def remove_team_json_access(json_id, team_id): try: # validate json exists json = Json.query.filter_by(id=json_id).first() if not json: message = notFound.format("JSON") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate team exists team = Team.query.filter_by(id=team_id).first() if not team: message = notFound.format("Team") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to json access = JsonAccessMap.query\ .filter_by(json=json_id, user=JWT.details['user_id'], type=TeamMemberType.OWNER.value)\ .first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # if team has access, remove access json_access = TeamJsonMap.query.filter_by(team=team_id, json=json_id).first() if json_access: json_access.delete() return response_with(resp.SUCCESS_200) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def remove_team_member(team_id, user_id): try: # validate team exists team = Team.query.filter_by(id=team_id).first() if not team: message = notFound.format("Team") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate user exists user_exists = User.query.filter_by(id=user_id).first() if not user_exists: message = notFound.format("User") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to team access = TeamMemberMap.query\ .filter_by(team=team_id, user=JWT.details['user_id'], type=TeamMemberType.OWNER.value) \ .first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # if team member exists, delete team_member = TeamMemberMap.query.filter_by(team=team_id, user=user_id).first() if team_member: team_member.delete() return response_with(resp.SUCCESS_200) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def add_team_member(team_id): try: data = request.get_json() # require user user = data.get("user") if not user: message = required.format("User") return response_with(resp.MISSING_PARAMETERS_422, message=message) # validate team exists team = Team.query.filter_by(id=team_id).first() if not team: message = notFound.format("Team") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate user exists user_exists = User.query.filter_by(id=user).first() if not user_exists: message = notFound.format("User") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to team access = TeamMemberMap.query\ .filter_by(team=team_id, user=JWT.details['user_id'], type=TeamMemberType.OWNER.value)\ .first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # if user does not have access, grant access access_already_exists = TeamMemberMap.query.filter_by( team=team_id, user=user).first() if not access_already_exists: # add access team_member_data = { "user": user, "team": team_id, "_type": TeamMemberType.MEMBER.value } team_member_map = TeamMemberMapSchema() team_member, error = team_member_map.load(team_member_data) team_member.create() return response_with(resp.SUCCESS_200) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def test_json_not_found(self): login = { "login": self.users[0]["login"], "password": self.users[0]["password"] } response = self.app.post( "/api/v1.0/login", data=json.dumps(login), content_type="application/json", ) data = json.loads(response.data) token = data['token'] headers = { 'Authorization': token } response = self.app.get( "/api/v1.0/json/99999", headers=headers, content_type="application/json", ) data = json.loads(response.data) self.assertEqual(404, response.status_code) self.assertIn('code', data) self.assertIn('message', data) self.assertEqual(notFound.format("JSON"), data['message'])
def get_user_details(uid): try: user = User.query.filter_by(id=uid).first() if not user: message = notFound.format("User") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) user_schema = UserSchema() user_data, error = user_schema.dump(user) json_count = Json.count_json(uid) team_count = Team.count_teams(uid) val = { 'id': user_data['id'], 'name': user_data['name'], 'surname': user_data['surname'], 'email': user_data['email'], 'login': user_data['login'], 'created': user_data['created'], 'updated': user_data['updated'], 'json_count': json_count, 'team_count': team_count } return response_with(resp.SUCCESS_200, value=val) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def get_team(team_id): try: # validate team exists team = Team.query.filter_by(id=team_id).first() if not team: message = notFound.format("Team") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to team access = TeamMemberMap.query.filter_by( team=team_id, user=JWT.details['user_id']).first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # response details team_schema = TeamSchema() team_data, error = team_schema.dump(team) team_member_schema = TeamMemberMapSchema() team_member_data, error = team_member_schema.dump(access) val = { 'id': team_data['id'], 'name': team_data['name'], 'type': team_member_data['type'], 'created': team_data['created'], 'updated': team_data['updated'] } return response_with(resp.SUCCESS_200, value=val) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def get_json(json_id): try: # validate json exists json = Json.query.filter_by(id=json_id).first() if not json: message = notFound.format("JSON") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to json access = JsonAccessMap.query.filter_by( json=json_id, user=JWT.details['user_id']).first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # response details