def put(self, id):
args = get_args()
if not args:
return response("Invalid parameters", 422)
admin = Admin.query.get(id)
if not admin:
return response("Admin {} not exists".format(id), 404)
if admin.name != args["name"]:
admin.name = args["name"]
if admin.email != args["email"]:
check_email = Admin.query.filter(
Admin.email == args["email"]).all()
if not check_email:
admin.email = args["email"]
else:
return response("Email already exists", 409)
admin.hash_password(args["password"])
admin.update()
return schema.dump(admin).data, 200
def put(self, id):
args = get_args()
if not args:
return response("Invalid parameters", 422)
user = User.query.get(id)
if not user.active:
return response("User {} not exists".format(id))
if user.uid != args["uid"]:
rfid_query = User.query.filter(User.uid == args["uid"])
if rfid_query.all():
return response("UID already exists", 409)
else:
user.rfid = args["uid"]
if user.name != args["name"]:
user.name = args["name"]
if user.email != args["email"]:
email_query = User.query.filter(User.email == args["email"])
if email_query.all():
return response("Email already exists", 409)
else:
user.email = args["email"]
if user.userType != args["userType"]:
user.userType = args["userType"]
user.update()
return schema.dump(user).data, 200
def delete(self, id):
adms = Admin.query.all()
if len(adms) == 1:
return response("Cannot delete all admins", 403)
try:
admin = Admin.query.get(id)
if not admin:
return response("Admin {} not existis".format(id), 404)
admin.delete(admin)
except SQLAlchemyError as e:
return rollback(e, db)
else:
return None, 204
def db_status():
return response({
'user': User.query.count(),
'thread': Thread.query.count(),
'forum': Forum.query.count(),
'post': Post.query.count()
})
def login_form():
"""
Show login form.
If user is already logged in, they will be redirected to index page.
"""
if current_user.is_authenticated:
return redirect(url_for('index'))
next_page = request.args.get('next')
if next_page and url_parse(next_page).netloc == '':
session['next_page'] = next_page
if request.method == 'GET':
return response(render('auth/login.html'))
loginform = LoginForm()
if not loginform.validate():
flash(loginform.errors, category='form_error')
return failed_login()
user = User.by_email_address(loginform.email_id.data)
if user is None:
flash('Could not locate your email address', 'login_info')
return failed_login()
if not user.check_password(loginform.password.data):
flash('invalid password', 'login_info')
return failed_login()
return _login(user, loginform.remember_me.data)
def get(self):
query = User.query.filter(User.active)
if request.args.get("email"):
query = query.filter(
User.email.like("%" + request.args["email"] + "%"))
if request.args.get("name"):
query = query.filter(
User.name.like("%" + request.args["name"] + "%"))
if request.args.get("uid"):
query = query.filter(User.uid.like("%" + request.args["uid"] +
"%"))
if request.args.get("userType"):
query = query.filter(User.userType == request.args["userType"])
if request.args.get("roomId"):
query = query.join(RoomUser.user).filter(
RoomUser.roomId == request.args["roomId"])
if request.args.get("orderBy"):
query = query.order_by(request.args["orderBy"])
users = query.all()
users = [i.__dict__ for i in users]
if len(users) == 0:
return response("No record found", 204)
return schema.dump(users, many=True).data, 200
def get(self):
"""
Check service
Returning a success message.
"""
return response('Service is works', 200)
def get(self, id):
user = User.query.get(id)
if not user.active:
return response("User {} not found".format(id), 404)
user = user.__dict__.copy()
return schema.dump(user).data, 200
def delete(self, id):
schedule = Schedule.query.get(id)
if not schedule.active:
return response("Schedule {} not existis".format(id), 404)
schedule.active = False
schedule.lastUpdate = datetime.now()
schedule.update()
return None, 204
def user_create():
form = get_user_form(g.data)
if form.validate():
user = User(**form.data)
user.create()
return response(user.serialize(less=True))
raise IncorrectRequest
def put(self, id):
args = get_args()
if not args:
return response("Invalid parameters", 422)
schedule = Schedule.query.get(id)
if not schedule or not schedule.active:
return response("Schedule {} not exists".format(id), 404)
if check_schedule(args):
return response("There is a conflict in schedule", 409)
fill_schedule(schedule, args)
schedule.lastUpdate = datetime.now()
schedule.update()
return schema.dump(schedule).data, 202
def post(self):
"""
User login
"""
data, errors = self.get_data()
if errors:
return response(errors, 400)
user = User.get_by_email(data.get('email'))
if not user:
return response(f"User {data.get('email')} does not exist", 400)
if User.verify_hash(data['password'], user.password):
return response(
dict(access_token=create_access_token(identity=data['email'])),
200)
else:
return response('Wrong credentials', 401)
def get(self):
"""
Get user's data
---
security:
- Bearer: []
"""
user = User.get_by_email(get_jwt_identity())
return response(self.default_schema.dump(user), 200)
def user_update():
form = UpdateUserForm(data=g.data)
if form.validate():
user = User.query.filter_by(email=form.user.data).first_or_404()
user.name = form.name.data
user.about = form.about.data
user.save()
return response(user.serialize())
raise IncorrectRequest
def put(self):
"""
Update user's data
---
security:
- Bearer: []
