def post(self):
json_data = request.get_json()
print(json_data)
if not json_data:
return {"message": "No input data provided"}
valid = validate(json_data)
if valid != True:
return valid
ln = json_data['lastname']
fn = json_data['firstname']
un = json_data['username']
passw = json_data['password']
email = json_data['email']
# username, email, password
# check if username exists
# check if email exists
# create a user
user = User(firstname=fn,
lastname=ln,
email=email,
password=passw,
username=un)
db.session.add(user)
db.session.commit()
result = user_schema.dump(user).data
return {"message": f"Registering {result['username']}"}
def login():
req = request.json
if (req.get('email') and req.get('password')):
user = User.query.filter_by(email=req['email']).first()
if (user):
if (user and bcrypt.check_password_hash(user.password,
req['password'])):
#things to do after checking the email and password
token = jwt.encode(
{
'id':
user.id,
'exp':
datetime.datetime.utcnow() +
datetime.timedelta(minutes=180)
}, app.config['SECRET_KEY'])
# print("token:"+token.decode('UTF-8'))
if token:
resp = {'token': token, 'user': user_schema.dump(user)}
return jsonify(resp)
else:
return jsonify({'message': 'Problem in creating a token'})
else:
return jsonify(
{'message': 'it seems that this email is not registered'})
else:
return jsonify({
'message':
'Login Unsuccesful.Please check email and password'
})
def register():
req = request.json
if(req.get('first_name') and req.get('email') and req.get('password')):
# print(req['email'])
user = User.query.filter_by(email= req['email']).first()
if(user):
return jsonify({'message':'seems like the email id is already registered'})
password = bcrypt.generate_password_hash(req['password']).decode('utf-8')
user1 = User(first_name=req['first_name'],last_name=req['last_name'],email=req['email'],password=password)
db.session.add(user1)
db.session.commit()
token = jwt.encode({'id':user1.id,'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=180)},app.config['SECRET_KEY'])
# print("token:"+token.decode('UTF-8'))
if token:
resp = {
'token': token,
'user' : user_schema.dump(user1)
}
return jsonify(resp)
else:
return jsonify({'message':'Problem in creating a token'})
else:
return jsonify({'message': 'please enter all the values required for the creation of a new user'})
def api_datatables_get_users():
# Store request query string
requestData = request.args
#datatables column index => database column name
columns = {
0: 'username',
1: 'mac_address',
2: 'is_admin'
}
#getting total number records without any search
totalData = User.query.count()
#when there is no search parameter then total number rows = total number filtered rows.
totalFiltered = totalData;
if requestData['search[value]']:
sql = "SELECT * FROM user "
sql += "WHERE username LIKE '" + requestData['search[value]'] + "%' "
sql += "OR mac_address LIKE '" + requestData['search[value]'] + "%' "
sql += "OR is_admin LIKE '" + requestData['search[value]'] + "%' "
query = text(sql)
result = db.engine.execute(sql).fetchall()
#result = users_schema.dump(result)
totalFiltered = len(result)
sql += " ORDER BY " + columns[int(requestData['order[0][column]'])] + " " + requestData['order[0][dir]'] + " " + " LIMIT " + requestData['start'] + " ," + requestData['length'] + " "
query = text(sql)
else:
sql = "SELECT * FROM user "
sql += " ORDER BY " + columns[int(requestData['order[0][column]'])] + " " + requestData['order[0][dir]'] + " " + " LIMIT " + requestData['start'] + " ," + requestData['length'] + " "
query = text(sql)
result = db.engine.execute(query)
data = []
while True:
row = result.fetchone()
if row == None:
break
nestedData = {}
user = user_schema.dump(row).data
nestedData['DT_RowId'] = user['id']
nestedData['username'] = user['username']
nestedData['mac_address'] = user['mac_address']
nestedData['is_admin'] = user['is_admin']
nestedData['action'] = '<button class="btn btn-success" data-toggle="modal" data-target="#update-user-modal" data-id="' + str(user['id']) + '"><span class="glyphicon glyphicon-pencil"></span></button><button class="btn btn-danger" data-toggle="modal" data-target="#confirm-delete" data-id="' + str(user['id']) + '"><span class="glyphicon glyphicon-trash"></span></button>'
data.append(nestedData)
return jsonify({
'draw' : int(requestData['draw']),
'recordsTotal' : int(totalData),
'recordsFiltered': int(totalFiltered),
'data': data
})
def test_get_self_user(self, testapp, db):
user_output = user_schema.dump(db.user1)
with patch.object(oidc, "validate_token", return_value=True), \
patch("utils.check_user_role", return_value=db.user1):
res = testapp.get(
api_version + "/users",
status=200
).json
assert dict_contains(res[0], user_output)
def login():
validated_data = User.validate_login_data(request.form)
if validated_data:
user = user_schema.dump(request.form)
result = User.login_user(user.data)
if result:
session['userid'] = result.id
return {'status': 'logged in'}
return {'status': 'error'}
return {'status': 'error'}
def register():
validated_data = User.validate_user(request.form)
if validated_data:
user = user_schema.dump(request.form)
create_user = User.register_user(user.data)
if create_user:
flash('User successfully added', 'success')
return redirect('/')
flash('There has been an error', 'error')
return redirect('/')
def get(user_id):
requested_user = User.query.filter_by(id=user_id).first()
if requested_user is None:
raise NotFound(description=f"The requested user '{user_id}' "
"has not been found.")
# if (user.role == RoleEnum.user) and (user.name != user_id):
# raise Forbidden
return user_schema.dump(requested_user)
def test_get_user(self, testapp, db):
user_output = user_schema.dump(db.user1)
with patch.object(oidc, "validate_token", return_value=True), \
patch("utils.check_user_role", return_value=db.admin_user):
user_id = db.user1.name
# Get this user by id
user = testapp.get(
api_version + "/users/" + user_id,
status=200
).json
assert dict_contains(user, user_output)
def storeSize():
req = request.json
data = request.data
user = User.query.get(data['id'])
if (req.get('chest') and req.get('frontal') and req.get('shoulder')):
user.chest = req.get('chest')
user.frontal = req.get('frontal')
user.shoulder = req.get('shoulder')
db.session.commit()
result = user_schema.dump(user)
return jsonify({'user': result})
else:
return jsonify({'message': 'Please fill all the required fields'})
def get_all_users(self, request):
try:
if session['logged_in']:
if session['admin_user']:
data = db.session.query(User).all()
data = user_schema.dump(data)
return jsonify(data)
else:
return 'This action is restricted to admin users.'
else:
return 'Please log in'
except Exception as e:
return 'Get all users failed: ' + str(e)
def protected():
data = request.data
user = User.query.get(data['id'])
if user:
# resp ={
# 'first_name': user.first_name,
# 'last_name' : user.last_name,
# 'email':user.email,
# "id":user.id
# }
result = user_schema.dump(user)
return jsonify({'user': result})
else:
return jsonify({'message':'This is a protected'})
def search(capsule_id, offset, limit, filters, user):
capsule = _get_capsule(capsule_id, user)
owners = []
user_is_owner = False
for owner in capsule.owners:
if user.name == owner.name:
user_is_owner = True
user_json = user_schema.dump(owner)
owners.append(user_json)
if (not user_is_owner) and (user.role == RoleEnum.user):
raise Forbidden
return owners
def get(self):
users = User.query.all()
users = user_schema.dump(users, many=True).data
return {"status": "success", "data": users}, 200
def search(user):
return user_schema.dump(user)
