def get(self, user_id):
user = User(user_id)
info = user.get_info()
if info is None:
return {'message': "Resource not found"}, 404
else:
return {
'user_id': int(user_id),
'username': info.username,
'email': info.email,
'admin': int(info.admin),
}, 200
def get(self):
# Get book_id and user_id from parser
args = review_parser.parse_args()
book_id = args.get('book_id')
user_id = args.get('user_id')
# If user does not exist
if (not User.is_user_exists_by_id(user_id)) and (user_id != None):
return {'message': 'Resource not found'}, 404
# if book does not exist
if (not Book.is_book_exists_by_id(book_id)) and (book_id != None):
return {'message': 'Resource not found'}, 404
# show reviews posted by certain user by only input user_id
if (book_id == None and user_id != None):
result = Review.get_user_reviews(user_id)
return {'reviews': result}, 200
# show reviews of certain book by only input book_id
elif (book_id != None and user_id == None):
result = Review.get_book_review(book_id)
return {'reviews': result}, 200
# show reviews posted by certain user of certain book by input both id
elif (book_id != None and user_id != None):
result = Review.get_book_user_review(user_id, book_id)
return {'reviews': result}, 200
# book_id and user_id cannot be both empty
elif (book_id == None and user_id == None):
return {'message': 'book_id and user_id cannot be both empty'}, 400
def get(self):
# Get user_id from token
token = request.headers.get('AUTH-TOKEN')
token_info = jwt.decode(token, SECRET_KEY, algorithms='HS256')
user_id = token_info['id']
user = User(user_id)
info = user.get_info()
if info is None:
return {'message': "Resource not found"}, 404
else:
return {
'user_id': int(user_id),
'username': info.username,
'email': info.email,
'admin': int(info.admin),
}, 200
def post(self):
# Get info from json input
info = request.json
username = info['username']
password = info['password']
email = info['email']
# input cannot be empty string
if username == "" or password == "" or email == "":
return {
'message':
'Register failed. Username, password or email cannot be empty'
}, 401
# username length restriction
if len(username) < 4 or len(username) > 12:
return {
'message': 'The length of username should between 4 and 12.'
}, 401
# password length restriction
if len(password) < 8 or len(password) > 32:
return {
'message': 'The length of password should between 8 and 32'
}, 401
# password symbol restriction
if not (re.search('[a-z]', password) or re.search('[A-Z]', password)):
return {
'message': 'The password should contain at least one letter'
}, 401
try:
success, errmsg = User.register_account(username, password, 0,
email)
if not success:
return {'message': errmsg}, 401
except pymysql.Error as e:
return {'message': e.args[1]}, 500
return {'message': 'Register new user account successfully'}, 200
def get(self):
# Get collection_id from parser
args = collection_user_id_parser.parse_args()
user_id = args.get('user_id')
if not User.is_user_exists_by_id(user_id):
return {'message': 'Resource not found'}, 404
result = Collection.get_recent_added_books(user_id)
return {'books': result}, 200
def get(self):
# Get collection_id from parser
args = collection_user_id_parser.parse_args()
user_id = args.get('user_id')
if not User.is_user_exists_by_id(user_id):
return {'message': 'Resource not found'}, 404
books = Collection.get_read_history(user_id)
return {'books': books}, 200
def delete_user(username):
if not User.is_user_exists_by_username(username):
return False
conn = connect_sys_db()
# SQL
query = 'DELETE FROM users WHERE username = \'{username}\' AND admin = \'{admin}\'' \
.format(username=username, admin=0)
with mysql(conn) as cursor:
cursor.execute(query)
return True
def put(self):
info = request.json
new_email = info['email']
# input cannot be empty string
if new_email == "":
return {
'message': 'Update failed. new username cannot be empty'
}, 401
if User.is_user_exists_by_email(new_email):
return {'message': 'This email already been registered'}, 401
# Get user's detail from token
token = request.headers.get('AUTH-TOKEN')
token_info = jwt.decode(token, SECRET_KEY, algorithms='HS256')
# Get user object
id = token_info['id']
user = User(id)
try:
user.update_email(new_email)
except pymysql.Error as e:
return {'message': e.args[1]}, 500
return {'message': 'Change email address successfully'}, 200
def new_review(user_id, book_id, rating, content):
user = User(user_id)
username = user.get_username()
# SQL
conn = connect_sys_db()
query = "SELECT * FROM review_rate WHERE (user_id = \'{user_id}\' AND book_id = \'{book_id}\')".format(
user_id=user_id, book_id=book_id)
db_result = read_sql(sql=query, con=conn)
# If review does not exist
if db_result.empty:
query = "INSERT INTO review_rate VALUES(\'{book_id}\',\'{user_id}\',\'{username}\',\'{rating}\',\'{content}\',\'{time}\')".format(
user_id=user_id,
book_id=book_id,
username=username,
rating=rating,
content=content,
time=datetime.datetime.utcnow())
