def update(id, data): authed_user = get_authed_user() user = User.select().where(User.id == id).first() if not user: raise UserNotFound('id', id) if 'email' in data: user = User.select().where(User.email == data['email']).first() if user: raise UserWithPropExists('email', data['email']) if 'username' in data: user = User.select().where(User.username == data['username']).first() if user: raise UserWithPropExists('username', data['username']) if 'role' in data: if authed_user.role != 'super_admin': raise RoleInvalid('super_admin') if 'password' in data: user.hash_password(data['password']) del data['password'] user.save() user = User.update(**data).where(User.id == id) user.execute() user = User.select().where(User.id == id).first() return user
def get(self): user = auth_service.get_authed_user() return jsonify(UserSerializer().load(model_to_dict(user))[0])
def decorator(*args, **kwargs): get_authed_user() return func(*args, **kwargs)
def decorator(*args, **kwargs): authed_user = get_authed_user() if not authed_user.role or authed_user.role != 'admin': raise RoleInvalid('admin') return func(*args, **kwargs)