def post_user():
"""Creates a new user.
:returns: JSON string of the new user's data; status code
:rtype: (str, int)
"""
# pre-validate data
errors = unique({}, User, User.username,
request.json.get('username', None))
errors = unique_email(errors, User, User.email,
request.json.get('email', None))
errors, roles = exists(errors, Role, 'roles',
request.json.get('roles', []))
# validate data
try:
data = UserAdminSchema().load(request.json)
except ValidationError as err:
errors = dict(list(errors.items()) + list(err.messages.items()))
# return any errors
if errors:
return jsonify({"error": errors}), 400
# save user
user = User(username=data['username'].lower().strip(),
email=data['email'].lower().strip(),
password=data['password'],
is_verified=data['is_verified'],
status=data['status'],
status_changed_at=datetime.now())
for role in roles:
user.roles.append(role)
# save user profile
if 'profile' in data:
user_profile = UserProfile(
user=user,
first_name=data['profile']['first_name'].strip(),
last_name=data['profile']['last_name'].strip(),
joined_at=data['profile']['joined_at'],
status=data['status'],
status_changed_at=datetime.now())
db.session.add(user_profile)
db.session.add(user)
db.session.commit()
# response
return jsonify({'user': UserAdminSchema().dump(user)}), 201
def test_unique_email_pass(app, mocker):
# mock db query
query_mock = mocker.patch('flask_sqlalchemy._QueryProperty.__get__')
query_mock.return_value \
.filter.return_value \
.first.return_value = None
errors = unique_email({}, SomeModel, SomeModel.email, 'foo')
assert errors == {}
def test_unique_email_update_no_diff_pass(app, mocker):
test_model = SomeModel()
test_model.email = 'foo'
errors = unique_email({},
SomeModel,
SomeModel.email,
'foo',
update=test_model)
assert errors == {}
def test_unique_email_fail(app, mocker):
# mock db query
query_mock = mocker.patch('flask_sqlalchemy._QueryProperty.__get__')
query_mock.return_value \
.filter.return_value \
.first.return_value = SomeModel()
errors = unique_email({}, SomeModel, SomeModel.email, 'foo')
assert errors == {'email': ['Value must be unique.']}
def test_unique_unique_email_diff_pass(app, mocker):
# mock db query
query_mock = mocker.patch('flask_sqlalchemy._QueryProperty.__get__')
query_mock.return_value \
.filter.return_value \
.first.return_value = None
test_model = SomeModel()
test_model.email = 'bar'
errors = unique_email({},
SomeModel,
SomeModel.email,
'foo',
update=test_model)
assert errors == {}
def post_administrator():
"""Creates a new administrator
:returns: JSON string of the new administrator's data; status code
:rtype: (str, int)
"""
# pre-validate data
errors = unique({}, Administrator, Administrator.username,
request.json.get('username', None))
errors = unique_email(errors, Administrator, Administrator.email,
request.json.get('email', None))
errors, roles = exists(errors, Role, 'roles',
request.json.get('roles', []))
# validate data
try:
data = AdministratorAdminSchema().load(request.json)
except ValidationError as err:
errors = dict(list(errors.items()) + list(err.messages.items()))
# return any errors
if errors:
return jsonify({"error": errors}), 400
# save admin
admin = Administrator(username=data['username'].lower().strip(),
email=data['email'].lower().strip(),
first_name=data['first_name'],
last_name=data['last_name'],
password=data['password'],
joined_at=data['joined_at'],
status=data['status'],
status_changed_at=datetime.now())
for role in roles:
admin.roles.append(role)
db.session.add(admin)
db.session.commit()
# response
return jsonify({'administrator':
AdministratorAdminSchema().dump(admin)}), 201
def put_account():
"""Updates the current user's account information.
