def author_remove_content(user, org, author_id, content_item_id):
"""
Remove an author to a content item.
"""
a = Author.query\
.filter_by(id=author_id, org_id=org.id)\
.first()
if not a:
raise NotFoundError(
'Author with ID "{}" does not exist."'.format(author_id))
c = ContentItem.query\
.filter_by(id=content_item_id, org_id=org.id)\
.first()
if not c:
raise RequestError(
'ContentItem with ID {} does not exist.'.format(content_item_id))
if a.id in c.author_ids:
a.content_items.remove(c)
db.session.add(a)
db.session.commit()
return delete_response()
def author_remove_content(user, org, author_id, content_item_id):
"""
Remove an author from a content item.
"""
a = fetch_by_id_or_field(Author,
'name',
author_id,
org_id=org.id,
transform='upper')
if not a:
raise NotFoundError(
'Author with ID/Name "{}" does not exist."'.format(author_id))
c = ContentItem.query\
.filter_by(id=content_item_id, org_id=org.id)\
.first()
if not c:
raise RequestError(
'ContentItem with ID {} does not exist.'.format(content_item_id))
if a.id in c.author_ids:
a.content_items.remove(c)
db.session.add(a)
db.session.commit()
return delete_response()
def author_remove_content(user, org, author_id, content_item_id):
"""
Remove an author to a content item.
"""
a = Author.query\
.filter_by(id=author_id, org_id=org.id)\
.first()
if not a:
raise NotFoundError(
'Author with ID "{}" does not exist."'
.format(author_id))
c = ContentItem.query\
.filter_by(id=content_item_id, org_id=org.id)\
.first()
if not c:
raise RequestError(
'ContentItem with ID {} does not exist.'
.format(content_item_id))
if a.id in c.author_ids:
a.content_items.remove(c)
db.session.add(a)
db.session.commit()
return delete_response()
def org_delete(user, org_id_slug):
if not user.admin:
raise AuthError('You must be an admin to delete an Org')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id_slug)
# if it still doesn't exist, raise an error.
if not org:
raise NotFoundError('This Org does not exist.')
# localize
localize(org)
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError(
'User "{}" is not allowed to access Org "{}".'.format(
user.name, org.name))
db.session.delete(org)
db.session.commit()
return delete_response()
def org_delete(user, org_id_slug):
if not user.admin:
raise AuthError(
'You must be an admin to delete an Org')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id_slug)
# if it still doesn't exist, raise an error.
if not org:
raise NotFoundError(
'This Org does not exist.')
# localize
localize(org)
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError(
'User "{}" is not allowed to access Org "{}".'
.format(user.name, org.name))
db.session.delete(org)
db.session.commit()
return delete_response()
def author_remove_content(user, org, author_id, content_item_id):
"""
Remove an author from a content item.
"""
a = fetch_by_id_or_field(Author, 'name', author_id,
org_id=org.id, transform='upper')
if not a:
raise NotFoundError(
'Author with ID/Name "{}" does not exist."'
.format(author_id))
c = ContentItem.query\
.filter_by(id=content_item_id, org_id=org.id)\
.first()
if not c:
raise RequestError(
'ContentItem with ID {} does not exist.'
.format(content_item_id))
if a.id in c.author_ids:
a.content_items.remove(c)
db.session.add(a)
db.session.commit()
return delete_response()
def delete_template(user, org, slug_id):
t = fetch_by_id_or_field(Template, 'slug', slug_id, org_id=org.id)
if not t:
raise NotFoundError(
'Template "{}" does not yet exist for Org "{}"'.format(
slug_id, org.name))
db.session.delete(t)
db.session.commit()
return delete_response()
def delete_template(user, org, slug_id):
t = fetch_by_id_or_field(Template, 'slug', slug_id, org_id=org.id)
if not t:
raise NotFoundError(
'Template "{}" does not yet exist for Org "{}"'
.format(slug_id, org.name))
db.session.delete(t)
db.session.commit()
return delete_response()
def delete_setting(user, org, name_id):
s = fetch_by_id_or_field(Setting, 'name', name_id, org_id=org.id)
if not s:
raise NotFoundError(
'Setting "{}" does not yet exist for Org "{}"'
.format(name_id, org.name))
db.session.delete(s)
db.session.commit()
return delete_response()
def twt_revoke(user, org):
twt_token = Auth.query\
.filter_by(name='twitter', org_id=org.id)\
.first()
obj_or_404(twt_token, 'You have not authenticated yet with Twitter.')
