def build(g): """ Builds pdf from module and adds the path to product to context (g) :param g: context """ g.module = Module.query.get_active(g.id) if g.module is None: raise ApiException(404, "Module not found.", ['module']) g.project = Project.query.get_active(g.module.project_id) if g.project is None: raise ApiException(404, "Project not found.", ['project']) if g.project.owner_id != g.token.user_id: contributor = 0 for user in g.project.contributors: if user.id == g.token.user_id: contributor = 1 break if contributor == 0: raise ApiException(403, "Access denied (no rights)", ['project']) path = (conf.FILE_PATH + '/' + str(g.project.id) + '/' + str(g.module.id) + '/') pathlib.Path(path).mkdir(parents=True, exist_ok=True) content = gatherModule(g, g.module.name) g.pdf = path + 'out.pdf' pypandoc.convert_text(content, 'latex', format='html', outputfile=g.pdf)
def create(g): """ Creates module :param g: context """ invalid = [] g.project = Project.query.get_active(g.data['project']) if g.project is None: raise ApiException(404, "Project not found.", ['project']) if g.project.owner_id != g.token.user_id: contributor = 0 for user in g.project.contributors: if user.id == g.token.user_id: contributor = 1 break if contributor == 0: raise ApiException(403, "Access denied (no rights)", ['project']) pattern = re.compile(r'^[\w\s\-\_]{2,}$', re.U) if (not re.match(pattern, g.data['name'].strip()) or # noqa W605 Module.query.filter_by(project_id=g.project.id, name=g.data['name']).first() is not None): invalid.append("name") if ((not isinstance(g.data['dependency'], list)) and g.data['dependency'] != 'independent'): invalid.append("dependency") if 'body' not in g.data['content']: invalid.append("content") if invalid != []: raise ApiException(400, "Module data are invalid or non-unique.", invalid) g.module = Module(g.data['name'], g.data['description'], g.project.id, g.token.user_id) if g.data['dependency'] != 'independent': for each in g.data['dependency']: dependency = Module.query.filter_by(project_id=g.project.id, name=each).first() if (dependency is None) or (dependency in g.module.dependencies): raise DbException(400, "Module data are invalid or non-unique.", ['dependency']) g.module.dependencies.append(dependency) if 'type' in g.data['content']: g.module.contentType = g.data['content']['type'] app.db.session.add(g.module) app.db.session.commit() with open( conf.FILE_PATH + '/' + str(g.project.id) + '/' + str(g.module.id) + '.txt', 'w+') as file: file.write(str(g.data['content']['body']))
def validate_data(data, expected_values=[]): """ validate data by given array of keys """ if data == None or data == {}: raise ApiException(400, "data") for value in expected_values: if value not in data or data[value] is None or data[value] == {}: raise ApiException(400, "data")
def get_module_all_action(): """ Get data for all modules """ data = request.get_json() if data == None or data == {}: raise ApiException(404, "No data suplied") if ('token' not in data) or (data['token'] == None): raise ApiException(403, "Invalid token") token = data['token'] validate_token(token) #check permissions in the future resp = Module.get_module_all() return response_ok_list(resp)
def activation_action(): """ Acc activation """ data = request.get_json() validate_data(data, {'token'}) token = check_token_exists(data['token']) if token == None: raise ApiException(403, "Invalid token.") if token.user.activated: raise ApiException(400, "User has been already activated.") #check code somehow token.user.update_activation_by_id(token.user.id, True) data = {"data": "activated"} return response_ok(data)
def api_build(g, id): """ Api method for module build :param g: Context bearing token :param id: Module ID :param token: User token """ token = request.args.get('token', default='0', type=str) tokenObject = UserToken.query.filter_by(token=token).first() if tokenObject is None: raise ApiException(401, "Unauthorised user (missing or outdated token)", ['token']) if tokenObject.update <= datetime.utcnow(): tokenObject = tokenObject.createSuccessor() g.token = tokenObject g.id = id build(g) return send_file(g.pdf, mimetype='application/pdf', as_attachment=True, attachment_filename=g.module.name + '.pdf')
def update_user(g, data): user_up = g.token.user if ('username' in data and data['username'] is not None): user = User.query.getByName(data['username'], False) if user is not None: raise DbException(400, "This username is already in use.", ['username']) else: user_up.name = data['username'] if ('email' in data and data['email'] is not None): if not re.match('[^@]+@[^@]+\.[^@]+', data["email"]): # noqa W605 raise ApiException(400, "Supplied email is not valid.", ['email']) user = User.query.getByEmail(data['email'], False) if user is not None: raise DbException(400, "This email is already in use.", ['email']) else: user_up.email = data['email'] if ('name' in data and data['name'] is not None): user_up.fullname = data['name'] app.db.session.flush() app.db.session.commit() return user_up