:returns: JSON string of the user's account information; status code
:rtype: (str, int)
"""
# init vars
user = g.user
# pre-validate data
errors = unique({},
Administrator,
Administrator.username,
request.json.get('username', None),
update=user)
errors = unique_email(errors,
Administrator,
Administrator.email,
request.json.get('email', None),
update=user)
# validate data
try:
data = UserAccountAdminSchema().load(request.json)
except ValidationError as err:
errors = dict(list(errors.items()) + list(err.messages.items()))
# return any errors
if errors:
return jsonify({"error": errors}), 400
# save user account
user.username = data['username'].strip()
user.email = data['email'].strip()
user.first_name = data['first_name'].strip()
user.last_name = data['last_name'].strip()
db.session.commit()
# response
return jsonify({'user_account': UserAccountAdminSchema().dump(user)}), 200
def put_user(user_id):
"""Updates an existing user.
:param user_id: ID of user
:type user_id: int
:returns: JSON string of the user's data; status code
:rtype: (str, int)
"""
# get user
user = User.query.get(user_id)
if user is None:
abort(404)
# pre-validate data
errors = unique({},
User,
User.username,
request.json.get('username', None),
update=user)
errors = unique_email(errors,
User,
User.email,
request.json.get('email', None),
update=user)
errors, roles = exists(errors, Role, 'roles',
request.json.get('roles', []))
# validate data
try:
if request.json.get('password', None):
data = UserAdminSchema().load(request.json)
else:
data = UserAdminSchema(exclude=('password', )).load(request.json)
except ValidationError as err:
errors = dict(list(errors.items()) + list(err.messages.items()))
# return any errors
if errors:
return jsonify({"error": errors}), 400
# save user
user.username = data['username'].lower().strip()
user.email = data['email'].lower().strip()
user.is_verified = data['is_verified']
if 'password' in data:
user.password = data['password']
user.roles[:] = []
for role in roles:
user.roles.append(role)
if user.status != data['status']:
user.status = data['status']
user.status_changed_at = datetime.now()
# save user profile
if 'profile' in data:
user_profile = user.profile if user.profile else None
if user_profile:
user_profile.first_name = data['profile']['first_name'].strip()
user_profile.last_name = data['profile']['last_name'].strip()
user_profile.joined_at = data['profile']['joined_at']
if user_profile.status != data['status']:
user_profile.status = data['status']
user_profile.status_changed_at = datetime.now()
else:
user_profile = UserProfile(
user_id=user.id,
first_name=data['profile']['first_name'].strip(),
last_name=data['profile']['last_name'].strip(),
joined_at=data['profile']['joined_at'],
status=data['status'],
status_changed_at=datetime.now())
db.session.add(user_profile)
user.profile = user_profile
db.session.commit()
# response
return jsonify({'user': UserAdminSchema().dump(user)}), 200
def put_administrator(administrator_id):
"""Updates an existing administrator
:param administrator_id: ID of administrator
:type administrator_id: int
:returns: JSON string of the administrator's data; status code
:rtype: (str, int)
"""
# get administrator
administrator = Administrator.query.get(administrator_id)
if administrator is None:
abort(404)
# pre-validate data
errors = unique({},
Administrator,
Administrator.username,
request.json.get('username', None),
update=administrator)
errors = unique_email(errors,
Administrator,
Administrator.email,
request.json.get('email', None),
update=administrator)
errors, roles = exists(errors, Role, 'roles',
request.json.get('roles', []))
# validate data
try:
if request.json.get('password', None):
data = AdministratorAdminSchema().load(request.json)
else:
data = AdministratorAdminSchema(exclude=('password', )).load(
request.json)
except ValidationError as err:
errors = dict(list(errors.items()) + list(err.messages.items()))
# return any errors
if errors:
return jsonify({"error": errors}), 400
# save administrator
administrator.username = data['username'].lower().strip()
administrator.email = data['email'].lower().strip()
administrator.first_name = data['first_name']
administrator.last_name = data['last_name']
administrator.joined_at = data['joined_at']
if 'password' in data:
administrator.password = data['password']
administrator.roles[:] = []
for role in roles:
administrator.roles.append(role)
if administrator.status != data['status']:
administrator.status = data['status']
administrator.status_changed_at = datetime.now()
db.session.commit()
# response
return jsonify(
{'administrator': AdministratorAdminSchema().dump(administrator)}), 200
def post_user_account_step1():
"""User registration step 1.
