コード例 #1
0
    def put(self, user_id: int = None):
        """Updates user's info"""
        if user_id != current_user.id:
            raise InvalidUsage.user_not_authorized()
        args: Dict = user_info_parser.parse_args()

        newpwd = args.pop("password")
        pwdcheck = args.pop("password_check")

        if newpwd:
            if newpwd != pwdcheck:
                raise UserExceptions.password_check_invalid()
            current_user.password = newpwd

        photo: werkzeug.datastructures.FileStorage = args.pop("photo")

        if photo:
            photostorage = FileHandler(data=photo.stream,
                                       title=photo.filename,
                                       url=current_user._photo)
            photostorage.save()
            current_user.photo = photostorage

        for key, val in args.items():
            if hasattr(current_user, key) and val is not None:
                setattr(current_user, key, val)

        db.session.commit()

        return current_user
コード例 #2
0
    def delete(self, user_id: int, slug: str):
        if current_user.id != user_id and not g.identity.provides(
                RoleNeed("admin")):
            raise InvalidUsage.user_not_authorized()
        user_session = Session.get(slug=slug, user_id=user_id)
        user_session.delete(True)

        return
コード例 #3
0
    def user_lookup_callback(_jwt_header, jwt_data):

        from app.apis.v1.users.models import Session, User

        session = Session.get(token=jwt_data["jti"], user_id=jwt_data["user"])
        g.session = session
        if not session:
            raise InvalidUsage.invalid_session()
        user_id = jwt_data["user"]
        user = User.get(id=user_id)
        if not user or not user.active:
            raise InvalidUsage.user_not_authorized()

        identity = generate_principal_identity(user)
        identity_changed.send(app, identity=identity)

        return user
コード例 #4
0
    def delete(self, user_id: int = None):
        """Deletes user's account permenantly"""
        args = user_login_parser.parse_args()
        user = User.get(id=user_id)

        if user_id != current_user.id:
            if g.identity.can(Permission(RoleNeed("admin"))):
                return self.admin_delete_user(user)
            raise InvalidUsage.user_not_authorized()
        if (user.username != args.get("username", None)
                or user.password != args.get("password", None)
                or not args.get("confirm", False)):
            raise UserExceptions.wrong_login_creds()
        user.delete()
        response: Response = jsonify(
            {"message": "User Account deleted succefully!"})
        unset_jwt_cookies(response)
        return response
コード例 #5
0
 def wrapped(*args, **kwargs):
     identity: Identity = g.identity
     if not identity.can(
             Permission(need(kwargs.get(url_placeholder, "")))):
         raise InvalidUsage.user_not_authorized()
     return fn(*args, **kwargs)
コード例 #6
0
 def wrapped(*args, **kwargs):
     identity: Identity = g.identity
     if False in [identity.can(perm) for perm in permissions]:
         raise InvalidUsage.user_not_authorized()
     return fn(*args, **kwargs)
コード例 #7
0
 def wrapped(*args, **kwargs):
     identity: Identity = g.identity
     if not check_roles(identity=identity, roles=roles):
         raise InvalidUsage.user_not_authorized()
     return fn(*args, **kwargs)
コード例 #8
0
def permission_denied(e: PermissionDenied):
    return InvalidUsage.user_not_authorized().to_json()
コード例 #9
0
 def put(self, project_slug: str):
     """Update project's info"""
     if not g.identity.can(Permission(ProjectNeed(project_slug))):
         raise InvalidUsage.user_not_authorized()
     return Project.get(slug=project_slug)