def __post__(self, result_types=None): request_data = request.get_json() # Handle some sloppy category data. if 'category' in request_data and (not request_data['category'] or not request_data['category']['id']): del request_data['category'] try: search = SearchSchema().load(request_data) except ValidationError as e: raise RestException(RestException.INVALID_OBJECT, details=e.messages) try: # Overwrite the result types if requested. if not search.types and result_types: search.types = result_types results = elastic_index.search(search) except elasticsearch.ElasticsearchException as e: raise RestException(RestException.ELASTIC_ERROR, details=json.dumps(e.info)) search.reset() # zero out any existing counts or data on the search prior to populating. search.total = results.hits.total if search.map_data_only: return self.map_data_only_search_results(search, results) else: return self.full_search_results(search, results)
def post(self, flow, questionnaire_name): flow = Flows.get_flow_by_name(flow) if flow is None: raise RestException(RestException.NOT_FOUND) if not flow.has_step(questionnaire_name): raise RestException(RestException.NOT_IN_THE_FLOW) request_data = request.get_json() request_data["user_id"] = g.user.id if "_links" in request_data: request_data.pop("_links") schema = ExportService.get_schema( ExportService.camel_case_it(questionnaire_name)) new_quest, errors = schema.load(request_data, session=db.session) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) if new_quest.participant_id is None: raise RestException(RestException.INVALID_OBJECT, details="You must supply a participant id.") if not g.user.related_to_participant(new_quest.participant_id): raise RestException(RestException.UNRELATED_PARTICIPANT) db.session.add(new_quest) db.session.commit() self.log_progress(flow, questionnaire_name, new_quest) return schema.dump(new_quest)
def post(self): """ Adds new user (with given attributes in request data) to the database and sends confirmation email to the provided email address """ request_data = request.get_json() try: request_data['role'] = 'user' try: new_user = self.userSchema.load(request_data) except Exception as errors: raise RestException(RestException.INVALID_OBJECT, details=errors) email_exists = db.session.query( exists().where(User.email == new_user.email)).scalar() if email_exists: raise RestException(RestException.EMAIL_EXISTS) db.session.add(new_user) db.session.commit() self.send_confirm_email(new_user) return self.userSchema.dump(new_user) except IntegrityError as ie: raise RestException(RestException.INVALID_OBJECT) except ValidationError as err: raise RestException(RestException.INVALID_OBJECT, details=new_user.errors)
def post(self): request_data = request.get_json() if 'relationship' in request_data: if not Relationship.has_name(request_data['relationship']): raise RestException(RestException.UNKNOWN_RELATIONSHIP, details="Valid Options:" + ','.join(Relationship.options())) else: relationship = request_data['relationship'] request_data.pop('relationship', None) else: relationship = None if 'user_id' not in request_data: request_data['user_id'] = g.user.id try: load_result = self.schema.load(request_data).data load_result.user = db.session.query(User).filter( User.id == request_data['user_id']).first() load_result.relationship = relationship db.session.add(load_result) db.session.commit() return self.schema.dump(load_result) except ValidationError as err: raise RestException(RestException.INVALID_OBJECT, details=load_result.errors) except exc.IntegrityError as err: raise RestException(RestException.INVALID_OBJECT, details=load_result.errors)
def login_password(): request_data = request.get_json() email = request_data['email'] user = User.query.filter(func.lower(User.email) == email.lower()).first() schema = UserSchema(many=False) if user is None: raise RestException(RestException.LOGIN_FAILURE) if user.email_verified: if user.is_correct_password(request_data["password"]): # redirect users back to the front end, include the new auth token. auth_token = user.encode_auth_token().decode() g.user = user user.token = auth_token user.last_login = datetime.datetime.utcnow() db.session.add(user) db.session.commit() return schema.jsonify(user) else: raise RestException(RestException.LOGIN_FAILURE) else: if 'email_token' in request_data: g.user = confirm_email(request_data['email_token']) return schema.jsonify(user) else: raise RestException(RestException.CONFIRM_EMAIL)
def get(self, id): if g.user.id != eval( id ) and Permission.user_detail_admin not in g.user.role.permissions(): raise RestException(RestException.PERMISSION_DENIED) model = db.session.query(User).filter_by(id=id).first() if model is None: raise RestException(RestException.NOT_FOUND) return self.schema.dump(model)
def decode_auth_token(auth_token): try: payload = jwt.decode(auth_token, app.config.get('SECRET_KEY'), algorithms='HS256') return payload['sub'] except jwt.ExpiredSignatureError: raise RestException(RestException.TOKEN_EXPIRED) except jwt.InvalidTokenError: raise RestException(RestException.TOKEN_INVALID)
def get(self, id): model = db.session.query(Participant).filter_by(id=id).first() if model is None: raise RestException(RestException.NOT_FOUND) if not model and (g.user.related_to_participant(model.id) and not g.user.role == Role.admin): raise RestException(RestException.UNRELATED_PARTICIPANT) if model is None: raise RestException(RestException.NOT_FOUND) return self.schema.dump(model)
