def delete_layer(channel, layer_id):
collection = mongo_service.db()["layer"]
layer_data = collection.find_one({"channel": channel})
layer_data["layers"] = [
layer for layer in layer_data["layers"] if layer["id"] != layer_id
]
collection.update_one(filter={"channel": channel},
update={"$set": layer_data})
collection = mongo_service.db()["message"]
delete_operation = DeleteMany({"channel": channel, "layer_id": layer_id})
collection.bulk_write([delete_operation])
response = make_response()
response.status_code = 204
return response
def post_review_target(channel, authorized_user):
if len(request.files) == 0:
abort(400)
# save files
save_dir = os.path.join(upload_dir, channel)
try:
os.mkdir(save_dir)
except FileExistsError:
pass
# upload files (but now, there is one file in files)
review_target_collection = mongo_service.db()["review_target"]
for review_target in request.files.values():
filename = secure_filename(review_target.filename)
if filename.split(".")[-1] not in _ALLOWED_EXTENSIONS:
abort(400)
file_path = os.path.join(save_dir, filename)
if os.path.exists(file_path):
abort(403)
review_target.save(file_path)
document = {
"channel": channel,
"name": filename,
"users": [authorized_user]
}
review_target_collection.insert_one(document)
return request.data
def layers(channel):
collection = mongo_service.db()["layer"]
response = collection.find_one({"channel": channel})
if response is None:
return jsonify([])
response.pop("_id", None)
return jsonify(response)
def update_layer(channel, layer_id):
data = json.loads(request.data)
collection = mongo_service.db()["layer"]
collection.update_one(filter={"channel": channel},
update={"$set": {
"layers": data
}})
return '', 204
def users():
response = []
for user in list(mongo_service.db()["user"].find()):
# remove values that doesnt needed.
user.pop("_id", None)
user.pop("password", None)
response.append(user)
return jsonify(response)
def edit_message(channel):
data = json.loads(request.data)
collection = mongo_service.db()["message"]
document_filter = {"channel": channel, "index": data["index"]}
collection.update_one(document_filter, {"$set": {"value": data["value"]}})
response = make_response()
response.status_code = 204
return response
def post_messages(channel):
data = json.loads(request.data)
data["channel"] = channel
data["date"] = datetime.strptime(data["date"], "%Y-%m-%dT%H:%M:%S.%fZ")
db = mongo_service.db()
collection = db["message"]
collection.insert_one(data)
return request.data
def get_messages(channel):
collection = mongo_service.db()["message"]
document = list(collection.find({"channel": channel}).sort("index"))
if not document:
return jsonify([])
for doc_element in document:
doc_element.pop("_id", None)
doc_element["date"] = doc_element["date"].isoformat()
return jsonify(document)
def get_review_target(channel, authorized_user):
collection = mongo_service.db()["review_target"]
review_target_data = collection.find_one({
"channel": channel,
"users": {
"$in": [authorized_user]
}
})
if not review_target_data.get("name"):
abort(404)
saved_dir = os.path.join(upload_dir, review_target_data["channel"])
# now, one file only. multi file will be supported in the future.
return send_from_directory(saved_dir, review_target_data["name"])
def register_user():
collection = mongo_service.db()["user"]
data = json.loads(request.data)
if not re.search(r"^[a-zA-Z0-9]\w*[a-zA-Z0-9]$", data["username"]):
abort(400)
if collection.find_one({"name": data["username"]}):
abort(409)
document = {
"name": data["username"],
"password": generate_password_hash(data["password"], method="sha256")
}
collection.insert_one(document)
return request.data
def login():
data = json.loads(request.data)
if not isinstance(data["username"], str):
abort(400)
if not isinstance(data["password"], str):
abort(400)
document_filter = {"name": data["username"]}
document = mongo_service.db()["user"].find_one(document_filter)
if document is None:
abort(400)
if not check_password_hash(document["password"], data["password"]):
abort(400)
return jsonify({
"token":
authorization.encode_jwt({
"name": data["username"],
"password": data["password"]
}).decode()
})
def wrapper(*args, **kwargs):
auth_data = request.headers.get("Authorization")
if auth_data is None:
abort(400, {"message": "Authorization header is required"})
if len(auth_data.split()) != 2:
abort(401, {"message": "Invalid header data"})
# collect auth_data is 'Bearer {token}'
scheme, token = auth_data.split()
if scheme.lower() != "bearer":
abort(401,
{"message": "Authorization header must start with Bearer"})
# decode and find user
data = decode_jwt(token)
document_filter = {"name": data["name"]}
document = mongo_service.db()["user"].find_one(document_filter)
if document is None:
abort(401, {"message": "Invalid user"})
# password check
if not check_password_hash(document["password"], data["password"]):
abort(400)
# add user_name for filtering for find
return func(*args, authorized_user=data["name"], **kwargs)
def delete_message(channel, index):
collection = mongo_service.db()["message"]
collection.delete_one({"channel": channel, "index": index})
response = make_response()
response.status_code = 204
return response