def remove_team_json_access(json_id, team_id):
try:
# validate json exists
json = Json.query.filter_by(id=json_id).first()
if not json:
message = notFound.format("JSON")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate team exists
team = Team.query.filter_by(id=team_id).first()
if not team:
message = notFound.format("Team")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to json
access = JsonAccessMap.query\
.filter_by(json=json_id, user=JWT.details['user_id'], type=TeamMemberType.OWNER.value)\
.first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# if team has access, remove access
json_access = TeamJsonMap.query.filter_by(team=team_id,
json=json_id).first()
if json_access:
json_access.delete()
return response_with(resp.SUCCESS_200)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def remove_team_member(team_id, user_id):
try:
# validate team exists
team = Team.query.filter_by(id=team_id).first()
if not team:
message = notFound.format("Team")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate user exists
user_exists = User.query.filter_by(id=user_id).first()
if not user_exists:
message = notFound.format("User")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to team
access = TeamMemberMap.query\
.filter_by(team=team_id, user=JWT.details['user_id'], type=TeamMemberType.OWNER.value) \
.first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# if team member exists, delete
team_member = TeamMemberMap.query.filter_by(team=team_id,
user=user_id).first()
if team_member:
team_member.delete()
return response_with(resp.SUCCESS_200)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def add_team_member(team_id):
try:
data = request.get_json()
# require user
user = data.get("user")
if not user:
message = required.format("User")
return response_with(resp.MISSING_PARAMETERS_422, message=message)
# validate team exists
team = Team.query.filter_by(id=team_id).first()
if not team:
message = notFound.format("Team")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate user exists
user_exists = User.query.filter_by(id=user).first()
if not user_exists:
message = notFound.format("User")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to team
access = TeamMemberMap.query\
.filter_by(team=team_id, user=JWT.details['user_id'], type=TeamMemberType.OWNER.value)\
.first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# if user does not have access, grant access
access_already_exists = TeamMemberMap.query.filter_by(
team=team_id, user=user).first()
if not access_already_exists:
# add access
team_member_data = {
"user": user,
"team": team_id,
"_type": TeamMemberType.MEMBER.value
}
team_member_map = TeamMemberMapSchema()
team_member, error = team_member_map.load(team_member_data)
team_member.create()
return response_with(resp.SUCCESS_200)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def test_json_not_found(self):
login = {
"login": self.users[0]["login"],
"password": self.users[0]["password"]
}
response = self.app.post(
"/api/v1.0/login",
data=json.dumps(login),
content_type="application/json",
)
data = json.loads(response.data)
token = data['token']
headers = {
'Authorization': token
}
response = self.app.get(
"/api/v1.0/json/99999",
headers=headers,
content_type="application/json",
)
data = json.loads(response.data)
self.assertEqual(404, response.status_code)
self.assertIn('code', data)
self.assertIn('message', data)
self.assertEqual(notFound.format("JSON"), data['message'])
def get_user_details(uid):
try:
user = User.query.filter_by(id=uid).first()
if not user:
message = notFound.format("User")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
user_schema = UserSchema()
user_data, error = user_schema.dump(user)
json_count = Json.count_json(uid)
team_count = Team.count_teams(uid)
val = {
'id': user_data['id'],
'name': user_data['name'],
'surname': user_data['surname'],
'email': user_data['email'],
'login': user_data['login'],
'created': user_data['created'],
'updated': user_data['updated'],
'json_count': json_count,
'team_count': team_count
}
return response_with(resp.SUCCESS_200, value=val)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def get_team(team_id):
try:
# validate team exists
team = Team.query.filter_by(id=team_id).first()
if not team:
message = notFound.format("Team")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to team
access = TeamMemberMap.query.filter_by(
team=team_id, user=JWT.details['user_id']).first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# response details
team_schema = TeamSchema()
team_data, error = team_schema.dump(team)
team_member_schema = TeamMemberMapSchema()
team_member_data, error = team_member_schema.dump(access)
val = {
'id': team_data['id'],
'name': team_data['name'],
'type': team_member_data['type'],
'created': team_data['created'],
'updated': team_data['updated']
}
return response_with(resp.SUCCESS_200, value=val)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def get_json(json_id):
try:
# validate json exists
json = Json.query.filter_by(id=json_id).first()
if not json:
message = notFound.format("JSON")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to json
access = JsonAccessMap.query.filter_by(
json=json_id, user=JWT.details['user_id']).first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# response details
