def login(self):
"""
"""
# TODO(vojta) save success login, improve token stuff
data = request.json
# find user by email and if is not existing or passwd
# is incorect will raise error 403
user = User.query.filter_by(email=data['email']).first()
if user is None or user.compare_password(data['password']) is False:
raise ErrorResource(403, message="Invalid password or email.")
# non active users are not allowed
if user.isActive is False:
raise ErrorResource(403, message="Account is not active.")
# create user token for user
token = None
agent = request.headers.get('User-Agent')
if agent is not None:
token = UserToken.query \
.filter_by(userId=user.id) \
.filter_by(agent=agent) \
.first()
if token is None:
token = UserToken(userId=user.id, agent=agent)
db.session.add(token)
db.session.commit()
# create payload response
return response({
'uuid': user.uuid,
'token': token.token
},
status_code=200)
def post(self):
"""
Creating new user
"""
data = request.json
# check existence of user by email
if User.is_exists_by_email(data['email']):
raise ErrorResource(409, message="Email is already in use.")
# create user
user = User(**data)
db.session.add(user)
db.session.commit()
# scheduling registration email
MailTask.send(to=user.email,
template="mail/welcome",
params={
'first_name': user.firstName,
'last_name': user.lastName,
'host_name': app.config['SERVER_NAME']
})
return response(user.to_dict(), status_code=201)
def put(self, user, **kwargs):
"""
Updating exiting user
"""
admin_user = request.user
data = request.json
role = data.get('role')
is_active = data.get('isActive')
if (role is not None or is_active is not None) and \
admin_user.role != admin_user.ROLE_ADMIN:
raise ErrorResource(403, message="Don't have permissions.")
try:
# save to db
user.update(data)
db.session.commit()
except IntegrityError, e:
db.session.rollback()
raise ErrorResource(409, message="Email already exits.")
def put(self, **kwargs):
"""
Updateing existing application
"""
try:
application = kwargs.get('application')
application.update(request.json)
db.session.commit()
except IntegrityError, e:
db.session.rollback()
raise ErrorResource(409, message="Prefix is already exists.")
def put(self, **kwargs):
"""
Updating user tag
"""
try:
# save to db
tag = kwargs.get('tag')
tag.update(request.json)
db.session.commit()
except IntegrityError, e:
db.session.rollback()
raise ErrorResource(409, message="Tag is already exists.")
def post(self, **kwargs):
"""
Creating user tag
"""
try:
# save tag
user = kwargs.get('user')
tag = Tag(userId=user.id, **request.json)
db.session.add(tag)
db.session.commit()
except IntegrityError, e:
db.session.rollback()
raise ErrorResource(409, message="Tag is already exists.")
def get(self, group, **kwargs):
"""
Getting outbox group
"""
user = kwargs.get('user')
app = kwargs.get('application')
group = Outbox.get(group=group,
user_id=user.id,
application_id=app.id if app else None)
if group is None:
raise ErrorResource(message='Outbox group not found.',
status_code=404)
return response(group)
def post(self, **kwargs):
"""
Creating new user application
"""
try:
# create and save application
user = kwargs.get('user')
application = Application(**request.json)
application.userId = user.id
db.session.add(application)
db.session.commit()
except IntegrityError, e:
db.session.rollback()
raise ErrorResource(409, message="Prefix is already exists.")
def delete(self, **kwargs):
"""
Delete user contact
"""
user = kwargs.get('user', request.user)
inbox = kwargs.get('inbox')
# admin check, to be sure that non admin users can delete inboxes
if inbox.userId != user.id and not user.is_admin():
raise ErrorResource(message='Not have permissions.',
status_code=403)
db.session.delete(inbox)
db.session.commit()
return response(inbox.to_dict())
def index(self, **kwargs):
"""
Returning list items in inbox
"""
user = kwargs.get('user')
app = kwargs.get('application')
query = None
if user is None:
query = Inbox.query
if not request.user.is_admin():
raise ErrorResource(message='Not have permissions.',
status_code=403)
else:
query = app.inbox if app else user.inbox
messages = query.order_by(Inbox.received.desc()).all()
return response([message.to_dict() for message in messages])
def resetPassword(self, token=None, **kwargs):
"""
Reseting user password
"""
# get data from payload
data = request.json
email = data.get('email')
password = data.get('password')
# user
payload = None
message = None
user = None
if email is not None:
# find user
user = User.get_one(email=email)
if user is None:
raise ErrorResource(404, message="Invalid email address.")
# delete all existing tokens
UserForgotPassword.query.filter_by(userId=user.id).delete()
# create new token
expired = datetime.utcnow() + timedelta(minutes=30)
forgot_password = UserForgotPassword(userId=user.id,
expired=expired)
db.session.add(forgot_password)
db.session.commit()
# send email
from smsgw.tasks.mail import MailTask
MailTask().apply_async(
**{
'kwargs': {
'to': [user.email],
'template': 'mail/forgotten_password',
'params': {
'first_name': user.firstName,
'last_name': user.lastName,
'token': forgot_password.token
}
}
})
# set up payload
message = "On your email has been sent link for change passowrd."
elif token is not None and password is not None:
# find request for user password
forgot_password = UserForgotPassword.get_one(token=token)
if forgot_password is None:
raise ErrorResource(404, message="Invalid token.")
# update password
user = forgot_password.user
user.password = password
# delete token
db.session.remove(forgot_password)
db.session.commit()
# set up payload
message = "Your passsword has been successfuly changed."
else:
# we dont have email, token or password, so we are not
# able to reset password
raise ErrorResource(400, message="Not able to reset password.")
return response(payload, message=message)
def post(self, **kwargs):
"""
Creating new message in outbox
"""
user = kwargs.get('user')
data = request.json
group = random_string(8)
contacts = []
tags = []
# extract data from post payload
message = data.get('message')
phone_numbers = data.get('phoneNumbers', [])
contacts_uuid = data.get('contacts', [])
tags_uuid = data.get('tags', [])
send = str_to_datetime(data.get('send'))
# load contacts
if contacts_uuid:
contacts.extend(user.contacts \
.filter(Contact.uuid.in_(contacts_uuid)) \
.all())
# load tags and load all contacts for them to on single list
if tags_uuid:
tags = user.tags.filter(Tag.uuid.in_(tags_uuid)).all()
for tag in tags:
contacts.extend(tag.contacts)
# extracting phone numbers from contacts
phone_numbers.extend([contact.phoneNumber for contact in contacts])
# making contacts and phone numbers uniques, also if there are no
# numbers we need to trigger error
phone_numbers = list(set(phone_numbers))
if len(phone_numbers) == 0:
raise ErrorResource(
message='Needs to be provided valid phone number(s)',
status_code=400)
# add all messages to queue per phone number
outboxes = []
for phone_number in phone_numbers:
# NOTICE(vojta) should not happend, but just in case i should be
# let known
if not phone_number:
raise ErrorResource(
message='Needs to be provided valid phone number',
status_code=400)
# find contact for specific phone number
cts = [ct for ct in contacts if ct.phoneNumber == phone_number]
contact = cts[0] if len(cts) else None
# adding message to outbox queue
outbox = Outbox.send(user=user,
contact=contact,
group=group,
destination_number=phone_number,
message=message,
send=send)
outboxes.append(outbox)
db.session.add(outbox)
db.session.commit()
return response([outbox.to_dict() for outbox in outboxes],
status_code=201)