def test_get_users(self):
response = self.client.get(
url_for('api.user_list'), headers=self.user1_token_auth_headers)
self.assertEqual(response.status_code, 200)
data = json.loads(response.data)
data1 = users_schema.dump(User.query.all())
self.assertEqual(data, data1)
self.assertEqual(len(data), 2)
self.assertIn(user_schema.dump(self.user1), data)
self.assertIn(user_schema.dump(self.user2), data)
def test_get_user(self):
response = self.client.get(
url_for('api.user_detail', user_id=self.user1.id),
headers=self.user1_token_auth_headers)
self.assertEqual(response.status_code, 200)
data = user_schema.dump(User.query.get(self.user1.id))
self.assertEqual(json.loads(response.data), data)
def post(self):
try:
data = user_schema.load(request.get_json() or {})
except ValidationError as err:
first_invalid_field = list(err.messages.keys())[0]
message = err.messages[first_invalid_field]
abort(400, f'{first_invalid_field}: {message}')
if User.query.filter_by(username=data['username']).first():
raise exceptions.UsernameAlreadyUsed
if User.query.filter_by(email=data['email']).first():
raise exceptions.EmailAddressAlreadyUsed
user = User(**data)
db.session.add(user)
db.session.commit()
payload = {
'token': login(user_id=user.id),
'user': user_schema.dump(user)
}
response = jsonify(payload)
response.status_code = 201
response.headers['Location'] = url_for('api.user_detail',
user_id=user.id)
return response
def create_user():
user_to_create, errors = user_schema.load(request.get_json())
req_json = request.get_json()
if not req_json.get('password', None):
errors.update({'password': ['Missing data for required field.']})
raise InvalidRequest(errors, status_code=400)
save_model_user(user_to_create, pwd=req_json.get('password'))
return jsonify(data=user_schema.dump(user_to_create).data), 201
def update_user_attribute(user_id):
user_to_update = get_user_by_id(user_id=user_id)
req_json = request.get_json()
update_dct, errors = user_update_schema_load_json.load(req_json)
if errors:
raise InvalidRequest(errors, status_code=400)
save_user_attribute(user_to_update, update_dict=update_dct)
return jsonify(data=user_schema.dump(user_to_update).data), 200
def get_user(user_id=None):
try:
users = get_model_users(user_id=user_id)
except DataError:
return jsonify(result="error", message="Invalid user id"), 400
except NoResultFound:
return jsonify(result="error", message="User not found"), 404
result = users_schema.dump(users) if isinstance(users, list) else user_schema.dump(users)
return jsonify(data=result.data)
def get_by_email():
email = request.args.get('email')
if not email:
error = 'Invalid request. Email query string param required'
raise InvalidRequest(error, status_code=400)
fetched_user = get_user_by_email(email)
result = user_schema.dump(fetched_user)
return jsonify(data=result.data)
def user():
"""Get the current user's information."""
user = User.query.filter(User.id == current_user.id).options(
joinedload(User.stamp)).one()
user_data = user_schema.dump(user)
user_data["stamp"] = user.stamp.to_dict()
print(user_data, "--------------------HEREE--------------")
del user_data["hashed_password"]
return jsonify(user_data)
def get_user(user_id=None):
try:
users = get_model_users(user_id=user_id)
except DataError:
return jsonify(result="error", message="Invalid user id"), 400
except NoResultFound:
return jsonify(result="error", message="User not found"), 404
result = users_schema.dump(users) if isinstance(
users, list) else user_schema.dump(users)
return jsonify(data=result.data)
def test_to_json(self):
u = User(email='*****@*****.**', password='******')
db.session.add(u)
db.session.commit()
json_user = user_schema.dump(u).data
expected_keys = ('username', 'name', 'member_since',
'last_seen', 'images', 'challenged_by', 'challenged_who',
'votes', '_links')
self.assertEqual(sorted(json_user.keys()), sorted(expected_keys))
self.assertTrue('api/user/' in json_user['_links']['self'])
def update_user(user_id):
user_to_update = get_user_by_id(user_id=user_id)
req_json = request.get_json()
update_dct, errors = user_schema_load_json.load(req_json)
pwd = req_json.get('password', None)
