def put(self):
request_json = request.get_json(silent=True)
username = get_jwt_identity()
if not request_json:
err_msg = "Body should not be empty"
return {"message": err_msg}, 400
old_password: str = request_json.get('old_password')
new_password: str = request_json.get('new_password')
confirm_password: str = request_json.get('confirmation_password')
if not old_password or not new_password or not confirm_password:
err_msg = "Please check password fields."
return {"message": err_msg}, 400
current_user = UserRepository.get(username)
current_password = current_user.get("password")
if not current_password:
err_msg = "Can't retrieve previous password."
return {"message": err_msg}, 400
if not UserRepository.verify_hash(old_password, current_password):
err_msg = "Wrong old password value."
return {"message": err_msg}, 400
if new_password != confirm_password:
err_msg = "New password doesn't match with confirmation password."
return {"message": err_msg}, 400
if not new_password:
err_msg = "New password is empty. Update didn't pass"
return {"message": err_msg}, 400
user = UserRepository.update_password(username, new_password)
return user, 200
def test_update(self):
""" The PUT on `/user` should update an user's info"""
user = UserRepository.create(first_name="John", last_name="Doe")
response = self.client.put(
"/application/user/{}".format(user.id),
content_type="application/json",
data=json.dumps(
dict(first_name="John",
last_name="Doe",
emails=["*****@*****.**"],
phone_numbers=["+491424324435"])),
)
self.assertEqual(response.status_code, 200)
response_json = json.loads(response.data.decode("utf-8"))
self.assertEqual(
response_json,
{
"user":
dict(user_id=user.id,
first_name="John",
last_name="Doe",
emails=["*****@*****.**"],
phone_numbers=["+491424324435"])
},
)
user = UserRepository.get(user_id=user.id)
self.assertEqual(user.first_name, "John")
def post(email: str, password: str):
if UserRepository.find_by_email(email):
return {"message": "Email already exits"}, 400
else:
user = UserRepository.create(
email=email, password=generate_password_hash(password))
return user.json
def put(last_name, first_name, age):
""" Update an user based on the sent information """
repository = UserRepository()
user = repository.update(last_name=last_name,
first_name=first_name,
age=age)
return jsonify({'user': user.json})
def post(self):
request_json = request.get_json(silent=True)
username: str = request_json.get("username")
password: str = request_json.get("password")
# lookup by username
if not username or not password:
err_msg = "Please check the credentials."
return {"message": err_msg}, 400
if UserRepository.get(username):
current_user = UserRepository.get(username)
else:
err_msg = f"User {username} doesn't exist"
return {"message": err_msg}, 404
if not current_user.get("active"):
err_msg = "User was deleted. Please contact the admin."
return {"message": err_msg}, 404
if UserRepository.verify_hash(password, current_user.get("password")):
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
msg = "Logged in as {}".format(current_user.get("username"))
response = {
"message": msg,
"access_token": access_token,
"refresh_token": refresh_token,
}
return response, 200
else:
return {"message": "Wrong password"}, 401
def auth_wrapper(*args, **kwargs):
try:
auth_header = request.headers['Authorization']
token = auth_header.split(' ')[1]
id_info = id_token.verify_oauth2_token(token, requests.Request(),
config.GOOGLE_CLIENT_ID)
oid = id_info["sub"]
picture = id_info["picture"]
name = id_info["name"]
email = id_info["email"]
user = UserRepository.get(oid)
if user:
user = UserRepository.update(oid, email, picture, name)
else:
user = UserRepository.create(oid, email, picture, name)
if 'oid' in kwargs:
if kwargs['oid'] != user.oid:
return render_error(
"You don't have right access to this page", 403)
kwargs.update({'user': user})
return method(*args, **kwargs)
except Exception as exc:
return render_error(str(exc), 401)
def test_get(self):
""" The GET on `/user` should return an user """
