def mutate(self, info, item_id, id_from_token): item = db.query(Item).filter_by(id=item_id).first() if item is None: raise Exception("No item was found with this ID!") if item.giver_id is not None: return SetGiverId(ok=False, message="This item has already reserved!") if item.status == StatusEnum.PERFORMED: raise Exception("This item is already performed!") if item.status == StatusEnum.RESERVED: if item.giver_id == id_from_token: # cancel reservation by giver_id user item.giver_id = None commit_with_check(db) user = db.query(User).filter_by(id=item.owner_id).first() return SetGiverId(ok=True, message="Reserving of item is canceled!!", user_=user) else: raise Exception("This item is already reserved!") item.giver_id = id_from_token item.status = StatusEnum.RESERVED commit_with_check(db) user = db.query(User).filter_by(id=item.owner_id).first() return SetGiverId(ok=True, message="Item was reserved!!", user_=user)
def mutate(self, info, files, item_id, id_from_token): item = db.query(Item).filter_by(id=item_id).first() if item is None: raise Exception("No item was found with this ID!") if item.owner_id != id_from_token: return AddPictures(ok=False, message="Access denied!") # TODO maybe change names for pictures? i = 0 for pic in files: if check_format(pic): i += 1 name = 'items/item_' + str(item.id) + '_' + str(i) if upload_file(pic, Config.bucket, name): try: db.add( ItemPicture(item_id=item.id, path_to_picture=name)) commit_with_check(db) except: db.rollback() else: return AddPictures( ok=False, message="Pictures haven't been uploaded!") else: return AddPictures( ok=False, message= "Only pictures (.png, .jpeg, .bmp) can be downloaded!") return AddPictures(ok=True, messages="Pictures have been uploaded!")
def mutate(root, info, data, id_from_token): degree = DegreeEnum.NOTSTATED a_level = AccessLevelEnum(data.access_level) if data.degree is not None: degree = DegreeEnum(data.degree) new_item = Item(title=data.title, owner_id=id_from_token, about=data.about, access_level=a_level, list_id=data.list_id, degree=degree, status='FREE', date_for_status=datetime.utcnow(), date_creation=datetime.utcnow()) try: db.add(new_item) commit_with_check(db) except: db.rollback() db.refresh(new_item) try: db.add( ItemPicture(item_id=new_item.id, path_to_picture='items/item_0.png')) commit_with_check(db) except: db.rollback() return AddItem(ok=True, message="Item added!", ID=new_item.id)
def mutate(self, info, data, id_from_token): a_level = GroupAccessEnum(data.access_level) role = RoleEnum(data.admin_role) new_group = Group(title=data.title, about=data.about, access_level=a_level, date_creation=datetime.utcnow(), date=data.date, admin_id=id_from_token) try: db.add(new_group) commit_with_check(db) except: db.rollback() db.refresh(new_group) try: db.add( GroupUser(group_id=new_group.id, user_id=id_from_token, role_in_group=role)) commit_with_check(db) except: db.rollback() return AddGroup(ok=True, message="Group has been added!", ID=new_group.id)
def mutate(self, info, group_id, user_id, id_from_token): group_id = int(group_id) user_id = int(user_id) group = db.query(Group).filter_by(id=group_id).first() if group is None: raise Exception("No group with this ID found!") admin_role = db.query(GroupUser.role_in_group).filter_by( user_id=group.admin_id, group_id=group_id).first() user_role = db.query(GroupUser.role_in_group).filter_by( user_id=id_from_token, group_id=group_id).first() if admin_role.role_in_group == RoleEnum.ORGANIZER: if user_role is not None and user_role.role_in_group == RoleEnum.ORGANIZER: try: db.add( GroupUser(group_id=group_id, user_id=user_id, role_in_group=RoleEnum.ORGANIZER)) commit_with_check(db) except: db.rollback() return AddOrganizer(ok=True, message="Users have been added!") return AddOrganizer( ok=True, message="Only admin with role ORGANIZER can add ORGANIZER!")