# TODO password validation, it is already done on the admin app
# but would be good to have the same validation here.
if pwd is not None and not pwd:
errors.update({'password': ['Invalid data for field']})
raise InvalidRequest(errors, status_code=400)
save_model_user(user_to_update, update_dict=update_dct, pwd=pwd)
return jsonify(data=user_schema.dump(user_to_update).data), 200
def create_user():
user, errors = user_schema.load(request.get_json())
req_json = request.get_json()
# TODO password policy, what is valid password
if not req_json.get('password'):
errors = {'password': ['Missing data for required field.']}
return jsonify(result="error", message=errors), 400
if errors:
return jsonify(result="error", message=errors), 400
user.password = req_json.get('password')
save_model_user(user)
return jsonify(data=user_schema.dump(user).data), 201
def create_user():
user, errors = user_schema.load(request.get_json())
req_json = request.get_json()
# TODO password policy, what is valid password
if not req_json.get('password'):
errors = {'password': ['Missing data for required field.']}
return jsonify(result="error", message=errors), 400
if errors:
return jsonify(result="error", message=errors), 400
user.password = req_json.get('password')
save_model_user(user)
return jsonify(data=user_schema.dump(user).data), 201
def put(self, user_id):
user = User.query.get_or_404(user_id)
raw_data = request.get_json() or {}
data = user_schema.load(raw_data, partial=True)
if 'username' in data and \
data['username'] != user.username and \
User.query.filter_by(username=data['username']).first():
raise exceptions.UsernameAlreadyUsed
if 'email' in data and \
data['email'] != user.email and \
User.query.filter_by(email=data['email']).first():
raise exceptions.EmailAddressAlreadyUsed
user.update(**data)
db.session.commit()
return user_schema.dump(user)
def post(self):
if "email" in request.json and User.exists(
email=request.json["email"]):
return self.render_error(
400,
f"A user with email {request.json['email']} already exists")
end
try:
new_user = User.new(request.json)
except Exception as e:
return self.render_error(400, e.args[0])
end
new_user.save()
return jsonify(user_schema.dump(new_user)), 201
def update_user(user_id):
try:
user = get_model_users(user_id=user_id)
except DataError:
return jsonify(result="error", message="Invalid user id"), 400
except NoResultFound:
return jsonify(result="error", message="User not found"), 404
if request.method == 'DELETE':
status_code = 202
delete_model_user(user)
else:
# TODO removed some validation checking by using load
# which will need to be done in another way
status_code = 200
db.session.rollback()
save_model_user(user, update_dict=request.get_json())
return jsonify(data=user_schema.dump(user).data), status_code
def update_user(user_id):
try:
user = get_model_users(user_id=user_id)
except DataError:
return jsonify(result="error", message="Invalid user id"), 400
except NoResultFound:
return jsonify(result="error", message="User not found"), 404
if request.method == 'DELETE':
status_code = 202
delete_model_user(user)
else:
# TODO removed some validation checking by using load
# which will need to be done in another way
status_code = 200
db.session.rollback()
save_model_user(user, update_dict=request.get_json())
return jsonify(data=user_schema.dump(user).data), status_code
def create_user():
try:
data = user_schema.loads(request.data)
except ValidationError as err:
return error_response(400, err.messages)
if "id" in data and data["id"] != 0:
return error_response(400)
if User.query.filter_by(username=data["username"]).first():
return error_response(400, "User already exists.")
if User.query.filter_by(email=data["email"]).first():
return error_response(400, "User already exists.")
user = User(username=data["username"], email=data["email"])
user.set_password(data["password"])
db.session.add(user)
db.session.commit()
response = jsonify(user_schema.dump(user))
response.status_code = 201
response.headers["Location"] = url_for("api.get_user", user_id=user.id)
return response
def habit_details(hid, mid):
"""Get a habit's details, including recent history."""
