def kick(self, id):
try:
id = int(id)
except (ValueError, TypeError):
raise HTTPNotFound()
room = DBSession.query(Room).filter(Room.id == id).one_or_none()
if room is None:
raise HTTPNotFound()
member_id = context.form.get('memberId')
member = DBSession.query(Member) \
.filter(Member.reference_id == member_id).one_or_none()
if member is None:
raise HTTPStatus('611 Member Not Found')
is_member = DBSession.query(Member) \
.filter(
TargetMember.target_id == id,
TargetMember.member_id == member.id
) \
.count()
if not is_member:
raise HTTPStatus('617 Not A Member')
DBSession.query(TargetMember) \
.filter(
TargetMember.target_id == id,
TargetMember.member_id == member.id
) \
.delete()
return room
def update(self, id):
id = int_or_notfound(id)
user_name = context.form.get('userName')
email = context.form.get('email')
member = DBSession.query(Member) \
.filter(Member.id == id) \
.one_or_none()
if member is None:
raise HTTPNotFound()
username_exists = DBSession.query(Member) \
.filter(Member.user_name == user_name) \
.filter(Member.id != id) \
.one_or_none()
if username_exists:
raise StatusRepetitiveUsername()
email_exist = DBSession.query(Member) \
.filter(Member.email == email) \
.filter(Member.id != id) \
.one_or_none()
if email_exist:
raise StatusRepetitiveEmail()
member.update_from_request()
return member
def register(self):
email = context.form.get('email')
password = context.form.get('password')
name = context.form.get('name')
family = context.form.get('family')
description = context.form.get('description')
role = 'member'
member = DBSession.query(Member) \
.filter(Member.email == email) \
.one_or_none()
if DBSession.query(Member.email).filter(Member.email == email).count():
raise HTTPStatus('601 Email Address Is Already Registered')
member = Member(
email=email,
name=name,
password=password,
family=family,
description=description,
role=role,
)
DBSession.add(member)
return member
def test_approve_required_mixin(self):
# noinspection PyArgumentList
object1 = ApproveRequiredObject(
title='object 1',
)
DBSession.add(object1)
DBSession.commit()
self.assertFalse(object1.is_approved)
self.assertEqual(DBSession.query(ApproveRequiredObject).filter(ApproveRequiredObject.is_approved).count(), 0)
object1.is_approved = True
self.assertTrue(object1.is_approved)
DBSession.commit()
object1 = DBSession.query(ApproveRequiredObject).one()
self.assertTrue(object1.is_approved)
json = object1.to_dict()
self.assertIn('isApproved', json)
self.assertEqual(DBSession.query(ApproveRequiredObject).filter(ApproveRequiredObject.is_approved).count(), 1)
self.assertEqual(ApproveRequiredObject.filter_approved().count(), 1)
self.assertFalse(ApproveRequiredObject.import_value(ApproveRequiredObject.is_approved, 'false'))
self.assertFalse(ApproveRequiredObject.import_value(ApproveRequiredObject.is_approved, 'FALSE'))
self.assertFalse(ApproveRequiredObject.import_value(ApproveRequiredObject.is_approved, 'False'))
self.assertTrue(ApproveRequiredObject.import_value(ApproveRequiredObject.is_approved, 'true'))
self.assertTrue(ApproveRequiredObject.import_value(ApproveRequiredObject.is_approved, 'TRUE'))
self.assertTrue(ApproveRequiredObject.import_value(ApproveRequiredObject.is_approved, 'True'))
self.assertEqual(ApproveRequiredObject.import_value(ApproveRequiredObject.title, 'title'), 'title')
def see(self, id):
id = int_or_notfound(id)
member = Member.current()
message = DBSession.query(Message).get(id)
if message is None:
raise HTTPNotFound()
if message.sender_id == member.id:
raise HTTPStatus('621 Can Not See Own Message')
member_message_seen = DBSession.query(MemberMessageSeen) \
.filter(MemberMessageSeen.member_id == member.id) \
.filter(MemberMessageSeen.message_id == message.id) \
.one_or_none()
if member_message_seen is not None:
raise HTTPStatus('619 Message Already Seen')
query = DBSession.query(Message) \
.filter(Message.target_id == message.target_id) \
.filter(Message.created_at <= message.created_at) \
.filter(Message.seen_at == None) \
.filter(Message.sender_id != member.id) \