parameters:
- in: body
schema:
$ref: '#/definitions/UpdateUserSchema'
"""
data, errors = self.get_data('put')
if errors:
return response(errors, 400)
user = User.get_by_email(get_jwt_identity())
user = edit_instance(User, user.id, **data)
schema = self.get_schema()
return response(schema.dump(user), 200)
def put(self, id):
args = check_args()
if not args:
return response("Room name required", 422)
room = Room.query.get(id)
if not room.active:
return response("Room {} not exists".format(id))
if room.name != args["name"]:
room.name = args["name"]
try:
room.lastUpdate = datetime.now()
room.update()
except SQLAlchemyError as e:
return rollback(e, db), 406
else:
return schema.dump(room).data, 202
def post(self):
args = get_args()
if check_schedule(args):
return response("There is a conflict in schedule", 409)
schedule = Schedule()
fill_schedule(schedule, args)
schedule.active = True
schedule.lastUpdate = datetime.now()
schedule.update()
return schema.dump(schedule).data, 201
def user_unfollow():
form = FollowForm(data=g.data)
if form.validate():
user = User.query.filter_by(email=form.follower.data).first_or_404()
user_followee = User.query.filter_by(
email=form.followee.data).first_or_404()
user.following.remove(user_followee)
user.save()
return response(user.serialize())
raise IncorrectRequest
def delete(self, id):
try:
room = Room.query.get(id)
if not room or not room.active:
return response("Room {} not exists".format(id))
room.active = False
room.lastUpdate = datetime.now()
room.update()
except SQLAlchemyError as e:
return rollback(e, db), 406
else:
return None, 202
def post(self):
args = get_args()
if not args:
return response("Invalid parameters", 422)
try:
admin = Admin(args["name"], args["email"], args["password"])
admin.add(admin)
query = Admin.query.get(admin.id)
except SQLAlchemyError as e:
return rollback(e, db)
else:
return schema.dump(query).data, 201
def delete(self, id):
try:
user = User.query.get(id)
if not user.active:
return response("User {} not exists".format(id))
user.active = False
user.lastUpdate = datetime.now()
user.update()
except SQLAlchemyError as e:
return rollback(e, db)
else:
return None, 204
def post(self):
"""
User registration
"""
data, errors = self.get_data()
if errors:
return response(errors, 400)
user = User.get_by_email(data.get('email'))
if user:
return response('This email already taken', 400)
data.update({'password': User.generate_hash(data['password'])})
user = add_instance(User, **dict(active=True, **data))
schema = self.get_schema('res')
result = schema.dump(user)
result.update(
dict(access_token=create_access_token(identity=data['email'])))
return response(result, 200)
def get(self):
"""
Get calls
---
security:
- Bearer: []
"""
user = User.get_by_email(get_jwt_identity())
if not user.ya_disc_token:
return response(
'To get access token go to link {}'.format(
Config.YA_DISK_GET_TOKEN_URL), 400)
yad = YandexDisk(user.ya_disc_token)
if not yad.check_token():
return response('Token specified you not valid', 400)
calls = yad.get_calls()
return response(calls, 200)
def reactive(self, user, args):
user.active = True
user.lastUpdate = datetime.now()
user.name = args["name"]
user.userType = args["userType"]
if user.uid != args["uid"]:
if User.query.filter(user.uid == args["uid"]).all():
return response("UID {} already in use".format(user.uid), 409)
else:
user.uid = args["uid"]
user.update()
return schema.dump(user).data, 201
def edit_item(item_id):
item = ICT.get(ICT.decode_id(item_id), True)
if current_user.id != item.user_id:
flash('No permission grant to modify this item.', 'form_error')
return redirect(url('catalog.show_item', item_id=item.hash_id))
if request.method == 'POST':
return PageController.update_item(item)
item = ICT.item_to_dict(item)
categories = CCT.index()
return response(
render('catalog/edit_item.html', item=item, categories=categories))
def index(category_name=None):
categories = CCT.index()
page = request.args.get('page', 1)
per_page = request.args.get('per_page', 15)
if category_name:
url_category = " ".join(category_name.split('_'))
db_category = CCT.get_by_name(url_category)
db_items = ICT.index(db_category.id, page=page, per_page=per_page)
else:
db_items = ICT.index(page=page, per_page=per_page)
return response(
render('catalog/items_list.html',
current_category=category_name,
items=db_items,
categories=categories))
def post(self):
args = get_args()
if not args:
return response("Invalid parameters", 422)
user = (User.query.filter(User.active == False).filter(
User.email == args["email"]).first())
if user:
return self.reactive(user, args)
else:
try:
user = User(name=args["name"],
email=args["email"],
uid=args["uid"],
userType=args["userType"])
user.add(user)
except SQLAlchemyError as e:
return rollback(e, db), 406
else:
return schema.dump(user).data, 201
def post(self):
args = check_args()
if not args:
return response("Room's name is required", 422)
room = (Room.query.filter(Room.active == False).filter(
Room.name == args["name"]).first())
if room:
room.active = True
room.lastUpdate = datetime.now()
room.update()
return schema.dump(room).data, 201
else:
try:
room = Room()
room.name = args["name"]
room.add(room)
except SQLAlchemyError as e:
return rollback(e, db), 406
else:
return schema.dump(room).data, 201
def forum_posts(form):
return response(form.get_post_list_data())
def forum_threads(form):
return response(form.get_thread_list_data())