示例#1
0
def patch_files():
    res = {}

    try:
        id = request.args.get('id')
        current_id = str(session['user_id'])

        file = request.files['files[0]']
        file_type = mime(file).split('/')[0]

        if file_type == 'image' and current_id == id:
            user = User.lookup_id(id)

            filename = secure_filename(file.filename)
            parts = filename.split('.')
            filename = '.'.join(parts[:-1]) + str(current_id) + '.' + parts[-1]

            destination = os.path.join(app.config['UPLOAD_FOLDER'],
                                       'avatars/' + filename)
            file.save(destination)

            old_avatar = user.avatar
            user.avatar = filename
            user.update()

            try:
                if old_avatar != 'default.png':
                    target = os.path.join(app.config['UPLOAD_FOLDER'],
                                          'avatars/' + old_avatar)
                    os.remove(target)
            except Exception:
                pass

            res = {'upload_success': True}
        elif current_id == id:
            res = {'upload_success': False, 'error': 'Invalid file type'}
        else:
            res = {
                'upload_success': False,
                'error':
                "You do not have permission to change this user's avatar"
            }

    except Exception:
        res = {
            'upload_success': False,
            'error': 'There was an error uploading your file'
        }

    return res, 200
示例#2
0
def delete():
    id = request.args.get('id')
    user = User.lookup_id(id)
    res = {}
    status = 200

    if user and id == str(session['user_id']):
        try:
            user.delete()
            res = {'data': user}
        except Exception:
            res = {'error': 'Error deleting user'}
            status = 500

    return jsonify(res), status
示例#3
0
def patch():
    user = User.lookup_id(request.args.get('id'))
    form = request.json
    res = {}

    if user:
        del form['avatar']
        user = assign(form, user)

        try:
            user.update()
            res = {'data': user.as_dict()}
        except Exception:
            res = {'error': 'There was an error updating your account'}

    return jsonify(res), 200
示例#4
0
def get():
    try:
        id = int(request.args.get('id'))
        user = User.lookup_id(id)
        res = {}

        if user:
            user = user.as_dict()

            if session.get('user_id') != id:
                del user['email']
                del user['password']

            res = {'data': user}

    except Exception as e:
        res = {'error': 'There was an error finding this user'}

    return jsonify(res), 200
示例#5
0
    def save(self, warned):
        credentials = User.lookup_id(self.user_id)
        prerequisites = Course.lookup_id(self.course_id).prerequisites

        conflict = None
        if not warned:

            for prerequisite in prerequisites:
                matched = [
                    c for c in credentials
                    if c.id == prerequisite.credential_id
                ]

                if matched.length == 0:
                    conflict = prerequisite.id
                    break

        if conflict:
            return "Missing prerequisite: " + Credential.lookup_id(
                conflict).name
        else:
            Base.save(self)
示例#6
0
def is_admin(id):
    user = User.lookup_id(id)

    return user.admin