query = Message.filter_by_request(query)
for m in query:
m.seen_by.append(member)
seen_message = message.to_dict()
seen_message.update({'type': 'seen'})
queues.push(settings.messaging.workers_queue, seen_message)
return message
def subscribe(self):
member = Member.current()
query = DBSession.query(Room)
requested_rooms = Target.filter_by_request(query).all()
if len(requested_rooms) >= settings.room.subscription.max_length:
raise HTTPStatus(
f'716 Maximum {settings.room.subscription.max_length} Rooms '
f'To Subscribe At A Time')
requested_rooms_id = {i.id for i in requested_rooms}
subscribed_rooms = DBSession.query(TargetMember) \
.filter(TargetMember.member_id == member.id) \
.join(Target, Target.id == TargetMember.target_id) \
.filter(Target.type == 'room') \
.all()
subscribed_rooms_id = {i.target_id for i in subscribed_rooms}
not_subscribed_rooms_id = requested_rooms_id - subscribed_rooms_id
flush_counter = 0
for each_room_id in not_subscribed_rooms_id:
flush_counter += 1
target_member = TargetMember(target_id=each_room_id,
member_id=member.id)
DBSession.add(target_member)
if flush_counter % 10 == 0:
DBSession.flush()
not_subscribed_rooms = DBSession.query(Target) \
.filter(Target.id.in_(not_subscribed_rooms_id))
return not_subscribed_rooms
def test_modified_mixin(self):
# noinspection PyArgumentList
instance = ModificationCheckingModel(
title='test title',
)
DBSession.add(instance)
DBSession.commit()
self.assertIsNone(instance.modified_at)
self.assertIsNotNone(instance.created_at)
self.assertEqual(instance.last_modification_time, instance.created_at)
instance = DBSession.query(ModificationCheckingModel).one()
self.assertIsNone(instance.modified_at)
self.assertIsNotNone(instance.created_at)
self.assertEqual(instance.last_modification_time, instance.created_at)
instance.title = 'Edited title'
DBSession.commit()
self.assertIsNotNone(instance.modified_at)
self.assertIsNotNone(instance.created_at)
self.assertEqual(instance.last_modification_time, instance.modified_at)
instance = DBSession.query(ModificationCheckingModel).one()
self.assertIsNotNone(instance.modified_at)
self.assertIsNotNone(instance.created_at)
self.assertEqual(instance.last_modification_time, instance.modified_at)
def info(self):
from sharedlists import __version__ as appversion
users = DBSession.query(User).count()
lists = DBSession.query(Item.ownerid, Item.list) \
.group_by(Item.ownerid, Item.list).count()
result = [
f'Shared Lists v{appversion}',
f'Total Lists: {lists}',
f'Total Users: {users}',
]
me = context.identity.id
mylists = DBSession.query(Item.ownerid, Item.list) \
.filter(Item.ownerid == me) \
.group_by(Item.ownerid, Item.list) \
.count()
myitems = DBSession.query(Item.ownerid, Item.list) \
.filter(Item.ownerid == me) \
.count()
result.append(f'My Lists: {mylists}')
result.append(f'My Items: {myitems}')
result.append('')
return CR.join(result)
def list(self):
current_user = DBSession.query(Member) \
.filter(Member.reference_id == context.identity.reference_id) \
.one()
query = DBSession.query(Room)
if not context.identity.is_in_roles('admin'):
query = query.filter(Room.owner_id == current_user.id)
return query
def list(self):
current_member = DBSession.query(Member) \
.filter(Member.reference_id == context.identity.reference_id) \
.one()
query = DBSession.query(Member) \
.filter(
MemberContact.member_id == current_member.id,
MemberContact.contact_member_id == Member.id
)
return query
def is_member(self, target_id):
return DBSession.query(Member).join(TargetMember) \
.filter(
TargetMember.target_id == target_id,
TargetMember.member_id == self.id
) \
.count()
def claim(self):
email = context.form.get('email')
email_pattern = r'(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)'
if not email:
raise HTTPBadRequest()
if not re.match(email_pattern, email):
raise HTTPStatus('701 Invalid email format.')
if DBSession.query(Member.email).filter(Member.email == email).count():
raise HTTPStatus(
'601 The requested email address is already registered.')
