示例#1
0
    def delete(self, id):
        dbm = access.DBMan(LOST_CONFIG)
        identity = get_jwt_identity()
        user = dbm.get_user_by_id(identity)
        if not user.has_role(roles.DESIGNER):
            dbm.close_session()
            return "You are not authorized.", 401

        requesteduser = dbm.get_user_by_id(id)
        
        if requesteduser.idx == user.idx:
            dbm.close_session()
            return "You are not able to delete yourself", 400

        if requesteduser:
            for g in requesteduser.groups:
                    if g.is_user_default:
                        dbm.delete(g)
                        dbm.commit()
            dbm.delete(requesteduser) 
            dbm.commit()
            dbm.close_session()
            return 'success', 200 
        else:
            dbm.close_session()
            return "User with ID '{}' not found.".format(id), 400
示例#2
0
文件: endpoint.py 项目: l3p-cv/lost
    def post(self):
        dbm = access.DBMan(LOST_CONFIG)
        identity = get_jwt_identity()
        user = dbm.get_user_by_id(identity)
        if not user.has_role(roles.ADMINISTRATOR):
            dbm.close_session()
            return "You are not authorized.", 401
        # get data from parser
        data = create_user_parser.parse_args()
        # find user in database
        user = None
        if 'email' in data:
            user = dbm.find_user_by_email(data['email'])
        if not user and 'user_name' in data:
            user = dbm.find_user_by_user_name(data['user_name'])

        if user:
            return {'message': 'User already exists.'}, 401
        else:
            user = DBUser(
                user_name=data['user_name'],
                email=data['email'],
                email_confirmed_at=datetime.datetime.utcnow(),
                password=data['password'],
            )
            anno_role = dbm.get_role_by_name(roles.ANNOTATOR)
            user.roles.append(anno_role)
            user.groups.append(Group(name=user.user_name,
                                     is_user_default=True))

            if data['roles']:
                for role_name in data['roles']:
                    if role_name == 'Administrator':
                        designer_role = dbm.get_role_by_name(
                            roles.ADMINISTRATOR)
                        user.roles.append(designer_role)
                    if role_name == 'Designer':
                        designer_role = dbm.get_role_by_name(roles.DESIGNER)
                        user.roles.append(designer_role)

            if data['groups']:
                for group_name in data['groups']:
                    group = dbm.get_group_by_name(group_name)
                    if group:
                        user.groups.append(group)
            dbm.save_obj(user)
            try:
                email.send_new_user(user, data['password'])
            except:
                pass
            dbm.close_session()
            return {'message': 'success'}, 200
示例#3
0
文件: endpoint.py 项目: l3p-cv/lost
    def patch(self, id):
        args = update_user_parser.parse_args()
        dbm = access.DBMan(LOST_CONFIG)
        identity = get_jwt_identity()
        user = dbm.get_user_by_id(identity)
        if not user.has_role(roles.ADMINISTRATOR):
            dbm.close_session()
            return "You are not authorized.", 401

        requesteduser = dbm.get_user_by_id(id)

        if requesteduser:
            if not requesteduser.is_external:
                requesteduser.email = args.get('email')
                requesteduser.first_name = args.get('first_name')
                requesteduser.last_name = args.get('last_name')

            if roles.ADMINISTRATOR not in args.get('roles'):
                for user_role in dbm.get_user_roles_by_user_id(id):
                    if user_role.role.name == roles.ADMINISTRATOR and requesteduser.user_name != 'admin':
                        dbm.delete(user_role)
                        dbm.commit()

            if args.get('roles'):
                for role_name in args.get('roles'):
                    if role_name == 'Designer':
                        designer_role = dbm.get_role_by_name(roles.DESIGNER)
                        requesteduser.roles.append(designer_role)
                    if role_name == 'Administrator':
                        admin_role = dbm.get_role_by_name(roles.ADMINISTRATOR)
                        requesteduser.roles.append(admin_role)

