def get_by_group(group_id, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
group = validate_group(group_id, db_session)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions)
if not (press_permit
and user_is_in_group(user.id, group_id, db_session)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_GET': username})
raise Http_error(403, Message.ACCESS_DENIED)
result = db_session.query(GroupUser).filter(
GroupUser.group_id == group_id).all()
final_res = []
for item in result:
final_res.append(group_user_to_dict(item))
logger.info(LogMsg.END)
return final_res
def get_all(data, db_session, username, **kwargs):
logger.info(LogMsg.START, username)
if data.get('sort') is None:
data['sort'] = ['creation_date-']
permissions, presses = get_user_permissions(username, db_session)
has_permission_or_not([Permissions.COMMENT_GET_PREMIUM], permissions)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
try:
res = Comment.mongoquery(
db_session.query(Comment)).query(**data).end().all()
result = []
for item in res:
comment = comment_to_dict(db_session, item, username)
book = get_book(item.book_id, db_session)
comment['book'] = book
result.append(comment)
except:
logger.exception(LogMsg.GET_FAILED, exc_info=True)
raise Http_error(404, Message.NOT_FOUND)
logger.info(LogMsg.END)
return result
def delete(id, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
logger.info(LogMsg.DELETE_REQUEST, {'group_user_id': id})
model_instance = db_session.query(GroupUser).filter(
GroupUser.id == id).first()
if model_instance is None:
logger.error(LogMsg.NOT_FOUND, {'group_user_id': id})
raise Http_error(404, Message.NOT_FOUND)
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions)
if not (press_permit and
(model_instance.group.person_id == user.person_id)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_DELETE': username})
raise Http_error(403, Message.ACCESS_DENIED)
try:
db_session.delete(model_instance)
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(500, LogMsg.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def get(id, db_session, username=None):
logger.info(LogMsg.START, username)
model_instance = db_session.query(GroupUser).filter(
GroupUser.id == id).first()
if model_instance is None:
logger.debug(LogMsg.MODEL_GETTING_FAILED)
raise Http_error(404, Message.NOT_FOUND)
if username is not None:
permissions, presses = get_user_permissions(username, db_session)
user = check_user(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions)
if not (press_permit and (user_is_in_group(
user.id, model_instance.group_id, db_session))):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_GET': username})
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.MODEL_GETTING)
logger.info(LogMsg.END)
return group_user_to_dict(model_instance)
def add(data, db_session, username):
logger.info(LogMsg.START, username)
schema_validate(data, GROUP_ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
person_id = data.get('person_id', None)
if person_id is not None:
owner_person = validate_person(person_id, db_session)
if owner_person is not None and not owner_person.is_legal:
logger.error(LogMsg.PERSON_IS_NOT_LEGAL, username)
raise Http_error(400, Message.PERSON_IS_NOT_LEGAL)
owner_user = get_by_person(person_id, db_session)
if owner_user is None:
logger.error(LogMsg.PERSON_MUST_HAVE_USER, person_id)
raise Http_error(404, Message.PERSON_MUST_HAVE_USER)
user = check_user(username, db_session)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_ADD_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_ADD_PRESS], permissions)
if not (press_permit and (person_id == user.person_id)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_ADD': username})
raise Http_error(403, Message.ACCESS_DENIED)
if check_group_title_exists(data.get('title', None), db_session):
logger.error(LogMsg.GROUP_EXISTS)
raise Http_error(409, Message.ALREADY_EXISTS)
model_instance = Group()
populate_basic_data(model_instance, username, data.get('tags'))
logger.debug(LogMsg.POPULATING_BASIC_DATA)
model_instance.title = data.get('title')
model_instance.person_id = data.get('person_id')
db_session.add(model_instance)
# db_session.flush()
add_owner_to_group_users(model_instance.id, owner_user.id, db_session,
username)
logger.info(LogMsg.END)
return model_instance
def get(id, db_session, username):
logger.info(LogMsg.START, username)
content = db_session.query(BookContent).filter(
BookContent.id == id).first()
if content is None:
logger.error(LogMsg.NOT_FOUND, {'book_content_id': id})
raise Http_error(404, Message.NOT_FOUND)
book = get_book(content.book_id, db_session)
if book is None:
logger.error(LogMsg.NOT_FOUND, {'book_id': content.book_id})
raise Http_error(404, Message.NOT_FOUND)
permission_data = {}
if content.creator == username:
permission_data = {Permissions.IS_OWNER.value: True}
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.BOOK_CONTENT_GET_PREMIUM],
permissions, None, permission_data)
if not has_permit:
if book.press in presses:
has_permission([Permissions.BOOK_CONTENT_GET_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
return content_to_dict(content, db_session)
def get_all(db_session, username, data=None):
logger.info(LogMsg.START, username)
if data.get('sort') is None:
data['sort'] = ['creation_date-']
permission_data = {}
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([
Permissions.BOOK_ADD_PREMIUM, Permissions.BOOK_CONTENT_GET_PREMIUM,
Permissions.BOOK_CONTENT_GET_PRESS
], permissions, None, permission_data)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
if data is None:
result = db_session.query(BookContent).all()
else:
result = BookContent.mongoquery(
db_session.query(BookContent)).query(**data).end().all()
final_res = []
for content in result:
if has_permit or content.book_press in presses or content.creator == username:
final_res.append(content_to_dict(content, db_session))
return final_res
def delete(id, db_session, username):
logger.info(LogMsg.START, username)
content = get_internal(id, db_session)
if content is None:
logger.error(LogMsg.NOT_FOUND, {'content_id': id})
raise Http_error(404, Message.NOT_FOUND)
logger.debug(LogMsg.PERMISSION_CHECK, username)
permission_data = {}
if content.creator == username:
permission_data = {Permissions.IS_OWNER.value: True}
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.BOOK_DELETE_PREMIUM],
permissions, None, permission_data)
if not has_permit:
if content.book_press in presses:
has_permission([Permissions.BOOK_DELETE_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
try:
db_session.delete(content)
except:
logger.exception(LogMsg.EDIT_FAILED, exc_info=True)
raise Http_error(409, Message.DELETE_FAILED)
logger.debug(LogMsg.DELETE_SUCCESS, {'book_content_id': id})
logger.info(LogMsg.END)
return Http_response(204, True)
def delete(id, db_session, username=None):
logger.info(LogMsg.START, username)
price = get_by_id(id, db_session)
if price is None:
logger.error(LogMsg.NOT_FOUND, {'book_price_id': id})
raise Http_error(404, Message.NOT_FOUND)
book = get_book(price.book_id, db_session)
if username is not None:
per_data = {}
permissions, presses = get_user_permissions(username, db_session)
if book.creator == username:
per_data.update({Permissions.IS_OWNER.value: True})
has_permit = has_permission_or_not([Permissions.PRICE_DELETE_PREMIUM],
permissions, None, per_data)
if not has_permit:
if book.press in presses:
has_permission([Permissions.PRICE_DELETE_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED, username)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED)
try:
db_session.delete(price)
logger.debug(LogMsg.DELETE_SUCCESS, {'book_price_id': id})
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(404, Message.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def delete_comments(book_id, db_session, username, **kwargs):
logger.info(LogMsg.START, username)
logger.debug(LogMsg.COMMENT_DELETING_BOOK_COMMENTS, book_id)
book = get_book(book_id, db_session)
press = book.get('press', None)
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.COMMENT_DELETE_PREMIUM],
permissions)
if not has_permit:
if press in presses:
has_permission([Permissions.COMMENT_DELETE_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED, username)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
delete_book_comments(book_id, db_session)
logger.info(LogMsg.END)
return Http_response(204, True)
def add_users_to_groups(data, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
schema_validate(data, USER_ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
users = set(data.get('users'))
groups = set(data.get('groups'))
validate_users(users, db_session)
group_entities = validate_groups(groups, db_session)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions)
if not (press_permit
and is_user_group_owner(user.person_id, group_entities)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_ADD': username})