# TODO Ask TA how to filter joinedload to only return dailystamps of 'member id blah', and filter attributes for each joinedload.
habit = Habit.query.filter(Habit.id == hid).options( \
joinedload(Habit.color), \
joinedload(Habit.stamp), \
joinedload(Habit.program), \
joinedload(Habit.creator), \
joinedload(Habit.daily_stamps)) \
.one()
habit_data = habit_schema.dump(habit)
habit_data["color"] = color_schema.dump(habit.color)
habit_data["stamp"] = stamp_schema.dump(habit.stamp)
habit_data["program"] = program_schema.dump(habit.program)
habit_data["creator"] = user_schema.dump(habit.creator)
habit_data["daily_stamps"] = dailystamp_schema.dump(
[stamp for stamp in habit.daily_stamps if stamp.member_id == mid])
print("\nSINGLE HABIT DATA", habit_data)
return jsonify(habit_data)
def authenticate():
"""Authenticates a user"""
user = User.query.options( \
joinedload(User.color), \
joinedload(User.stamp), \
joinedload(User.memberships), \
).get(current_user.id)
if user.is_authenticated:
user_data = user_schema.dump(current_user)
user_data["color"] = color_schema.dump(user.color)
user_data["stamp"] = stamp_schema.dump(user.stamp)
print("\nauthed user")
user_data["memberships"] = {
m["id"]: m
for m in dump_data_list(user.memberships, member_schema)
}
print("\nUSER WITH MEMBERS")
# pprint(user_data)
return jsonify(user_data)
return {'errors': ['Unauthorized']}, 401
def update_user(user_id):
try:
data = user_schema.loads(request.data)
except ValidationError as err:
return error_response(400, err.messages)
# "user_id" in request data is optional but if "user_id" was provided then it has to match the resource id
if data["id"] != 0 and data["id"] != user_id:
return error_response(400, "Request data id has to match resource id.")
user = User.query.get_or_404(user_id)
check_user = User.query.filter_by(username=data["username"]).first()
if check_user and check_user.id != user_id:
return error_response(400, "User already exists.")
check_user = User.query.filter_by(email=data["email"]).first()
if check_user and check_user.id != user_id:
return error_response(400, "User already exists.")
user.username = data["username"]
user.email = data["email"]
user.set_password(data["password"])
db.session.add(user)
db.session.commit()
return jsonify(user_schema.dump(user))
def put(self, id):
user = request.user
params = request.json
if "first_name" in params:
user.first_name = params["first_name"]
if "last_name" in params:
user.last_name = params["last_name"]
if "email" in params:
user.email = params["email"]
if "is_active" in params:
user.is_active = params["is_active"] in [
"YES", "yes", "Y", "y", 1, True
]
user.save()
return jsonify(user_schema.dump(user))
def program_rewards(pid):
"""Get a list of a program's custom rewards."""
rewards = Reward.query.filter(Reward.program_id == pid).options(
joinedload(Reward.stamp), joinedload(Reward.color),
joinedload(Reward.creator)).all()
rewards_obj = {}
rewards_data = dump_data_list(rewards, reward_schema)
rewards_data = [reward for reward in rewards_data]
i = 0
for reward in rewards:
rewards_data[i]["color"] = color_schema.dump(reward.color)
rewards_data[i]["stamp"] = stamp_schema.dump(reward.stamp)
rewards_data[i]["creator"] = user_schema.dump(reward.creator)
rewards_obj[rewards_data[i]["id"]] = rewards_data[i]
if rewards_data[i]["quantity"] == -1:
rewards_data[i]["quantity"] = "∞"
if rewards_data[i]["limit_per_member"] <= 0:
rewards_data[i]["limit_per_member"] = "∞"
i += 1
print("\n\nPROGRAM REWARDS", rewards_obj)
return jsonify(rewards_obj)
def create_reward(pid):
print("\nmaking reward")
form = RewardForm()
form['csrf_token'].data = request.cookies['csrf_token']
print("REWARD FORM", form.data, form.validate())
if form.validate():
print("VALIDATED")
reward = Reward(
reward=form['reward'].data,
type='custom',
description=form['description'].data,
color_id=form['color'].data,
stamp_id=form['stamp'].data,
cost=form['cost'].data,
limit_per_member=form['limit'].data,
quantity=form['quantity'].data,
creator_id=request.json['userId'],
program_id=pid,
)
db.session.add(reward)
db.session.commit()
reward_data = reward_schema.dump(reward)
reward_data["color"] = color_schema.dump(reward.color)
reward_data["stamp"] = stamp_schema.dump(reward.stamp)
reward_data["creator"] = user_schema.dump(reward.creator)
reward_data["program"] = program_schema.dump(reward.program)
if form['quantity'].data == -1:
reward_data["quantity"] = "∞"
if form['limit'].data == -1:
reward_data["limit_per_member"] = "∞"
print("\nCREATED REWARD")
pprint(reward_data)
return jsonify(reward_data)
return "Oh nooo no reward made D: "
def redeem_reward(rid, mid):
"""Redeem a reward for a member."""
