def generic_post(schema, data):
try:
obj = schema.load(data)
except ValidationError as e:
return mk_errors(400, fmt_validation_error_messages(e.messages))
try:
db.session.add(obj)
db.session.commit()
except exc.IntegrityError as e:
db.session.rollback()
return mk_errors(400, '{}'.format(e.args))
ret = {
'data': schema.dump(obj),
}
return ret
def generic_put(obj, schema, data):
if obj is None:
return mk_errors(404, 'element does not exist')
try:
obj = schema.load(data, instance=obj, partial=True)
db.session.add(obj)
db.session.commit()
except ValidationError as e:
return mk_errors(400, fmt_validation_error_messages(e.messages))
except exc.IntegrityError as e:
db.session.rollback()
return mk_errors(400, '{}'.format(e.args))
ret = {
'data': schema.dump(obj),
}
return ret
def generic_error_handler(error):
code = getattr(error, 'status_code', 500)
if current_app.config['DEBUG']:
messages = [str(error)]
else:
messages = ['something went wrong!']
return mk_errors(code, messages)
def jwt_error_handler(error):
code = 401
if isinstance(error, jwt.exceptions.ExpiredSignatureError):
messages = ['expired_token']
else:
messages = list(getattr(error, 'args', []))
return mk_errors(code, messages)
def generic_get(obj, schema):
if obj is None:
return mk_errors(404, 'element does not exist')
data = schema.dump(obj)
ret = {
'data': data,
}
return ret
def get(self, subforum_id):
subforum = Subforum.query.get(subforum_id)
if subforum is None:
return mk_errors(404, 'subforum does not exist')
args = parse_get_topics_args(request)
ret = get_topics(
full_query=Topic.query.filter_by(subforum_id=subforum_id), **args)
return ret
def get(self, user_id):
user = User.query.get(user_id)
if user is None:
return mk_errors(404, 'user does not exist')
args = parse_get_coll_args(request)
ret = generic_get_coll(
full_query=Post.query.filter_by(user_id=user_id),
schema=PostSchema(many=True),
**args)
return ret
def post(self):
'''
Revoke access token.
'''
jti = get_raw_jwt()['jti']
try:
revoked_token = RevokedToken(jti=jti)
revoked_token.save()
return '', 204
except Exception as e:
print('WTF: {}'.format(e))
return mk_errors(500, 'error in logout')
def post(self):
'''
Login into system.
'''
args = request.form
if not 'password' in args:
return mk_errors(400, 'email is required')
if 'username' in args:
user = User.query.filter_by(username=args['username']).first()
elif 'email' in args:
user = User.query.filter_by(email=args['email']).first()
else:
return mk_errors(400, 'email or username are required')
if user is None or not verify_hash(args['password'], user.password):
return mk_errors(400, 'invalid credentials')
access_tok = create_access_token(identity=user.username)
refresh_tok = create_refresh_token(identity=user.username)
return {
'access_token': access_tok,
'refresh_token': refresh_tok,
}
def http_error_handler(error):
resp = error.response
if resp is None:
code = error.code
messages = [error.description]
else:
code = getattr(resp, 'status_code', 500)
json = resp.get_json()
if 'errors' in json and json['errors']:
messages = [e['message'] for e in json['errors'] if 'message' in e]
else:
messages = [str(resp.status)]
return mk_errors(code, messages)
def error_handler(error):
try:
if isinstance(error,
(JWTExtendedException, jwt.exceptions.PyJWTError)):
return jwt_error_handler(error)
elif isinstance(error, HTTPException):
return http_error_handler(error)
elif isinstance(error, ValidationError):
return validation_error_handler(error)
elif isinstance(error, PermissionError):
return permission_error_handler(error)
else:
return generic_error_handler(error)
except:
return mk_errors(500, 'something went wrong!')
def post(self, subforum_id):
subforum = get_obj(Subforum.query.filter_by(subforum_id=subforum_id),
'subforum does not exist')
user = get_user(username=get_jwt_identity())
check_permissions(user, [
CreateTopicInSubforum(subforum),
])
check_post_time_interval(user, Topic)
#validating/updating data
data = request.form.to_dict()
data['user_id'] = user.user_id
data['subforum_id'] = subforum.subforum_id
schema = TopicSchema()
errors = schema.validate(data)
if errors:
return mk_errors(400, fmt_validation_error_messages(errors))
ret = generic_post(
schema=schema,
data=data,
)
#updating number of topics by user
user.n_topics += 1
user.save()
return ret
def post(self, topic_id):
topic = get_obj(
Topic.query.filter_by(topic_id=topic_id), 'topic does not exist')
user = get_user(username=get_jwt_identity())
check_permissions(user, [
CreatePostInTopic(topic),
])
check_post_time_interval(user, Post)
#validating/updating data
data = request.form.to_dict()
data['user_id'] = user.user_id
data['topic_id'] = topic.topic_id
schema = PostSchema()
errors = schema.validate(data)
if errors:
return mk_errors(400, fmt_validation_error_messages(errors))
ret = generic_post(
schema=schema,
data=data,
)
#updating number of posts by user
user.n_posts += 1
user.save()
return ret
def generic_delete(obj):
if obj is None:
return mk_errors(404, 'element does not exist')
db.session.delete(obj)
db.session.commit()
return '', 204
def validation_error_handler(error):
code = getattr(error, 'status_code', 500)
messages = getattr(error, 'messages', [])
return mk_errors(code, messages)
def permission_error_handler(error):
code = 401
messages = list(getattr(error, 'args', ['permission denied for action']))
return mk_errors(code, messages)