def gatherModule(g, currentModule, visitedModules=[]): """ Recursively builds module :param g: context :param currentModule: module name :param visitedModules=[]: list of visited modules """ out = '' visitedModules.append(currentModule) module = Module.query.filter_by(project_id=g.project.id, name=currentModule).first() if module is None: raise ApiException(500, 'Build error.', visitedModules) content = '' with open( conf.FILE_PATH + '/' + str(g.project.id) + '/' + str(module.id) + '.txt', 'r') as f: content = f.read() content = pypandoc.convert_text(content, 'html', format=module.contentType) content = content.split(conf.TAG) for x in range(0, len(content)): if x % 2 == 0: out += content[x] else: out += gatherModule(g, content[x], visitedModules) return out
def user_change_passwd(g): user_up = g.token.user if not app.bcrypt.check_password_hash(user_up.password, g.data['old_password']): raise ApiException(400, 'Invalid old password.', ['old_password']) if not re.match('^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.{8,})', g.data['new_password']): raise ApiException(400, 'Invalid new password.', ['new_password']) user_up.password = app.bcrypt.generate_password_hash( g.data['new_password']) app.db.session.flush() app.db.session.commit() return {'message': 'User password was changed.'}
def wrapper(g, *args, **kwargs): missing = [] g.data = request.get_json() if g.data is None or g.data == {}: raise ApiException( 422, "Not enough data to process the request.") for value in self.expected_values: if (value not in g.data or g.data[value] is None or g.data[value] == {}): missing.append(value) if missing != []: raise ApiException( 422, "Not enough data to process the request.", missing) return f(g, *args, **kwargs)
def build_module_action(): """ Update or create module """ data = request.get_json() if data == None: raise ApiException(400, "data") if (data['token'] == None): raise ApiException(403, "Invalid token") if (('module_id' not in data) or (data['module_id'] == None)): raise ApiException(403, "Invalid module_id") else: moduleId = data['module_id'] validate_token(data['token']) #check permissions in the future data = Module.get_module_by_id(moduleId).build_module() return response_ok(data)
def update_or_create_module_action(): """ Update or create module """ data = request.get_json() if data == None: raise ApiException(400, "data") if (data['token'] == None): raise ApiException(403, "Invalid token") if (('module_id' not in data) or (data['module_id'] == None)): moduleId = None else: moduleId = data['module_id'] validate_token(data['token']) #check permissions in the future data = Module.create_or_update_module_by_id_from_array(moduleId, data['data']) if (data == None): raise ApiException(400, "Name already in use.") return response_ok_obj(data)
def update_or_create_poject_action(): """ Update or create poject """ data = request.get_json() if data == None: raise ApiException(400, "data") if (data['token'] == None): raise ApiException(403, "Invalid token") if (('poject_id' not in data) or (data['poject_id'] == None)): poject_id = None else: poject_id = data['poject_id'] validate_token(data['token']) #check permissions in the future data = Project.create_or_update_project_by_id_array( poject_id, data['data'], True) if (data == None): raise ApiException(400, "Name already in use.") return response_ok_obj(data)
def get_account(g, username): """ Api method for viewing public user data :param g: context :param username: """ user = User.query.getByName(username, False) if user is None: raise ApiException(400, 'User was not found in database.', ['username']) return response_ok_obj(user)
def get_project_by_name_action(name): """ Get project data by it's name """ token = request.args.get('token') name = request.args.get('name') validate_token(token) #check permissions in the future data = Project.get_project_by_name(name) if (data == None): return response_err(ApiException(400, "Name already in use.")) return response_ok_obj(data)
def validate_token(token): """ Validate token and return its instance :param token: """ userToken = authenticate(token) if userToken == None: print(token) token = check_token_exists(token) if token is None: print(UserToken.query.filter_by(user_id=1).first()) raise ApiException(403, "Invalid token.") if token.user.activated == False: raise ApiException( 200, { "data": "User not activated", "token": authenticate(None, True, token.user_id).token }) else: raise ApiException(403, "Invalid token.") return userToken.token
