user = user_schema.load(request.get_json())
except ValidationError as errors:
return errors.messages, 422
db.session.add(user)
db.session.commit()
return jsonify(data=user_schema.dump(user), access_token=create_access_token(identity=user)), 200
def example3get(type, id):
"""
:type type: str
"""
user = get_user()
id = int(id)
if user is not None:
if type == 'read':
Message.objects.find(id=id).users_notify.remove(user)
elif type == 'remove':
Message.objects.remove(id=id)
redirect('/example3/')
else:
redirect('/example3/login/')
def test_no_authorization(self, req_m):
req_m.authorization = None
assert get_user() is None
def mkdir(folder: str):
os.makedirs(cfg.CLOUD_PATH / folder)
log("User %r made dir %r", get_user(), folder)
return redirect("/cloud")
def test_runtime_error(self, req_m):
prop_m = mock.PropertyMock()
prop_m.side_effect = RuntimeError
type(req_m).authorization = prop_m
assert get_user() is None
def example3signup():
if get_user():
redirect('/example3/')
return dict(email='', username='', errors=[])
def add_event_to_userz(email,event): user = get_user(email) event = Events.query.filter_by(name=event).first() print add_event_to_user(user,event)
def user_events(email): user = get_user(email) print user.events
def user(email): res = get_user(email) print res
def index():
folders = get_folders()
folder_choices = [Folder(i, x.as_posix()) for i, x in enumerate(folders)]
log("User %r opened index", get_user())
return render_template("index.html", folders=folder_choices)
def test_normal_authorization(self, req_m):
req_m.authorization = mock.Mock(username="******")
assert get_user() == "foo"
def example3login():
if get_user():
redirect('/example3/')
return dict(username='', error=False)
