def route_admin_users_groups_post(group_id=None, user_id=None):
current_user = get_current_user() # type: User
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
group = db_session.query(Group).filter_by(id=group_id).first() # type: Group
user = db_session.query(User).filter(User.id == user_id).first() # type: User
if not group:
return abort(400, f"The group with id: {group_id} does not exists")
if not user:
return abort(400, f"The user with id: {user_id} does not exists")
if current_user.is_superuser:
group.users_admin.append(user)
db_session.commit()
else:
abort(400, "Not authorized")
return {
"msg": f"The user with id {user_id} was sucessfully added as an admin of the group with id {group_id}"
}
def route_users_post_open(email=None,
password=None,
first_name=None,
last_name=None,
group_id=None):
if not config.USERS_OPEN_REGISTRATION:
abort(403, "Open user resgistration is forbidden on this server")
user = db_session.query(User).filter(User.email == email).first()
if user:
return abort(
400,
f"The user with this email already exists in the system: {email}")
group = db_session.query(Group).filter(Group.id == group_id).first()
if group is None:
abort(400, f'There is no group with id: "{group_id}"')
user = User(
email=email,
password=pwd_context.hash(password),
first_name=first_name,
last_name=last_name,
group=group,
)
db_session.add(user)
db_session.commit()
db_session.refresh(user)
return user
def route_users_id_get(user_id):
current_user = get_current_user() # type: User
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
user = db_session.query(User).filter(
User.id == user_id).first() # type: User
if not user:
return abort(400, f"The user with id: {user_id} does not exists")
if current_user.is_superuser:
# Return everything, don't abort
pass
elif user.group in current_user.groups_admin:
# Return everything, don't abort
pass
else:
abort(400, "Not authorized")
return user
def route_groups_get():
current_user = get_current_user() # type: User
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
if current_user.is_superuser:
return db_session.query(Group).all()
elif current_user.groups_admin:
return [group for group in current_user.groups_admin]
else:
return [current_user.group]
def route_users_post(email=None,
password=None,
first_name=None,
last_name=None,
group_id=None):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
elif not current_user.is_superuser:
abort(400, "Only a superuser can execute this action")
user = db_session.query(User).filter(User.email == email).first()
if user:
return abort(
400,
f"The user with this email already exists in the system: {email}")
group = db_session.query(Group).filter(Group.id == group_id).first()
if group is None:
abort(400, f'There is no group with id: "{group_id}"')
user = User(
email=email,
password=pwd_context.hash(password),
first_name=first_name,
last_name=last_name,
group=group,
)
db_session.add(user)
db_session.commit()
db_session.refresh(user)
return user
def route_login_access_token(username, password):
user = db_session.query(User).filter(User.email == username).first()
if not user or not pwd_context.verify(password, user.password):
abort(400, "Incorrect email or password")
elif not user.is_active:
abort(400, "Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(identity=user.id,
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def route_groups_post(name=None):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
elif not current_user.is_superuser:
abort(400, "Not a superuser")
group = db_session.query(Group).filter(Group.name == name).first()
if group:
return abort(400, f"The group: {name} already exists in the system")
group = Group(name=name)
db_session.add(group)
db_session.commit()
return group
def route_users_get():
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not current_user.is_active:
abort(400, "Inactive user")
users = [current_user]
if current_user.is_superuser:
return db_session.query(User).all()
elif current_user.groups_admin:
# return all the users in the groups the user is admin in
users = []
for group in current_user.groups_admin:
users.extend(group.users)
return users
# return the current user's data, but in a list
return users
def get_current_user(identity):
return db_session.query(User).filter(User.id == identity).first()