# drop token from table
db.session.delete(twt_token)
db.session.commit()
# redirect to app
return delete_response()
def delete_author(user, org, author_id):
"""
Delete an author.
"""
a = fetch_by_id_or_field(Author, 'name', author_id,
org_id=org.id, transform='upper')
if not a:
raise NotFoundError(
'Author with ID/Name "{}" does not exist."'
.format(author_id))
db.session.delete(a)
db.session.commit()
return delete_response()
def twt_revoke(user, org):
twt_token = Auth.query\
.filter_by(name='twitter', org_id=org.id)\
.first()
obj_or_404(twt_token, 'You have not authenticated yet with Twitter.')
# drop token from table
db.session.delete(twt_token)
db.session.commit()
# redirect to app
return delete_response()
def org_remove_user(user, org_id_slug, user_email):
if not user.admin:
raise AuthError(
'You must be an admin to remove a user from an Org.')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id_slug)
# if it still doesn't exist, raise an error.
if not org:
raise NotFoundError('This Org does not exist.')
# localize
localize(org)
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError(
"You are not allowed to access this Org.")
# get this existing user by id / email
existing_user = fetch_by_id_or_field(User, 'email', user_email)
if not existing_user:
raise RequestError(
'User "{}" does not yet exist'
.format(user_email))
# ensure that user is not already a part of this Org.
if existing_user.id not in org.user_ids:
raise RequestError(
'User "{}" is not a part of Org "{}"'
.format(existing_user.email, org.name))
# remove the user from the org
org.users.remove(existing_user)
# if we're force-deleting the user, do so
# but make sure their recipes are re-assigned
# to the super-user
if arg_bool('force', False):
cmd = "UPDATE recipes set user_id={} WHERE user_id={}"\
.format(org.super_user.id, existing_user.id)
db.session.execute(cmd)
db.session.delete(user)
db.session.commit()
return delete_response()
def fb_revoke(user, org):
fb_token = Auth.query.filter_by(name="facebook", org_id=org.id).first()
obj_or_404(fb_token, "You have not authenticated yet with Facebook.")
# drop token from table
db.session.delete(fb_token)
db.session.commit()
# redirect to app
redirect_uri = request.args.get("redirect_uri")
if redirect_uri:
return redirect(redirect_uri)
return delete_response()
def delete_author(user, org, author_id):
"""
Delete an author.
"""
a = Author.query\
.filter_by(id=author_id, org_id=org.id)\
.first()
if not a:
raise NotFoundError(
'Author with ID "{}" does not exist."'.format(author_id))
db.session.delete(a)
db.session.commit()
return delete_response()
def delete_author(user, org, author_id):
"""
Delete an author.
"""
a = fetch_by_id_or_field(Author,
'name',
author_id,
org_id=org.id,
transform='upper')
if not a:
raise NotFoundError(
'Author with ID/Name "{}" does not exist."'.format(author_id))
db.session.delete(a)
db.session.commit()
return delete_response()
def delete_author(user, org, author_id):
"""
Delete an author.
"""
a = Author.query\
.filter_by(id=author_id, org_id=org.id)\
.first()
if not a:
raise NotFoundError(
'Author with ID "{}" does not exist."'
.format(author_id))
db.session.delete(a)
db.session.commit()
return delete_response()
def fb_revoke(user, org):
fb_token = Auth.query\
.filter_by(name='facebook', org_id=org.id)\
.first()
obj_or_404(fb_token, 'You have not authenticated yet with Facebook.')
