def test_user_email_current(db_conn, users_table):
"""
Ensure an email is only provided when current user.
"""
user, errors = insert_user({"name": "test", "email": "*****@*****.**", "password": "******"}, db_conn)
json = deliver_user(user)
assert "email" not in json
json = deliver_user(user, access="private")
assert "email" in json
def test_user_email_current(db_conn, users_table):
"""
Ensure an email is only provided when current user.
"""
user, errors = insert_user(
{
'name': 'test',
'email': '*****@*****.**',
'password': '******'
}, db_conn)
json = deliver_user(user)
assert 'email' not in json
json = deliver_user(user, access='private')
assert 'email' in json
def get_sitemap_route(request):
"""
Generate a sitemap so Google can find Sagefy's content.
Should be linked to from https://sagefy.org/robots.txt
Sitemap: https://sagefy.org/s/sitemap.txt
"""
# TODO-1 cache in redis
db_conn = request['db_conn']
sitemap = DEFAULTS | set()
# Card, unit, subject
kinds = {
'card': list_all_card_entity_ids(db_conn),
'unit': list_all_unit_entity_ids(db_conn),
'subject': list_all_subject_entity_ids(db_conn),
}
for kind, entity_ids in kinds.items():
for entity_id in entity_ids:
sitemap.add('https://sagefy.org/{kind}s/{id}'.format(
id=convert_uuid_to_slug(entity_id),
kind=kind,
))
# TODO-2 ...and versions pages
# Topic
for topic in list_topics(db_conn, {}):
sitemap.add('https://sagefy.org/topics/{id}'.format(
id=convert_uuid_to_slug(topic['id'])))
# User
users = [deliver_user(user) for user in list_users(db_conn, {})]
for user in users:
sitemap.add('https://sagefy.org/users/{id}'.format(
id=convert_uuid_to_slug(user['id'])))
sitemap = '\n'.join(sitemap)
return 200, sitemap
def save(self, db_conn):
"""
Overwrite save method to add to Elasticsearch.
"""
# TODO-2 should we validate the save worked before going to ES?
from database.topic import get_topic, deliver_topic
from database.user import get_user, deliver_user
data = json_prep(self.deliver())
topic = get_topic({'id': self['topic_id']}, db_conn)
if topic:
data['topic'] = json_prep(deliver_topic(topic))
user = get_user({'id': self['user_id']}, db_conn)
if user:
data['user'] = json_prep(deliver_user(user))
es.index(
index='entity',
doc_type='post',
body=data,
id=self['id'],
)
return super().save(db_conn)
def sitemap_route(request):
"""
Generate a sitemap so Google can find Sagefy's content.
Should be linked to from https://sagefy.org/robots.txt
Sitemap: https://sagefy.org/s/sitemap.txt
"""
# TODO-1 cache in redis
db_conn = request['db_conn']
sitemap = defaults | set()
# Card, unit, set
kinds = {'card': Card, 'unit': Unit, 'set': Set}
for kind, Model in kinds.items():
query = Model.start_accepted_query()
entities = [Model(data).deliver() for data in query.run(db_conn)]
for entity in entities:
sitemap.add('https://sagefy.org/{kind}s/{id}'.format(
id=entity['entity_id'], kind=kind))
# TODO-2 ...and versions pages
# TODO-2 set tree
# Topic
for topic in list_topics({}, db_conn):
sitemap.add('https://sagefy.org/topics/{id}'.format(id=topic['id']))
# User
users = [deliver_user(user) for user in list_users({}, db_conn)]
for user in users:
sitemap.add('https://sagefy.org/users/{id}'.format(id=user['id']))
sitemap = '\n'.join(sitemap)
return 200, sitemap
def test_user_no_password(db_conn, users_table):
"""
Ensure an password isn't provided ever.
"""
user, errors = insert_user({"name": "test", "email": "*****@*****.**", "password": "******"}, db_conn)
json = deliver_user(user, access="private")
assert "password" not in json
def get_user_route(request, user_id):
"""
Get the user by their ID.
