def create_user(data):
try:
current_identity = get_current_identity()
email_hash = md5(
current_identity['data']['username'].encode('utf-8')).hexdigest()
return current_app.fauna_client.query(
q.if_(
q.is_ref(
q.select_with_default(['data', 'user'],
q.get(q.current_identity()), None)),
q.abort('exists'),
q.let(
{
'userMetaRef': q.new_id(),
'userRef': q.new_id()
},
q.do(
q.create(
q.ref(q.collection('user_metas'),
q.var('userMetaRef')),
{
'data': {
'name':
data.get('name'),
'email':
q.select(['data', 'username'],
q.get(q.current_identity())),
'dob':
parser.parse(data.get('dob')).date()
}
}),
q.create(
q.ref(q.collection('users'),
q.var('userRef')),
{
'data': {
'alias':
data.get('alias'),
'avatar':
f'https://www.gravatar.com/avatar/{email_hash}',
'public':
False,
'meta':
q.ref(q.collection('user_metas'),
q.var('userMetaRef')),
}
}),
q.update(
q.current_identity(), {
'data': {
'user':
q.ref(q.collection('users'),
q.var('userRef'))
}
}), q.call('current_user', [])))))
except Exception as e:
if str(e) == 'exists':
abort(409, 'User for current identity already exists.')
print(e)
def decorated(*args, **kwargs):
if "user_secret" in session:
try:
user_client = FaunaClient(secret=session["user_secret"])
result = user_client.query(q.current_identity())
except Unauthorized as e:
session.clear()
return redirect(url_for("login"))
else:
return redirect(url_for("login"))
return f(result, *args, **kwargs)
def test_identity_has_identity(self):
instance_ref = self.client.query(
query.create(self.collection_ref,
{"credentials": {
"password": "******"
}}))["ref"]
secret = self.client.query(
query.login(instance_ref, {"password": "******"}))["secret"]
instance_client = self.client.new_session_client(secret=secret)
self.assertTrue(instance_client.query(query.has_current_identity()))
self.assertEqual(instance_client.query(query.current_identity()),
instance_ref)
def get_current_identity():
try:
return current_app.fauna_client.query(q.get(q.current_identity()))
except Exception as e:
print(e)
def create_roles(client):
roles = [{
"name":
"admin",
"membership": [{
"resource":
q.collection("users"),
"predicate":
q.query(lambda ref: q.equals(
q.select(["data", "type"], q.get(ref)), "admin"))
}],
"privileges": [{
"resource": q.collection("categories"),
"actions": {
"read": True,
"create": True,
"write": True
}
}, {
"resource": q.collection("products"),
"actions": {
"read": True,
"write": True,
"create": True
}
}, {
"resource": q.collection("users"),
"actions": {
"read": True,
"create": True,
"write": True
}
}, {
"resource": q.collection("orders"),
"actions": {
"read": True,
"write": True,
"create": True
}
}, {
"resource":
objects.Ref("check_if_categories_exists",
objects.Ref("functions")),
"actions": {
"call": True
}
}]
}, {
"name":
"customer",
"membership": [{
"resource":
q.collection("users"),
"predicate":
q.query(lambda ref: q.equals(
q.select(["data", "type"], q.get(ref)), "customer"))
}],
"privileges": [{
"resource":
objects.Ref("purchase", objects.Ref("functions")),
"actions": {
"call": True
}
}, {
"resource":
objects.Ref("get_order_status_history", objects.Ref("functions")),
"actions": {
"call":
q.query(lambda ref: q.equals(
q.current_identity(),
q.select(["data", "customer"], q.get(ref)))),
}
}, {
"resource": q.collection("users"),
"actions": {
"read":
q.query(lambda ref: q.equals(q.current_identity(), ref)),
"write":
q.query(lambda ref: q.equals(q.current_identity(), ref)),
}
}, {
"resource": q.collection("orders"),
"actions": {
"read":
q.query(lambda ref: q.equals(
q.current_identity(),
q.select(["data", "customer"], q.get(ref)))),
}
}]
}]
client.query(q.map_(lambda role: q.create_role(role), roles))
def test_current_identity(self):
self.assertJson(query.current_identity(), '{"current_identity":null}')