def login(self): """ """ # TODO(vojta) save success login, improve token stuff data = request.json # find user by email and if is not existing or passwd # is incorect will raise error 403 user = User.query.filter_by(email=data['email']).first() if user is None or user.compare_password(data['password']) is False: raise ErrorResource(403, message="Invalid password or email.") # non active users are not allowed if user.isActive is False: raise ErrorResource(403, message="Account is not active.") # create user token for user token = None agent = request.headers.get('User-Agent') if agent is not None: token = UserToken.query \ .filter_by(userId=user.id) \ .filter_by(agent=agent) \ .first() if token is None: token = UserToken(userId=user.id, agent=agent) db.session.add(token) db.session.commit() # create payload response return response({ 'uuid': user.uuid, 'token': token.token }, status_code=200)
def post(self): """ Creating new user """ data = request.json # check existence of user by email if User.is_exists_by_email(data['email']): raise ErrorResource(409, message="Email is already in use.") # create user user = User(**data) db.session.add(user) db.session.commit() # scheduling registration email MailTask.send(to=user.email, template="mail/welcome", params={ 'first_name': user.firstName, 'last_name': user.lastName, 'host_name': app.config['SERVER_NAME'] }) return response(user.to_dict(), status_code=201)
def put(self, user, **kwargs): """ Updating exiting user """ admin_user = request.user data = request.json role = data.get('role') is_active = data.get('isActive') if (role is not None or is_active is not None) and \ admin_user.role != admin_user.ROLE_ADMIN: raise ErrorResource(403, message="Don't have permissions.") try: # save to db user.update(data) db.session.commit() except IntegrityError, e: db.session.rollback() raise ErrorResource(409, message="Email already exits.")
def put(self, **kwargs): """ Updateing existing application """ try: application = kwargs.get('application') application.update(request.json) db.session.commit() except IntegrityError, e: db.session.rollback() raise ErrorResource(409, message="Prefix is already exists.")
def put(self, **kwargs): """ Updating user tag """ try: # save to db tag = kwargs.get('tag') tag.update(request.json) db.session.commit() except IntegrityError, e: db.session.rollback() raise ErrorResource(409, message="Tag is already exists.")
def post(self, **kwargs): """ Creating user tag """ try: # save tag user = kwargs.get('user') tag = Tag(userId=user.id, **request.json) db.session.add(tag) db.session.commit() except IntegrityError, e: db.session.rollback() raise ErrorResource(409, message="Tag is already exists.")
def get(self, group, **kwargs): """ Getting outbox group """ user = kwargs.get('user') app = kwargs.get('application') group = Outbox.get(group=group, user_id=user.id, application_id=app.id if app else None) if group is None: raise ErrorResource(message='Outbox group not found.', status_code=404) return response(group)
def post(self, **kwargs): """ Creating new user application """ try: # create and save application user = kwargs.get('user') application = Application(**request.json) application.userId = user.id db.session.add(application) db.session.commit() except IntegrityError, e: db.session.rollback() raise ErrorResource(409, message="Prefix is already exists.")
def delete(self, **kwargs): """ Delete user contact """ user = kwargs.get('user', request.user) inbox = kwargs.get('inbox') # admin check, to be sure that non admin users can delete inboxes if inbox.userId != user.id and not user.is_admin(): raise ErrorResource(message='Not have permissions.', status_code=403) db.session.delete(inbox) db.session.commit() return response(inbox.to_dict())
def index(self, **kwargs): """ Returning list items in inbox """ user = kwargs.get('user') app = kwargs.get('application') query = None if user is None: query = Inbox.query if not request.user.is_admin(): raise ErrorResource(message='Not have permissions.', status_code=403) else: query = app.inbox if app else user.inbox messages = query.order_by(Inbox.received.desc()).all() return response([message.to_dict() for message in messages])
def resetPassword(self, token=None, **kwargs): """ Reseting user password """ # get data from payload data = request.json email = data.get('email') password = data.get('password') # user payload = None message = None user = None if email is not None: # find user user = User.get_one(email=email) if user is None: raise ErrorResource(404, message="Invalid email address.") # delete all existing tokens UserForgotPassword.query.filter_by(userId=user.id).delete() # create new token expired = datetime.utcnow() + timedelta(minutes=30) forgot_password = UserForgotPassword(userId=user.id, expired=expired) db.session.add(forgot_password) db.session.commit() # send email from smsgw.tasks.mail import MailTask MailTask().apply_async( **{ 'kwargs': { 'to': [user.email], 'template': 'mail/forgotten_password', 'params': { 'first_name': user.firstName, 'last_name': user.lastName, 'token': forgot_password.token } } }) # set up payload message = "On your email has been sent link for change passowrd." elif token is not None and password is not None: # find request for user password forgot_password = UserForgotPassword.get_one(token=token) if forgot_password is None: raise ErrorResource(404, message="Invalid token.") # update password user = forgot_password.user user.password = password # delete token db.session.remove(forgot_password) db.session.commit() # set up payload message = "Your passsword has been successfuly changed." else: # we dont have email, token or password, so we are not # able to reset password raise ErrorResource(400, message="Not able to reset password.") return response(payload, message=message)
def post(self, **kwargs): """ Creating new message in outbox """ user = kwargs.get('user') data = request.json group = random_string(8) contacts = [] tags = [] # extract data from post payload message = data.get('message') phone_numbers = data.get('phoneNumbers', []) contacts_uuid = data.get('contacts', []) tags_uuid = data.get('tags', []) send = str_to_datetime(data.get('send')) # load contacts if contacts_uuid: contacts.extend(user.contacts \ .filter(Contact.uuid.in_(contacts_uuid)) \ .all()) # load tags and load all contacts for them to on single list if tags_uuid: tags = user.tags.filter(Tag.uuid.in_(tags_uuid)).all() for tag in tags: contacts.extend(tag.contacts) # extracting phone numbers from contacts phone_numbers.extend([contact.phoneNumber for contact in contacts]) # making contacts and phone numbers uniques, also if there are no # numbers we need to trigger error phone_numbers = list(set(phone_numbers)) if len(phone_numbers) == 0: raise ErrorResource( message='Needs to be provided valid phone number(s)', status_code=400) # add all messages to queue per phone number outboxes = [] for phone_number in phone_numbers: # NOTICE(vojta) should not happend, but just in case i should be # let known if not phone_number: raise ErrorResource( message='Needs to be provided valid phone number', status_code=400) # find contact for specific phone number cts = [ct for ct in contacts if ct.phoneNumber == phone_number] contact = cts[0] if len(cts) else None # adding message to outbox queue outbox = Outbox.send(user=user, contact=contact, group=group, destination_number=phone_number, message=message, send=send) outboxes.append(outbox) db.session.add(outbox) db.session.commit() return response([outbox.to_dict() for outbox in outboxes], status_code=201)