def create_user(data): try: current_identity = get_current_identity() email_hash = md5( current_identity['data']['username'].encode('utf-8')).hexdigest() return current_app.fauna_client.query( q.if_( q.is_ref( q.select_with_default(['data', 'user'], q.get(q.current_identity()), None)), q.abort('exists'), q.let( { 'userMetaRef': q.new_id(), 'userRef': q.new_id() }, q.do( q.create( q.ref(q.collection('user_metas'), q.var('userMetaRef')), { 'data': { 'name': data.get('name'), 'email': q.select(['data', 'username'], q.get(q.current_identity())), 'dob': parser.parse(data.get('dob')).date() } }), q.create( q.ref(q.collection('users'), q.var('userRef')), { 'data': { 'alias': data.get('alias'), 'avatar': f'https://www.gravatar.com/avatar/{email_hash}', 'public': False, 'meta': q.ref(q.collection('user_metas'), q.var('userMetaRef')), } }), q.update( q.current_identity(), { 'data': { 'user': q.ref(q.collection('users'), q.var('userRef')) } }), q.call('current_user', []))))) except Exception as e: if str(e) == 'exists': abort(409, 'User for current identity already exists.') print(e)
def decorated(*args, **kwargs): if "user_secret" in session: try: user_client = FaunaClient(secret=session["user_secret"]) result = user_client.query(q.current_identity()) except Unauthorized as e: session.clear() return redirect(url_for("login")) else: return redirect(url_for("login")) return f(result, *args, **kwargs)
def test_identity_has_identity(self): instance_ref = self.client.query( query.create(self.collection_ref, {"credentials": { "password": "******" }}))["ref"] secret = self.client.query( query.login(instance_ref, {"password": "******"}))["secret"] instance_client = self.client.new_session_client(secret=secret) self.assertTrue(instance_client.query(query.has_current_identity())) self.assertEqual(instance_client.query(query.current_identity()), instance_ref)
def get_current_identity(): try: return current_app.fauna_client.query(q.get(q.current_identity())) except Exception as e: print(e)
def create_roles(client): roles = [{ "name": "admin", "membership": [{ "resource": q.collection("users"), "predicate": q.query(lambda ref: q.equals( q.select(["data", "type"], q.get(ref)), "admin")) }], "privileges": [{ "resource": q.collection("categories"), "actions": { "read": True, "create": True, "write": True } }, { "resource": q.collection("products"), "actions": { "read": True, "write": True, "create": True } }, { "resource": q.collection("users"), "actions": { "read": True, "create": True, "write": True } }, { "resource": q.collection("orders"), "actions": { "read": True, "write": True, "create": True } }, { "resource": objects.Ref("check_if_categories_exists", objects.Ref("functions")), "actions": { "call": True } }] }, { "name": "customer", "membership": [{ "resource": q.collection("users"), "predicate": q.query(lambda ref: q.equals( q.select(["data", "type"], q.get(ref)), "customer")) }], "privileges": [{ "resource": objects.Ref("purchase", objects.Ref("functions")), "actions": { "call": True } }, { "resource": objects.Ref("get_order_status_history", objects.Ref("functions")), "actions": { "call": q.query(lambda ref: q.equals( q.current_identity(), q.select(["data", "customer"], q.get(ref)))), } }, { "resource": q.collection("users"), "actions": { "read": q.query(lambda ref: q.equals(q.current_identity(), ref)), "write": q.query(lambda ref: q.equals(q.current_identity(), ref)), } }, { "resource": q.collection("orders"), "actions": { "read": q.query(lambda ref: q.equals( q.current_identity(), q.select(["data", "customer"], q.get(ref)))), } }] }] client.query(q.map_(lambda role: q.create_role(role), roles))
def test_current_identity(self): self.assertJson(query.current_identity(), '{"current_identity":null}')