            for user_group in dbm.get_user_groups_by_user_id(id):
                if user_group.group.is_user_default:
                    continue
                dbm.delete(user_group)
                dbm.commit()
            if args.get('groups'):
                for group_name in args.get('groups'):
                    group = dbm.get_group_by_name(group_name)
                    if group:
                        requesteduser.groups.append(group)
            if args.get('password') and not requesteduser.is_external:
                print(args.get('password'))
                requesteduser.set_password(args.get('password'))

            dbm.save_obj(requesteduser)
            dbm.close_session()
            return 'success', 200
        else:
            dbm.close_session()
            return "User with ID '{}' not found.".format(id), 400
示例#4
0
    def get(self, id):
        dbm = access.DBMan(LOST_CONFIG)
        identity = get_jwt_identity()
        user = dbm.get_user_by_id(identity)
        if not user.has_role(roles.DESIGNER):
            dbm.close_session()
            return "You are not authorized.", 401

        requesteduser = dbm.get_user_by_id(id)
        dbm.close_session()
        if requesteduser:
            return requesteduser
        else:
            return "User with ID '{}' not found.".format(id)
示例#5
0
 def get(self):
     dbm = access.DBMan(LOST_CONFIG)
     identity = get_jwt_identity()
     user = dbm.get_user_by_id(identity)
     if not user.has_role(roles.DESIGNER):
         dbm.close_session()
         return "You are not authorized.", 401
     else:
         users = dbm.get_users()
         for us in users:
             for g in us.groups:
                 if g.is_user_default:
                     us.groups.remove(g)
         dbm.close_session()
         ulist = {'users':users}
         return ulist 
示例#6
0
    def post(self):
        dbm = access.DBMan(LOST_CONFIG)
        identity = get_jwt_identity()
        user = dbm.get_user_by_id(identity)
        if not user.has_role(roles.DESIGNER):
            dbm.close_session()
            return "You are not authorized.", 401
        # get data from parser
        data = create_user_parser.parse_args()
        # find user in database
        user = None
        if 'email' in data:
            user = dbm.find_user_by_email(data['email'])
        if not user and 'user_name' in data:
            user = dbm.find_user_by_user_name(data['user_name'])

        if user:
            return {'message': 'User already exists.'}, 401
        else:
            # ################# Hangar #############
            path = Path('/home/lost/') / str(identity)
            path.mkdir(exist_ok=True)
            repo = hangar.Repository(path)
            if not repo.initialized:
                uname = '{}_{}'.format(identity, data['user_name'])
                email = data['email'] if data[
                    'email'] else '*****@*****.**'
                repo.init(user_name=uname, user_email=email)
                co = repo.checkout(write=True)
                co.add_str_column('paths')
                co.add_ndarray_column('annotations',
                                      contains_subsamples=True,
                                      dtype=np.float64,
                                      variable_shape=True,
                                      shape=(200, 2))
                co.commit('Added columns')
                co.close()
            # ######################################
            user = DBUser(
                user_name=data['user_name'],
                email=data['email'],
                email_confirmed_at=datetime.datetime.utcnow(),
                password=data['password'],
            )
            anno_role = dbm.get_role_by_name(roles.ANNOTATOR)
            user.roles.append(anno_role)
            user.groups.append(Group(name=user.user_name,
                                     is_user_default=True))

            if data['roles']:
                for role_name in data['roles']:
                    if role_name == 'Designer':
                        designer_role = dbm.get_role_by_name(roles.DESIGNER)
                        user.roles.append(designer_role)

            if data['groups']:
                for group_name in data['groups']:
                    group = dbm.get_group_by_name(group_name)
                    if group:
                        user.groups.append(group)
            dbm.save_obj(user)
            try:
                email.send_new_user(user, data['password'])
            except:
                pass
            dbm.close_session()
            return {'message': 'success'}, 200