"""
db_conn = request["db_conn"]
user = get_user({"id": user_id}, db_conn)
current_user = get_current_user(request)
# Posts if in request params
# Sets if in request params and allowed
# Follows if in request params and allowed
if not user:
return abort(404)
data = {}
data["user"] = deliver_user(user, access="private" if current_user and user["id"] == current_user["id"] else None)
# TODO-2 SPLITUP create new endpoints for these instead
if "posts" in request["params"]:
data["posts"] = [post.deliver() for post in get_posts_facade(db_conn, user_id=user["id"])]
if "sets" in request["params"] and user["settings"]["view_sets"] == "public":
u_sets = UserSets.get(db_conn, user_id=user["id"])
data["sets"] = [set_.deliver() for set_ in u_sets.list_sets(db_conn)]
if "follows" in request["params"] and user["settings"]["view_follows"] == "public":
data["follows"] = [follow.deliver() for follow in Follow.list(db_conn, user_id=user["id"])]
if "avatar" in request["params"]:
size = int(request["params"]["avatar"])
data["avatar"] = get_avatar(user["email"], size if size else None)
return 200, data
def get_current_user_route(request):
"""
Get current user's information.
"""
current_user = get_current_user(request)
if not current_user:
return abort(401)
return 200, {"user": deliver_user(current_user, access="private")}
def test_deliver_user(db_conn):
create_test_users(db_conn)
user = get_user_by_id(db_conn, {'id': user_a_uuid})
user = deliver_user(user, access=None)
assert user
assert not user.get('email')
assert not user.get('password')
assert user.get('settings')
assert not user.get('settings').get('email_frequency')
def get_current_user_route(request):
"""
Get current user's information.
"""
current_user = get_current_user(request)
if not current_user:
return abort(401, 'l9BCKn1zQ5KRgFRYujqU7g')
return 200, {'user': deliver_user(current_user, access='private')}
def _log_in(user):
"""
Log in a given user, and return an appropriate response.
Used by sign up, log in, and reset password.
"""
session_id = log_in_user(user)
if session_id:
return 200, {"user": deliver_user(user, access="private"), "cookies": {"session_id": session_id}}
return abort(401)
def test_user_no_password(db_conn, users_table):
"""
Ensure an password isn't provided ever.
"""
user, errors = insert_user(
{
'name': 'test',
'email': '*****@*****.**',
'password': '******'
}, db_conn)
json = deliver_user(user, access='private')
assert 'password' not in json
def _log_in(user):
"""
Log in a given user, and return an appropriate response.
Used by sign up, log in, and reset password.
"""
session_id = log_in_user(user)
if session_id:
return 200, {
'user': deliver_user(user, access='private'),
'cookies': {
'session_id': session_id
},
}
return abort(401, '7d26HxmZRCSabhgE4GAxGQ')
def update_user_route(request, user_id):
"""
Update the user. Must be the current user.
"""
db_conn = request["db_conn"]
user = get_user({"id": user_id}, db_conn)
current_user = get_current_user(request)
if not user:
return abort(404)
if not user["id"] == current_user["id"]:
return abort(401)
user, errors = update_user(user, request["params"], db_conn)
if len(errors):
return 400, {"errors": errors, "ref": "AS7LCAWiOOyeEbNOrbsegVY9"}
return 200, {"user": deliver_user(user, access="private")}
def get_user_route(request, user_id):
"""
Get the user by their ID.
"""
db_conn = request['db_conn']
user = get_user(db_conn, {'id': user_id})
if not user:
return abort(404, 'Tp5JnWO1SWms2lTdhw3bJQ')
current_user = get_current_user(request)
access = 'private' if (current_user and
user['id'] == current_user['id']) else None
data = {'user': deliver_user(user, access)}
if 'avatar' in request['params']:
size = int(request['params']['avatar']) or None
data['avatar'] = get_avatar(user['email'], size)
return 200, data
def update_user_route(request, user_id):
"""
Update the user. Must be the current user.
"""
db_conn = request['db_conn']
user = get_user({'id': user_id}, db_conn)
current_user = get_current_user(request)
if not user:
return abort(404)
if not user['id'] == current_user['id']:
return abort(401)
user, errors = update_user(user, request['params'], db_conn)
if len(errors):
return 400, {
'errors': errors,
'ref': 'AS7LCAWiOOyeEbNOrbsegVY9',
}
return 200, {'user': deliver_user(user, access='private')}
def update_user_route(request, user_id):
"""
Update the user. Must be the current user.