def mutate(self, info, user_pic, id_from_token): if check_format(user_pic): user = db.query(User).filter_by(id=id_from_token).first() name = 'users/user_' + str(user.id) if upload_file(user_pic, Config.bucket, name): user.userpic = name commit_with_check(db) return UploadUserPicture(ok=True, message="Userpic have been uploaded") return UploadUserPicture(ok=False, message="Userpic haven't been upload")
def mutate(self, info, email): user = db.query(User).filter_by(email=email).first() if user is None: raise Exception("No user with this email!") code = random.randint(100000, 999999) e_host.send_email(user.email, "Confirm actions", user.user_name, "other/reset_password.txt", code) user.password_hash = au.get_password_hash(str(code)) commit_with_check(db) return ResetPassword(ok=True, message="Confirm email send to your email!")
def mutate(self, info, item_id, id_from_token): item = db.query(Item).filter_by(id=item_id).first() if item is None: raise Exception("No item was found with this ID!") if item.owner_id != id_from_token: return ItemPerformed(ok=False, message="Access denied!!") if item.status == StatusEnum.PERFORMED: raise Exception("This item is already performed!") item.status = StatusEnum.PERFORMED item.list_id = None commit_with_check(db) return ItemPerformed(ok=True, message="Item was performed!")
def mutate(self, info, token, refresh_token): user = db.query(User).filter( token == token and refresh_token == refresh_token).first() if user is None: return RefreshToken(ok=False, message="ERROR!") user.token = au.encode_token(user.id) user.refresh_token = au.encode_token(user.id, experation=1440) commit_with_check(db) return RefreshToken(ok=False, message="ERROR!", access_token=user.token, refresh_token=user.refresh_token)
def mutate(self, info, item_id, id_from_token): item = db.query(Item).filter_by(id=item_id).first() if item is None: raise Exception("No item was found with this ID!") if item.owner_id != id_from_token: return DeleteItem(ok=False, message="Access denied!") # TODO если не работают Cascade, то нужно удалять в остальных таблицах вручную try: db.delete(item) commit_with_check(db) except: db.rollback() return DeleteItem(ok=True, message="Item deleted!")
def mutate(self, info, group_id, id_from_token): group_id = int(group_id) group = db.query(Group).filter_by(id=group_id).first() if group is None: raise Exception("No group with this ID found!") if group.admin_id != id_from_token: return DeleteGroup(ok=False, message="Access denied!") try: db.delete(group) commit_with_check(db) except: db.rollback() return EditGroup(ok=True, message="Group was deleted!")
def mutate(self, info, from_user_id, id_from_token): fr = db.query(FR).filter_by(user_id_from=from_user_id, user_id_to=id_from_token).first() if fr is not None: try: db.delete(fr) commit_with_check(db) except: db.rollback() return RejectFriendRequest( ok=True, message="Friend request has been rejected!") else: return RejectFriendRequest( ok=False, message="Friend request hasn't been rejected!")
def mutate(self, info, list_id, items_id, id_from_token): wlist = db.query(Wishlist).filter_by(id=list_id).first() if wlist is None: raise Exception("No wishlist with this ID found!") if wlist.user_id != id_from_token: return AddItemsToList(ok=False, message="Access denied!") for item_id in items_id: item = db.query(Item).filter_by(id=item_id).first() if item.status == StatusEnum.RESERVED or \ item.status == StatusEnum.PERFORMED or item.owner_id != id_from_token: continue item.list_id = list_id item.access_level = wlist.access_level commit_with_check(db) return AddItemsToList(ok=True, message="Items were added to wishlist!")