raise Http_error(403, Message.ACCESS_DENIED)
final_res = {}
for group_id in groups:
result = []
for user_id in users:
if user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_IS_IN_GROUP, {
'user_id': user_id,
'group_id': group_id
})
raise Http_error(409, Message.ALREADY_EXISTS)
result.append(
model_to_dict(add(user_id, group_id, db_session, username)))
final_res.update({group_id: result})
logger.info(LogMsg.END)
return final_res
def delete_users_from_groups(data, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
schema_validate(data, USER_ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
users = set(data.get('users'))
groups = set(data.get('groups'))
validate_users(users, db_session)
group_entities = validate_groups(groups, db_session)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions)
if not (press_permit
and is_user_group_owner(user.person_id, group_entities)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_ADD': username})
raise Http_error(403, Message.ACCESS_DENIED)
for group_id in groups:
for user_id in users:
if not user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_NOT_IN_GROUP, {
'user_id': user_id,
'group_id': group_id
})
raise Http_error(404, Message.NOT_IN_GROUP)
delete_user_group(user_id, group_id, db_session)
logger.info(LogMsg.END)
return {'result': 'successful'}
def add_group_users(data, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
schema_validate(data, USER_GROUP_SCHEMA_PATH)
group_id = data.get('group_id')
users = data.get('users')
group = validate_group(group_id, db_session)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions)
if not (press_permit
and is_user_group_owner(user.person_id, [group])):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_ADD': username})
raise Http_error(403, Message.ACCESS_DENIED)
result = []
for user_id in users:
if user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_IS_IN_GROUP, {
'user_id': user_id,
'group_id': group_id
})
raise Http_error(409, Message.ALREADY_EXISTS)
result.append(add(user_id, group_id, db_session, username))
final_res = []
for item in result:
final_res.append(group_user_to_dict(item))
logger.info(LogMsg.END)
return final_res
def edit(id, db_session, data, username):
logger.info(LogMsg.START, username)
schema_validate(data, USER_EDIT_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
old_pass = data.get('old_password', None)
if old_pass is not None:
user = check_user(username, db_session)
if user.password != old_pass:
logger.error(LogMsg.INVALID_USER, {'old_password': '******'})
raise Http_error(403, Message.INVALID_PASSWORD)
logger.debug(LogMsg.EDIT_REQUST, {'user_id': id, 'data': data})
model_instance = check_by_id(id, db_session)
if model_instance:
logger.debug(LogMsg.MODEL_GETTING, {'user_id': id})
else:
logger.debug(LogMsg.NOT_FOUND, {'user_id': id})
raise Http_error(404, Message.NOT_FOUND)
per_data = {}
permissions, presses = get_user_permissions(username, db_session)
if model_instance.username == username:
password = data.get('old_password')
if model_instance.password != password:
logger.error(LogMsg.INVALID_USER,
{'password': '******'})
raise Http_error(403, Message.INVALID_PASSWORD)
per_data.update({Permissions.IS_OWNER.value: True})
has_permission([Permissions.USER_EDIT_PREMIUM],
permissions, None, per_data)
logger.debug(LogMsg.PERMISSION_VERIFIED)
if not has_permission_or_not([Permissions.USER_EDIT_PREMIUM],
permissions):
if "person_id" in data:
del data["person_id"]
# if "person_id" in data:
# user_by_person = db_session.query(User).filter(
# User.person_id == data.get('person_id')).first()
# if user_by_person is not None and user_by_person.id != model_instance.id:
# raise Http_error(409,Message.USER_ALREADY_EXISTS)
for key, value in data.items():
# TODO if key is valid attribute of class
setattr(model_instance, key, value)
edit_basic_data(model_instance, username, data.get('tags'))
user_dict = user_to_dict(model_instance)
logger.debug(LogMsg.EDIT_SUCCESS, user_dict)
logger.info(LogMsg.END)
return user_dict
def add(db_session, data, username):
logger.info(LogMsg.START, username)
check_schema(['book_id', 'type', 'content'], data.keys())
logger.debug(LogMsg.SCHEMA_CHECKED)
book_id = data.get('book_id')
type = data.get('type')
logger.debug(LogMsg.ENUM_CHECK, {'BOOK_CONTENT_TYpe': type})
check_enum(type, BookContentType)
book = get_book(book_id, db_session)
if not book:
logger.error(LogMsg.NOT_FOUND, {'book_id': book_id})
raise Http_error(404, Message.NOT_FOUND)
