def post(self):
args = entity_parser.parse_args()
if Entity.query.filter_by(name=args.get("name")).count() > 0:
raise InvalidUsage.custom_error(
"There's an entity with the same name", 401)
entity = Entity(**args)
entity.save()
return entity
def post(self, role_id: int):
role = Role.get(id=role_id)
if not role:
raise abort(404)
args = self.parser.parse_args()
entity = Entity.get(id=args.pop("entity_id"))
if not entity:
raise InvalidUsage.custom_error("invalid entity", 401)
role.add_entity(entity, **args)
return role
def put(self, role_id: int):
role = Role.get(id=role_id)
if not role:
raise abort(404)
args = self.parser.parse_args()
entity_id = args.pop("entity_id")
entity: List[Entity] = [
ent for ent in role.entity_permissions
if ent.entity_id == entity_id
]
if len(entity) != 1:
raise InvalidUsage.custom_error("invalid entity", 401)
entity[0].update(ignore_none=True, **args)
return role
def normalize_errors(e: Exception):
error_log = ErrorLog(e)
from app.database import db
db.session.rollback()
error_log.save(True)
return InvalidUsage.custom_error(
getattr(
e, "msg", getattr(e, "error", getattr(e, "message", "Undefined error"))
),
code=getattr(e, "code", 404),
).to_json()
def post(self, project_slug: str):
users_ids: List[int] = self.parser.parse_args()
users: List[User] = User.query.filter(User.id.in_(users_ids)).all()
if len(users) != len(users_ids):
raise InvalidUsage.custom_error("Users data supplied are invalid",
401)
return [{
"id": user.id,
"name": user.name,
"email": user.email,
} for user in users]
def post(self, role_id: int):
role_ = Role.get(role_id)
if not role_:
raise abort(404)
args = user_ids_parser.parse_args()
if User.query.filter(User.id.in_(args.get("users"))).count() != len(
args.get("users")):
raise InvalidUsage.custom_error("Can't add these users", 401)
db.session.add_all([
UserRoles(user_id=user_id, role=role_) for user_id in args["users"]
])
db.session.commit()
return role_
def post(self):
"""Creates new user - requires admin permission-."""
organization_args: dict = dict(
(k.replace("organization_", ""), v)
for (k, v) in organization_parser.parse_args().items())
user_args: dict = self.user_signup_parser.parse_args()
user_position = user_args.pop("position")
department_args: dict = dict(
(k.replace("dep_", ""), v)
for (k, v) in department_parser.parse_args().items())
use_user_info = organization_args.pop("my_info", False)
if use_user_info:
organization_args.update({
"email": user_args.get("email"),
"phone": user_args.get("phone")
})
if (Organization.query.filter(
func.lower(Organization.name) == organization_args.get(
"name", "").lower()).count() > 0):
raise InvalidUsage.custom_error(
"Organization already registered, kindly " +
"contact responsible person to send you an invitation",
401,
)
photo: werkzeug.datastructures.FileStorage = user_args.pop("photo")
if photo:
photostorage = FileHandler(data=photo.stream, title=photo.filename)
user_args["photo"] = photostorage
user = User(**user_args)
user.save()
user.add_roles(Role.get(name="user"))
db.session.flush()
organization = Organization(**organization_args,
contact_user_id=user.id)
organization.save()
db.session.flush()
if len([val
for val in department_args.values() if val is not None]) > 0:
if user_position.lower() == "ceo":
raise InvalidUsage.custom_error(
"CEO can only be specified with no department", 401)
department = OrganizationDepartment(**department_args,
org=organization)
department.save()
db.session.flush()
else:
department = None
affiliation = UserAffiliation(user=user,
org=organization,
position=user_position,
org_dep=department)
affiliation.save()
db.session.commit()
photostorage.save()
return user
def invalid_csrf(e: CSRFError):
return InvalidUsage.custom_error("Please log-in first.", 402).to_json()