async def method_get(self, request: Request, body: dict, session: DBSession, msg_id: int, token: dict, *args, **kwargs) -> BaseHTTPResponse: try: db_message = message_queries.get_message(session, msg_id, is_read=True) except DBMessageNotFoundException: raise SanicMessageNotFoundException('Message not found') except DBMessageDeletedException: raise SanicMessageDeletedException('Message deleted') # проверка на то, что пользователь читает сообщение от своего имени if token['id'] != db_message.recipient_id: return await self.make_response_json(status=403) # проверяем, что пользователь не удален try: user_queries.get_user(session=session, user_id=token['id']) except DBUserDeletedException: raise SanicUserDeletedException('User deleted') # коммитим изменения (статус is_read) try: session.commit_session() except (DBIntegrityException, DBDataException) as error: raise SanicDBException(str(error)) response_model = ResponseGetMessageDto(db_message) return await self.make_response_json(body=response_model.dump(), status=200)
async def method_get(self, request: Request, body: dict, session: DBSession, user_login: str, token: dict, *args, **kwargs) -> BaseHTTPResponse: try: db_user = user_queries.get_user(session=session, user_id=token['id']) except DBUserDeletedException: raise SanicUserDeletedException('User deleted') # проверяем, что пользователь посылает запрос от своего имени if token.get('id') != db_user.id: return await self.make_response_json(status=403) request_model = RequestGetUserByLoginDto({'login': user_login}) try: user_info = user_queries.get_user(session, login=request_model.login) except DBUserNotFoundException: raise SanicUserNotFoundException('User not found') except DBUserDeletedException: raise SanicUserDeletedException('User deleted') response_model = ResponseGetUserByLoginDto(user_info) return await self.make_response_json( body=response_model.dump(), status=200, )
async def method_patch(self, request: Request, body: dict, session: DBSession, msg_id: int, token: dict, *args, **kwargs) -> BaseHTTPResponse: # проверяем, что сообщение есть в БД и не удалено try: db_message = message_queries.get_message(session, msg_id) except DBMessageNotFoundException: raise SanicMessageNotFoundException('Message not found') except DBMessageDeletedException: raise SanicMessageDeletedException('Message deleted') # проверка на то, что пользователь редактирует сообщение, отправленное от его имени if token['id'] != db_message.sender_id: return await self.make_response_json(status=403) # проверяем, что пользователь не удален try: user_queries.get_user(session=session, user_id=token['id']) except DBUserDeletedException: raise SanicUserDeletedException('User deleted') request_model = RequestPatchMessageDto(body) message = message_queries.patch_message(session, request_model, msg_id) try: session.commit_session() except (DBIntegrityException, DBDataException) as error: raise SanicDBException(str(error)) response_model = ResponseGetMessageDto(message) return await self.make_response_json(body=response_model.dump(), status=200)
def wrapper(self, request, body: dict, session, token, *args, **kwargs): try: user_id = token.get('uid') user_queries.get_user(session=session, user_id=user_id) except DBUserNotExistsException: raise SanicAuthException(message='Unauthorized') return view_func(self, request=request, body=body, session=session, token=token, *args, **kwargs)
async def method_post(self, request: Request, body: dict, session, *args, **kwargs) -> BaseHTTPResponse: request_model = RequestAuthUserDto(body) try: db_user = user_queries.get_user(session, login=request_model.login) except DBUserNotExistsException: raise SanicUserNotFound('User not found') try: check_hash(request_model.password, db_user.password) except CheckPasswordHashException: raise SanicPasswordHashException('Wrong password') payload = { 'uid': db_user.id, } token = create_token(payload) response = AuthResponseObject(token) response_model = ResponseAuthUserDto(response) return await self.make_response_json( body=response_model.dump(), status=200, )
async def method_patch(self, request: Request, body: dict, session: DBSession, uid: int = None, ulogin: str = None, *args, **kwargs) -> BaseHTTPResponse: try: user = user_queries.get_user(session, user_id=uid, login=ulogin) except DBUserNotExistsException: raise SanicUserNotFound('User not found') if body['uid'] != user.id: raise SanicUserConflictException("This is not your user") request_model = RequestPatchUserDto(body) patched_user = user_queries.patch_user(session, request_model, user.id) try: session.commit_session() except (DBDataException, DBIntegrityException) as e: raise SanicDBException(str(e)) response_model = ResponsePatchUserDto(patched_user) return await self.make_response_json(body=response_model.dump(), status=200)
async def method_get(self, request: Request, body: dict, session: DBSession, rid: int, *args, **kwargs) -> BaseHTTPResponse: db_user = user_queries.get_user(session=session, user_id=rid) response = ResponseUserGetDto(db_user) return await self.make_response_json(body=response.dump(), status=201)
async def method_get( self, request: Request, body: dict, session: DBSession, uid: int = None, *args, **kwargs ) -> BaseHTTPResponse: db_user = user_queries.get_user(session=session, user_id=uid) response_model = ResponseUserShortDto(db_user) return await self.make_response_json(status=200, body=response_model.dump())
async def method_get(self, request: Request, body: dict, session: DBSession, token: dict, *args, **kwargs) -> BaseHTTPResponse: try: user_queries.get_user(session, user_id=token['id']) except DBUserNotFoundException: raise SanicUserNotFoundException('User not found') except DBUserDeletedException: raise SanicUserDeletedException('User deleted') db_message = message_queries.get_all_messages(session, token['id']) response_model = ResponseGetMessageDto(db_message, many=True) return await self.make_response_json( body=response_model.dump(), status=200, )