# FIXME: Token should be put in payload
serializer = \
itsdangerous.URLSafeTimedSerializer(settings.activation.secret)
token = serializer.dumps(email)
DBSession.add(
ActivationEmail(to=email,
subject='Activate your NueMD Coder account',
body={
'activation_token': token,
'activation_url': settings.activation.url
}))
return dict(email=email)
def get(self, id):
int_or_notfound(id)
business = DBSession.query(Business), get(id)
if business is None:
HTTPNotFound()
return business
def get(self, id):
id = int_or_notfound(id)
member = DBSession.query(Member).get(id)
if member is None:
raise HTTPNotFound()
return member
def verify_token(self, encoded_token):
principal = CASPrincipal.load(encoded_token)
member = DBSession.query(Member) \
.filter(Member.reference_id == principal.reference_id) \
.one_or_none()
if not member and not 'HTTP_X_OAUTH2_ACCESS_TOKEN' in context.environ:
raise HTTPBadRequest()
access_token = context.environ['HTTP_X_OAUTH2_ACCESS_TOKEN'] \
if 'HTTP_X_OAUTH2_ACCESS_TOKEN' in context.environ \
else member.access_token
cas_member = CASClient().get_member(access_token)
if cas_member['email'] != principal.email:
raise HTTPBadRequest()
if member:
if member.title != cas_member['title']:
member.title = cas_member['title']
if member.first_name != cas_member['firstName']:
member.first_name = cas_member['firstName']
if member.avatar != cas_member['avatar']:
member.avatar = cas_member['avatar']
if member.last_name != cas_member['lastName']:
member.last_name = cas_member['lastName']
DBSession.commit()
return principal
def _get_items(cls, listtitle):
query = DBSession.query(Item) \
.filter(Item.ownerid == context.identity.id) \
.filter(Item.list == listtitle) \
.order_by(Item.id)
return [f'{i.title}{CR}' for i in query]
def safe_member_lookup(condition):
member = DBSession.query(Member).filter(condition).one_or_none()
if member is None:
raise HTTPStatus('603 Incorrect Email Or Password')
return member
def safe_member_lookup(condition):
query = DBSession.query(Member)
member = Member.exclude_deleted(query).filter(condition).one_or_none()
if member is None:
raise HTTPBadRequest()
return member
def get(self, id):
id = int_or_notfound(id)
card = DBSession.query(Card).get(id)
if not member:
raise HTTPNotFound()
return card
def update(self, id):
id = int_or_notfound(id)
member = DBSession.query(Member).get(id)
if member is None:
raise HTTPNotFound()
member.update_from_request()
return member
def create(self):
member_username_check = DBSession.query(Member) \
.filter(Member.user_name == context.form.get('userName')) \
.one_or_none()
if member_username_check is not None:
raise StatusRepetitiveUsername()
member_email_check = DBSession.query(Member) \
.filter(Member.email == context.form.get('email')) \
.one_or_none()
if member_email_check is not None:
raise StatusRepetitiveEmail()
member = Member()
member.update_from_request()
DBSession.add(member)
return member
def to_dict(self):
result = super().to_dict()
first_message = DBSession.query(TicketMessage) \
.filter(TicketMessage.ticket_id == self.id) \
.order_by(TicketMessage.created_at) \
.first()
result['firstMessage'] = first_message.to_dict() if (first_message is not None) else None
return result
def _get_member(self, id):
id = int_or_notfound(id)
member = DBSession.query(Member).filter(Member.id == id).one_or_none()
if member is None:
raise HTTPNotFound()
return member
def unregister(self, id):
id = int_or_notfound(id)
member = DBSession.query(Member).get(id)
if member is None:
raise HTTPNotFound()
DBSession.delete(member)
return member
def list(self):
query = DBSession.query(Target) \
.join(TargetMember) \
.filter(
Target.id == TargetMember.target_id,
TargetMember.member_id == context.identity.id
)
return query
def _get_current_user(cls):
if not hasattr(context, 'identity') or context.identity is None:
return None
principal = context.identity
return DBSession.query(User) \
.filter(User.id == principal.payload.get('id')) \
.one_or_none()
def create(self):
user_id = context.form.get('userId')
destination = DBSession.query(Member) \
.filter(Member.id == user_id).one_or_none()
if destination is None:
raise HTTPStatus('611 Member Not Found')
current_user = DBSession.query(Member) \
.filter(Member.reference_id == context.identity.reference_id) \
.one()
is_blocked = DBSession.query(member_block) \
.filter(or_(
and_(
member_block.c.member_id == user_id,
member_block.c.blocked_member_id == current_user.id
),
and_(
member_block.c.member_id == current_user.id,
member_block.c.blocked_member_id == user_id
)
)) \
.count()
if is_blocked:
raise HTTPStatus(
'613 Not Allowed To Create Direct With This Member')
source = Member.current()
cte = select([
TargetMember.target_id.label('direct_id'),
func.array_agg(aggregate_order_by(TargetMember.member_id,
TargetMember.member_id),
type_=ARRAY(Integer)).label('members')
]).group_by(TargetMember.target_id).cte()
direct = DBSession.query(Direct) \
.join(cte, cte.c.direct_id == Direct.id) \
.filter(cte.c.members == sorted([source.id, user_id])) \
.one_or_none()
if direct:
return direct
direct = Direct(members=[source, destination])
return direct
def reset(self):
password = context.form.get('password')
reset_password_token = context.form.get('resetPasswordToken')
reset_password_token_payload = \
ResetPasswordToken.load(reset_password_token)
email = reset_password_token_payload['email']
member = DBSession.query(Member).filter(Member.email == email).one()
member.password = password
return {}
def create(self):
title = context.form.get('title')
if DBSession.query(Person).filter(Person.title == title).count():
raise HTTPStatus('600 Already person has existed')
person = Person(title=context.form.get('title'))
DBSession.add(person)
return person
def get(self, title: str):
person = DBSession.query(Person) \
.filter(Person.title == title) \
.one_or_none()
if person is None:
raise HTTPNotFound()
return person