"""
db_conn = request['db_conn']
user = get_user(db_conn, {'id': user_id})
current_user = get_current_user(request)
if not user:
return abort(404, 'Fw7IK0u9TXWxs3Rp15AY1g')
if not user['id'] == current_user['id']:
return abort(401, '7QK-6fOcQW-sA99KHtcARA')
user, errors = update_user(db_conn, user, request['params'])
if errors:
return 400, {
'errors': errors,
'ref': '61YNw4gWTAKRQxXLYiznBw',
}
return 200, {'user': deliver_user(user, access='private')}
def get_user_route(request, user_id):
"""
Get the user by their ID.
"""
db_conn = request['db_conn']
user = get_user({'id': user_id}, db_conn)
current_user = get_current_user(request)
# Posts if in request params
# Sets if in request params and allowed
# Follows if in request params and allowed
if not user:
return abort(404)
data = {}
data['user'] = deliver_user(user,
access='private' if current_user
and user['id'] == current_user['id'] else None)
# TODO-2 SPLITUP create new endpoints for these instead
if 'posts' in request['params']:
data['posts'] = [
post.deliver()
for post in get_posts_facade(db_conn, user_id=user['id'])
]
if ('sets' in request['params']
and user['settings']['view_sets'] == 'public'):
data['sets'] = [
set_.deliver()
for set_ in list_user_sets_entity(user['id'], {}, db_conn)
]
if ('follows' in request['params']
and user['settings']['view_follows'] == 'public'):
data['follows'] = [
deliver_follow(follow)
for follow in list_follows({'user_id': user['id']}, db_conn)
]
if 'avatar' in request['params']:
size = int(request['params']['avatar'])
data['avatar'] = get_avatar(user['email'], size if size else None)
return 200, data
def add_post_to_es(db_conn, post):
"""
Upsert the post data into elasticsearch.
"""
from database.topic import get_topic, deliver_topic
from database.user import get_user, deliver_user
data = json_prep(deliver_post(post))
topic = get_topic(db_conn, {'id': post['topic_id']})
if topic:
data['topic'] = json_prep(deliver_topic(topic))
user = get_user(db_conn, {'id': post['user_id']})
if user:
data['user'] = json_prep(deliver_user(user))
return es.index(
index='entity',
doc_type='post',
body=data,
id=convert_uuid_to_slug(post['id']),
)
def list_users_route(request):
"""
List users by user id. Public facing route.
"""
db_conn = request['db_conn']
user_ids = request['params'].get('user_ids')
if not user_ids:
return abort(404, 'pNkIvKNRSNiXe4QtQiYdqQ')
user_ids = user_ids.split(',')
users = list_users_by_user_ids(db_conn, user_ids)
if not users:
return abort(404, 'lYgUJ4jaRv2jpcti0j-5Yw')
size = int(request['params'].get('avatar') or 0) or None
avatars = {
convert_uuid_to_slug(user['id']): get_avatar(user['email'], size)
for user in users
}
return 200, {
'users': [deliver_user(user, None) for user in users],
'avatars': avatars,
}
def sitemap_route(request):
"""
Generate a sitemap so Google can find Sagefy's content.
Should be linked to from https://sagefy.org/robots.txt
Sitemap: https://sagefy.org/s/sitemap.txt
"""
# TODO-1 cache in redis
db_conn = request['db_conn']
sitemap = defaults | set()
# Card, unit, set
kinds = {'card': Card, 'unit': Unit, 'set': Set}
for kind, Model in kinds.items():
query = Model.start_accepted_query()
entities = [Model(data).deliver() for data in query.run(db_conn)]
for entity in entities:
sitemap.add('https://sagefy.org/{kind}s/{id}'.format(
id=entity['entity_id'],
kind=kind
))
# TODO-2 ...and versions pages
# TODO-2 set tree
# Topic
for topic in Topic.list(db_conn):
sitemap.add('https://sagefy.org/topics/{id}'.format(id=topic['id']))
# User
users = [deliver_user(user) for user in list_users({}, db_conn)]
for user in users:
sitemap.add('https://sagefy.org/users/{id}'.format(id=user['id']))
sitemap = '\n'.join(sitemap)
return 200, sitemap