def view(g): """ Saves instance of module to g :param g: context """ g.module = Module.query.get_active(g.id) if g.module is None: raise ApiException(404, "Module not found.", ['module']) g.project = Project.query.get_active(g.module.project_id) if g.project is None: raise ApiException(404, "Project not found.", ['project']) if g.project.owner_id != g.token.user_id: contributor = 0 for user in g.project.contributors: if user.id == g.token.user_id: contributor = 1 break if contributor == 0: raise ApiException(403, "Access denied (no rights)", ['project'])
def login(g): """ User login :param g: context """ g.user = User.query.getByNameOrEmail(g.data["login"]) if g.user is None\ or not app.bcrypt.check_password_hash(g.user.password, g.data['password']): raise ApiException(400, "Sign in data are invalid.") g.token = g.user.createToken()
def is_user_authorised(): """ Information about users token, whenever its valid token or not """ data = request.get_json() validate_data(data, {'token'}) token = check_token_exists(data['token']) if token == None\ or (token.created + timedelta(hours=24) < datetime.utcnow() \ and token.update + timedelta(hours=2) < datetime.utcnow())\ or token.user.active == False: raise ApiException(403, "Invalid token.") tokenData = {"verified": "true" if token.user.activated else "false"} return response_ok(tokenData)
def module_delete(g): """ Module deletion :param g: context """ g.module = Module.query.get_active(g.id) if g.module is None: raise ApiException(404, "Module not found.", ['module']) g.project = Project.query.get_active(g.module.project_id) if g.project is None: raise ApiException(404, "Project not found.", ['project']) if g.project.owner_id != g.token.user_id: contributor = 0 for user in g.project.contributors: if user.id == g.token.user_id: contributor = 1 break if contributor == 0: raise ApiException(403, "Access denied (no rights)", ['project']) # for each in app.db.session.query(ModuleDependencies).filter_by( # used_in_module_id=g.module.id).all(): # module=Module.query.get_active(each.dependency_id) # if(module is not None): # raise ApiException( # 400, # "Module can not be deleted.", # ['dependency']) g.module.delete = datetime.datetime.utcnow() app.db.session.merge(g.module) app.db.session.flush() app.db.session.commit()
def wrapper(g, *args, **kwargs): header = request.headers.get('Authorization') if header and 'Bearer ' in header: token = header.split(" ")[1] else: token = '' tokenObject = UserToken.query.filter_by(token=token).first() if tokenObject is None: raise ApiException( 401, "Unauthorised user (missing or outdated token)", ['token']) if tokenObject.update <= datetime.utcnow(): tokenObject = tokenObject.createSuccessor() g.token = tokenObject return f(g, *args, **kwargs)
def update(g): """ Updates module by data provided in g.data :param g: context """ invalid = [] g.module = Module.query.get_active(g.id) if g.module is None: raise ApiException(404, "Module not found.", ['module']) g.project = Project.query.get_active(g.module.project_id) if g.project is None: raise ApiException(404, "Project not found.", ['project']) if g.project.owner_id != g.token.user_id: contributor = 0 for user in g.project.contributors: if user.id == g.token.user_id: contributor = 1 break if contributor == 0: raise ApiException(403, "Access denied (no rights)", ['project']) pattern = re.compile(r'^[\w\s\-\_]{2,}$', re.U) if 'name' in g.data: if ((not re.match(pattern, g.data['name'].strip())) or # noqa W605 Module.query.filter_by(project_id=g.project.id, name=g.data['name']).first() not in [None, g.module]): invalid.append("name") else: g.module.name = g.data['name'] if 'description' in g.data: g.module.description = g.data['description'] if 'dependency' in g.data: if ((not isinstance(g.data['dependency'], list)) and (g.data['dependency'] != 'independent')): invalid.append("dependency") if g.data['dependency'] == 'independent': g.module.dependencies = [] else: for each in g.data['dependency']: flag = 0 for x in g.module.dependencies: if x.name == each: flag = 1 break if flag == 0: dependency = Module.query.filter_by( project_id=g.project.id, name=each).first() if ((dependency is None) or (dependency in g.module.dependencies)): invalid.append('dependency') break g.module.dependencies.append(dependency) if 'content' in g.data: if 'body' not in g.data['content']: invalid.append('content') raise DbException(400, "Module data are invalid or non-unique.", invalid) with open( FILE_PATH + '/' + str(g.project.id) + '/' + str(g.module.id) + '.txt', 'w+') as file: file.write(str(g.data['content']['body'])) if 'type' in g.data['content']: g.module.contentType = g.data['content']['type'] if invalid != []: raise DbException(400, "Module data are invalid or non-unique.", invalid) app.db.session.merge(g.module) app.db.session.flush() app.db.session.commit()