def wrapper(*args, **kwds): verify_jwt_in_request() claims = get_jwt_claims() jwt_roles = claims.get("roles", {}) for role, permissions in roles.items(): if not isinstance(permissions, (list, tuple)): permissions = [] if role in jwt_roles: valid_perms = jwt_roles.get(role, []) for perm in permissions: if perm not in valid_perms: return ( jsonify( reason="You don't have permission!", status_code=403 ), 403, ) else: return ( jsonify(reason="Role not allowed!", status_code=403), 403, ) return func(*args, **kwds)
def patch(self): claims = get_jwt_claims() qry = UserModel.query.get(claims["id"]) if qry is None: app.logger.debug('DEBUG : id tidak ada') return {'status': 'NOT_FOUND'}, 404 parser = reqparse.RequestParser() parser.add_argument('username', location='json') parser.add_argument('password', location='json') parser.add_argument('status_penjual', location='json', type=bool) args = parser.parse_args() if args['username'] is not None: qry.username = args['username'] if args['password'] is not None: salt = uuid.uuid4().hex encoded = ('%s%s' % (args['password'], salt)).encode('utf-8') hash_pass = hashlib.sha512(encoded).hexdigest() qry.password = hash_pass qry.salt = salt if args['status_penjual'] is not None: qry.status_penjual = args['status_penjual'] db.session.commit() app.logger.debug('DEBUG : %s', qry) return marshal(qry, UserModel.response_fields), 200, { 'Content-Type': 'application/json' }
def patch(self): claims = get_jwt_claims() qry = SellerModel.query.filter_by(user_id=claims['id']).first() if qry is None: app.logger.debug('DEBUG : biodata tidak ada') return {'status': 'biodata tidak ada'}, 404 parser = reqparse.RequestParser() parser.add_argument('nama', location='json') parser.add_argument('email', location='json') parser.add_argument('alamat', location='json') parser.add_argument('no_hp', location='json') args = parser.parse_args() if args['nama'] is not None: qry.nama = args['nama'] if args['email'] is not None: qry.email = args['email'] if args['alamat'] is not None: qry.alamat = args['alamat'] if args['no_hp'] is not None: qry.no_hp = args['no_hp'] db.session.commit() app.logger.debug('DEBUG : %s', qry) return marshal(qry, SellerModel.response_fields), 200, { 'Content-Type': 'application/json' }
def post(self): parser = reqparse.RequestParser() parser.add_argument('nama', location='form', required=True) parser.add_argument('harga', location='form', required=True) parser.add_argument('stok', location='form') parser.add_argument('berat', location='form', required=True) parser.add_argument('deskripsi', location='form') parser.add_argument('gambar', type=werkzeug.datastructures.FileStorage, location='files') parser.add_argument('kategori', location='form') args = parser.parse_args() UPLOAD_FOLDER = app.config['UPLOAD_FOLDER'] if args['gambar'] == "": return { 'data': '', 'message': 'No file found', 'status': 'error' }, 500 image_produk = args['gambar'] if image_produk: randomstr = uuid.uuid4().hex # get randum string to image filename filename = randomstr + '_' + image_produk.filename image_produk.save(os.path.join("." + UPLOAD_FOLDER, filename)) img_path = UPLOAD_FOLDER.replace('./', '/') + '/' + filename else: return { 'data': '', 'message': 'Something when wrong', 'status': 'error' }, 500 # get id dari product type yang kita input product_type = ProductCategoryModel.query.filter_by( tipe_produk=args['kategori']).first() if product_type is None: app.logger.debug('DEBUG : kategori tidak ada') return {'message': 'kategori tidak ditemukan'}, 404 # get seller id claims = get_jwt_claims() seller = SellerModel.query.filter_by(user_id=claims['id']).first() product = ProductModel(args['nama'], args['harga'], args['stok'], args['berat'], args['deskripsi'], filename, product_type.id, seller.id) db.session.add(product) db.session.commit() app.logger.debug('DEBUG : %s', product) return marshal(product, ProductModel.response_fields), 200, { 'Content-Type': 'application/json' }
def get(self): claims = get_jwt_claims() qry = UserModel.query.get(claims["id"]) if qry is not None: app.logger.debug('DEBUG : %s', qry) return marshal(qry, UserModel.response_fields), 200 app.logger.debug('DEBUG : id tidak ada') return {'status': 'NOT_FOUND'}, 404
def get(self): claims = get_jwt_claims() qry = SellerModel.query.filter_by(user_id=claims['id']).first() print("cek", qry) if qry is not None: app.logger.debug('DEBUG : %s', qry) return marshal(qry, SellerModel.response_fields), 200 app.logger.debug('DEBUG : biodata tidak ada') return {'status': 'biodata tidak ada'}, 404
def post(self): claims = get_jwt_claims() parser = reqparse.RequestParser() parser.add_argument('nama', location='json', required=True) parser.add_argument('email', location='json', required=True) parser.add_argument('alamat', location='json', required=True) parser.add_argument('no_hp', location='json', required=True) args = parser.parse_args() seller = SellerModel(args['nama'], args['email'], args['alamat'], args['no_hp'], claims['id']) db.session.add(seller) db.session.commit() app.logger.debug('DEBUG : %s', seller) return marshal(seller, SellerModel.response_fields), 200, { 'Content-Type': 'application/json' }
def get(self): parser = reqparse.RequestParser() parser.add_argument('p', type=int, location='args', default=1) parser.add_argument('rp', type=int, location='args', default=25) args = parser.parse_args() claims = get_jwt_claims() seller = SellerModel.query.filter_by(user_id=claims['id']).first() offset = (args['p'] * args['rp'] - args['rp']) qry = ProductModel.query.filter_by(seller_id=seller.id) qry = qry.order_by(desc(ProductModel.created_at)) qry = qry.order_by(desc(ProductModel.updated_at)) rows = [] for row in qry.limit(args['rp']).offset(offset).all(): marshal_row = marshal(row, ProductModel.response_fields) rows.append(marshal_row) app.logger.debug('DEBUG : %s', rows) return rows, 200
def claims(): return jsonify({ 'username': get_jwt_identity(), 'claims': get_jwt_claims() })
def get(self): current_user = get_jwt_identity() claims = get_jwt_claims() token = create_access_token(identity=current_user, user_claims=claims) return {"data": {'token': token}}, 200