def valid_email(self, key, opt):
"""
Validate a email field.
"""
if mail.validate(opt):
return opt
return RecipeSchemaError(
"{} can be an 'email' field but was passed '{}'.".format(key, opt))
def valid_email(self, key, opt):
"""
Validate a email field.
"""
if mail.validate(opt):
return opt
return RecipeSchemaError(
"{} can be an 'email' field but was passed '{}'."
.format(key, opt))
def org_create_user(user, org_id_slug):
if not user.admin:
raise AuthError(
'You must be an admin to create a user for an Org.')
# get the form.
req_data = request_data()
email = req_data.get('email')
password = req_data.get('password')
name = req_data.get('name')
admin = req_data.get('admin', False)
if not all([email, password, name]):
raise RequestError(
'An email, password, and name are required to create a User.')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id_slug)
# if it still doesn't exist, raise an error.
if not org:
raise NotFoundError('This Org does not exist.')
# localize
localize(org)
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError(
"You are not allowed to access this Org.")
if User.query.filter_by(email=email).first():
raise RequestError(
'A User with email "{}" already exists'
.format(email))
if not mail.validate(email):
raise RequestError(
'{} is an invalid email address.'
.format(email))
new_org_user = User(
email=email,
password=password,
name=name,
admin=admin)
org.users.append(new_org_user)
db.session.commit()
return jsonify(new_org_user)
def org_create_user(user, org_id_slug):
if not user.admin:
raise AuthError('You must be an admin to create a user for an Org.')
# get the form.
req_data = request_data()
email = req_data.get('email')
password = req_data.get('password')
name = req_data.get('name')
admin = req_data.get('admin', False)
if not all([email, password, name]):
raise RequestError(
'An email, password, and name are required to create a User.')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id_slug)
# if it still doesn't exist, raise an error.
if not org:
raise NotFoundError('This Org does not exist.')
# localize
localize(org)
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError("You are not allowed to access this Org.")
if User.query.filter_by(email=email).first():
raise RequestError(
'A User with email "{}" already exists'.format(email))
if not mail.validate(email):
raise RequestError('{} is an invalid email address.'.format(email))
new_org_user = User(email=email, password=password, name=name, admin=admin)
org.users.append(new_org_user)
db.session.commit()
return jsonify(new_org_user)
def update_me(user):
"""
Update yourself.
"""
# get the form.
req_data = request_data()
email = req_data.get('email')
old_password = req_data.get('old_password')
new_password = req_data.get('new_password')
name = req_data.get('name')
# edit user.
if email:
# validate the email address:
if not mail.validate(email):
raise RequestError(
"'{}' is not a valid email address."
.format(email))
user.email = email
if old_password and new_password:
if not user.check_password(old_password):
raise ForbiddenError('Invalid password.')
user.set_password(new_password)
if name:
user.name = name
# check if we should refresh the apikey
if arg_bool('refresh_apikey', False):
user.set_apikey()
db.session.add(user)
db.session.commit()
return jsonify(user.to_dict(incl_apikey=True))
def update_me(user):
"""
Update yourself.
"""
# get the form.
req_data = request_data()
email = req_data.get('email')
old_password = req_data.get('old_password')
new_password = req_data.get('new_password')
name = req_data.get('name')
# edit user.
if email:
# validate the email address:
if not mail.validate(email):
raise RequestError(
"'{}' is not a valid email address.".format(email))
user.email = email
if old_password and new_password:
if not user.check_password(old_password):
raise ForbiddenError('Invalid password.')
user.set_password(new_password)
if name:
user.name = name
# check if we should refresh the apikey
if arg_bool('refresh_apikey', False):
user.set_apikey()
db.session.add(user)
db.session.commit()
return jsonify(user.to_dict(incl_apikey=True))
def org_add_user(user, org_id_slug, user_email):
if not user.admin:
raise AuthError(
'You must be an admin to add a user to an Org.')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id_slug)
if not org:
raise NotFoundError(
'This Org does not exist.')
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError(
'You are not allowed to edit this Org.')
# localize
localize(org)
# get this new user by id / email
new_org_user = fetch_by_id_or_field(User, 'email', user_email)
# get the form.
req_data = request_data()
email = req_data.get('email')
name = req_data.get('name')
admin = req_data.get('admin', False)
password = req_data.get('password')
if email and not mail.validate(email):
raise RequestError(
'{} is an invalid email address.'
.format(email))
# insert
if not new_org_user:
if not all([email, password, name]):
raise RequestError(
'An email, password, and name are required to create a User.')
new_org_user = User(
email=email,
password=password,
name=name,
admin=admin)
org.users.append(new_org_user)
db.session.add(org)
# ensure the active user can edit this Org
elif new_org_user.id not in org.user_ids:
raise ForbiddenError(
"You are not allowed to access this Org.")
# update
if name:
new_org_user.name = name
if email:
new_org_user.email = email
if admin:
new_org_user.admin = admin
if password:
new_org_user.set_password(password)
new_org_user.admin = admin
db.session.add(new_org_user)
db.session.commit()
return jsonify(new_org_user)
def org_add_user(user, org_id, user_email):
if not user.admin:
raise AuthError('You must be an admin to add a user to an Org.')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id)
if not org:
raise NotFoundError('Org {} does not exist.'.format(org_id))
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError('You are not allowed to edit this Org.')
# localize
localize(org)
# get this new user by id / email
new_org_user = fetch_by_id_or_field(User, 'email', user_email)
# get the form.
req_data = request_data()
email = req_data.get('email')
name = req_data.get('name')
admin = req_data.get('admin', False)
password = req_data.get('password')
if email and not mail.validate(email):
raise RequestError('{} is an invalid email address.'.format(email))
# insert
if not new_org_user:
if not all([email, password, name]):
raise RequestError(
'An email, password, and name are required to create a User.')
new_org_user = User(email=email,
password=password,
name=name,
admin=admin)
org.users.append(new_org_user)
db.session.add(org)
# ensure the active user can edit this Org
elif new_org_user.id not in org.user_ids:
raise ForbiddenError("You are not allowed to access this Org.")
# update
if name:
new_org_user.name = name
if email:
new_org_user.email = email
if admin:
new_org_user.admin = admin
if password:
new_org_user.set_password(password)
new_org_user.admin = admin
db.session.add(new_org_user)
db.session.commit()
return jsonify(new_org_user)
