def get_gallery(token_payload, gallery_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Request Blocked. User Token not Valid.') if not gallery_id: abort(400, 'gallery_id field is empty') target_gallery = Gallery.query.filter_by(id=gallery_id).first() if not target_gallery: abort(404, 'Gallery not found.') target_owner = User.query.filter_by(id=target_gallery.user_id).first() if not target_owner: abort(404, 'Gallery Owner not found.') if logged_user.id != target_owner.id: if not target_owner.is_following(logged_user): abort(401, 'User not Following you.') output = [] gallery_data = {} gallery_data['galleryname'] = target_gallery.galleryname gallery_data['username'] = target_owner.username gallery_data['user_id'] = target_owner.id output.append(gallery_data) return jsonify({'Gallery': output}), 200
def delete_image(token_payload, image_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Logged in user does not exist.') if not image_id: abort(400, 'Gallery id field is empty.') if len(image_id) > Image.store_id.property.columns[0].type.length: abort(413, 'Payload Too Large') target_image = Image.query.filter_by(store_id=image_id).first() if not target_image: abort(404, 'Image not Found.') if target_image.user_id != logged_user.id: # Only Image owner has permission to delete. abort(403, 'Permission Denied.') if not sm.delete_image(target_image.store_id, target_image.get_locations()): abort(500, "Server error occurred while processing request") db.session.delete(target_image) # Comments also get deleted. db.session.commit() return jsonify({'message': 'Image successfully deleted.'}), 200
def delete_gallery(token_payload, gallery_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Logged in user does not exist.') if not gallery_id: abort(400, 'gallery_id field is empty.') requested_gallery = Gallery.query.filter_by(id=gallery_id, author=logged_user).first() if not requested_gallery: abort(404, 'Gallery not Found.') requested_images = Image.query.filter_by(gallery_id=gallery_id).all() if requested_images: # If the gallery has images, delete every image before deleting the gallery. for image in requested_images: sm.delete_image(image.store_id, image.get_locations()) db.session.delete(image) db.session.delete( requested_gallery ) # All the orphans of the gallery get deleted as well (comments) db.session.commit() return jsonify({'message': 'Gallery Deleted.'}), 200
def add_friend(token_payload): generate_token_user( token_payload) # If user is not in the app-logic database, add him. logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Request Blocked. User Token not Valid.') username = request.json.get('username') # Get username to follow from JSON if not username: abort(400, 'username field is empty') if not generate_user( str(username) ): # generate_user returns False if the User does not exist in Auth Database. abort(404, 'User {} not Found.'.format(repr(username))) user = User.query.filter_by(username=username).first() if not user: abort(404, 'User {} not Found.'.format(repr(username))) if user.id == logged_user.id: abort(403, 'Cannot Follow Yourself.') if logged_user.is_following(user): return jsonify({'message': 'User already followed.'}), 200 logged_user.follow(user) db.session.commit() return jsonify({'message': 'User added to your Friends.'}), 201
def list_galleries(token_payload): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Request Blocked. User Token not Valid.') galleries = logged_user.followers_galleries().all( ) # Queries all the galleries of all the users # that follow our user. if not galleries: return jsonify({'message': 'No galleries found.'}), 204 output = [] for gallery in galleries: gallery_data = {} gallery_data['galleryname'] = gallery.galleryname gallery_data['id'] = gallery.id gallery_data['username'] = User.query.filter_by( id=gallery.user_id).first().username output.append(gallery_data) return jsonify({'Galleries': output}), 200
def delete_friend(token_payload): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Request Blocked. User Token not Valid.') username = request.json.get('username') if not username: abort(400, 'username field is empty') if not generate_user( username ): # generate_user returns False if the User does not exist in Auth Database. abort(404, 'User {} not Found.'.format(repr(username))) user = User.query.filter_by(username=username).first() if not user: abort(404, 'User {} not Found.'.format(repr(username))) if user.id == logged_user.id: abort(403, 'Cannot Unfollow Yourself.') if not logged_user.is_following(user): return jsonify({'message': 'User already not followed.'}), 200 logged_user.unfollow(user) db.session.commit() return jsonify({'message': 'Friend Removed.'}), 200
def upload_image(token_payload, gallery_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Request Blocked. User Token not Valid.') if not gallery_id: abort(400, 'Gallery id field is empty.') target_gallery = Gallery.query.filter_by(id=gallery_id).first() if not target_gallery: abort(404, 'Gallery not Found.') if 'file' not in request.files: # Search for 'file' in the passed files. abort(400, 'No file part') file = request.files['file'] if file.filename == '': abort(400, 'No selected file') if not file: abort(400, 'No proper file object.') if not allowed_file(file.filename): # Check if file type is allowed. abort(400, 'File type not allowed.') image_id = random_generator( ) # A random, 12 character, alpharethmetic image id. locations = sm.upload_image( image_id, file) # Uploads image in two randomly selected storage servers # and returns the two storage server id's that the image was uploaded. if locations is None: abort(500, "Server error occurred while processing request") # Adds Image in the Database. image = Image(store_id=image_id, storage_1=locations[0], storage_2=locations[1], author=target_gallery, image_author=logged_user) db.session.add(image) db.session.commit() return jsonify({'message': 'Image Uploaded.'}), 201
