def user(id: int = None, username: str = None) -> Tuple[Any, int]: user = get_user(id if id else username.lower() if username else None) if not user: return make_resp(NOT_FOUND) if request.method == "GET": return jsonify(data=user_schema.dump(user) if get_user() == user else other_user_schema.dump(user)), 200 elif request.method == "PUT": if user != get_user(): return make_resp(FORBIDDEN) if not request.is_json: return make_resp(NO_JSON) try: user_schema.context["user_id"] = user.id user = user_schema.load(request.get_json(), instance=user) user_schema.context.pop("user_id") except ValidationError as errors: return errors.messages, 422 db.session.commit() return jsonify(data=user_schema.dump(user)), 200 elif request.method == "DELETE": if user != get_user(): return make_resp(FORBIDDEN) db.session.delete(user) db.session.commit() return make_resp(({"msg": "success"}, 200))
def project(id: int = None, name: str = None) -> Tuple[Any, int]: project = Project.query.get(id) if id else Project.query.filter( Project.name == name.lower()).first() if not project: return make_resp(NOT_FOUND) if request.method == "GET": return jsonify(data=project_schema.dump(project)), 200 elif request.method == "PUT": if project.user != get_user(): return make_resp(FORBIDDEN) if not request.is_json: return make_resp(NO_JSON) try: project_schema.context["project_id"] = project.id project = project_schema.load(request.get_json(), instance=project) project.last_modified = datetime.datetime.utcnow() project_schema.context.pop("project_id") except ValidationError as errors: return errors.messages, 422 db.session.commit() return jsonify(data=project_schema.dump(project)), 200 elif request.method == "DELETE": if project.user != get_user(): return make_resp(FORBIDDEN) db.session.delete(project) db.session.commit() return make_resp(({"msg": "success"}, 200))
def projects(user_id: int = None, username: str = None) -> Tuple[Any, int]: user = get_user( user_id if user_id else username.lower() if username else None) if not user: return make_resp(NOT_FOUND) if request.method == "GET": return jsonify(data=project_schema.dump(Project.query.filter( Project.user_id == user.id).all(), many=True)), 200 elif request.method == "POST": if get_user() is None: return make_resp(UNAUTHORIZED) if not request.is_json: return make_resp(NO_JSON) try: project = project_schema.load(request.get_json()) project.user = get_user() project.root_directory = Directory(name="root") project.root_directory.block_files = [ BlockFile(name="app.py", block_xml="") ] project.last_modified = datetime.datetime.utcnow() except ValidationError as errors: return errors.messages, 422 db.session.add(project) db.session.commit() return jsonify(data=project_schema.dump(project)), 200
def move(): _from = request.args.get("from") _to = request.args.get("to") if not _from: log('User %r tried to move, but forgot "from" argument', get_user()) return '<h1>Missing "from" argument</h1>', 400 if not _to: log('User %r tried to move, but forgot "to" argument', get_user()) return '<h1>Missing "to" argument</h1>', 400 real_from = cfg.CLOUD_PATH / _from real_to = cfg.CLOUD_PATH / _to try: shutil.move(real_from, real_to) log("User %r moved file %r to %r", get_user(), _from, _to) return "<h1>File moved correctly</h1>", 200 except (FileNotFoundError, FileExistsError) as err: log( "User %r tried to move file %r to %r, but failed (%r)", get_user(), _from, _to, err, ) return "File not found", 400
def upload_files(): folder = get_post_arg("folder") log("User %r made a POST request to /upload", get_user()) if folder is None: flash("No folder supplied or an invalid folder was supplied", "danger") return redirect("/") folders = get_folders() try: folder = folders[int(folder)] except (IndexError, ValueError): flash("Invalid index folder (index %r)" % folder, "danger") return redirect("/") files = request.files.getlist("files[]") if not files: flash("No files supplied", "danger") return redirect("/") log_files = [] for file in files: filename = secure_filename(file.filename) if not filename: continue log_files.append(filename) filename = cfg.CLOUD_PATH / folder / filename try: file.save(filename.as_posix()) except PermissionError as exc: flash("Permission Error: %s" % exc, "danger") log("User %r encoutered a PermissionError: %r" % (get_user(), exc)) return redirect("/") if not log_files: flash("Supplied only %d empty files" % len(files), "danger") return redirect("/") log( "User %r upload files to folder %r: %s", get_user(), folder.as_posix(), log_files, ) flash("Files uploaded successfully", "success") return redirect("/")
def delete(filepath): filepath = cfg.CLOUD_PATH / filepath try: if filepath.is_dir(): shutil.rmtree(filepath) log("User %r removed tree %r", get_user(), filepath.as_posix()) return "<h1>Tree removed</h1> %s" % filepath.as_posix(), 200 else: os.remove(filepath) log("User %r removed file %r", get_user(), filepath.as_posix()) return "<h1>File deleted</h1> %s" % filepath.as_posix(), 200 except FileNotFoundError: log("User %r tried to incorrectly remove %r", get_user(), filepath.as_posix()) return "<h1>File not found</h1> %s" % filepath.as_posix(), 404
def example3post(): user = get_user() if user is not None: message = request.POST['message'] if message: Message.objects.create(user, message) redirect('/example3/') else: redirect('/example3/login/')
def example3(): user = get_user() if user is not None: count = len(Message.objects.filter(lambda m: user in m.users_notify)) msgs = Message.objects.filter(lambda m: user in m.users, owner=user) return template('example3logged', dict(user=user, messages=msgs, newsCount=count)) else: return template('example3', {})
def users_post() -> Tuple[Any, int]: if get_user() is not None: return make_resp(FORBIDDEN) if not request.is_json: return make_resp(NO_JSON) try: user = user_schema.load(request.get_json()) except ValidationError as errors: return errors.messages, 422 db.session.add(user) db.session.commit() return jsonify(data=user_schema.dump(user), access_token=create_access_token(identity=user)), 200
def example3get(type, id): """ :type type: str """ user = get_user() id = int(id) if user is not None: if type == 'read': Message.objects.find(id=id).users_notify.remove(user) elif type == 'remove': Message.objects.remove(id=id) redirect('/example3/') else: redirect('/example3/login/')
def test_no_authorization(self, req_m): req_m.authorization = None assert get_user() is None
def mkdir(folder: str): os.makedirs(cfg.CLOUD_PATH / folder) log("User %r made dir %r", get_user(), folder) return redirect("/cloud")
def test_runtime_error(self, req_m): prop_m = mock.PropertyMock() prop_m.side_effect = RuntimeError type(req_m).authorization = prop_m assert get_user() is None
def example3signup(): if get_user(): redirect('/example3/') return dict(email='', username='', errors=[])
def add_event_to_userz(email,event): user = get_user(email) event = Events.query.filter_by(name=event).first() print add_event_to_user(user,event)
def user_events(email): user = get_user(email) print user.events
def user(email): res = get_user(email) print res
def index(): folders = get_folders() folder_choices = [Folder(i, x.as_posix()) for i, x in enumerate(folders)] log("User %r opened index", get_user()) return render_template("index.html", folders=folder_choices)
def test_normal_authorization(self, req_m): req_m.authorization = mock.Mock(username="******") assert get_user() == "foo"
def example3login(): if get_user(): redirect('/example3/') return dict(username='', error=False)