with mysql(conn) as cursor:
cursor.execute(query)
return True
else:
return False
def put(self):
info = request.json
new_password = info['new_password']
old_password = info['old_password']
# new password cannot be empty string
if new_password == "" or old_password == "":
return {
'message':
'Update failed. Both old password and new password cannot be empty'
}, 401
# Get user's detail from token
token = request.headers.get('AUTH-TOKEN')
token_info = jwt.decode(token, SECRET_KEY, algorithms='HS256')
# Get user object
id = token_info['id']
user = User(id)
try:
if not user.update_password(old_password, new_password):
return {'message': 'Old password is wrong'}, 401
else:
return {'message': 'Change password successfully'}, 200
except pymysql.Error as e:
return {'message': e.args[1]}, 500
def update_user_password(username, new_password):
if not User.is_user_exists_by_username(username):
return False
conn = connect_sys_db()
# SQL
query = 'UPDATE users SET password = HEX(AES_ENCRYPT(\'{new_password}\', \'{key}\'))' \
' WHERE username = \'{username}\' AND' \
' admin = \'{admin}\'' \
.format(
username=username,
new_password=new_password,
key=SECRET_KEY,
admin=0
)
with mysql(conn) as cursor:
cursor.execute(query)
return True
def get(self):
# Get collection_id from parser
args = collection_readHistory_tag_parser.parse_args()
user_id = args.get('user_id')
year = args.get('year')
month = args.get('month')
if (month <= 0 or month > 12):
return {'message': 'Invalid month'}, 404
if (year > int(datetime.now().year)):
return {'message': 'Invalid year'}, 404
if not User.is_user_exists_by_id(user_id):
return {'message': 'Resource not found'}, 404
target, finish_book, finish_num, finish_flag = Goal.get_goal_record(
user_id, year, month)
return {
'target': target,
'finish_num': finish_num,
'finish_flag': finish_flag
}, 200
def get_user_collection(user_id):
# Is user exist
if not User.is_user_exists_by_id(user_id):
return None
# SQL
conn = connect_sys_db()
query = "SELECT id, user_id, name, creation_time FROM collections WHERE user_id = \'{user_id}\'".format(
user_id=user_id)
db_result = read_sql(sql=query, con=conn)
json_str = db_result.to_json(orient='index')
ds = json.loads(json_str)
result = []
for index in ds:
if ds[index]['name'] == "Read":
continue
# Add book's number and number of read book in collection to result
ds[index]['book_num'] = Collection.get_num_book_collection(
int(ds[index]['id']))
ds[index]['finished_num'] = Collection.get_num_read_collection(
user_id, int(ds[index]['id']))
result.append(ds[index])
return result
def get(self):
args = goal_get_parser.parse_args()
user_id = args.get('user_id')
if not User.is_user_exists_by_id(user_id):
return {'message': 'Resource not found'}, 404
# Get current year and month
year = int(datetime.now().year)
month = int(datetime.now().month)
target, finish_book, finish_num, finish_flag = Goal.get_goal_record(
user_id, year, month)
reach_goal_num = Goal.get_goal_finish_num(user_id)
if target != 0:
finish_ratio = "%.2f%%" % (float(finish_num) / float(target) * 100)
else:
finish_ratio = 0
return {
'target': target,
'finish_ratio': finish_ratio,
'finish_num': finish_num,
'reach_goal_num': reach_goal_num,
'finish_book': finish_book
}, 200
def get(self, user_id):
# is user existed
if not User.is_user_exists_by_id(user_id):
return {'message': 'Resource not found'}, 404
# Get each tag number
collection_num = Collection.get_num_collection(user_id)
readhistory_num = Collection.get_num_read_collection(
user_id, Collection.get_readcollection_id(user_id))
myreviews_num = Review.get_user_num_review(user_id)
target, finish_book, finish_num, finish_flag = Goal.get_goal_record(
user_id, int(datetime.now().year), int(datetime.now().month))
# Format finish ratio
if target != 0:
finish_ratio = "%.2f%%" % (float(finish_num) / float(target) * 100)
else:
finish_ratio = "--"
return {
'collections_num': collection_num,
'ReadHistory_num': readhistory_num,
'MonthlyGoal_num': finish_ratio,
'MyReview_num': myreviews_num
}, 200
def __init__(self, id):
User.__init__(self, id)
def get(self, user_id):
# Get review
if not User.is_user_exists_by_id(user_id):
return {'message': "Resource not found"}, 404
result = Review.get_user_reviews(user_id)
return {'list': result}, 200
def add_new_account(username, password, admin):
return User.register_account(username, password, admin)
def get(self, user_id):
# Is user existed
if not User.is_user_exists_by_id(user_id):
return {'message': "Resource not found"}, 404
result = Collection.get_user_collection(user_id)
return {'list': result}, 200
def get(self):
# Get page and search content from parser
args = search_parser.parse_args()
content = User.user_search_regex(args.get('search_content'))
result = User.user_search(User.user_search_regex(content))
return {'result': result}, 200
def get(self, user_id):
if not User.is_user_exists_by_id(user_id):
return {'message': 'Resource not found'}, 404
return {'monthly goal': Goal.get_goal(user_id)}, 200