def delete_token(auth_token, token_value): """Revoke the given authentication token.""" db_session.query(Token).filter( Token.owner == auth_token.owner, Token.value == token_value ).delete(synchronize_session='fetch') db_session.commit() return '', 204
def delete_milestone(auth_token, slug): try: db_session.query(Milestone).filter(Milestone.slug == slug).delete() except NoResultFound: abort(404) db_session.commit() return '', 204
def delete_comment(auth_token, uid): try: db_session.query(Comment).filter(Comment.uid == uid).delete() except NoResultFound: abort(404) db_session.commit() return '', 204
def delete_issue(auth_token, uid): try: db_session.query(Issue).filter(Issue.uid == uid).delete() except NoResultFound: abort(404) db_session.commit() return '', 204
def delete_tag(auth_token, name): try: db_session.query(Tag).filter(Tag.name == name).delete() except NoResultFound: abort(404) db_session.commit() return '', 204
def show_tag(auth_token, name): try: tag = db_session.query(Tag).filter(Tag.name == name).one() except NoResultFound: abort(404) return jsonify(tag.to_dict(max_depth=2))
def show_milestone(auth_token, slug): try: milestone = db_session.query(Milestone).filter(Milestone.slug == slug).one() except NoResultFound: abort(404) return jsonify(milestone.to_dict(max_depth=2))
def show_comment(auth_token, uid): try: comment = db_session.query(Comment).filter(Comment.uid == uid).one() except NoResultFound: abort(404) return jsonify(comment.to_dict(max_depth=2))
def show_issue(auth_token, uid): try: issue = db_session.query(Issue).filter(Issue.uid == uid).one() except NoResultFound: abort(404) return jsonify(issue.to_dict(max_depth=2))
def get_attachment_content(auth_token, uid): try: attachment = db_session.query(Attachment).filter(Attachment.uid == uid).one() except NoResultFound: abort(404) return send_file(attachment.filename, mimetype=attachment.mime_type)
def show_user(auth_token, email): if email == 'me': user = auth_token.owner else: try: user = db_session.query(User).filter(User.email == email).one() except NoResultFound: abort(404) return jsonify(user.to_dict(max_depth=2))
def list_comments(auth_token, uid): try: issue = db_session.query(Issue).filter(Issue.uid == uid).one() except NoResultFound: abort(404) count_only = ('count' in request.args) and (request.args['count'] in ('', '1', 'true')) rv = None or db_session.query(Comment) limit = request.args.get('limit', 20) offset = request.args.get('offset', 0) rv = rv.order_by(Comment.created_at.desc()).limit(limit).offset(offset) query = rv if count_only: return jsonify({'count': query.count()}) else: rv = [m.to_dict(max_depth=2) for m in query] return jsonify_list(rv)
def delete_user(auth_token, email): if email == 'me': user = auth_token.owner else: try: user = db_session.query(User).filter(User.email == email).one() except NoResultFound: abort(404) db_session.delete(user) db_session.commit() return '', 204
def make_issue_list_query(query_base=None, paged=True): rv = query_base or db_session.query(Issue) filters_string = request.args.get('filters') if filters_string: rv = parse_filters(rv, Issue, filters_string, [Issue.label, Issue.description]) if paged: limit = request.args.get('limit', 20) offset = request.args.get('offset', 0) rv = rv.order_by(Issue.open_at.desc()).limit(limit).offset(offset) return rv
def list_issues(auth_token, slug): try: milestone = db_session.query(Milestone).filter(Milestone.slug == slug).one() except NoResultFound: abort(404) count_only = ('count' in request.args) and (request.args['count'] in ('', '1', 'true')) query = make_issue_list_query(query_base=milestone.issues, paged=(not count_only)) if count_only: return jsonify({'count': query.count()}) else: rv = [m.to_dict(max_depth=2) for m in query] return jsonify_list(rv)
def delete_attachment(auth_token, uid): try: attachment = db_session.query(Attachment).filter(Attachment.uid == uid).one() except NoResultFound: abort(404) # Delete the attachment file and its thumbails from the filesystem. for filename in glob.glob(attachment.filename + '*'): os.remove(filename) db_session.delete(attachment) db_session.commit() return '', 204
