def wrapper(*args, **kwds):
verify_jwt_in_request()
claims = get_jwt_claims()
jwt_roles = claims.get("roles", {})
for role, permissions in roles.items():
if not isinstance(permissions, (list, tuple)):
permissions = []
if role in jwt_roles:
valid_perms = jwt_roles.get(role, [])
for perm in permissions:
if perm not in valid_perms:
return (
jsonify(
reason="You don't have permission!", status_code=403
),
403,
)
else:
return (
jsonify(reason="Role not allowed!", status_code=403),
403,
)
return func(*args, **kwds)
def patch(self):
claims = get_jwt_claims()
qry = UserModel.query.get(claims["id"])
if qry is None:
app.logger.debug('DEBUG : id tidak ada')
return {'status': 'NOT_FOUND'}, 404
parser = reqparse.RequestParser()
parser.add_argument('username', location='json')
parser.add_argument('password', location='json')
parser.add_argument('status_penjual', location='json', type=bool)
args = parser.parse_args()
if args['username'] is not None:
qry.username = args['username']
if args['password'] is not None:
salt = uuid.uuid4().hex
encoded = ('%s%s' % (args['password'], salt)).encode('utf-8')
hash_pass = hashlib.sha512(encoded).hexdigest()
qry.password = hash_pass
qry.salt = salt
if args['status_penjual'] is not None:
qry.status_penjual = args['status_penjual']
db.session.commit()
app.logger.debug('DEBUG : %s', qry)
return marshal(qry, UserModel.response_fields), 200, {
'Content-Type': 'application/json'
}
def patch(self):
claims = get_jwt_claims()
qry = SellerModel.query.filter_by(user_id=claims['id']).first()
if qry is None:
app.logger.debug('DEBUG : biodata tidak ada')
return {'status': 'biodata tidak ada'}, 404
parser = reqparse.RequestParser()
parser.add_argument('nama', location='json')
parser.add_argument('email', location='json')
parser.add_argument('alamat', location='json')
parser.add_argument('no_hp', location='json')
args = parser.parse_args()
if args['nama'] is not None:
qry.nama = args['nama']
if args['email'] is not None:
qry.email = args['email']
if args['alamat'] is not None:
qry.alamat = args['alamat']
if args['no_hp'] is not None:
qry.no_hp = args['no_hp']
db.session.commit()
app.logger.debug('DEBUG : %s', qry)
return marshal(qry, SellerModel.response_fields), 200, {
'Content-Type': 'application/json'
}
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('nama', location='form', required=True)
parser.add_argument('harga', location='form', required=True)
parser.add_argument('stok', location='form')
parser.add_argument('berat', location='form', required=True)
parser.add_argument('deskripsi', location='form')
parser.add_argument('gambar',
type=werkzeug.datastructures.FileStorage,
location='files')
parser.add_argument('kategori', location='form')
args = parser.parse_args()
UPLOAD_FOLDER = app.config['UPLOAD_FOLDER']
if args['gambar'] == "":
return {
'data': '',
'message': 'No file found',
'status': 'error'
}, 500
image_produk = args['gambar']
if image_produk:
randomstr = uuid.uuid4().hex # get randum string to image filename
filename = randomstr + '_' + image_produk.filename
image_produk.save(os.path.join("." + UPLOAD_FOLDER, filename))
img_path = UPLOAD_FOLDER.replace('./', '/') + '/' + filename
else:
return {
'data': '',
'message': 'Something when wrong',
'status': 'error'
}, 500
# get id dari product type yang kita input
product_type = ProductCategoryModel.query.filter_by(
tipe_produk=args['kategori']).first()
if product_type is None:
app.logger.debug('DEBUG : kategori tidak ada')
return {'message': 'kategori tidak ditemukan'}, 404
# get seller id
claims = get_jwt_claims()
seller = SellerModel.query.filter_by(user_id=claims['id']).first()
product = ProductModel(args['nama'], args['harga'], args['stok'],
args['berat'], args['deskripsi'], filename,
product_type.id, seller.id)
db.session.add(product)
db.session.commit()
app.logger.debug('DEBUG : %s', product)
return marshal(product, ProductModel.response_fields), 200, {
'Content-Type': 'application/json'
}
def get(self):
claims = get_jwt_claims()
qry = UserModel.query.get(claims["id"])
if qry is not None:
app.logger.debug('DEBUG : %s', qry)
return marshal(qry, UserModel.response_fields), 200
app.logger.debug('DEBUG : id tidak ada')
return {'status': 'NOT_FOUND'}, 404
def get(self):
claims = get_jwt_claims()
qry = SellerModel.query.filter_by(user_id=claims['id']).first()
print("cek", qry)
if qry is not None:
app.logger.debug('DEBUG : %s', qry)
return marshal(qry, SellerModel.response_fields), 200
app.logger.debug('DEBUG : biodata tidak ada')
return {'status': 'biodata tidak ada'}, 404
def post(self):
claims = get_jwt_claims()
parser = reqparse.RequestParser()
parser.add_argument('nama', location='json', required=True)
parser.add_argument('email', location='json', required=True)
parser.add_argument('alamat', location='json', required=True)
parser.add_argument('no_hp', location='json', required=True)
args = parser.parse_args()
seller = SellerModel(args['nama'], args['email'], args['alamat'],
args['no_hp'], claims['id'])
db.session.add(seller)
db.session.commit()
app.logger.debug('DEBUG : %s', seller)
return marshal(seller, SellerModel.response_fields), 200, {
'Content-Type': 'application/json'
}
def get(self):
parser = reqparse.RequestParser()
parser.add_argument('p', type=int, location='args', default=1)
parser.add_argument('rp', type=int, location='args', default=25)
args = parser.parse_args()
claims = get_jwt_claims()
seller = SellerModel.query.filter_by(user_id=claims['id']).first()
offset = (args['p'] * args['rp'] - args['rp'])
qry = ProductModel.query.filter_by(seller_id=seller.id)
qry = qry.order_by(desc(ProductModel.created_at))
qry = qry.order_by(desc(ProductModel.updated_at))
rows = []
for row in qry.limit(args['rp']).offset(offset).all():
marshal_row = marshal(row, ProductModel.response_fields)
rows.append(marshal_row)
app.logger.debug('DEBUG : %s', rows)
return rows, 200
def claims():
return jsonify({
'username': get_jwt_identity(),
'claims': get_jwt_claims()
})
def get(self):
current_user = get_jwt_identity()
claims = get_jwt_claims()
token = create_access_token(identity=current_user, user_claims=claims)
return {"data": {'token': token}}, 200