def mutate(root, info, data, id_from_token): a_level = AccessLevelEnum(data.access_level) new_list = Wishlist(title=data.title, user_id=id_from_token, about=data.about, access_level=a_level) try: db.add(new_list) commit_with_check(db) except: db.rollback() db.refresh(new_list) lists = db.query(Wishlist).filter_by(user_id=id_from_token) return AddList(ok=True, message="Wishlist added!", user_lists=lists)
def mutate(self, info, to_user_id, from_user_id, id_from_token): if id_from_token != int(from_user_id): return CancelFriendRequest(ok=False, message="Access denied!") fr = db.query(FR).filter_by(user_id_from=id_from_token, user_id_to=to_user_id).first() if fr is not None: try: db.delete(fr) commit_with_check(db) except: db.rollback() return CancelFriendRequest( ok=True, message="Friend request has been canceled!") else: return CancelFriendRequest( ok=True, message="Friend request hasn't been canceled!")
def mutate(self, info, to_user_id, id_from_token): if db.query(FS).filter_by(user_id_1=id_from_token, user_id_2=to_user_id).first() is not None: SendFriendRequest(ok=False, message="You are already friends!") if db.query(FR).filter_by(user_id_from=id_from_token, user_id_to=to_user_id).first() is not None: SendFriendRequest( ok=False, message="You have already sent friend request to this user!") try: db.add(FR(user_id_from=id_from_token, user_id_to=to_user_id)) commit_with_check(db) except: db.rollback() return SendFriendRequest(ok=True, message="Friend request has been sent!")
def mutate(self, info, list_id, items_id, id_from_token): wlist = db.query(Wishlist).filter_by(id=list_id).first() if wlist is None: raise Exception("No wishlist with this ID found!") if wlist.user_id != id_from_token: return DeleteItemsFromList(ok=False, message="Access denied!") for item_id in items_id: item = db.query(Item).filter_by(id=item_id).first() item.list_id = None item.access_level = AccessLevelEnum.NOBODY commit_with_check(db) return DeleteItemsFromList( ok=True, message= "Items were deleted from wishlist and were pasted to default wishlist!" )
def mutate(self, info, data, id_from_token): data.group_id = int(data.group_id) data.admin_id = int(data.admin_id) group = db.query(Group).filter_by(id=data.group_id).first() if group is None: raise Exception("No group with this ID found!") if group.admin_id != id_from_token: return EditGroup(ok=False, message="Access denied!") if data.title is not None and data.title != group.title: group.title = data.title if data.about is not None and data.about != group.about: group.about = data.about if data.access_level is not None and data.access_level != group.access_level: group.access_level = GroupAccessEnum(data.access_level) commit_with_check(db) return EditGroup(ok=True, message="Item edited!", edited_group=group)
def mutate(self, info, from_user_id, id_from_token): fr = db.query(FR).filter_by(user_id_from=from_user_id, user_id_to=id_from_token).first() if (fr is not None) and \ (db.query(FS).filter_by(user_id_1=id_from_token, user_id_2=from_user_id).first() is None): try: db.add(FS(user_id_1=from_user_id, user_id_2=id_from_token)) db.add(FS(user_id_2=from_user_id, user_id_1=id_from_token)) db.delete(fr) commit_with_check(db) except: db.rollback() return AcceptFriendRequest( ok=True, message="Friend request has been accepted!") else: return AcceptFriendRequest( ok=False, message="Friend request hasn't been accepted!")
def mutate(self, info, email, password): user = db.query(User).filter_by(email=email).first() if user is None: return LoginUser(ok=False, message="Invalid password or email") if au.verify_password(password, user.password_hash): token = au.encode_token(user.id) refresh_token = au.encode_token( user.id, experation=1440) # 1440 min = 1 day user.token = token user.refresh_token = refresh_token commit_with_check(db) return LoginUser(ok=True, message="Token issued", token=token, refresh_token=refresh_token) else: return LoginUser(ok=False, message="Invalid password or email")
def mutate(self, info, friend_id, id_from_token): fr1 = db.query(FS).filter_by(user_id_1=id_from_token, user_id_2=friend_id).first() fr2 = db.query(FS).filter_by(user_id_2=id_from_token, user_id_1=friend_id).first() if fr1 is not None and fr2 is not None: try: db.delete(fr1) db.delete(fr2) commit_with_check(db) except: db.rollback() return RemoveFromFriends(ok=True, message="Friend has been removed :-(") else: return RemoveFromFriends(ok=True, message="Friend hasn't been removed :-)")
def mutate(self, info, urls, id_from_token): if len(urls) == 0: return RemovePictures(ok=False, message="No URLs to delete pictures!") for pic in urls: item_path = db.query(ItemPicture).filter_by( path_to_picture=pic).first() item = db.query(Item).filter_by(id=item_path.item_id).first() if item.owner_id != id_from_token: raise Exception("Access denied!") if delete_file(Config.bucket, item_path.path_to_picture): try: db.delete(item_path) commit_with_check(db) except: db.rollback() return RemovePictures(ok=True, message="Pictures have been deleted!")
