Esempio n. 1
0
    def mutate(self, info, inbound):
        data = graphql_utils.input_to_dictionary(inbound)
        code,error,user,timezone = current_user()
        if not user.role in (ADMIN,SUPER_ADMIN) :
            if not user.id == int(data['id']):
                raise Exception("Permission denied!")
        
        if not data['email'] and data['role'] != GUEST:
            raise Exception("Email is required!")

        with ScopedSession() as local_db_session:
            user = local_db_session.query(UserModel)\
                .filter(UserModel.id==data['id']).first()
            if (data['password']):
                data['password'] = encrypt(data['password'])
            else:
                del data['password']
            for key, value in data.items():
                if key == 'active':
                    if value and not user.active and not user.deactivated_on:
                        send(user.email, f"Registration approved for user {user.username}", user_approved(user))
                    if not value and user.active:
                        user.deactivated_on = datetime.now()

                if hasattr(user, key):
                    setattr(user, key, value)

        user = DBSession.query(UserModel).filter(UserModel.id==data['id']).first()
        return UpdateUser(user=user)
Esempio n. 2
0
    def mutate(self, info, input):
        data = graphql_utils.input_to_dictionary(input)
        with ScopedSession() as local_db_session:

            stage = local_db_session.query(StageModel).filter(
                StageModel.id == data['id']).first()
            for key, value in data.items():
                if hasattr(stage, key):
                    setattr(stage, key, value)
                elif value:
                    attribute = stage.attributes.filter(
                        StageAttributeModel.name == key).first()
                    if attribute:
                        attribute.description = value
                    else:
                        attribute = StageAttributeModel(stage_id=data['id'],
                                                        name=key,
                                                        description=value)
                        local_db_session.add(attribute)

            local_db_session.commit()
            stage = DBSession.query(StageModel).filter(
                StageModel.id == data['id']).first()

            return UpdateStage(stage=stage)
Esempio n. 3
0
 def mutate(self, info, inbound):
     data = graphql_utils.input_to_dictionary(inbound)
     with ScopedSession() as local_db_session:
         user = local_db_session.query(UserModel).filter(UserModel.id==data['id']).first()
         if decrypt(user.password) != data['oldPassword']:
             raise Exception('Old password incorrect')
         else:
             user.password = encrypt(data['newPassword'])
         local_db_session.commit()
     return ChangePassword(success=True)
Esempio n. 4
0
    def mutate(self, info, input):
        data = graphql_utils.input_to_dictionary(input)
        with ScopedSession() as local_db_session:
            stage = local_db_session.query(StageModel).filter(
                StageModel.id == data['id']).first()
            stage.assets.delete()
            for id in data['media_ids']:
                stage.assets.append(ParentStage(child_asset_id=id))

            local_db_session.commit()
            stage = DBSession.query(StageModel).filter(
                StageModel.id == data['id']).first()

            return AssignMedia(stage=stage)
Esempio n. 5
0
    def mutate(self, info, input):
        data = input_to_dictionary(input)
        with ScopedSession() as local_db_session:
            asset = local_db_session.query(AssetModel).filter(
                AssetModel.id == data['id']
            ).first()
            asset.stages.delete()
            for id in data['stage_ids']:
                asset.stages.append(ParentStage(stage_id=id))

            local_db_session.flush()
            local_db_session.commit()

            asset = local_db_session.query(AssetModel).filter(
                AssetModel.id == data['id']).first()

            return AssignStages(asset=asset)
Esempio n. 6
0
 def mutate(self, info, inbound):
     data = graphql_utils.input_to_dictionary(inbound)
     code,error,user,timezone = current_user()
     if not user.role in (ADMIN,SUPER_ADMIN) :
             raise Exception("Permission denied!")
     with ScopedSession() as local_db_session:
         # Delete all existed user's sessions
         local_db_session.query(UserSession).filter(UserSession.user_id==data['id']).delete()
         # Delete all stages created by this user
         local_db_session.query(StageAttributeModel).filter(StageAttributeModel.stage.has(StageModel.owner_id==data['id'])).delete(synchronize_session='fetch')
         local_db_session.query(StageModel).filter(StageModel.owner_id==data['id']).delete()
         # Change the owner of media uploaded by this user to the one who process the delete
         # Because delete the media would cause impact to other stage, this would be a workaround for now
         local_db_session.query(AssetModel).filter(AssetModel.owner_id==data['id']).update({AssetModel.owner_id: user.id})
         # Delete the actual user
         local_db_session.query(UserModel).filter(UserModel.id==data['id']).delete()
         local_db_session.commit()
     return DeleteUser(success=True)
Esempio n. 7
0
    def mutate(self, info, input):
        if not input.name or not input.file_location:
            raise Exception('Please fill in all required fields')

