class UserByID(Resource):
"""
Manipulations with a specific user.
"""
@api.permission_required(
permissions.OwnerRolePermission,
kwargs_on_request=lambda kwargs: {'obj': kwargs['user']}
)
@api.response(schemas.UserSchema())
def get(self, user):
"""
Get user details by ID.
"""
return user
@api.login_required(oauth_scopes=['users:write'])
@api.permission_required(
permissions.OwnerRolePermission,
kwargs_on_request=lambda kwargs: {'obj': kwargs['user']}
)
@api.permission_required(permissions.WriteAccessPermission())
@api.parameters(parameters.PatchUserDetailsParameters())
@api.response(schemas.UserSchema())
def patch(self, args, user):
"""
Patch user details by ID.
"""
with api.commit_or_abort(
db.session,
default_error_message="Failed to update user details."
):
parameters.PatchUserDetailsParameters.perform_patch(args, user)
db.session.merge(user)
return user
class UserFollowingUpdate(Resource):
@api.login_required(oauth_scopes=['users:write'])
@api.permission_required(permissions.OwnerRolePermission())
@api.permission_required(permissions.WriteAccessPermission())
@api.response(schemas.UserSchema())
def patch(self, uid):
"""Follow a new user
"""
# TODO: do not follow himself
with api.commit_or_abort(
db.session,
default_error_message="Failed to update following relationships"
):
user = User.query.get_or_404(current_user.id)
user.follows(uid)
return user
@api.login_required(oauth_scopes=['users:write'])
@api.permission_required(permissions.OwnerRolePermission())
@api.permission_required(permissions.WriteAccessPermission())
@api.response(schemas.UserSchema())
def delete(self, uid):
"""Un-follow a user
"""
# TODO: do not follow himself
with api.commit_or_abort(
db.session,
default_error_message="Failed to update following relationships"
):
user = User.query.get_or_404(current_user.id)
user.unfollows(uid)
return user
class UserAllFollowing(Resource):
@api.login_required(oauth_scopes=['users:read'])
@api.permission_required(permissions.OwnerRolePermission())
@api.parameters(PaginationParameters())
@api.response(schemas.UserSchema(many=True))
def get(self, args):
"""Get all following users of current user
"""
return User.query_all_following(current_user.id) \
.offset(args['offset']).limit(args['limit'])
class UserMe(Resource):
"""
Useful reference to the authenticated user itself.
"""
@api.response(schemas.UserSchema())
def get(self):
"""
Get current user details.
"""
return User.query.get_or_404(current_user.id)
def test_UserSchema_dump_user_instance(user_instance):
user_instance.password = "******"
dumped_result = schemas.UserSchema().dump(user_instance)
assert dumped_result.errors == {}
assert 'password' not in dumped_result.data
print(dumped_result.data.keys())
assert set(dumped_result.data.keys()) == {
'id', 'username', 'first_name', 'middle_name', 'last_name',
'followers', 'following', 'bio', 'email', 'country', 'organization',
'github', 'created', 'updated', 'is_active', 'is_admin',
'is_regular_user'
}
class Users(Resource):
"""
Manipulations with users.
"""
@api.login_required(oauth_scopes=['users:read'])
@api.permission_required(permissions.AdminRolePermission())
@api.parameters(PaginationParameters())
@api.response(schemas.UserSchema(many=True))
def get(self, args):
"""
List of all users.
Returns a list of users starting from ``offset`` limited by ``limit``
parameter.
"""
return User.query.offset(args['offset']).limit(args['limit'])
@api.parameters(parameters.AddUserParameters())
@api.response(schemas.UserSchema())
@api.doc(id='create_user')
def post(self, args):
"""
Create a new user.
"""
with api.commit_or_abort(
db.session,
default_error_message="Failed to create a new user."
):
new_user = User(
is_active=True,
is_regular_user=True,
**args
)
db.session.add(new_user)
return new_user
def test_BaseUserSchema_dump_empty_input():
dumped_result = schemas.UserSchema().dump({})
assert dumped_result.errors == {}
assert dumped_result.data == {}