async def method_delete( self, request: Request, body: dict, session: DBSession, uid: int, token: dict, *args, **kwargs ) -> BaseHTTPResponse: if token.get('uid') != uid: return await self.make_response_json(status=403) try: user_queries.get_user(session, user_id=uid) user = user_queries.delete_user(session, uid) except DBUserNotExistsException: raise SanicUserNotFound('User not found') try: session.commit_session() except (DBDataException, DBIntegrityException) as e: raise SanicDBException(str(e)) return await self.make_response_json(status=204)
async def method_get( self, request: Request, body: dict, session: DBSession, uid: int, *args, **kwargs ) -> BaseHTTPResponse: try: db_user = user_queries.get_user(session=session, user_id=uid) except DBUserNotExistsException: raise SanicUserNotExists('User is not found') response = ResponseGetUserDto(db_user) return await self.make_response_json(body=response.dump(), status=200)
async def method_get(self, request: Request, body: dict, session: DBSession, token: dict, *args, **kwargs) -> BaseHTTPResponse: try: db_user = user_queries.get_user(session=session, user_id=token['id']) except DBUserDeletedException: raise SanicUserDeletedException('User deleted') # проверяем, что пользователь посылает запрос от своего имени if token.get('id') != db_user.id: return await self.make_response_json(status=403) db_user = user_queries.get_user(session=session, user_id=token['id']) response_model = ResponseGetUserDto(db_user) return await self.make_response_json(status=200, body=response_model.dump())
async def method_post(self, request: Request, body: dict, session: DBSession, token: dict, *args, **kwargs) -> BaseHTTPResponse: # получение DTO объекта request_model = RequestCreateMessageDto(body) # проверяем, существуют ли два пользователя в БД (sender and recipient) # проверяем, что оба пользователя не удалены из БД try: recipient = user_queries.get_user(session=session, login=request_model.login) user_queries.get_user(session=session, user_id=token['id']) except DBUserNotFoundException: raise SanicUserNotFoundException('User not found') except DBUserDeletedException: raise SanicUserDeletedException('User deleted') user_queries.update_messages_stats(session, login=request_model.login, role='recipient', context=self.context) user_queries.update_messages_stats(session, user_id=token['id'], role='sender', context=self.context) # коммитим данные в БД try: db_message = message_queries.create_message( session, request_model, token, recipient_id=recipient.id) session.commit_session() except (DBIntegrityException, DBDataException) as error: raise SanicDBException(str(error)) response_model = ResponseGetCreatedMessageDto(db_message) return await self.make_response_json( body=response_model.dump(), status=201, )
async def method_get(self, request: Request, body: dict, session: DBSession, uid: int, *args, **kwargs) -> BaseHTTPResponse: try: message = user_queries.get_user(session, uid=uid) except DBUserNotExistsException: raise SanicUserNotFound('User not found') # change response_model = ResponseUserDto(message) return await self.make_response_json(status=200, body=response_model.dump())
async def method_get( self, request: Request, body: dict, session: DBSession, uid: int, token: dict, *args, **kwargs ) -> BaseHTTPResponse: if token.get('uid') != uid: return await self.make_response_json(status=403) try: user = user_queries.get_user(session, user_id=uid) except DBUserNotExistsException: raise SanicUserNotFound('User not found') response_model = ResponseUserDto(user) return await self.make_response_json(status=200, body=response_model.dump())
async def method_get(self, request: Request, body: dict, session: DBSession, uid: int, token: dict, *args, **kwargs) -> BaseHTTPResponse: await self.check_uid_in_token( token, uid, response_error_message='You can only get your own data') try: db_user = user_queries.get_user(session, user_id=uid) except DBUserNotExistsException: raise SanicUserNotFound('User not found') response_model = ResponseUserDto(db_user) return await self.make_response_json(status=200, body=response_model.dump())
async def method_get(self, request: Request, body: dict, session: DBSession, uid: int = None, ulogin: str = None, *args, **kwargs) -> BaseHTTPResponse: try: user = user_queries.get_user(session, user_id=uid, login=ulogin) except DBUserNotExistsException: raise SanicUserNotFound('User not found') if body['uid'] != user.id: raise SanicUserConflictException("This is not your user") response_model = ResponseGetUserDto(user) return await self.make_response_json(body=response_model.dump(), status=200)
async def method_post(self, request: Request, body: dict, session: DBSession, *args, **kwargs) -> BaseHTTPResponse: request_model = RequestAuthUserDto(body) try: db_user = user_queries.get_user(session=session, login=request_model.login) check_hash(request_model.password, db_user.password) except DBUserNotExistsException: raise SanicDBLoginNotFound('Login not found') except CheckPasswordHashException: raise SanicPasswordHashException("password is wrong") data = {'id_auth': db_user.id} token = create_token(data) response_body = {'Authorization': token} return await self.make_response_json( body=response_body, status=200, )
async def method_patch(self, request: Request, body: dict, session: DBSession, login: str, token: dict, *args, **kwargs) -> BaseHTTPResponse: try: db_user = user_queries.get_user(session=session, login=login, undelete=True) except DBUserNotFoundException: raise SanicUserNotFoundException('User not found') if token['id'] != db_user.id: return await self.make_response_json(status=403) request_model = RequestRestoreUserDto(body) user_queries.restore_user(request_model.login, session) try: session.commit_session() except (DBIntegrityException, DBDataException) as error: raise SanicDBException(str(error)) return await self.make_response_json(status=200)