def view_image_comment(token_payload, image_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Logged in user does not exist.') if not image_id: abort(400, 'Image id field is empty.') target_image = Image.query.filter_by(store_id=image_id).first() if not target_image: abort(404, 'Image not Found.') target_user = User.query.filter_by(id=target_image.user_id).first() if not target_user: abort(404, 'Gallery owner not found.') if logged_user.id != target_user.id: if not target_user.is_following(logged_user): abort(403, 'Access Forbidden. User is not Following you.') image_comments = Comment.query.filter_by(image_id=target_image.id, image_author=target_image) if not image_comments: return jsonify({'message': 'No comments found.'}), 204 output = [] for comment in image_comments: comment_data = {} comment_data['username'] = User.query.filter_by( id=comment.user_id).first().username comment_data['comment_id'] = comment.id comment_data['body'] = comment.body output.append(comment_data) return jsonify({'comments': output}), 200
def delete_image_comments(token_payload, comment_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Logged in user does not exist.') if not comment_id: abort(400, 'comment_id field is empty.') requested_comment = Comment.query.filter_by( id=comment_id, comment_author=logged_user).first() if not requested_comment: abort(404, 'Comment not Found.') db.session.delete(requested_comment) db.session.commit() return jsonify({'message': 'Gallery Deleted.'}), 200
def get_following(token_payload): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: # Probably not necessary. abort(403, 'Request Blocked. User Token not Valid.') users = logged_user.followed.all() if not users: return jsonify({'message': 'No friends found.'}), 204 output = [] for user in users: user_data = {} user_data['id'] = user.id user_data['username'] = user.username output.append(user_data) return jsonify({'Followed users': output}), 200
def post_image_comment(token_payload, image_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Logged in user does not exist.') if not request.json['body']: abort(400, 'body field is empty.') if len(request.json['body'] ) > Comment.body.property.columns[0].type.length: abort(413, 'Payload Too Large') if not image_id: abort(400, 'Image id field is empty.') target_image = Image.query.filter_by(store_id=image_id).first() if not target_image: abort(404, 'Image not Found.') target_user = User.query.filter_by(id=target_image.user_id).first() if not target_user: abort(404, 'Gallery owner not found.') if logged_user.id != target_user.id: if not target_user.is_following(logged_user): abort(403, 'Access Forbidden. User is not Following you.') image_comment = Comment(body=request.json['body'], comment_author=logged_user, image_author=target_image) db.session.add(image_comment) db.session.commit() return jsonify({'message': 'Submitted Comment.'}), 201
def view_gallery(token_payload, gallery_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Logged in user does not exist.') if not gallery_id: abort(400, 'Gallery id field is empty.') target_gallery = Gallery.query.filter_by(id=gallery_id).first() if not target_gallery: abort(404, 'Gallery not Found.') target_user = User.query.filter_by(id=target_gallery.user_id).first() if not target_user: abort(404, 'Gallery owner not found.') if logged_user.id != target_user.id: if not target_user.is_following(logged_user): abort(403, 'Access Forbidden. User is not Following you.') gallery_images = Image.query.filter_by(gallery_id=target_gallery.id).all() if not gallery_images: return jsonify({'message': 'No images in gallery.'}), 204 output = [] for image in gallery_images: image_data = {} image_data['image_id'] = image.store_id image_data['image_url'] = sm.get_image_url(image.store_id, image.get_locations()) output.append(image_data) return jsonify({'gallery_images': output}), 200
def post_gallery_comment(token_payload, gallery_id): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Logged in user does not exist.') if not request.json['body']: abort(400, 'body field is empty.') if len(request.json['body']) > 1024: # Accepted comment size. abort(413, 'Payload Too Large') if not gallery_id: abort(400, 'Gallery id field is empty.') target_gallery = Gallery.query.filter_by(id=gallery_id).first() if not target_gallery: abort(404, 'Gallery not Found.') target_user = User.query.filter_by(id=target_gallery.user_id).first() if not target_user: abort(404, 'Gallery owner not found.') if logged_user.id != target_user.id: if not target_user.is_following(logged_user): abort(403, 'User is not Following you.') gallery_comment = GalleryComment(body=request.json['body'], g_comment_author=logged_user, gallery_author=target_gallery) db.session.add(gallery_comment) db.session.commit() return jsonify({'message': 'Submitted Comment.'}), 201
def list_user_galleries(token_payload, username): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Request Blocked. User Token not Valid.') if not username: abort(400, 'username field is empty') if not generate_user( username ): # generate_user returns False if the User does not exist in Auth Database. abort(404, 'User {} not Found.'.format(repr(username))) target_user = User.query.filter_by(username=username).first() if not target_user: abort(404, 'User {} not Found.'.format(repr(username))) if logged_user.id != target_user.id: if not target_user.is_following(logged_user): abort(401, 'User not Following you.') galleries = Gallery.query.filter_by(user_id=target_user.id).all() if not galleries: return jsonify({'message': 'No galleries found.'}), 204 output = [] for gallery in galleries: gallery_data = {} gallery_data['galleryname'] = gallery.galleryname gallery_data['id'] = gallery.id output.append(gallery_data) return jsonify({'Galleries': output}), 200
def create_gallery(token_payload): generate_token_user(token_payload) logged_user = User.query.filter_by(auth_id=token_payload['sub']).first() if logged_user is None: abort(403, 'Request Blocked. User Token not Valid.') galleryname = request.json['galleryname'] if not galleryname: abort(400, 'Gallery Name field is empty.') # The user cannot have two galleries with the same name. if Gallery.query.filter_by(galleryname=galleryname, author=logged_user).first(): return jsonify({'message': 'Gallery name already exists.'}), 200 new_gallery = Gallery(galleryname=galleryname, author=logged_user) db.session.add(new_gallery) db.session.commit() return jsonify({'message': 'Gallery Created.'}), 201