def get(self, name, participant_id): flow = Flows.get_flow_by_name(name) participant = db.session.query(Participant).filter_by(id=participant_id).first() if participant is None: raise RestException(RestException.NOT_FOUND) if g.user.related_to_participant(participant_id) and not g.user.role == 'Admin': raise RestException(RestException.UNRELATED_PARTICIPANT) step_logs = db.session.query(StepLog).filter_by(participant_id=participant_id, flow=name) for log in step_logs: flow.update_step_progress(log) return self.schema.dump(flow)
def post(self): request_data = request.get_json() try: new_note, errors = self.adminNoteSchema.load(request_data) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) db.session.add(new_note) db.session.commit() return self.adminNoteSchema.dump(new_note) except ValidationError as err: raise RestException(RestException.INVALID_OBJECT, details=new_note.errors)
def put(self, id): request_data = request.get_json() instance = db.session.query(Participant).filter_by(id=id).first() if not g.user.related_to_participant( instance.id) and not g.user.role == Role.admin: raise RestException(RestException.UNRELATED_PARTICIPANT) updated, errors = self.schema.load(request_data, instance=instance) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) updated.last_updated = datetime.datetime.now() db.session.add(updated) db.session.commit() return self.schema.dump(updated)
def put(self, id): if g.user.id != eval(id) and g.user.role != Role.admin: raise RestException(RestException.PERMISSION_DENIED) request_data = request.get_json() if 'role' in request_data and request_data['role'] == 'admin' and g.user.role == Role.admin: request_data['role'] = 'admin' else: request_data['role'] = 'user' instance = db.session.query(User).filter_by(id=id).first() updated, errors = self.schema.load(request_data, instance=instance) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) updated.last_updated = datetime.datetime.now() db.session.add(updated) db.session.commit() return self.schema.dump(updated)
def put(self, id): request_data = request.get_json() instance = db.session.query(ThrivResource).filter_by(id=id).first() if instance.user_may_edit(): updated, errors = ThrivResourceSchema().load(request_data, instance=instance) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) updated.last_updated = datetime.datetime.now() db.session.add(updated) db.session.commit() elastic_index.update_resource(updated) return ThrivResourceSchema().dump(updated) else: raise RestException(RestException.PERMISSION_DENIED)
def delete(self, id): try: db.session.query(Category).filter(Category.id == id).delete() db.session.commit() except IntegrityError as error: raise RestException(RestException.CAN_NOT_DELETE) return
def post(self): request_data = request.get_json() new_cat, errors = self.category_schema.load(request_data) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) db.session.add(new_cat) db.session.commit() return self.category_schema.dump(new_cat)
def put(self, name, id): """ Modifies an existing questionnaire record. Parameters: name (str): Snake-cased name of the questionnaire class (should also match the table name), found in app.model.questionnaires. E.g., clinical_diagnoses_questionnaire -> ClinicalDiagnosesQuestionnaire id (int): ID of the questionnaire record to retrieve Returns: The updated questionnaire record. """ name = ExportService.camel_case_it(name) class_ref = ExportService.get_class(name) instance = db.session.query(class_ref).filter( class_ref.id == id).first() schema = ExportService.get_schema(name, session=db.session) request_data = request.get_json() if "_links" in request_data: request_data.pop("_links") try: updated = schema.load(request_data, instance=instance) except Exception as errors: raise RestException(RestException.INVALID_OBJECT, details=errors) updated.last_updated = datetime.datetime.utcnow() db.session.add(updated) db.session.commit() return schema.dump(updated)
def password(self, plaintext): role_name = self.role_name() if self.password_meets_requirements(role_name, plaintext): self._password = bcrypt.generate_password_hash(plaintext) else: message = "Please enter a valid password. " + password_requirements[role_name]['instructions'] raise RestException(RestException.INVALID_INPUT, details=message)
def post(self): request_data = request.get_json() try: load_result = self.eventSchema.load(request_data).data address_dict = { 'street': load_result.street_address1, 'city': load_result.city, 'state': load_result.state, 'zip': load_result.zip } geocode = Geocode.get_geocode(address_dict=address_dict) load_result.latitude = geocode['lat'] load_result.longitude = geocode['lng'] db.session.add(load_result) db.session.commit() elastic_index.add_document(load_result, 'Event', latitude=load_result.latitude, longitude=load_result.longitude) self.log_update(event_id=load_result.id, event_title=load_result.title, change_type='create') return self.eventSchema.dump(load_result) except ValidationError as err: raise RestException(RestException.INVALID_OBJECT, details=load_result.errors)
def put(self, id): request_data = request.get_json() instance = db.session.query(Event).filter_by(id=id).first() if instance.zip != request_data['zip'] \ or instance.street_address1 != request_data['street_address1']\ or instance.latitude is None: address_dict = { 'street': request_data['street_address1'], 'city': request_data['city'], 'state': request_data['state'], 'zip': request_data['zip'] } geocode = Geocode.get_geocode(address_dict=address_dict) request_data['latitude'] = geocode['lat'] request_data['longitude'] = geocode['lng'] updated, errors = self.schema.load(request_data, instance=instance) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) updated.last_updated = datetime.datetime.utcnow() db.session.add(updated) db.session.commit() elastic_index.update_document(updated, 'Event', latitude=updated.latitude, longitude=updated.longitude) self.log_update(event_id=updated.id, event_title=updated.title, change_type='edit') return self.schema.dump(updated)
