def delete(self, id): dbm = access.DBMan(LOST_CONFIG) identity = get_jwt_identity() user = dbm.get_user_by_id(identity) if not user.has_role(roles.DESIGNER): dbm.close_session() return "You are not authorized.", 401 requesteduser = dbm.get_user_by_id(id) if requesteduser.idx == user.idx: dbm.close_session() return "You are not able to delete yourself", 400 if requesteduser: for g in requesteduser.groups: if g.is_user_default: dbm.delete(g) dbm.commit() dbm.delete(requesteduser) dbm.commit() dbm.close_session() return 'success', 200 else: dbm.close_session() return "User with ID '{}' not found.".format(id), 400
def post(self): dbm = access.DBMan(LOST_CONFIG) identity = get_jwt_identity() user = dbm.get_user_by_id(identity) if not user.has_role(roles.ADMINISTRATOR): dbm.close_session() return "You are not authorized.", 401 # get data from parser data = create_user_parser.parse_args() # find user in database user = None if 'email' in data: user = dbm.find_user_by_email(data['email']) if not user and 'user_name' in data: user = dbm.find_user_by_user_name(data['user_name']) if user: return {'message': 'User already exists.'}, 401 else: user = DBUser( user_name=data['user_name'], email=data['email'], email_confirmed_at=datetime.datetime.utcnow(), password=data['password'], ) anno_role = dbm.get_role_by_name(roles.ANNOTATOR) user.roles.append(anno_role) user.groups.append(Group(name=user.user_name, is_user_default=True)) if data['roles']: for role_name in data['roles']: if role_name == 'Administrator': designer_role = dbm.get_role_by_name( roles.ADMINISTRATOR) user.roles.append(designer_role) if role_name == 'Designer': designer_role = dbm.get_role_by_name(roles.DESIGNER) user.roles.append(designer_role) if data['groups']: for group_name in data['groups']: group = dbm.get_group_by_name(group_name) if group: user.groups.append(group) dbm.save_obj(user) try: email.send_new_user(user, data['password']) except: pass dbm.close_session() return {'message': 'success'}, 200
def patch(self, id): args = update_user_parser.parse_args() dbm = access.DBMan(LOST_CONFIG) identity = get_jwt_identity() user = dbm.get_user_by_id(identity) if not user.has_role(roles.ADMINISTRATOR): dbm.close_session() return "You are not authorized.", 401 requesteduser = dbm.get_user_by_id(id) if requesteduser: if not requesteduser.is_external: requesteduser.email = args.get('email') requesteduser.first_name = args.get('first_name') requesteduser.last_name = args.get('last_name') if roles.ADMINISTRATOR not in args.get('roles'): for user_role in dbm.get_user_roles_by_user_id(id): if user_role.role.name == roles.ADMINISTRATOR and requesteduser.user_name != 'admin': dbm.delete(user_role) dbm.commit() if args.get('roles'): for role_name in args.get('roles'): if role_name == 'Designer': designer_role = dbm.get_role_by_name(roles.DESIGNER) requesteduser.roles.append(designer_role) if role_name == 'Administrator': admin_role = dbm.get_role_by_name(roles.ADMINISTRATOR) requesteduser.roles.append(admin_role) for user_group in dbm.get_user_groups_by_user_id(id): if user_group.group.is_user_default: continue dbm.delete(user_group) dbm.commit() if args.get('groups'): for group_name in args.get('groups'): group = dbm.get_group_by_name(group_name) if group: requesteduser.groups.append(group) if args.get('password') and not requesteduser.is_external: print(args.get('password')) requesteduser.set_password(args.get('password')) dbm.save_obj(requesteduser) dbm.close_session() return 'success', 200 else: dbm.close_session() return "User with ID '{}' not found.".format(id), 400
def get(self, id): dbm = access.DBMan(LOST_CONFIG) identity = get_jwt_identity() user = dbm.get_user_by_id(identity) if not user.has_role(roles.DESIGNER): dbm.close_session() return "You are not authorized.", 401 requesteduser = dbm.get_user_by_id(id) dbm.close_session() if requesteduser: return requesteduser else: return "User with ID '{}' not found.".format(id)
def get(self): dbm = access.DBMan(LOST_CONFIG) identity = get_jwt_identity() user = dbm.get_user_by_id(identity) if not user.has_role(roles.DESIGNER): dbm.close_session() return "You are not authorized.", 401 else: users = dbm.get_users() for us in users: for g in us.groups: if g.is_user_default: us.groups.remove(g) dbm.close_session() ulist = {'users':users} return ulist
def post(self): dbm = access.DBMan(LOST_CONFIG) identity = get_jwt_identity() user = dbm.get_user_by_id(identity) if not user.has_role(roles.DESIGNER): dbm.close_session() return "You are not authorized.", 401 # get data from parser data = create_user_parser.parse_args() # find user in database user = None if 'email' in data: user = dbm.find_user_by_email(data['email']) if not user and 'user_name' in data: user = dbm.find_user_by_user_name(data['user_name']) if user: return {'message': 'User already exists.'}, 401 else: # ################# Hangar ############# path = Path('/home/lost/') / str(identity) path.mkdir(exist_ok=True) repo = hangar.Repository(path) if not repo.initialized: uname = '{}_{}'.format(identity, data['user_name']) email = data['email'] if data[ 'email'] else '*****@*****.**' repo.init(user_name=uname, user_email=email) co = repo.checkout(write=True) co.add_str_column('paths') co.add_ndarray_column('annotations', contains_subsamples=True, dtype=np.float64, variable_shape=True, shape=(200, 2)) co.commit('Added columns') co.close() # ###################################### user = DBUser( user_name=data['user_name'], email=data['email'], email_confirmed_at=datetime.datetime.utcnow(), password=data['password'], ) anno_role = dbm.get_role_by_name(roles.ANNOTATOR) user.roles.append(anno_role) user.groups.append(Group(name=user.user_name, is_user_default=True)) if data['roles']: for role_name in data['roles']: if role_name == 'Designer': designer_role = dbm.get_role_by_name(roles.DESIGNER) user.roles.append(designer_role) if data['groups']: for group_name in data['groups']: group = dbm.get_group_by_name(group_name) if group: user.groups.append(group) dbm.save_obj(user) try: email.send_new_user(user, data['password']) except: pass dbm.close_session() return {'message': 'success'}, 200