def update_profile(id): request_data = request.get_json() if not request_data: return bad_request("No input data provided") try: data = ProfileSchema().load(request_data) except ValidationError as error: return error_response(422, error.messages) try: user = User.find_by_id(id) profile = Profile.find_by_id(user.profile.id) profile.firstname = data.get('firstname').title() profile.lastname = data.get('lastname').title() profile.bio = data.get('bio') prof = Profile.find_by_username(data.get('username')) if prof is not None: if prof.user_id != id: return bad_request('Username is already taken.') profile.username = data.get('username') profile.save() response = jsonify({'message': 'Successfully updated your profile'}) response.status_code = 200 return response except Exception: return error_response(500, 'Something went wrong, please try again.')
def add_tag(user): req_data = request.get_json() if not req_data: return bad_request('No request data provided') try: data = TagSchema().load(req_data) except ValidationError as err: print(err) return error_response(422, err.messages) name = data.get('name') # check for existing tag tag = Tag.query.filter(Tag.name == name).first() if tag: return bad_request(f'Tag with name "{name}" already exists.') tag = Tag(name=name) try: tag.save() except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.') return jsonify(TagSchema().dump(tag))
def update_profile(user): request_data = request.get_json() print(request_data) if not request_data: return bad_request("No input data provided") try: data = ProfileSchema().load(request_data) except ValidationError as error: return error_response(422, error.messages) profile = user.profile profile.username = data.get('username') profile.name = data.get('name') profile.dob = data.get('dob') profile.bio = data.get('bio') try: profile.save() except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.') else: return jsonify(ProfileSchema().dump(profile))
def update_user(id): request_data = request.get_json() if not request_data: return bad_request("No input data provided") try: data = ProfileSchema().load(request_data) user = User.find_by_id(id) existing_user = User.find_by_identity(data.get('auth')['username']) if existing_user is not None: if existing_user.id != user.id: return bad_request(f'Username already exists.') # update user user.profile.name = data.get('name') user.profile.bio = data.get('bio') user.profile.dob = data.get('dob') user.username = data.get('auth')['username'] user.is_active = data.get('auth')['is_active'] user.is_admin = data.get('auth')['is_admin'] user.save() return jsonify(UserSchema().dump(user)) # handle errors except ValidationError as err: return error_response(422, err.messages) except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.')
def update_group(id): request_data = request.get_json() if not request_data: return bad_request('No input data provided.') try: data = GroupSchema().load(request_data) # check for existing group name group = Group.find_by_id(id) existing_group = Group.find_by_name(name=data.get('name')) if existing_group is not None: if existing_group.id != group.id: return bad_request(f'Group already exists.') group.name = data.get('name') group.description = data.get('description') group.save() return jsonify(GroupSchema().dump(group)) # handle errors except ValidationError as err: return error_response(422, err.messages) except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.')
def add_group(): request_data = request.get_json() if not request_data: return bad_request('No input data provided.') try: data = GroupSchema().load(request_data) name = data.get('name') description = data.get('description') # check for existing group name group = Group.find_by_name(name=name) if group: return bad_request('Group already exist.') group = Group(name=name, description=description) group.save() response = jsonify(GroupSchema().dump(group)) response.status_code = 201 response.headers['Location'] = url_for('admin.get_group', id=group.id) return response # handle errors except ValidationError as err: return error_response(422, err.messages) except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.')
def wrapper(*args, **kwargs): auth_header = request.headers.get('Authorization') if not auth_header: return error_response(403, message='No authorization.') token = auth_header.split(" ")[1] payload = User.decode_auth_token(token) if not isinstance(payload, dict): return error_response(401, message=payload) user = User.find_by_id(payload.get('id')) if user is None or user.is_active is not True: return error_response(401, message='Invalid token.') return func(payload.get('id'), *args, **kwargs)
def register_user(): request_data = request.get_json() if not request_data: return bad_request("No input data provided") try: data = AuthSchema().load(request_data) except ValidationError as err: return error_response(422, err.messages) email = data.get('email') password = data.get('password') firstname = data.get('firstname').title() lastname = data.get('lastname').title() try: # check for existing user user = User.query.filter(User.email == email).first() if user: return bad_request('Sorry. That user already exists.') # add new user to db profile = Profile(firstname=firstname, lastname=lastname) profile.username = profile.set_username() profile.avatar = profile.set_avatar(email) user = User(email=email, password=password, profile=profile) user.save() response = jsonify({ 'token': user.encode_auth_token(user.id).decode(), }) response.status_code = 201 response.headers['Location'] = url_for('auth.get_user', id=user.id) return response # handle errors except (exc.IntegrityError, ValueError): db.session.rollback() return error_response(500, 'Something went wrong, please try again.')
def delete_profile(id): try: user = User.find_by_id(id) user.delete() response = jsonify({'message': 'Successfully deleted your account'}) response.status_code = 200 return response except Exception: return error_response(500, 'Something went wrong, please try again.')