# drop token from table
db.session.delete(fb_token)
db.session.commit()
# redirect to app
redirect_uri = request.args.get('redirect_uri')
if redirect_uri:
return redirect(redirect_uri)
return delete_response()
def org_remove_user(user, org_id_slug, user_email):
if not user.admin:
raise AuthError('You must be an admin to remove a user from an Org.')
# fetch org
org = fetch_by_id_or_field(Org, 'slug', org_id_slug)
# if it still doesn't exist, raise an error.
if not org:
raise NotFoundError('This Org does not exist.')
# localize
localize(org)
# ensure the active user can edit this Org
if user.id not in org.user_ids:
raise ForbiddenError("You are not allowed to access this Org.")
# get this existing user by id / email
existing_user = fetch_by_id_or_field(User, 'email', user_email)
if not existing_user:
raise RequestError('User "{}" does not yet exist'.format(user_email))
# ensure that user is not already a part of this Org.
if existing_user.id not in org.user_ids:
raise RequestError('User "{}" is not a part of Org "{}"'.format(
existing_user.email, org.name))
# remove the user from the org
org.users.remove(existing_user)
# if we're force-deleting the user, do so
# but make sure their recipes are re-assigned
# to the super-user
if arg_bool('force', False):
cmd = "UPDATE recipes set user_id={} WHERE user_id={}"\
.format(org.super_user.id, existing_user.id)
db.session.execute(cmd)
db.session.delete(user)
db.session.commit()
return delete_response()
def delete_setting(user, org, level, name_id):
if level not in ['me', 'orgs']:
raise NotFoundError(
'You cannot store settings for \'{}\''
.format(level))
s = fetch_by_id_or_field(
Setting, 'name', name_id, org_id=org.id, user_id=user.id, level=level)
if not s:
raise NotFoundError(
'Setting "{}" does not yet exist.'
.format(name_id, org.name))
db.session.delete(s)
db.session.commit()
return delete_response()
def delete_me(user):
"""
Permanently delete yourself.
Assigns all of the recipes you've
created to the super user.
"""
# get the super user
super_user = User.query.filter_by(email=settings.SUPER_USER_EMAIL).first()
# reassign this user's recipes to the super user
cmd = "UPDATE recipes set user_id={} WHERE user_id={};".format(super_user.id, user.id)
db.session.execute(cmd)
# delete this user
db.session.delete(user)
db.session.commit()
# return
return delete_response()
def ga_revoke(user, org):
ga_token = Auth.query\
.filter_by(org_id=org.id, name='google-analytics')\
.first()
obj_or_404(ga_token,
'You have not authenticated yet with google-analytics.')
token = ga_token.to_dict()['value']
token.pop('properties')
# revoke google analytics
ga_revoke_access(token)
# drop token from table
db.session.delete(ga_token)
db.session.commit()
return delete_response()
def ga_revoke(user, org):
ga_token = Auth.query\
.filter_by(org_id=org.id, name='google-analytics')\
.first()
obj_or_404(ga_token,
'You have not authenticated yet with google-analytics.')
token = ga_token.to_dict()['value']
token.pop('properties')
# revoke google analytics
ga_revoke_access(token)
# drop token from table
db.session.delete(ga_token)
db.session.commit()
return delete_response()
def delete_setting(user, org, level, name_id):
if level not in ['me', 'orgs']:
raise NotFoundError(
'You cannot store settings for \'{}\''.format(level))
s = fetch_by_id_or_field(Setting,
'name',
name_id,
org_id=org.id,
user_id=user.id,
level=level)
if not s:
raise NotFoundError('Setting "{}" does not yet exist.'.format(
name_id, org.name))
db.session.delete(s)
db.session.commit()
return delete_response()
def delete_me(user):
"""
Permanently delete yourself.
Assigns all of the recipes you've
created to the super user.
"""
# get the super user
super_user = User.query\
.filter_by(email=settings.SUPER_USER_EMAIL)\
.first()
# reassign this user's recipes to the super user
cmd = "UPDATE recipes set user_id={} WHERE user_id={};"\
.format(super_user.id, user.id)
db.session.execute(cmd)
# delete this user
db.session.delete(user)
db.session.commit()
# return
return delete_response()