:returns: JSON string of the user's account information; status code
:rtype: (str, int)
"""
# pre-validate data
errors = unique({}, User, User.username,
str(request.json.get('username')).lower().strip()
if request.json.get('username', None) else None)
errors = unique_email(
errors, User, User.email,
str(request.json.get('email')).lower().strip() if request.json.get(
'email', None) else None)
errors, tos = exists(errors,
TermsOfService,
'tos_id',
request.json.get('tos_id', None),
missing_error="Please agree to the terms of service.")
if (request.json.get('password', None)
and request.json.get('password2', None)):
if request.json.get('password') != request.json.get('password2'):
errors['password2'] = ["Passwords must match."]
# validate data
try:
data = UserAccountSchema(exclude=(
'first_name',
'last_name',
)).load(request.json)
except ValidationError as err:
errors = dict(list(errors.items()) + list(err.messages.items()))
# return any errors
if errors:
return jsonify({"error": errors}), 400
# save user
user = User(username=data['username'].lower().strip(),
email=data['email'].lower().strip(),
password=data['password'],
is_verified=False,
status=User.STATUS_ENABLED,
status_changed_at=datetime.now())
user_role = Role.query.filter(Role.name == 'USER').first()
if user_role:
user.roles.append(user_role)
db.session.add(user)
# save user terms of service
user_tos = UserTermsOfService(user=user,
terms_of_service=tos,
accept_date=datetime.now(),
ip_address=request.environ.get(
'HTTP_X_REAL_IP', request.remote_addr))
db.session.add(user_tos)
# save password history
pass_history = UserPasswordHistory(user=user,
password=user.password,
set_date=datetime.now())
db.session.add(pass_history)
db.session.commit()
# prep output
output = {
'id': user.id,
'username': user.username,
'email': user.email,
'password_changed_at': user.password_changed_at,
'is_verified': user.is_verified,
'first_name': None,
'last_name': None,
'joined_at': None,
}
# response
return jsonify({'user_account': UserAccountSchema().dump(output)}), 201
def put_user_account():
"""Updates the current user's account information.
:returns: JSON string of the user's account information; status code
:rtype: (str, int)
"""
# init vars
user = g.user
user_profile = user.profile if user.profile else None
# pre-validate data
errors = unique({},
User,
User.username,
str(request.json.get('username')).lower().strip()
if request.json.get('username', None) else None,
update=user)
errors = unique_email(errors,
User,
User.email,
str(request.json.get('email')).lower().strip()
if request.json.get('email', None) else None,
update=user)
# validate data
try:
data = UserAccountSchema(exclude=(
'password',
'password2',
'tos_id',
)).load(request.json)
except ValidationError as err:
errors = dict(list(errors.items()) + list(err.messages.items()))
# return any errors
if errors:
return jsonify({"error": errors}), 400
# save user
user.username = data['username'].lower().strip()
user.email = data['email'].lower().strip()
# save user profile
if user_profile:
user_profile.first_name = data['first_name'].strip()
user_profile.last_name = data['last_name'].strip()
else:
user_profile = UserProfile(user_id=user.id,
first_name=data['first_name'].strip(),
last_name=data['last_name'].strip(),
joined_at=datetime.now(),
status=UserProfile.STATUS_ENABLED,
status_changed_at=datetime.now())
db.session.add(user_profile)
db.session.commit()
# prep output
output = {
'id': user.id,
'username': user.username,
'email': user.email,
'password_changed_at': user.password_changed_at,
'is_verified': user.is_verified,
'first_name': user_profile.first_name if user_profile else None,
'last_name': user_profile.last_name if user_profile else None,
'joined_at': user_profile.joined_at if user_profile else None,
}
# response
return jsonify({'user_account': UserAccountSchema().dump(output)}), 200