access_schema = JsonAccessMapSchema() json_access_data, error = access_schema.dump(access) json_schema = JsonSchema() json_data, error = json_schema.dump(json) val = { 'id': json_data['id'], 'data': json_data['data'], 'permission': json_access_data['type'], 'created': json_data['created'], 'updated': json_data['updated'] } return response_with(resp.SUCCESS_200, value=val) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def test_give_team_access_team_not_found(self): # Get JWT for user 0 login = { "login": self.users[0]["login"], "password": self.users[0]["password"] } response = self.app.post( "/api/v1.0/login", data=json.dumps(login), content_type="application/json", ) data = json.loads(response.data) headers = {'Authorization': data['token']} team_data = { "user": db.session.query( User.id).filter(User.login == self.users[1]['login']).scalar() } response = self.app.post("/api/v1.0/team/{}/access".format( fake.ean13()), headers=headers, content_type="application/json", data=json.dumps(team_data)) data = json.loads(response.data) self.assertEqual(404, response.status_code) self.assertEqual(notFound.format("Team"), data['message'])
def give_team_json_access(json_id, team_id): try: # validate json exists json = Json.query.filter_by(id=json_id).first() if not json: message = notFound.format("JSON") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate team exists team = Team.query.filter_by(id=team_id).first() if not team: message = notFound.format("Team") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to json access = JsonAccessMap.query\ .filter_by(json=json_id, user=JWT.details['user_id'], type=JsonAccessMapType.OWNER.value)\ .first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # if user does not have access, grant access access_already_exists = TeamJsonMap.query.filter_by( team=team_id, json=json_id).first() if not access_already_exists: # add access team_access_data = { "team": team_id, "json": json_id, } team_json_json_map = TeamJsonMapSchema() team_json, error = team_json_json_map.load(team_access_data) team_json.create() val = {"team": team_id, "json": json_id} return response_with(resp.SUCCESS_200, value=val) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def update_user(uid): try: data = request.get_json() name = data.get("name") if not name: message = required.format("Name") return response_with(resp.MISSING_PARAMETERS_422, message=message) surname = data.get("surname") if not surname: message = required.format("Surname") return response_with(resp.MISSING_PARAMETERS_422, message=message) email = data.get("email") if not email: message = required.format("Email") return response_with(resp.MISSING_PARAMETERS_422, message=message) # validate user exists user = User.query.filter_by(id=uid).first() if not user: message = notFound.format("User") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to user access = User.query.filter_by(id=JWT.details['user_id']).first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # update user user.update(name, surname, email) # response details return get_user_details(uid) except IntegrityError: message = exists.format("Name") return response_with(resp.INVALID_INPUT_422, message=message) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)
def test_give_team_access_user_not_found(self): # Get JWT for user 0 login = { "login": self.users[0]["login"], "password": self.users[0]["password"] } response = self.app.post( "/api/v1.0/login", data=json.dumps(login), content_type="application/json", ) data = json.loads(response.data) token_user_0 = data['token'] headers = {'Authorization': token_user_0} team_data = {"name": fake.company()} response = self.app.post("/api/v1.0/team", headers=headers, content_type="application/json", data=json.dumps(team_data)) data = json.loads(response.data) self.assertEqual(200, response.status_code) self.assertIn('message', data) self.assertIn('team', data) self.assertEqual(team_data['name'], data['team']['name']) self.teams.append(data['team']['id']) team_data = {"user": fake.ean13()} response = self.app.post("/api/v1.0/team/{}/access".format( data['team']['id']), headers=headers, content_type="application/json", data=json.dumps(team_data)) data = json.loads(response.data) self.assertEqual(404, response.status_code) self.assertEqual(notFound.format("User"), data['message'])
def update_team(team_id): try: data = request.get_json() name = data.get("name") if not name: message = required.format("Name") return response_with(resp.MISSING_PARAMETERS_422, message=message) # validate team exists team = Team.query.filter_by(id=team_id).first() if not team: message = notFound.format("Team") return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # validate access to team access = TeamMemberMap.query.filter_by( team=team_id, user=JWT.details['user_id']).first() if not access: message = permission return response_with(resp.NOT_FOUND_HANDLER_404, message=message) # update team team.update(name) # response details team_schema = TeamSchema() team_data, error = team_schema.dump(team) return response_with(resp.SUCCESS_200, value={"team": team_data}) except IntegrityError: message = exists.format("Name") return response_with(resp.INVALID_INPUT_422, message=message) except Exception as e: logging.error(e) return response_with(resp.SERVER_ERROR_500)