def mutate(root, info, data, id_from_token): item = db.query(Item).filter_by(id=data.item_id).first() if item is None: raise Exception("No item was found with this ID!") if int(item.owner_id) != id_from_token: return EditItem(ok=False, message="Access denied!") if data.title is not None and data.title != item.title: item.title = data.title if data.about is not None and data.about != item.about: item.about = data.about if data.access_level is not None and data.access_level != item.access_level: item.access_level = AccessLevelEnum(data.access_level) if data.list_id is not None and data.list_id != item.list_id: item.list_id = data.list_id if data.degree is not None and data.degree != item.degree: item.degree = AccessLevelEnum(data.degree) commit_with_check(db) return EditItem(ok=True, message="Item edited!", edited_item=item)
def mutate(root, info, data, id_from_token): wishlist = db.query(Wishlist).filter_by(id=data.item_id) if wishlist is None: raise Exception("No wishlist was found with this ID!") if wishlist.user_id != id_from_token: return EditList(ok=False, message="Access denied!") if data.title is not None and data.title != wishlist.title: wishlist.title = data.title if data.about is not None and data.about != wishlist.about: wishlist.about = data.about if data.access_level is not None and data.access_level != wishlist.access_level: a_level = AccessLevelEnum(data.access_level) wishlist.access_level = a_level items_in_list = db.query(Item).filter_by(list_id=wishlist.id).all() for item in items_in_list: item.access_level = a_level commit_with_check(db) return EditList(ok=True, message="Wishlist edited!", edited_list=wishlist)
def mutate(root, info, user_data): if db.query(User).filter_by(email=user_data.email).first(): return ClassicRegisterUser( ok=False, message="An account is already registered for this mailbox") code = random.randint(100000, 999999) e_host.send_email(user_data.email, "Confirm actions", user_data.user_name, "other/fast_registration.txt", code) new_user = User(email=user_data.email, user_name=user_data.user_name, password_hash=au.get_password_hash(code)) try: db.add(new_user) commit_with_check(db) except: db.rollback() db.refresh(new_user) return ClassicRegisterUser(ok=True, message="Registration done!", ID=new_user.id)
def mutate(self, info, list_id, id_from_token, with_items): wlist = db.query(Wishlist).filter_by(id=list_id).first() if wlist is None: raise Exception("No wishlist with this ID found!") if wlist.user_id != id_from_token: return DeleteWishList(ok=False, message="Access denied!") if with_items: # TODO если не работают Cascade, то нужно удалять в остальных таблицах вручную try: db.delete(wlist) commit_with_check(db) except: db.rollback() return DeleteWishList(ok=True, message="Wishlist deleted with items!") else: items_in_list = db.query(Item).filter_by(list_id=list_id).all() for item in items_in_list: item.list_id = None return DeleteWishList( ok=True, message="Wishlist was deleted! Items are in default wishlist")
def mutate(self, info, group_id, lists_id, id_from_token): group_id = int(group_id) lists_id = [int(i) for i in lists_id] group = db.query(Group).filter_by(id=group_id).first() if group is None: raise Exception("No group with this ID found!") admin_role = db.query(GroupUser.role_in_group).filter_by( user_id=group.admin_id, group_id=group_id).first() user_role = db.query(GroupUser.role_in_group).filter_by( user_id=id_from_token, group_id=group_id).first() if admin_role.role_in_group == RoleEnum.FRIENDS: if user_role is not None and user_role.role_in_group == RoleEnum.FRIENDS: for list_id in lists_id: i = db.query(Wishlist).filter_by(id=list_id).first() if i.user_id == id_from_token: try: db.add( GroupList(group_id=group_id, wishlist_id=list_id)) commit_with_check(db) except: db.rollback() return AddLists(ok=True, message="WishLists have been added!") if admin_role.role_in_group == RoleEnum.ORGANIZER: if user_role is not None and user_role.role_in_group == RoleEnum.ORGANIZER: for list_id in lists_id: i = db.query(Item).filter_by(id=list_id).first() if i.user_id == id_from_token: try: db.add( GroupList(group_id=group_id, wishlist_id=list_id)) commit_with_check(db) except: db.rollback() return AddLists(ok=True, message="WishLists have been added!") return AddLists(ok=True, message="Access denied!")
