Exemplo n.º 1
0
def update_account_email(user_id):
    try:
        email_data = request.get_json()
        user_service = UserService(user_id)
        user = user_service.get_user()
        if user.update_email(email_data['email']):
            app.logger.info('Updated email for user_id: %s', user_id)
            return SuccessResponse('Success', 'Email updated successfully',
                                   'EMAIL_OK').as_json()
    except:
        app.logger.error('Invalid json received for user: %s', user_id)
        return ErrorResponse('Could not update email',
                             'Invalid email provided').as_json()
Exemplo n.º 2
0
def update_account_password(user_id):
    try:
        pass_data = request.get_json()
        user_service = UserService(user_id)
        usr = user_service.get_user()
        if user_id == current_identity.id:
            if usr.update_password(pass_data['password']):
                app.logger.info('Updated password for user_id: %s', user_id)
                return SuccessResponse('Success',
                                       'Password updated successfully',
                                       'EMAIL_OK').as_json()
        else:
            app.logger.error(
                'Permission violation. User not authorized to update other user\'s password. User performing operation %s',
                user_id)
            return ErrorResponse(
                'Permission violation',
                'This action generated a security alert').as_json()
    except:
        app.logger.error('Invalid json received for user: %s', user_id)
        return ErrorResponse('Could not update password',
                             'Invalid password provided').as_json()
Exemplo n.º 3
0
def post_account():
    user_data = request.get_json()
    if user_data:
        try:
            user = User(
            user_id=str(uuid.uuid4()),
            name=user_data['name'],
            last_name=user_data['last_name'],
            email=user_data['email'],
            username=user_data['username'],
            password=None
            )
            user.update_password(user_data['password'])
            user.save(validate=False)
            app.logger.info('User %s was created', user.user_id)
            return SuccessResponse(user.user_id, 'User created successfully', 'n/a').as_json()
        except mongoengine.errors.NotUniqueError as e:
            found = re.search('"(.+?)"', str(e)).group(1)
            if found == user.username:
                return ErrorResponse('Username is registred ', str(e)).as_json()
            if found == user.email:
                return ErrorResponse('Email is registred ', str(e)).as_json()
    return ErrorResponse('Error processing request', 'The provided data is not valid').as_json()
Exemplo n.º 4
0
def post_account():
    user_data = request.get_json()
    if user_data:
        user = User(user_id=str(uuid.uuid4()),
                    name=user_data['name'],
                    last_name=user_data['last_name'],
                    email=user_data['email'],
                    username=user_data['username'],
                    password=None)
        user.update_password(user_data['password'])
        user.save(validate=True)
        app.logger.info('User %s was created', user.user_id)
        return SuccessResponse(user.user_id, 'User created successfully',
                               'n/a').as_json()
    return ErrorResponse('Error processing request',
                         'The provided data is not valid').as_json()
Exemplo n.º 5
0
def get_account_by_id(user_id):
    identity = find_user(user_id)
    if identity:
        return identity.as_json()
    return ErrorResponse('User not found', 'The provided user_id is not valid').as_json()