def list_user(auth_token): query = db_session.query(User) count_only = ('count' in request.args) and (request.args['count'] in ('', '1', 'true')) if count_only: return jsonify({'count': query.count()}) else: limit = request.args.get('limit', 20) offset = request.args.get('offset', 0) query = query.limit(limit).offset(offset) rv = [m.to_dict(max_depth=2) for m in query] return jsonify_list(rv)
def list_comments(auth_token): count_only = ('count' in request.args) and (request.args['count'] in ('', '1', 'true')) query = db_session.query(Comment) if count_only: return jsonify({'count': query.count()}) else: limit = request.args.get('limit', 20) offset = request.args.get('offset', 0) query = query.order_by(Comment.created_at).limit(limit).offset(offset) rv = [m.to_dict(max_depth=2) for m in query] return jsonify_list(rv)
def update_tag(auth_token, name): try: tag = db_session.query(Tag).filter(Tag.name == name).one() except NoResultFound: abort(404) try: post_data = request.get_json(force=True) except BadRequest as e: raise ApiError(e.description) tag.update(post_data) db_session.commit() return jsonify(tag.to_dict(max_depth=2))
def __call__(self): # Create an application context. app = create_app(__name__, []) ctx = app.test_request_context() ctx.push() parser = argparse.ArgumentParser( prog=self.argv[0], description="Manage the user's account.") subparsers = parser.add_subparsers(dest='subcommand') subparsers.required = True sub = subparsers.add_parser('add', help='add a user') sub.add_argument('email', action='store', help="the email of the new user's account") sub.add_argument( '-n', '--name', dest='name', action='store', help='the full name of the user (default: email address)') sub.add_argument( '-p', '--password', dest='password', action='store', help='the full name of the user (will be asked if not provided)') sub = subparsers.add_parser('list', help='list users') args = parser.parse_args(self.argv[1:]) if args.subcommand == 'add': new_user = User() new_user.email = args.email new_user.name = args.name or args.email if args.password: password = args.password else: password = getpass('password: '******'confirm: ') != password: raise InvalidArgumentError('Password do not match.') new_user.password = md5(password.encode()).hexdigest() db_session.add(new_user) db_session.commit() elif args.subcommand == 'list': for user in db_session.query(User): print('name: {:>15}, email: {:>15}'.format(user.name, user.email)) ctx.pop()
def update_comment(auth_token, uid): try: comment = db_session.query(Comment).filter(Comment.uid == uid).one() except NoResultFound: abort(404) try: post_data = request.get_json(force=True) except BadRequest as e: raise ApiError(e.description) post_data['updated_at'] = utcnow() comment.update(post_data) db_session.commit() return jsonify(comment.to_dict(max_depth=2))
def update_milestone(auth_token, slug): try: milestone = db_session.query(Milestone).filter(Milestone.slug == slug).one() except NoResultFound: abort(404) try: post_data = request.get_json(force=True) except BadRequest as e: raise ApiError(e.description) if 'due_date' in post_data: post_data['due_date'] = from_unix_timestamp(post_data['due_date']) milestone.update(post_data) db_session.commit() return jsonify(milestone.to_dict(max_depth=2))
def list_tags(auth_token): query = db_session.query(Tag) filters_string = request.args.get('filters') if filters_string: query = parse_filters(query, Tag, filters_string, [Tag.name]) count_only = ('count' in request.args) and (request.args['count'] in ('', '1', 'true')) if count_only: return jsonify({'count': query.count()}) else: limit = request.args.get('limit', 20) offset = request.args.get('offset', 0) query = query.limit(limit).offset(offset) rv = [m.to_dict(max_depth=2) for m in query] return jsonify_list(rv)
def create_issue(auth_token, slug): try: milestone = db_session.query(Milestone).filter(Milestone.slug == slug).one() except NoResultFound: abort(404) try: post_data = request.get_json(force=True) except BadRequest as e: raise ApiError(e.description) post_data['author'] = auth_token.owner.email new_issue = Issue() new_issue.update(post_data) milestone.issues.append(new_issue) db_session.commit() return jsonify(new_issue.to_dict(max_depth=2))