def mutate(root, info, user_data): if db.query(User).filter_by(email=user_data.email).first(): return ClassicRegisterUser( ok=False, message="An account is already registered for this mailbox") if db.query(User).filter_by(nickname=user_data.nickname).first(): return ClassicRegisterUser( ok=False, message="An account is already registered for this nickname") new_user = User(email=user_data.email, password_hash=au.get_password_hash(user_data.password), user_name=user_data.user_name, nickname=user_data.nickname, userpic="users/user_0.png") try: db.add(new_user) commit_with_check(db) except: db.rollback() db.refresh(new_user) return ClassicRegisterUser(ok=True, message="Registration done!", ID=new_user.id)
def mutate(self, info, data, id_from_token): user = db.query(User).filter_by(id=id_from_token).first() # check for '' and info duplication in account if data.user_name is not None and data.user_name != user.user_name: user.user_name = data.user_name if data.surname is not None and data.surname != user.surname: user.surname = data.surname if data.about is not None and data.about != user.about: user.about = data.about if data.birthday is not None and data.birthday != user.birthday: user.birthday = data.birthday if data.nickname is not None and data.nickname != user.nickname and not\ db.query(User).filter_by(nickname=data.nickname).first(): user.nickname = data.nickname if data.email is not None and data.email != user.email and not\ db.query(User).filter_by(email=data.email).first(): user.email = data.email if data.phone_number is not None and data.phone_number != user.phone_number: user.phone_number = data.phone_number if data.phone_number is not None and data.phone_number != user.phone_number: user.phone_number = data.phone_number commit_with_check(db) return EditUser(ok=True, message="User edited!", edited_person=user)
def mutate(self, info, group_id, users_id, id_from_token): group_id = int(group_id) users_id = [int(i) for i in users_id] group = db.query(Group).filter_by(id=group_id).first() if group is None: raise Exception("No group with this ID found!") admin_role = db.query(GroupUser.role_in_group).filter_by( user_id=group.admin_id, group_id=group_id).first() user_role = db.query(GroupUser.role_in_group).filter_by( user_id=id_from_token, group_id=group_id).first() if admin_role.role_in_group == RoleEnum.FRIENDS: if user_role is not None and user_role.role_in_group == RoleEnum.FRIENDS: for user_id in users_id: try: db.add( GroupUser(group_id=group_id, user_id=user_id, role_in_group=admin_role)) commit_with_check(db) except: db.rollback() return AddUsers(ok=True, message="Users have been added!") if admin_role.role_in_group == RoleEnum.ORGANIZER: if user_role is not None and user_role.role_in_group == RoleEnum.ORGANIZER: for user_id in users_id: try: db.add( GroupUser(group_id=group_id, user_id=user_id, role_in_group=RoleEnum.GUEST)) commit_with_check(db) except: db.rollback() return AddUsers(ok=True, message="Users have been added!") return AddUsers(ok=False, message="Access denied!")