UserRepository.create(first_name='John', last_name='Doe', age=25)
response = self.client.get('/application/user/Doe/John')
self.assertEqual(response.status_code, 200)
response_json = json.loads(response.data.decode('utf-8'))
self.assertEqual(response_json, {'user': {'age': 25, 'first_name': 'John', 'last_name': 'Doe'}})
def put(last_name, first_name, age):
""" Update an user based on the sent information """
repository = UserRepository()
user = repository.update(last_name=last_name,
first_name=first_name,
age=age)
if user:
return jsonify({'user': user.json})
return bad_request('unable to update user')
def post(username, password, name, type):
ensure_user(user_type="admin")
if UserRepository.get(username) is not None:
abort(400, msg="existing user")
user = UserRepository.create(username, password, name, type)
user_json = user.json
del user_json["password"]
return user_json, 200
def put(user_id, last_name, first_name, email, age, gender):
""" Update an user based on the sent information """
repository = UserRepository()
user = repository.update(user_id=user_id,
last_name=last_name,
first_name=first_name,
email=email,
age=age,
gender=gender)
return jsonify({"user": user.json})
def test_get(self):
UserRepository.create(id='curso-departamento-pessoal---presencial-manha__534240')
response = self.client.get('/application/event/curso-departamento-pessoal---presencial-manha__534240')
self.assertEqual(response.status_code, 200)
response_json = json.loads(response.data.decode('utf-8'))
self.assertEqual(
response_json,
{'event': {'id': 'curso-departamento-pessoal---presencial-manha__534240'}}
)
def test_get_username(self):
username = "******"
password = "******"
password_hash_salt = make_pw_hash(username, password)
user = User(username=username, password_hash_salt=password_hash_salt)
assert UserRepository.username_not_taken(username)
user.put()
assert not UserRepository.username_not_taken(username)
user_id = UserRepository.user_id_from_username_password(username, password)
assert user_id == user.key().id()
def test_get(self):
""" The GET on `/user` should return an user """
UserRepository.create(first_name="John", last_name="Doe", age=25)
response = self.client.get("/application/user/Doe/John")
self.assertEqual(response.status_code, 200)
response_json = json.loads(response.data.decode("utf-8"))
self.assertEqual(
response_json,
{"user": {"age": 25, "first_name": "John", "last_name": "Doe"}},
)
def post(last_name, first_name, age):
""" Create an user based on the sent information """
existing_user = UserRepository.get(last_name=last_name,
first_name=first_name)
if existing_user:
return bad_request('user already in database')
user = UserRepository.create(last_name=last_name,
first_name=first_name,
age=age)
if user:
return jsonify({'user': user.json})
return bad_request('unable to create user')
def test_create(self, mock_decorator):
""" The POST on `/user` should create an user """
UserRepository.create(first_name='John', last_name='Doe', age=25)
response = self.client.post(
'/api/users/Doe/John',
content_type='application/json',
headers={'Authorization': 'Bearer token'},
data=json.dumps({
'age': 30
})
)
self.assertEqual(response.status_code, 400)
def put(user_id,
last_name=None,
first_name=None,
emails=None,
phone_numbers=None):
""" Update an user based on the sent information """
repository = UserRepository()
user = repository.update(user_id=user_id,
last_name=last_name,
first_name=first_name,
emails=emails,
phone_numbers=phone_numbers)
return jsonify({"user": user.json})
def test_update(self):
""" The PUT on `/user` should update an user's age """
UserRepository.create(first_name='John', last_name='Doe', age=25)
response = self.client.put(
'/application/user/Doe/John',
content_type='application/json',
data=json.dumps({
'age': 30
})
)
self.assertEqual(response.status_code, 200)
response_json = json.loads(response.data.decode('utf-8'))
self.assertEqual(response_json, {'user': {'age': 30, 'first_name': 'John', 'last_name': 'Doe'}})
user = UserRepository.get(first_name='John', last_name='Doe')
self.assertEqual(user.age, 30)