def post(self): request_data = request.get_json() search, errors = SearchSchema().load(request_data) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) try: if 'user' not in g or not g.user or g.user.role != "Admin": search.filters.append( Filter(field="Approved", value="Approved")) results = elastic_index.search_resources(search) search.filters = search.filters[:-1] else: results = elastic_index.search_resources(search) except elasticsearch.ElasticsearchException as e: raise RestException(RestException.ELASTIC_ERROR) search.total = results.hits.total search.facets = [] for facet_name in results.facets: if facet_name == "Approved": if 'user' in g and g.user and g.user.role == "Admin": facet = Facet(facet_name) facet.facetCounts = [] for category, hit_count, is_selected in results.facets[ facet_name]: facet.facetCounts.append( FacetCount(category, hit_count, is_selected)) search.facets.append(facet) else: facet = Facet(facet_name) facet.facetCounts = [] for category, hit_count, is_selected in results.facets[ facet_name]: facet.facetCounts.append( FacetCount(category, hit_count, is_selected)) search.facets.append(facet) resources = [] for hit in results: resource = ThrivResource.query.filter_by(id=hit.id).first() if resource is not None: resources.append(resource) search.resources = ThrivResourceSchema().dump(resources, many=True).data return SearchSchema().jsonify(search)
def post(self): json_data = request.get_json() uploaded_file, errors = self.fileSchema.load(json_data) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) db.session.add(uploaded_file) db.session.commit() return self.fileSchema.dump(uploaded_file)
def put(self, id): request_data = request.get_json() instance = db.session.query(Category).filter_by(id=id).first() updated, errors = self.schema.load(request_data, instance=instance) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) db.session.add(updated) return self.schema.dump(updated)
def get(self, flow, questionnaire_name): questionnaire_name = ExportService.camel_case_it(questionnaire_name) flow = Flows.get_flow_by_name(flow) if flow is None: raise RestException(RestException.NOT_FOUND) class_ref = ExportService.get_class(questionnaire_name) questionnaire = class_ref() return ExportService.get_meta(questionnaire, flow.relationship)
def post(self, id): request_data = request.get_json() try: existing = db.session.query(UserMeta).filter( UserMeta.id == id).first() new_meta = self.schema.load(request_data, instance=existing) new_meta.last_updated = datetime.datetime.utcnow() db.session.add(new_meta) db.session.commit() return self.schema.dump(new_meta) except ValidationError as err: raise RestException(RestException.INVALID_OBJECT, details=new_meta.errors) except exc.IntegrityError as err: raise RestException(RestException.INVALID_OBJECT, details=new_meta.errors)
def post(self): request_data = request.get_json() try: new_cat = self.category_schema.load(data=request_data, session=db.session) except Exception as e: raise RestException(RestException.INVALID_OBJECT, details=e) db.session.add(new_cat) db.session.commit() return self.category_schema.dump(new_cat)
def put(self, id): request_data = request.get_json() instance = db.session.query(Organization).filter_by(id=id).first() updated, errors = self.schema.load(request_data, instance=instance) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) updated.last_updated = datetime.datetime.now() db.session.add(updated) db.session.commit() return self.schema.dump(updated)
def post(self): request_data = request.get_json() try: request_data['role'] = 'user' new_user, errors = self.userSchema.load(request_data) if errors: raise RestException(RestException.INVALID_OBJECT, details=errors) email_exists = db.session.query(exists().where(User.email == new_user.email)).scalar() if email_exists: raise RestException(RestException.EMAIL_EXISTS) db.session.add(new_user) db.session.commit() self.send_confirm_email(new_user) return self.userSchema.dump(new_user) except IntegrityError as ie: raise RestException(RestException.INVALID_OBJECT) except ValidationError as err: raise RestException(RestException.INVALID_OBJECT, details=new_user.errors)
def get(self, name, id): name = ExportService.camel_case_it(name) class_ref = ExportService.get_class(name) instance = db.session.query(class_ref).filter( class_ref.id == id).first() if instance is None: raise RestException(RestException.NOT_FOUND) schema = ExportService.get_schema(name) return schema.dump(instance)
def get(self, id): resource = db.session.query(ThrivResource).filter( ThrivResource.id == id).first() if resource is None: raise RestException(RestException.NOT_FOUND) response_dump = ThrivResourceSchema().dump(resource) response_dump[0]['event_date'] = [ response_dump[0]['starts'], response_dump[0]['ends']] return response_dump
def post(self): request_data = request.get_json() try: load_result = self.iconSchema.load(request_data).data db.session.add(load_result) db.session.commit() return self.iconSchema.dump(load_result) except ValidationError: raise RestException(RestException.INVALID_OBJECT, details=load_result.errors)