def list_milestones(auth_token): query = db_session.query(Milestone) filters_string = request.args.get('filters') if filters_string: query = parse_filters( query, Milestone, filters_string, [Milestone.name, Milestone.description]) count_only = ('count' in request.args) and (request.args['count'] in ('', '1', 'true')) if count_only: return jsonify({'count': query.count()}) else: limit = request.args.get('limit', 20) offset = request.args.get('offset', 0) query = query.order_by(Milestone.due_date).limit(limit).offset(offset) rv = [m.to_dict(max_depth=2) for m in query] return jsonify_list(rv)
def create_attachment(auth_token): # Check if the file format is valid (solely on its filename). file = request.files['file'] if not (file and check_file_ext(file.filename)): raise ApiError('Invalid file format.') # Create a file UID based on the file content, so we avoid storing # duplicates under different filenames. h = md5() while True: buf = file.read(128) if not buf: break h.update(buf) fuid = h.hexdigest() # Seek for an existing file reference on the upload. attachment = db_session.query(Attachment).filter(Attachment.uid == fuid).first() if attachment is None: # Create the attachment reference in the database. attachment = Attachment() attachment.uid = fuid attachment.name = file.filename attachment.filename = os.path.join(current_app.config['UPLOAD_FOLDER'], fuid) file_type, _ = mimetypes.guess_type(file.filename) if file_type is not None: attachment.mime_type = file_type # Save the upload. file.seek(0) file.save(attachment.filename) db_session.add(attachment) db_session.commit() return_status = 201 else: return_status = 200 return jsonify(attachment.to_dict(max_depth=2)), return_status
def get_attachment_thumbnail(auth_token, uid): # Return the original content thumbnails aren't enabled. if not current_app.config['ENABLE_THUMBAILS']: return redirect(url_for('attachments.get_attachment_content', uid=uid)) from PIL import Image try: attachment = db_session.query(Attachment).filter(Attachment.uid == uid).one() except NoResultFound: abort(404) size = int(request.args.get('size', 128)) thumbnail_filename = '%s-%i' % (attachment.filename, size) # Only create the thumbnail if it doesn't exists on the filesystem yet. if not os.path.isfile(thumbnail_filename): im = Image.open(attachment.filename) im.thumbnail((size, size)) im.save(thumbnail_filename, 'png') return send_file(thumbnail_filename)
def create_token(): post_data = request.get_json(force=True) # get the credentials email = post_data.get('email') password = md5(post_data.get('password', '').encode()).hexdigest() # search for the user identified by email/password user = db_session.query(User).filter( User.email == email, User.password == password ).first() if user is None: abort(403) # generate a new token for the authenticated user token = make_auth_token(user) db_session.add(token) db_session.commit() return jsonify(token.to_dict()), 201
def update_issue(auth_token, uid): try: issue = db_session.query(Issue).filter(Issue.uid == uid).one() except NoResultFound: abort(404) try: post_data = request.get_json(force=True) except BadRequest as e: raise ApiError(e.description) # Update the closing time if the status of the issue gets updated. if ('status' in post_data) and post_data['status'] != issue.status: if post_data['status'] == 'closed': post_data['closed_at'] = utcnow() else: post_data['closed_at'] = None issue.update(post_data) db_session.commit() return jsonify(issue.to_dict(max_depth=2))
def update_user(auth_token, email): if email == 'me': user = auth_token.owner else: try: user = db_session.query(User).filter(User.email == email).one() except NoResultFound: abort(404) try: post_data = request.get_json(force=True) except BadRequest as e: raise ApiError(e.description) # Remove password from post data since user's password shouldn't be # updated using this endpoint. if 'password' in post_data: del post_data['password'] user.update(post_data) db_session.commit() return jsonify(user.to_dict(max_depth=2))