def delete_notification(user, notif_id): try: notif = Notification.find_by_id(notif_id) if not notif: return not_found('Notification not found.') if user.id != notif.owner_id: return error_response(403, "Not allowed!") notif.delete() return {'message': 'Successfully removed.'} except (IntegrityError, ValueError) as e: db.session.rollback() print(e) return server_error('Something went wrong, please try again.')
def delete_comment(user, post_id, comment_id): comment = Comment.find_by_id(comment_id) if not comment: return not_found('Comment not found.') if comment.user_id != user.id: return error_response(401, 'Not authorized for that action.') try: comment.delete() except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.') else: return jsonify(CommentSchema().dump(comment.id))
def delete_post(user, post_id): post = Post.find_by_id(post_id) if not post: return not_found('Post not found.') if post.user_id != user.id: return error_response(401, "You cannot delete someone else's post.") try: post.delete() except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.') else: return jsonify(PostSchema().dump(post.id))
def login_user(): data = request.get_json() if data is None: return bad_request("No input data provided") try: # check for existing user user = User.find_by_email(data.get('email')) if user and user.check_password(data.get('password')): return jsonify({'token': user.encode_auth_token()}) else: return error_response(401, 'Incorrect email or password.') except Exception: return server_error('Something went wrong, please try again.')
def update_post(user, post_id): post_data = request.get_json() post = Post.find_by_id(post_id) if not post: return not_found('Post not found.') if post.user_id != user.id: return error_response(401, "You cannot update someone else's post.") post.body = post_data.get('post') try: post.save() except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.') else: return jsonify(PostSchema().dump(post))
def add_user(): request_data = request.get_json() if not request_data: return bad_request("No input data provided") try: data = AuthSchema().load(request_data) email = data.get('email') password = data.get('password') name = data.get('name') username = data.get('username') # check for existing user user = User.query.filter((User.email == email) | (User.username == username)).first() if user is not None: return bad_request('That user already exists.') # add new user to db profile = Profile(name=name) user = User(password=password) user.email = email user.username = username user.is_active = data.get('is_active') or False user.is_admin = data.get('is_admin') or False user.profile = profile user.save() response = jsonify(UserSchema().dump(user)) response.status_code = 201 response.headers['Location'] = url_for('admin.get_user', id=user.id) return response # handle errors except ValidationError as err: return error_response(422, err.messages) except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.')
def register_user(): post_data = request.get_json() if not post_data: return bad_request("No input data provided") try: data = AuthSchema(partial=True).load(post_data) except ValidationError as err: return error_response(422, err.messages) name = data.get('name') username = data.get('username') email = data.get('email') password = data.get('password') # check for existing user user = User.query.filter(User.email == email).first() if user: return bad_request('That user already exists.') profile = Profile() profile.name = name profile.username = username profile.avatar = profile.set_avatar(email) user = User(password=password) user.email = email user.profile = profile try: user.save() except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.') response = jsonify({'token': user.encode_auth_token()}) response.status_code = 201 response.headers['Location'] = url_for('users.get_user', id=user.id) return response
def update_profile(user): request_data = request.get_json() if not request_data: return bad_request("No input data provided") try: data = ProfileSchema().load(request_data) profile = user.profile profile.name = data.get('name') profile.dob = data.get('dob') profile.bio = data.get('bio') profile.save() return jsonify(ProfileSchema().dump(profile)) except ValidationError as error: return error_response(422, error.messages) except Exception: return server_error('Something went wrong, please try again.')
def delete_message(user, msg_id): del_for_user = request.args.get('userOnly') try: message = Message.find_by_id(msg_id) if not message: return not_found('Message not found.') if del_for_user: user.delete_message_for_me(message) return {'message': 'Successfully deleted for you.'} if user.id != message.author_id: return error_response(403, "Cannot delete another user's message.") db.session.delete( Notification.find_by_attr(subject='message', item_id=msg_id)) message.delete() return {'message': 'Successfully deleted.'} except (IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.')
def login_user(): request_data = request.get_json() if request_data is None: return bad_request("No input data provided") try: data = AuthSchema(partial=True).load(request_data) # check for existing user user = User.find_by_email(data.get('email')) user.update_activity_tracking(request.remote_addr) if user and user.check_password(data.get('password')): return jsonify({ 'token': user.encode_auth_token(user.id).decode(), }) else: return error_response(401, 'Incorrect email or password.') except Exception: return bad_request('Invalid payload, please try again.')
def delete_post(user, post_id): post = Post.find_by_id(post_id) if not post: return not_found('Post not found.') if post.user_id != user.id: return error_response(401, "You cannot delete someone else's post.") post_notif = Notification.find_by_attr(subject='post', item_id=post.id) comment_notif = Notification.find_by_attr(subject='comment', item_id=post.id) [db.session.delete(notif) for notif in post_notif] if post_notif \ else db.session.delete(comment_notif) try: post.delete() except (exc.IntegrityError, ValueError): db.session.rollback() return server_error('Something went wrong, please try again.') else: return {'message': 'Post was successfuly deleted.'}