access_schema = JsonAccessMapSchema()
json_access_data, error = access_schema.dump(access)
json_schema = JsonSchema()
json_data, error = json_schema.dump(json)
val = {
'id': json_data['id'],
'data': json_data['data'],
'permission': json_access_data['type'],
'created': json_data['created'],
'updated': json_data['updated']
}
return response_with(resp.SUCCESS_200, value=val)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def test_give_team_access_team_not_found(self):
# Get JWT for user 0
login = {
"login": self.users[0]["login"],
"password": self.users[0]["password"]
}
response = self.app.post(
"/api/v1.0/login",
data=json.dumps(login),
content_type="application/json",
)
data = json.loads(response.data)
headers = {'Authorization': data['token']}
team_data = {
"user":
db.session.query(
User.id).filter(User.login == self.users[1]['login']).scalar()
}
response = self.app.post("/api/v1.0/team/{}/access".format(
fake.ean13()),
headers=headers,
content_type="application/json",
data=json.dumps(team_data))
data = json.loads(response.data)
self.assertEqual(404, response.status_code)
self.assertEqual(notFound.format("Team"), data['message'])
def give_team_json_access(json_id, team_id):
try:
# validate json exists
json = Json.query.filter_by(id=json_id).first()
if not json:
message = notFound.format("JSON")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate team exists
team = Team.query.filter_by(id=team_id).first()
if not team:
message = notFound.format("Team")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to json
access = JsonAccessMap.query\
.filter_by(json=json_id, user=JWT.details['user_id'], type=JsonAccessMapType.OWNER.value)\
.first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# if user does not have access, grant access
access_already_exists = TeamJsonMap.query.filter_by(
team=team_id, json=json_id).first()
if not access_already_exists:
# add access
team_access_data = {
"team": team_id,
"json": json_id,
}
team_json_json_map = TeamJsonMapSchema()
team_json, error = team_json_json_map.load(team_access_data)
team_json.create()
val = {"team": team_id, "json": json_id}
return response_with(resp.SUCCESS_200, value=val)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def update_user(uid):
try:
data = request.get_json()
name = data.get("name")
if not name:
message = required.format("Name")
return response_with(resp.MISSING_PARAMETERS_422, message=message)
surname = data.get("surname")
if not surname:
message = required.format("Surname")
return response_with(resp.MISSING_PARAMETERS_422, message=message)
email = data.get("email")
if not email:
message = required.format("Email")
return response_with(resp.MISSING_PARAMETERS_422, message=message)
# validate user exists
user = User.query.filter_by(id=uid).first()
if not user:
message = notFound.format("User")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to user
access = User.query.filter_by(id=JWT.details['user_id']).first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# update user
user.update(name, surname, email)
# response details
return get_user_details(uid)
except IntegrityError:
message = exists.format("Name")
return response_with(resp.INVALID_INPUT_422, message=message)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
def test_give_team_access_user_not_found(self):
# Get JWT for user 0
login = {
"login": self.users[0]["login"],
"password": self.users[0]["password"]
}
response = self.app.post(
"/api/v1.0/login",
data=json.dumps(login),
content_type="application/json",
)
data = json.loads(response.data)
token_user_0 = data['token']
headers = {'Authorization': token_user_0}
team_data = {"name": fake.company()}
response = self.app.post("/api/v1.0/team",
headers=headers,
content_type="application/json",
data=json.dumps(team_data))
data = json.loads(response.data)
self.assertEqual(200, response.status_code)
self.assertIn('message', data)
self.assertIn('team', data)
self.assertEqual(team_data['name'], data['team']['name'])
self.teams.append(data['team']['id'])
team_data = {"user": fake.ean13()}
response = self.app.post("/api/v1.0/team/{}/access".format(
data['team']['id']),
headers=headers,
content_type="application/json",
data=json.dumps(team_data))
data = json.loads(response.data)
self.assertEqual(404, response.status_code)
self.assertEqual(notFound.format("User"), data['message'])
def update_team(team_id):
try:
data = request.get_json()
name = data.get("name")
if not name:
message = required.format("Name")
return response_with(resp.MISSING_PARAMETERS_422, message=message)
# validate team exists
team = Team.query.filter_by(id=team_id).first()
if not team:
message = notFound.format("Team")
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# validate access to team
access = TeamMemberMap.query.filter_by(
team=team_id, user=JWT.details['user_id']).first()
if not access:
message = permission
return response_with(resp.NOT_FOUND_HANDLER_404, message=message)
# update team
team.update(name)
# response details
team_schema = TeamSchema()
team_data, error = team_schema.dump(team)
return response_with(resp.SUCCESS_200, value={"team": team_data})
except IntegrityError:
message = exists.format("Name")
return response_with(resp.INVALID_INPUT_422, message=message)
except Exception as e:
logging.error(e)
return response_with(resp.SERVER_ERROR_500)