        data = graphql_utils.input_to_dictionary(input)

        stage = StageModel(**data)
        stage.owner_id = get_jwt_identity()
        # Add validation for non-empty passwords, etc.
        with ScopedSession() as local_db_session:
            local_db_session.add(stage)
            local_db_session.flush()
            stage_id = stage.id
            local_db_session.commit()

            stage = DBSession.query(StageModel).filter(
                StageModel.id == stage_id).first()
            return CreateStage(stage=stage)
Esempio n. 8
0
    def resolve_search(self, info, inbound):
        """ Get user from JWT token. """
        code,error,this_user,timezone = current_user()
        if code != 200:
            raise Exception(error)

        """ Compare it with params. If current user is an admin, allow lookup
            of other users. 
        """
        if inbound:
            data = graphql_utils.input_to_dictionary(inbound)
            lookup_user = DBSession.query(UserModel).filter_by(data).first()

        access_token = request.headers.get(app.config['JWT_HEADER_NAME'],None)
        #app.logger.info("access token:{0}".format(access_token))

        # If latest user session access token doesn't match, kick them out.
        user_session = DBSession.query(UserSession).filter(
            UserSession.user_id==user.id).order_by(
            UserSession.recorded_time.desc()).first()

        if not user_session:
            raise Exception('Bad user session')

        if (user_session.access_token != access_token):
            TNL.add(access_token)
            # No. user session may be valid, from a newer login on a different device.
            #TNL.add(user_session.refresh_token)
            #TNL.add(user_session.access_token)
            raise Exception('Access token is invalid')

        self.result = {
            'user_id':user.id,'role':user.role,
            'phone':user.phone,
            'first_name':user.first_name, 'last_name': user.last_name,
            'email':user.email,
            'timezone':timezone,
            'groups':[],
            'username':user.username,
            }
        #return result
        return graphql_utils.json2obj(self.result)
Esempio n. 9
0
    def mutate(self, info, inbound):
        data = graphql_utils.input_to_dictionary(inbound)
        if not data['email'] and data['role'] != GUEST:
            raise Exception("Email is required!")

        user = UserModel(**data)
        user_id = None
        # Add validation for non-empty passwords, etc.
        user.password = encrypt(user.password)
        if not user.role:
            user.role = PLAYER
        with ScopedSession() as local_db_session:
            local_db_session.add(user)
            local_db_session.flush()
            user_id = user.id

        user = DBSession.query(UserModel).filter(UserModel.id==user_id).first()
        send(user.email, f"Welcome to UpStage!", user_registration(user))
        admin_emails = [admin.email for admin in DBSession.query(UserModel).filter(UserModel.role.in_([SUPER_ADMIN,ADMIN])).all()]
        approval_url = f"{request.url_root}backstage/admin/player-management"
        send(','.join(admin_emails), f"Approval required for {user.username}'s registration", admin_registration_notification(user, approval_url))
        return CreateUser(user=user)
Esempio n. 10
0
    def mutate(self, info, input):
        data = graphql_utils.input_to_dictionary(input)
        with ScopedSession() as local_db_session:
            stage = local_db_session.query(StageModel)\
                .filter(StageModel.id == data['id'])\
                .first()

            events = DBSession.query(EventModel)\
                .filter(EventModel.performance_id == None)\
                .filter(EventModel.topic.like("%/{}/%".format(stage.file_location)))

            if events.count() > 0:
                performance = PerformanceModel(stage=stage)
                local_db_session.add(performance)
                local_db_session.flush()

                events.update({EventModel.performance_id: performance.id},
                              synchronize_session="fetch")
            else:
                raise Exception("The stage is already sweeped!")

            local_db_session.commit()

            return SweepStage(success=True, performance_id=performance.id)