def remove(user_id: str):
twit_casting_api_service = TwitCastingApiService(base_url, client_id,
client_secret, app.logger)
response = twit_casting_api_service.delete_webhooks(user_id, True, True)
user_repository = UserRepository(twit_casting_api_service, cache)
user = user_repository.get_by_id(user_id)
if isinstance(response, DeleteWebhookOkResponse):
flash("Successfully deleted: %s (%s)" % (user.screen_id, user_id),
"success")
else:
flash(
"Failed. status %s, message: %s" %
(response.code, response.message), "failure")
return redirect(url_for("index"))
async def is_allowed(self):
if self.force_allowed:
return True
user_repository_instance = UserRepository()
repo_repository_instance = RepoRepository()
user = await user_repository_instance.find_one(
github_username=self.author)
if not user:
log.warning(
'Couldn\'t find user in our database with this github username: %s',
self.author)
return False
dm_id = user.slack_dm_id
repo = await repo_repository_instance.find_one(
repo_url=self.repo_url, subscribed_user_id=user.id)
if not repo:
log.warning('User %s is not subscribed for %s repository',
self.author, self.repo_url)
return False
if not dm_id:
dm_id = await SlackManager(token=os.environ.get('SLACK_TOKEN')
).create_dm_id(
slack_user_id=user.slack_id)
await user_repository_instance.update(
values={'slack_dm_id': dm_id}, id=user.id)
self.slack_dm_id = user.slack_dm_id
self.slack_user_id = user.slack_id
return True
def get(last_name, first_name):
"""
Return an user key information based on his name
---
tags:
- user
parameters:
- name: last_name
in: path
type: string
description: the last name of the user
- name: first_name
in: path
type: string
description: the last name of the user
responses:
200:
description: The user's information were successfully retrieved
schema:
example:
user:
last_name: Doe
first_name: John
age: 30
"""
user = UserRepository.get(last_name=last_name, first_name=first_name)
return jsonify({'user': user.json})
def get():
username = get_jwt_identity()
user = UserRepository.get(username)
if user is None:
abort(400, msg="fatal error, not recognised user")
if user.user_type == "admin":
tasks = user.tasks
tasks = [{
"id":
task.id,
"name":
task.name,
"total":
task.total,
"assignees": [{
"name": job.user.name,
"id": job.user.id
} for job in task.jobs],
} for task in tasks]
return tasks
else:
jobs = user.jobs
tasks = [{
"id": job.task.id,
"name": job.task.name,
"total": job.task.total
} for job in jobs]
return tasks
def post(email: str, password: str):
user = UserRepository.find_by_email(email)
if not user or email != user.email or not check_password_hash(
user.password, password):
return {"message": "Bad username or password"}, 400
access_token = create_access_token(identity=email)
return {"access_token": access_token}, 200
def create():
""" Create a auth """
body = request.get_json()
auth = AuthRepository.getByUsername(body["username"].lower())
expires = datetime.timedelta(days=1)
if not auth:
pw_hash = generate_password_hash(body["password"], 10)
auth = AuthRepository.create(body["username"].lower(), pw_hash)
user = UserRepository.create(body["username"], None, None)
expires = datetime.timedelta(days=1)
# access_token = create_access_token(identity = { "username": auth.username, "id": auth.id }, expires_delta=expires)
access_token = create_access_token(identity={
"username": auth.username,
"id": auth.id
})
response = jsonify({"success": True, "access_token": access_token})
response.status_code = 200
return response
validatePassword = check_password_hash(auth.password, body["password"])
if not validatePassword:
response = jsonify({
"success": False,
"message": "Invalid username or password"
})
response.status_code = 200
return response
access_token = create_access_token(identity={
"username": auth.username,
"id": auth.id
})
AuthRepository.updateToken(id=auth.id, token=access_token)
response = jsonify({"success": True, "access_token": access_token})
response.status_code = 200
return response
def unsubscribe(self):
self.payload = parse.parse_qs(self.payload)
