def delete_user():
to_delete = request.json.get('to_delete')
res = {"deleted": []}
if not g.user.admin_rights:
res["deleted"].append({
"error":
"Permission required! Only administrator can delete users."
})
elif to_delete:
for d in to_delete:
try:
username = from_dict(d, 'username')
user_id = from_dict(d, 'user_id')
user = User.get(user_id, username)
message = User.delete(user)
# db.session.delete(user)
# db.session.commit()
#
# message = user.to_dict()
except Exception as e:
message = {"error": str(e)}
res["deleted"].append(message)
else:
res["deleted"].append({
"error":
"Request must provide to_delete array of objects with 'username' field."
})
return jsonify(res)
def get_experiment_by_user():
to_get = request.json.get('to_get')
res = {"response": []}
incomplete_description = {
"error":
"Request must provide list 'to_get' of objects with 'user_id' or 'username'."
}
if to_get:
for g in to_get:
username = from_dict(g, 'username')
user_id = from_dict(g, 'user_id')
try:
user = User.get(user_id, username)
user_id = user.id
exps = db.session.query(Experiment).filter(
Experiment.author == user_id).all()
local_res = {"user": user.to_dict(), "experiments": []}
for exp in exps:
local_res["experiments"].append(exp.to_dict())
res["response"].append(local_res)
except Exception as e:
err = {"error": str(e)}
if user_id:
err['user_id'] = user_id
if username:
err['username'] = username
res["response"].append(err)
else:
res['response'].append(incomplete_description)
return jsonify(res)
def create_user():
to_post = request.json.get('to_post')
res = {"posted": []}
if not g.user.admin_rights:
res["posted"].append({
"error":
"Permission required! Only administrator can create users."
})
elif to_post:
for c in to_post:
try:
username = from_dict(c, 'username')
password = from_dict(c, 'password')
admin_rights = from_dict(c, 'admin_rights')
exp_admin_rights = from_dict(c, 'exp_admin_rights')
user = User.create(username, password, admin_rights,
exp_admin_rights)
db.session.add(user)
db.session.commit()
message = user.to_dict()
except Exception as e:
message = {"error": str(e)}
res["posted"].append(message)
else:
res["posted"].append({
"error":
"Request must provide 'to_post' array of objects with 'username', "
"'password', 'admin_rights', 'exp_admin_rights' fields."
})
return jsonify(res)
def get_user():
to_get = request.json.get('to_get')
res = {"response": []}
incomplete_description = {
"error":
"Request must provide list 'to_get' of objects with 'user_id' or 'username'."
}
if to_get:
for g in to_get:
username = from_dict(g, 'username')
user_id = from_dict(g, 'user_id')
try:
us = User.get(user_id, username)
res["response"].append(us.to_dict())
except Exception as e:
err = {"error": str(e)}
if user_id:
err['user_id'] = user_id
if username:
err['username'] = username
res["response"].append(err)
else:
res['response'].append(incomplete_description)
else:
res['response'].append(incomplete_description)
return jsonify(res)
def verify_password(username_or_token, password):
# first try to authenticate by token
user = User.verify_auth_token(username_or_token)
if not user:
# try to authenticate with username/password
user = User.query.filter_by(username=username_or_token).first()
if not user or not user.verify_password(password):
return False
g.user = user
return True
def update_user():
to_update = request.json.get('to_update')
res = {"updated": []}
if not g.user.admin_rights:
res["updated"].append({
"error":
"Permission required! Only administrator can update users."
})
elif to_update:
for u in to_update:
try:
user_id = from_dict(u, 'user_id')
username = from_dict(u, 'username')
new_username = from_dict(u, 'new_username')
new_password = from_dict(u, 'new_password')
new_admin_rights = from_dict(u, 'new_admin_rights')
new_exp_admin_rights = from_dict(u, 'new_exp_admin_rights')
user = User.get(user_id, username)
user.update(new_username, new_password, new_admin_rights,
new_exp_admin_rights)
db.session.commit()
message = user.to_dict()
res["updated"].append(message)
except Exception as e:
res["updated"].append({"error": str(e)})
else:
res["updated"].append({
"error":
"Request must provide 'to_update' array of objects with 'username' "
"(or 'user_id'), 'new_password', 'new_admin_rights',"
" 'new_exp_admin_rights' fields."
})
return jsonify(res)
import os.path
import sys
sys.path.append(os.path.join(os.path.dirname(__file__), '..'))
from model_testing import create_app, db
from model_testing import celery, init_celery
from model_testing.config import ADMIN_NAME, ADMIN_PASS
app = create_app()
init_celery(app, celery)
with app.app_context():
from model_testing.model.user import User
if User.query.filter_by(username=ADMIN_NAME).first() is None:
u = User(username=ADMIN_NAME, admin_rights=True, exp_admin_rights=True)
u.hash_password(ADMIN_PASS)
db.session.add(u)
db.session.commit()
if __name__ == "__main__":
app.run(debug=True)