logger.debug(LogMsg.CHECK_UNIQUE_EXISTANCE, data)
content = get_be_data(book_id, type, db_session)
if content is not None:
logger.error(LogMsg.CONTENT_EXIST, data)
raise Http_error(409, Message.ALREADY_EXISTS)
logger.debug(LogMsg.PERMISSION_CHECK, username)
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.BOOK_ADD_PREMIUM],
permissions)
if not has_permit:
if book.press in presses:
has_permission([Permissions.BOOK_ADD_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
model_instance = BookContent()
logger.debug(LogMsg.POPULATING_BASIC_DATA)
populate_basic_data(model_instance, username, data.get('tags'))
model_instance.content = data.get('content')
model_instance.book_id = book_id
model_instance.type = type
model_instance.book_press = book.press
db_session.add(model_instance)
logger.info(LogMsg.END)
return model_instance
def get_user_groups(user_id, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
limited_groups = False
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
per_data = {}
if user_id == user.id:
per_data.update({Permissions.IS_OWNER.value: True})
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions, None,
per_data)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions)
if not (press_permit):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_GET': username})
raise Http_error(403, Message.ACCESS_DENIED)
limited_groups = True
result = db_session.query(GroupUser).filter(
GroupUser.user_id == user_id).all()
if limited_groups:
group_ids = []
for item in result:
group_ids.append(item.group_id)
legal_groups = limit_groups_by_person(group_ids, user.person_id,
db_session)
result = [item for item in result if item.group_id in legal_groups]
final_res = []
for item in result:
final_res.append(group_user_to_dict(item))
logger.info(LogMsg.END)
return final_res
def edit(id, data, db_session, username):
logger.info(LogMsg.START, username)
content = get_internal(id, db_session)
if content is None:
logger.error(LogMsg.NOT_FOUND, {'content_id': id})
raise Http_error(404, Message.NOT_FOUND)
book = get_book(content.book_id, db_session)
if 'book_id' in data.keys():
book = get_book(data.get('book_id'), db_session)
if book is None:
logger.error(LogMsg.NOT_FOUND, {'book_id': data.get('book_id')})
raise Http_error(404, Message.NOT_FOUND)
logger.debug(LogMsg.PERMISSION_CHECK, username)
permission_data = {}
if content.creator == username:
permission_data = {Permissions.IS_OWNER.value: True}
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.BOOK_EDIT_PREMIUM],
permissions, None, permission_data)
if not has_permit:
if book.get('press') in presses:
has_permission([Permissions.BOOK_EDIT_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
try:
for key, value in data.items():
# TODO if key is valid attribute of class
setattr(content, key, value)
new_content = get_be_data(content.book_id, content.type, db_session)
if new_content is not None and new_content.id != content.id:
logger.error(LogMsg.BOOK_CONTENT_ALREADY_EXISTS,
content_to_dict(new_content, db_session))
raise Http_error(409, Message.ALREADY_EXISTS)
edit_basic_data(content, username, data.get('tags'))
content.book_press = book.press
except:
logger.exception(LogMsg.EDIT_FAILED, exc_info=True)
raise Http_error(409, Message.ALREADY_EXISTS)
logger.debug(LogMsg.EDIT_SUCCESS, model_to_dict(content))
logger.info(LogMsg.END)
return content_to_dict(content, db_session)
def add_group_by_users(data, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
users = set(data.get('users'))
group_title = data.get('title')
person_id = data.get('person_id', None)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions)
if not (press_permit and
(person_id is None or person_id != user.person_id)):
logger.error(LogMsg.PERMISSION_DENIED,
{'ADD_GROUP_USER_PERMISSION': username})
raise Http_error(403, Message.ACCESS_DENIED)
validate_users(users, db_session)
if check_group_title_exists(group_title, db_session):
logger.error(LogMsg.GROUP_EXISTS, {'group_title': group_title})
raise Http_error(409, Message.ALREADY_EXISTS)
group = add_group({
'title': group_title,
'person_id': person_id
}, db_session, username)
del data['title']
data['group_id'] = group.id
result = add_group_users(data, db_session, username)
return result
def add(data, db_session, username):
logger.info(LogMsg.START, username)
schema_validate(data,ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
book_id = data.get('book_id')
book = get_book(book_id, db_session)