github_repo = self.payload.get('text').pop()
github_repo = github_repo.rstrip('>').lstrip('<')
user_slack_id = self.payload.get('user_id').pop()
msg = {'text': ''}
user = UserRepository.get_user_by_slack_id(user_slack_id)
if not user:
return attach_message(msg, 'You are not registered here')
repo = sa.select([repository_t]).where(
sa.and_(repository_t.c.subscribed_user_id == user.id,
repository_t.c.repo_url.like(
github_repo))).execute().fetchone()
if not repo:
return attach_message(
msg,
f'You are not subscribed to this repository {github_repo}')
log.info('Unsubscribe %s to %s',
self.payload.get('user_name', []).pop(), github_repo)
repository_t.delete().where(
sa.and_(repository_t.c.subscribed_user_id == user.id,
repository_t.c.repo_url == repo.repo_url)).execute()
return attach_message(msg,
f'Successfully unsubscribed from {github_repo}',
color='#47a450')
def subscribe(self):
self.payload = parse.parse_qs(self.payload)
github_repo = self.payload.get('text').pop()
github_repo = github_repo.rstrip('>').lstrip('<')
user_slack_id = self.payload.get('user_id').pop()
user = UserRepository.get_user_by_slack_id(user_slack_id)
msg = {
'text': '',
}
if not user:
return attach_message(
msg,
'You must first register via /signin %your_github_username%')
repo = sa.select([repository_t.c.repo_url]).where(
sa.and_(repository_t.c.subscribed_user_id == user.id,
repository_t.c.repo_url ==
github_repo.lower())).execute().fetchone()
if repo:
return attach_message(
msg,
f'You are already subscribed to this repository {github_repo}')
log.info('Subscribing %s to %s',
self.payload.get('user_name', []).pop(), github_repo)
repository_t.insert().values({
'subscribed_user_id': user.id,
'repo_url': github_repo
}).execute()
return attach_message(msg,
f'Successfully subscribed to {github_repo}',
color='#47a450')
def post(last_name, first_name, emails, phone_numbers):
""" Create an user based on the sent information """
user = UserRepository.create(last_name=last_name,
first_name=first_name,
emails=emails,
phone_numbers=phone_numbers)
return jsonify({"user": user.json})
def post(name, task_file, mode):
""" Create a task based on the uploaded file """
username = get_jwt_identity()
user = UserRepository.get(username)
if user is None:
abort(400, msg="fatal error, not recognised user")
if user.user_type != "admin":
abort(400, msg="only admin user can create task")
if len(task_file) == 0:
abort(400, msg="no task file specified")
file = task_file[0]
filename = secure_filename(file.filename)
filename = os.path.splitext(os.path.basename(filename))[0]
if not filename:
abort(400, msg="invalid filename")
file_path = os.path.join(TASK_DATA_PATH, filename + ".txt")
file.save(file_path)
if not TaskRepository.create(name, user, 0, file_path, mode):
# os.remove(file_path)
abort(400, msg="failed to create task")
return {"msg": "successuflly created"}
def delete(username):
""" Return an user key information based on his name """
ensure_user(user_type="admin")
rsl = UserRepository.delete(username=username)
if rsl:
return {"msg": "Sucessfully deleted."}, 200
else:
return {"msg": "User does not exist."}, 400
def get(username):
""" Return an user key information based on his name """
ensure_user(user_type="admin")
user = UserRepository.get(username=username)
if user is not None:
return user.json
else:
abort(404, msg="User not found")
def post(last_name, first_name, email, age, gender):
""" Create an user based on the sent information """
user = UserRepository.create(last_name=last_name,
first_name=first_name,
email=email,
age=age,
gender=gender)
return jsonify({"user": user.json})
def post(last_name, first_name, age):
""" Create an user based on the sent information """
user = UserRepository.create(
last_name=last_name,
first_name=first_name,
age=age
)
return jsonify({'user': user.json})
def __init__(self):
"""initialize objects available to all api endpoint methods"""
self.games = GameStateRepository()
self.users = UserRepository()
self.moves = MoveRepository()
class WordWarsApi(remote.Service):
"""Google endpoints API for WordWars game service."""
