def get(self, uuid):
# Try to find user
try:
uuid = UUID(uuid)
except ValueError:
return self.incorrect_uuid(uuid), 404
user = User.find_by_uuid(uuid)
# If user is requesting details for another user
user_claims = self.user_claims_schema.load(get_jwt_claims())
if user_claims.is_client() and user.uuid != UUID(get_jwt_identity()):
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(
details={'uuid': f'Access to that resource is forbidden'},
error='User not found'))
log.info(f'User not found: {error_response}')
return error_response, 403
# If there is no user with given id
if not user:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(
details={'uuid': f'User with {uuid} uuid does not exist'},
error='User not found'))
log.info(f'User not found: {error_response}')
return error_response, 404
# Return user
return self.user_schema.dump(user), 200
def get(self):
# Get optional page number
try:
filter_params = {
'per_page':
request.args.get('per_page', default=10, type=int),
'page':
request.args.get('page', default=1, type=int),
'from':
request.args.get('from', default=None, type=toDate),
'to':
request.args.get('to', default=None, type=toDate),
'sort':
request.args.get('sort',
default=OrderType.DESCENDING,
type=OrderType),
'query':
request.args.get('query', default='', type=str)
}
except ValueError:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(details={'page': 'Page should be number'},
error='validation errors'))
log.info(f'Invalid page query argument: {error_response}')
return error_response, 400
# Find all articles on that page
articles = Article.find_all_articles(filter_params)
# Map articles to schema
return self.paginated_articles_schema.dump(articles), 200
def post(self):
# Map request body to user model
try:
user = self.user_schema.load(api.payload)
except ValidationError as err:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(details=err.messages, error='validation errors'))
log.info(
f'Validation errors during user creation: {error_response}')
return error_response, 400
# Check if user with same email already exists
if User.find_by_email(user.email) is not None:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(details={
'user': ['User with provided email already exists']
},
error='duplicate email'))
log.info(f'trying to create user with existing email {user.email}')
return error_response, 400
# If caller was ADMIN create ADMIN if caller was CLIENT create CLIENT
user_claims = self.user_claims_schema.load(get_jwt_claims())
if user_claims.is_admin():
user.add_to_role(RoleTypes.ADMIN)
else:
user.add_to_role(RoleTypes.CLIENT)
# Send confirmation mail that user was created
if app.config['REQUIRE_MAIL_CONFIRMATION']:
send_confirmation_token(user.email)
else:
user.confirm_account()
# Save model to DB
user.commit()
# Map saved user to response body
log.info(f'Sucessfuly created new user')
return self.user_schema.dump(user), 201
def put(self, uuid):
# Map input data
try:
user_update_schema = UpdateUserSchema()
update_info = user_update_schema.load(api.payload)
except ValidationError as err:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(details=err.messages, error='validation errors'))
log.info(f'Validation errors during user update: {error_response}')
return error_response, 400
# Try to find user
try:
uuid = UUID(uuid)
except ValueError:
return self.incorrect_uuid(uuid), 404
user = User.find_by_uuid(uuid)
# If there is no user with given id
if not user:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(
details={'uuid': f'User with {uuid} uuid does not exist'},
error='User not found'))
log.info(f'User not found: {error_response}')
return error_response, 404
# update user properties
for key, value in update_info.items():
setattr(user, key, value)
user.commit()
# return updated user
return self.user_schema.dump(user), 200
def get(self):
# Get optional page number
try:
page = int(request.args.get('page'))
except ValueError:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(details={'page': 'Page should be number'},
error='validation errors'))
log.info(f'Invalid page query argument: {error_response}')
return error_response, 400
# Find all users on that page
users = User.find_all_users(page or 1, 20)
# Map users to schema
paginated_user_schema = PaginatedUserSchema()
return paginated_user_schema.dump(users), 200
def delete(self, uuid):
# Try to find user
try:
uuid = UUID(uuid)
except ValueError:
return self.incorrect_uuid(uuid), 404
user = User.find_by_uuid(uuid)
# If there is no user with given id
if not user:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(
details={'uuid': f'User with {uuid} uuid does not exist'},
error='User not found'))
log.info(f'User not found: {error_response}')
return error_response, 404
# delete user
user.remove()
return '', 204
def get(self):
# Get identity of user from refresh token
current_user_uuid = get_jwt_identity()
# Try to find user in db
user = User.find_by_uuid(UUID(current_user_uuid))
if not user:
error_schema = ErrorResponseSchema()
error_response = error_schema.dump(
ErrorResponse(
details={'user': ['There is no user with given email']},
error='not existing user'))
log.warn(f'Non existing user {current_user_uuid}' +
f' trying to refresh token: {error_response}')
return error_response, 404
# Generate new access token with user
token = TokenDto(create_access_token(identity=user))
# Return only access token
token_schema = TokenSchema(only=['access_token'])
log.info(f'Access token refresh successful')
return token_schema.dump(token), 200