reward = Reward.query.filter(Reward.id == rid).one()
member = Member.query.filter(Member.id == mid).one()
if reward.limit_per_member > 0:
redeemed_count = Redeemed.query.filter(
Redeemed.reward_id == reward.id,
Redeemed.user_id == member.member.id).count()
if redeemed_count >= reward.limit_per_member:
return f"You have too many, sorry T_T . Only {str(reward.limit_per_member)} per customer!"
if reward.quantity == 0:
return "There aren't any left, sorry T_T"
if member.points < reward.cost:
return "You need more points please TT_TT"
if reward.quantity > 0:
reward.quantity -= 1
member.points -= reward.cost
redeemed = Redeemed(
user_id=member.member_id,
reward_id=reward.id,
)
db.session.add(redeemed)
db.session.commit()
redeemed_data = redeemed_schema.dump(redeemed)
redeemed_data["reward"] = reward_schema.dump(redeemed.reward)
redeemed_data["reward"]["color"] = color_schema.dump(redeemed.reward.color)
redeemed_data["reward"]["stamp"] = stamp_schema.dump(redeemed.reward.stamp)
redeemed_data["user"] = user_schema.dump(redeemed.user)
print("\n\nREDEEMED REWARD", redeemed_data)
print("\n\nMEMBER NOW", member)
return jsonify(points=member.points, redeemed_data=redeemed_data)
def sign_up():
"""Creates a new user and logs them in"""
# print("REQUEST FORM: ", request.form.get("username"))
# print("DIR REQUEST: ", dir(request.form))
form = SignUpForm()
form['csrf_token'].data = request.cookies['csrf_token']
if form.validate_on_submit():
# Create user, default program, and default membership records
user = User(username=form.data['username'],
email=form.data['email'],
password=form.data['password'],
first_name=form.data['first_name'],
last_name=form.data['last_name'],
birthday=form.data['birthday'])
program = Program(
program=f"{form.data['username']}'s Habits",
creator=user,
)
membership = Member(
program=program,
member=user,
stamper=user,
)
db.session.add(user)
db.session.add(program)
db.session.add(membership)
db.session.commit()
login_user(user)
# Set cookie
res = make_response(jsonify(user_schema.dump(user)))
res.set_cookie("uid_cookie", str(user.id))
return res
return {'errors': validation_errors_to_error_messages(form.errors)}
def get(self, id):
return jsonify(user_schema.dump(request.user))
def get(self, user_id):
return user_schema.dump(User.query.get_or_404(user_id))
def member_stamper(mid):
"""Get the stamper for a member in a program."""
# stamper = User.query.filter().one()
return jsonify(user_schema.dump(stamper))
def user_details(uid):
"""Get a user's information by id."""
user = User.query.get(uid)
user_data = user_schema.dump(user)
return jsonify(user_data)
def user_get(id):
user = User.query.get(id)
result = user_schema.dump(user)
return jsonify(result.data)
def get_user(user_id):
user = User.query.get_or_404(user_id)
return jsonify(user_schema.dump(user))
def get_users():
return jsonify(user_schema.dump(User.query.all(), many=True))
def get_user(user_id=None):
users = get_user_by_id(user_id=user_id)
result = user_schema.dump(users, many=True) if isinstance(users, list) else user_schema.dump(users)
return jsonify(data=result.data)