def __init__(self):
"""initialize objects available to all api endpoint methods"""
self.games = GameStateRepository()
self.users = UserRepository()
self.moves = MoveRepository()
@endpoints.method(request_message=NEW_USER_REQUEST,
response_message=StringMessage,
path='user',
name='create_user',
http_method='POST')
def create_user(self, request):
"""Create a User. Requires a unique username"""
if self.users.findByName(request.user_name):
raise endpoints.ConflictException(
'A User with that name already exists!')
if not EMAIL_REGEX.match(request.email):
raise endpoints.BadRequestException(
'Email address is not valid: {}'.format(request.email))
user = User.create(request.user_name, request.email)
self.users.register(user)
return StringMessage(message='User {} created!'.format(request.user_name))
@endpoints.method(request_message=USERNAME_REQUEST,
response_message=StringList,
path='user/{user_name}/games',
name='get_user_games',
http_method='GET')
def get_user_games(self, request):
"""Return id values for all games where this user is a player."""
user = self.userByName(request.user_name)
idList = []
for p in PlayerStateRepository().findByUser(user):
idList.append(self.games.id(p.game))
gameIds = StringList()
gameIds.strings = idList
return gameIds
@endpoints.method(request_message=PLAIN_REQUEST,
response_message=IdForm,
path='game/new',
name='new_unstarted_game',
http_method='POST')
def new_unstarted_game(self, request):
"""Create a new game with no users and return its ID."""
game = GameState.create()
# "register" on next line sets "board" and other persistent variables
self.games.register(game)
# TODO: JSON response
next = game.nextPlayer()
return IdForm(urlsafe_key=self.games.id(game))
@endpoints.method(request_message=GAME_ID_REQUEST,
response_message=GameForm,
path='game/{gameid}',
name='get_game',
http_method='GET')
def get_game(self, request):
"""Return game state for requested ID."""
game = self.gameById(request.gameid)
return self.gameFormFrom(game, '')
@endpoints.method(request_message=ADD_USER_REQUEST,
response_message=StringMessage,
path='game/{gameid}/add_user',
name='add_user',
http_method='PUT')
def add_user(self, request):
"""Add user to requested game."""
game = self.gameById(request.gameid)
if game.started():
raise endpoints.BadRequestException(
'Can''t add user after game is started.')
user = self.userByName(request.user_name)
game.addPlayer(user)
self.games.update(game)
return StringMessage(message='User {} added!'.format(request.user_name))
@endpoints.method(request_message=GAME_ID_REQUEST,
response_message=GameForm,
path='game/{gameid}/start',
name='start_game',
http_method='PUT')
def start_game(self, request):
"""Start requested game (no more players may be added)."""
game = self.gameById(request.gameid)
if len(game.players) <= 0:
raise endpoints.BadRequestException(
'Must add players before starting.')
self.validateNotOver(game)
self.validateNotCancelled(game)
game.start()
self.games.update(game)
return self.gameFormFrom(game, '')
@endpoints.method(request_message=MAKE_MOVE_REQUEST,
response_message=GameForm,
path='game/{gameid}/move',
name='make_move',
http_method='PUT')
def make_move(self, request):
"""Add requested word to the board at x,y, across or not."""
game = self.gameById(request.gameid)
self.validateStarted(game)
self.validateNotOver(game)
self.validateNotCancelled(game)
if game.nextPlayer().player.name != request.user_name:
raise endpoints.BadRequestException(
'Not turn yet for {}'.format(request.user_name))
user = self.users.findByName(request.user_name)
word = request.word
across = request.across
x = request.x
y = request.y
scoreBefore = game.scoreForUser(user)
if len(request.word) <= 0:
game.skipTurn(user)
else:
try:
game.playWord(user, x, y, across, word)
except Exception, e:
raise endpoints.BadRequestException(
'Illegal move: {}'.format(e.message))
scoreAfter = game.scoreForUser(user)
playScore = scoreAfter - scoreBefore
self.games.update(game)
# keep history of moves
self.moves.register(
Move.create(game, user, word, across, x, y, playScore))
return self.gameFormFrom(
game, self.lastPlayDescription(scoreBefore, scoreAfter))
