def demote_user(instid): user = session.query(User).filter_by(id=instid).first() if not user: return "User not found", 404 user.roles = [] session.commit() return "user demoted", 200
def delete_user(instid): user = session.query(User).filter_by(id=instid).first() if not user: return "User not found", 404 session.delete(user) session.commit() return "user deleted", 200
def promote_user(instid): user = session.query(User).filter_by(id=instid).first() adminRole = session.query(Role).filter_by(name='Admin').first() if not user: return "User not found", 404 if not adminRole: return "Admin role not found", 404 user.roles = [adminRole] session.commit() return "user promoted", 200
def set_password(instid): data = json.loads(request.data) user = session.query(User).filter_by(id=instid).first() if not user: return "User not found", 404 # should eventually perform check in password complexity if data.has_key('password') and data['password']: user.password = user_manager.hash_password(data['password']) session.commit() return "password updated for user %s" % user.email, 200 else: return "missing password", 400
def patch_user(instid): data = json.loads(request.data) user = session.query(User).filter_by(id=instid).first() if not user: return "User not found", 404 for k,v in data.items(): try: if k not in ['id','password','roles']: setattr(user,k,v) except AttributeError: pass session.commit() return "user patched", 200
def genkey(instid): data = json.loads(request.data) user = session.query(User).filter_by(id=instid).first() if not user: return "User not found", 404 # should eventually perform check in password complexity if data.has_key('name') and data['name']: key = APIKey() key.name = data['name'] key.user = user token = maketoken() key.token = token #encrypt later session.add(key) session.commit() return json.dumps({'token':token}) else: return "missing key name", 400
def init_database(dbengine, session): """initialize database""" Base.metadata.create_all(dbengine) session.expire_all() # init roles and test users # this should go somewhere else later for role in ['Admin','Instrument','Time Series', 'API']: if not session.query(Role).filter_by(name=role).count(): r = Role(name=role) session.add(r) session.commit() if not session.query(User).filter_by(email='*****@*****.**').count(): u = User( first_name='Test', last_name='Admin', email='*****@*****.**', username='******', password=user_manager.hash_password('12345678'), is_enabled=True) r = session.query(Role).filter_by(name='Admin').first() u.roles.append(r) session.add(u) session.commit() if not session.query(User).filter_by(email='*****@*****.**').count(): u = User( first_name='Test', last_name='User', email='*****@*****.**', username='******', password=user_manager.hash_password('12345678'), is_enabled=True) session.add(u) session.commit()