def update_profile(id):
request_data = request.get_json()
if not request_data:
return bad_request("No input data provided")
try:
data = ProfileSchema().load(request_data)
except ValidationError as error:
return error_response(422, error.messages)
try:
user = User.find_by_id(id)
profile = Profile.find_by_id(user.profile.id)
profile.firstname = data.get('firstname').title()
profile.lastname = data.get('lastname').title()
profile.bio = data.get('bio')
prof = Profile.find_by_username(data.get('username'))
if prof is not None:
if prof.user_id != id:
return bad_request('Username is already taken.')
profile.username = data.get('username')
profile.save()
response = jsonify({'message': 'Successfully updated your profile'})
response.status_code = 200
return response
except Exception:
return error_response(500, 'Something went wrong, please try again.')
def add_tag(user):
req_data = request.get_json()
if not req_data:
return bad_request('No request data provided')
try:
data = TagSchema().load(req_data)
except ValidationError as err:
print(err)
return error_response(422, err.messages)
name = data.get('name')
# check for existing tag
tag = Tag.query.filter(Tag.name == name).first()
if tag:
return bad_request(f'Tag with name "{name}" already exists.')
tag = Tag(name=name)
try:
tag.save()
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
return jsonify(TagSchema().dump(tag))
def update_profile(user):
request_data = request.get_json()
print(request_data)
if not request_data:
return bad_request("No input data provided")
try:
data = ProfileSchema().load(request_data)
except ValidationError as error:
return error_response(422, error.messages)
profile = user.profile
profile.username = data.get('username')
profile.name = data.get('name')
profile.dob = data.get('dob')
profile.bio = data.get('bio')
try:
profile.save()
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
else:
return jsonify(ProfileSchema().dump(profile))
def update_user(id):
request_data = request.get_json()
if not request_data:
return bad_request("No input data provided")
try:
data = ProfileSchema().load(request_data)
user = User.find_by_id(id)
existing_user = User.find_by_identity(data.get('auth')['username'])
if existing_user is not None:
if existing_user.id != user.id:
return bad_request(f'Username already exists.')
# update user
user.profile.name = data.get('name')
user.profile.bio = data.get('bio')
user.profile.dob = data.get('dob')
user.username = data.get('auth')['username']
user.is_active = data.get('auth')['is_active']
user.is_admin = data.get('auth')['is_admin']
user.save()
return jsonify(UserSchema().dump(user))
# handle errors
except ValidationError as err:
return error_response(422, err.messages)
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
def update_group(id):
request_data = request.get_json()
if not request_data:
return bad_request('No input data provided.')
try:
data = GroupSchema().load(request_data)
# check for existing group name
group = Group.find_by_id(id)
existing_group = Group.find_by_name(name=data.get('name'))
if existing_group is not None:
if existing_group.id != group.id:
return bad_request(f'Group already exists.')
group.name = data.get('name')
group.description = data.get('description')
group.save()
return jsonify(GroupSchema().dump(group))
# handle errors
except ValidationError as err:
return error_response(422, err.messages)
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
def add_group():
request_data = request.get_json()
if not request_data:
return bad_request('No input data provided.')
try:
data = GroupSchema().load(request_data)
name = data.get('name')
description = data.get('description')
# check for existing group name
group = Group.find_by_name(name=name)
if group:
return bad_request('Group already exist.')
group = Group(name=name, description=description)
group.save()
response = jsonify(GroupSchema().dump(group))
response.status_code = 201
response.headers['Location'] = url_for('admin.get_group', id=group.id)
return response
# handle errors
except ValidationError as err:
return error_response(422, err.messages)
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
def wrapper(*args, **kwargs):
auth_header = request.headers.get('Authorization')
if not auth_header:
return error_response(403, message='No authorization.')
token = auth_header.split(" ")[1]
payload = User.decode_auth_token(token)
if not isinstance(payload, dict):
return error_response(401, message=payload)
user = User.find_by_id(payload.get('id'))
if user is None or user.is_active is not True:
return error_response(401, message='Invalid token.')
return func(payload.get('id'), *args, **kwargs)
def register_user():
request_data = request.get_json()
if not request_data:
return bad_request("No input data provided")
try:
data = AuthSchema().load(request_data)
except ValidationError as err:
return error_response(422, err.messages)
email = data.get('email')
password = data.get('password')
firstname = data.get('firstname').title()
lastname = data.get('lastname').title()
try:
# check for existing user
user = User.query.filter(User.email == email).first()
if user:
return bad_request('Sorry. That user already exists.')
# add new user to db
profile = Profile(firstname=firstname, lastname=lastname)
profile.username = profile.set_username()
profile.avatar = profile.set_avatar(email)
user = User(email=email, password=password, profile=profile)
user.save()
response = jsonify({
'token': user.encode_auth_token(user.id).decode(),
})
response.status_code = 201
response.headers['Location'] = url_for('auth.get_user', id=user.id)
return response
# handle errors
except (exc.IntegrityError, ValueError):
db.session.rollback()
return error_response(500, 'Something went wrong, please try again.')
def delete_profile(id):
try:
user = User.find_by_id(id)
user.delete()
response = jsonify({'message': 'Successfully deleted your account'})
response.status_code = 200
return response
except Exception:
return error_response(500, 'Something went wrong, please try again.')