if username is not None:
per_data = {}
permissions, presses = get_user_permissions(username, db_session)
if book.creator == username:
per_data.update({Permissions.IS_OWNER.value:True})
has_permit = has_permission_or_not([Permissions.PRICE_ADD_PREMIUM], permissions,None,per_data)
if not has_permit:
if book.press in presses:
has_permission([Permissions.PRICE_ADD_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED,username)
raise Http_error(403,Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED)
logger.debug(LogMsg.CHECK_BOOK_PRICE_EXISTANCE, book_id)
model_instance = get_by_book(book_id, db_session, username)
if model_instance:
logger.debug(LogMsg.BOOK_PRICE_EXISTS, book_id)
logger.debug(LogMsg.EDIT_PRICE, book_id)
model_instance.price = data.get('price')
else:
logger.debug(LogMsg.ADD_NEW_BOOK_PRICE, book_id)
model_instance = Price()
populate_basic_data(model_instance, username)
model_instance.book_id = book_id
model_instance.price = data.get('price')
db_session.add(model_instance)
logger.info(LogMsg.END)
return model_instance
def edit(id, db_session, data, username):
logger.info(LogMsg.START, username)
if "id" in data.keys():
del data["id"]
if 'username' in data.keys():
logger.error(LogMsg.NOT_EDITABLE, 'username')
raise Http_error(400, Message.NOT_EDITABLE)
logger.debug(LogMsg.EDIT_REQUST, {'user_id': id, 'data': data})
model_instance = check_by_id(id, db_session)
if model_instance:
logger.debug(LogMsg.MODEL_GETTING, {'user_id': id})
else:
logger.debug(LogMsg.NOT_FOUND, {'user_id': id})
raise Http_error(404, Message.NOT_FOUND)
per_data = {}
permissions, presses = get_user_permissions(username, db_session)
if model_instance.username == username:
per_data.update({Permissions.IS_OWNER.value: True})
has_permission([Permissions.USER_EDIT_PREMIUM], permissions, None,
per_data)
logger.debug(LogMsg.PERMISSION_VERIFIED)
if not has_permission_or_not([Permissions.USER_EDIT_PREMIUM], permissions):
if "person_id" in data:
del data["person_id"]
# if "person_id" in data:
# user_by_person = db_session.query(User).filter(
# User.person_id == data.get('person_id')).first()
# if user_by_person is not None and user_by_person.id != model_instance.id:
# raise Http_error(409,Message.USER_ALREADY_EXISTS)
for key, value in data.items():
# TODO if key is valid attribute of class
setattr(model_instance, key, value)
edit_basic_data(model_instance, username, data.get('tags'))
user_dict = user_to_dict(model_instance)
logger.debug(LogMsg.EDIT_SUCCESS, user_dict)
logger.info(LogMsg.END)
return user_dict
def delete_book(id, db_session, username):
logger.info(LogMsg.START, username)
logger.info(LogMsg.DELETE_REQUEST, {'book_id': id})
model_instance = db_session.query(Book).filter(Book.id == id).first()
logger.debug(LogMsg.PERMISSION_CHECK, username)
permission_data = {}
if model_instance.creator == username:
permission_data = {Permissions.IS_OWNER.value: True}
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.BOOK_DELETE_PREMIUM],
permissions, None, permission_data)
if not has_permit:
if model_instance.press in presses:
has_permission([Permissions.BOOK_DELETE_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
logger.debug(LogMsg.DELETING_BOOK_ROLES, id)
delete_book_roles(id, db_session)
logger.debug(LogMsg.DELETING_BOOK_CONTENT, id)
delete_book_contents(id, db_session)
logger.debug(LogMsg.DELETING_BOOK_COMMENTS, id)
delete_book_comments(id, db_session)
logger.debug(LogMsg.DELETING_BOOK_PRICE, id)
delete_book_price(id, db_session)
delete(id, db_session, username)
logger.debug(LogMsg.ELASTIC_INDEX_DELETE, id)
delete_book_index(id)
logger.debug(LogMsg.ENTITY_DELETED, id)
logger.info(LogMsg.END)
return Http_response(204, True)
def edit(id, data, db_session, username=None):
logger.info(LogMsg.START, username)
schema_validate(data,EDIT_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
model_instance = get_by_id(id, db_session)
if model_instance is None:
logger.error(LogMsg.NOT_FOUND, {'book_price_id': id})
raise Http_error(404, Message.NOT_FOUND)
book = get_book(model_instance.book_id, db_session)
if username is not None:
per_data = {}
permissions, presses = get_user_permissions(username, db_session)
if book.creator == username:
per_data.update({Permissions.IS_OWNER.value: True})
has_permit = has_permission_or_not([Permissions.PRICE_EDIT_PREMIUM],
permissions, None, per_data)
if not has_permit:
if book.press in presses:
has_permission([Permissions.PRICE_EDIT_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED, username)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED)
try:
model_instance.price = data.get('price')
logger.debug(LogMsg.EDIT_SUCCESS, model_to_dict(model_instance))
except:
logger.exception(LogMsg.EDIT_FAILED, exc_info=True)
raise Http_error(404, Message.EDIT_FAILED)
logger.info(LogMsg.END)
return model_instance
def edit_book(id, db_session, data, username):
logger.info(LogMsg.START, username)
logger.info(LogMsg.EDITING_BOOK, id)
model_instance = db_session.query(Book).filter(Book.id == id).first()
if model_instance is None:
logger.error(LogMsg.NOT_FOUND, {'book_id': id})
raise Http_error(404, Message.NOT_FOUND)
logger.debug(LogMsg.PERMISSION_CHECK, username)
permission_data = {}
if model_instance.creator == username:
permission_data = {Permissions.IS_OWNER.value: True}
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.BOOK_EDIT_PREMIUM],
permissions, None, permission_data)
if not has_permit:
if model_instance.press in presses:
has_permission([Permissions.BOOK_EDIT_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
logger.debug(LogMsg.GET_SUCCESS, id)
if "id" in data.keys():
del data["id"]
logger.debug(LogMsg.EDIT_REQUST, {'book_id': id})
roles = []
elastic_data = {}
if 'roles' in data.keys():
roles = data.get('roles')
del data['roles']
for key, value in data.items():
# TODO if key is valid attribute of class
setattr(model_instance, key, value)
edit_basic_data(model_instance, username, data.get('tags'))
price = data.get('price', None)
if price is not None:
edit_price(model_instance.id, price, db_session)
if len(roles) > 0:
logger.debug(LogMsg.DELETING_BOOK_ROLES, id)
delete_book_roles(model_instance.id, db_session)
logger.debug(LogMsg.ADDING_ROLES_TO_BOOK, id)
nroles, elastic_data = add_book_roles(model_instance.id, roles,
db_session, username)
new_roles = []
for role in nroles:
logger.debug(LogMsg.ATTACHING_ROLES_TO_BOOKS)
new_roles.append(book_role_to_dict(role))
else:
elastic_data = persons_of_book(model_instance.id, db_session)
indexing_data = book_to_dict(db_session, model_instance)
indexing_data['book_id'] = model_instance.id
indexing_data.update(elastic_data)
del indexing_data['roles']
print(('indexing_data : {}').format(indexing_data))
logger.debug(LogMsg.ELASTIC_INDEX_DELETE, id)
delete_book_index(model_instance.id)
logger.debug(LogMsg.INDEXING_IN_ELASTIC, indexing_data)
index_book(indexing_data, db_session)
edited_book = book_to_dict(db_session, model_instance)
logger.debug(LogMsg.MODEL_ALTERED)
logger.info(LogMsg.END)
return edited_book
def add_multiple_type_books(db_session, data, username):
logger.info(LogMsg.START, username)
logger.debug(LogMsg.BOOK_CHECKING_IF_EXISTS, data)
types = data.get('types')
logger.debug(LogMsg.ENUM_CHECK, {'book_types': types})
check_enums(types, legal_types)
roles_data = data.get('roles')
book_data = {k: v for k, v in data.items() if k not in ['roles', 'types']}
logger.debug(LogMsg.PERMISSION_CHECK, username)
permissions, presses = get_user_permissions(username, db_session)
has_permit = has_permission_or_not([Permissions.BOOK_ADD_PREMIUM],
permissions)
press = None
for item in roles_data:
if 'Press' in item.values():
person = item.get('person', None)
if person is not None:
press = person.get('id', None)
if press is None:
logger.error(LogMsg.DATA_MISSING, {'press': None})
raise Http_error(400, Message.MISSING_REQUIERED_FIELD)
if not has_permit:
if press in presses:
has_permission([Permissions.BOOK_ADD_PRESS], permissions)
else:
logger.error(LogMsg.PERMISSION_DENIED)
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
result = []
logger.debug(LogMsg.ADDING_MULTIPLE_BOOKS, data)
for type in types:
data['type'] = type
data['press'] = press
data['roles'] = roles_data
unique_code = add_uniquecode(data, db_session)
book_data.update({
'type': type,
'press': press,
'unique_code': unique_code.UniqueCode
})
logger.debug(LogMsg.ADD_BOOK, book_data)
book = add(db_session, book_data, username)
logger.debug(LogMsg.ADDING_ROLES_TO_BOOK, roles_data)
roles, elastic_data = add_book_roles(book.id, roles_data, db_session,
username)
result.append(book_to_dict(db_session, book))
index_data = data
index_data['type'] = type
index_data['book_id'] = book.id
index_data['tags'] = book.tags
if 'roles' in index_data:
del index_data['roles']
index_data.update(elastic_data)
logger.debug(LogMsg.INDEXING_IN_ELASTIC, index_data)
index_book(index_data, db_session)
logger.info(LogMsg.END)
return result