def delete_notification(user, notif_id):
try:
notif = Notification.find_by_id(notif_id)
if not notif:
return not_found('Notification not found.')
if user.id != notif.owner_id:
return error_response(403, "Not allowed!")
notif.delete()
return {'message': 'Successfully removed.'}
except (IntegrityError, ValueError) as e:
db.session.rollback()
print(e)
return server_error('Something went wrong, please try again.')
def delete_comment(user, post_id, comment_id):
comment = Comment.find_by_id(comment_id)
if not comment:
return not_found('Comment not found.')
if comment.user_id != user.id:
return error_response(401, 'Not authorized for that action.')
try:
comment.delete()
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
else:
return jsonify(CommentSchema().dump(comment.id))
def delete_post(user, post_id):
post = Post.find_by_id(post_id)
if not post:
return not_found('Post not found.')
if post.user_id != user.id:
return error_response(401, "You cannot delete someone else's post.")
try:
post.delete()
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
else:
return jsonify(PostSchema().dump(post.id))
def login_user():
data = request.get_json()
if data is None:
return bad_request("No input data provided")
try:
# check for existing user
user = User.find_by_email(data.get('email'))
if user and user.check_password(data.get('password')):
return jsonify({'token': user.encode_auth_token()})
else:
return error_response(401, 'Incorrect email or password.')
except Exception:
return server_error('Something went wrong, please try again.')
def update_post(user, post_id):
post_data = request.get_json()
post = Post.find_by_id(post_id)
if not post:
return not_found('Post not found.')
if post.user_id != user.id:
return error_response(401, "You cannot update someone else's post.")
post.body = post_data.get('post')
try:
post.save()
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
else:
return jsonify(PostSchema().dump(post))
def add_user():
request_data = request.get_json()
if not request_data:
return bad_request("No input data provided")
try:
data = AuthSchema().load(request_data)
email = data.get('email')
password = data.get('password')
name = data.get('name')
username = data.get('username')
# check for existing user
user = User.query.filter((User.email == email)
| (User.username == username)).first()
if user is not None:
return bad_request('That user already exists.')
# add new user to db
profile = Profile(name=name)
user = User(password=password)
user.email = email
user.username = username
user.is_active = data.get('is_active') or False
user.is_admin = data.get('is_admin') or False
user.profile = profile
user.save()
response = jsonify(UserSchema().dump(user))
response.status_code = 201
response.headers['Location'] = url_for('admin.get_user', id=user.id)
return response
# handle errors
except ValidationError as err:
return error_response(422, err.messages)
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
def register_user():
post_data = request.get_json()
if not post_data:
return bad_request("No input data provided")
try:
data = AuthSchema(partial=True).load(post_data)
except ValidationError as err:
return error_response(422, err.messages)
name = data.get('name')
username = data.get('username')
email = data.get('email')
password = data.get('password')
# check for existing user
user = User.query.filter(User.email == email).first()
if user:
return bad_request('That user already exists.')
profile = Profile()
profile.name = name
profile.username = username
profile.avatar = profile.set_avatar(email)
user = User(password=password)
user.email = email
user.profile = profile
try:
user.save()
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
response = jsonify({'token': user.encode_auth_token()})
response.status_code = 201
response.headers['Location'] = url_for('users.get_user', id=user.id)
return response
def update_profile(user):
request_data = request.get_json()
if not request_data:
return bad_request("No input data provided")
try:
data = ProfileSchema().load(request_data)
profile = user.profile
profile.name = data.get('name')
profile.dob = data.get('dob')
profile.bio = data.get('bio')
profile.save()
return jsonify(ProfileSchema().dump(profile))
except ValidationError as error:
return error_response(422, error.messages)
except Exception:
return server_error('Something went wrong, please try again.')
def delete_message(user, msg_id):
del_for_user = request.args.get('userOnly')
try:
message = Message.find_by_id(msg_id)
if not message:
return not_found('Message not found.')
if del_for_user:
user.delete_message_for_me(message)
return {'message': 'Successfully deleted for you.'}
if user.id != message.author_id:
return error_response(403, "Cannot delete another user's message.")
db.session.delete(
Notification.find_by_attr(subject='message', item_id=msg_id))
message.delete()
return {'message': 'Successfully deleted.'}
except (IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
def login_user():
request_data = request.get_json()
if request_data is None:
return bad_request("No input data provided")
try:
data = AuthSchema(partial=True).load(request_data)
# check for existing user
user = User.find_by_email(data.get('email'))
user.update_activity_tracking(request.remote_addr)
if user and user.check_password(data.get('password')):
return jsonify({
'token': user.encode_auth_token(user.id).decode(),
})
else:
return error_response(401, 'Incorrect email or password.')
except Exception:
return bad_request('Invalid payload, please try again.')
def delete_post(user, post_id):
post = Post.find_by_id(post_id)
if not post:
return not_found('Post not found.')
if post.user_id != user.id:
return error_response(401, "You cannot delete someone else's post.")
post_notif = Notification.find_by_attr(subject='post', item_id=post.id)
comment_notif = Notification.find_by_attr(subject='comment',
item_id=post.id)
[db.session.delete(notif) for notif in post_notif] if post_notif \
else db.session.delete(comment_notif)
try:
post.delete()
except (exc.IntegrityError, ValueError):
db.session.rollback()
return server_error('Something went wrong, please try again.')
else:
return {'message': 'Post was successfuly deleted.'}
