示例#1
0
    def get(self, uuid):
        # Try to find user
        try:
            uuid = UUID(uuid)
        except ValueError:
            return self.incorrect_uuid(uuid), 404

        user = User.find_by_uuid(uuid)

        # If user is requesting details for another user
        user_claims = self.user_claims_schema.load(get_jwt_claims())
        if user_claims.is_client() and user.uuid != UUID(get_jwt_identity()):
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(
                    details={'uuid': f'Access to that resource is forbidden'},
                    error='User not found'))
            log.info(f'User not found: {error_response}')
            return error_response, 403

        # If there is no user with given id
        if not user:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(
                    details={'uuid': f'User with {uuid} uuid does not exist'},
                    error='User not found'))
            log.info(f'User not found: {error_response}')
            return error_response, 404

        # Return user
        return self.user_schema.dump(user), 200
示例#2
0
    def get(self):
        # Get optional page number
        try:
            filter_params = {
                'per_page':
                request.args.get('per_page', default=10, type=int),
                'page':
                request.args.get('page', default=1, type=int),
                'from':
                request.args.get('from', default=None, type=toDate),
                'to':
                request.args.get('to', default=None, type=toDate),
                'sort':
                request.args.get('sort',
                                 default=OrderType.DESCENDING,
                                 type=OrderType),
                'query':
                request.args.get('query', default='', type=str)
            }
        except ValueError:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(details={'page': 'Page should be number'},
                              error='validation errors'))
            log.info(f'Invalid page query argument: {error_response}')
            return error_response, 400

        # Find all articles on that page
        articles = Article.find_all_articles(filter_params)

        # Map articles to schema
        return self.paginated_articles_schema.dump(articles), 200
示例#3
0
    def post(self):
        # Map request body to user model
        try:
            user = self.user_schema.load(api.payload)
        except ValidationError as err:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(details=err.messages, error='validation errors'))
            log.info(
                f'Validation errors during user creation: {error_response}')
            return error_response, 400

        # Check if user with same email already exists
        if User.find_by_email(user.email) is not None:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(details={
                    'user': ['User with provided email already exists']
                },
                              error='duplicate email'))
            log.info(f'trying to create user with existing email {user.email}')
            return error_response, 400

        # If caller was ADMIN create ADMIN if caller was CLIENT create CLIENT
        user_claims = self.user_claims_schema.load(get_jwt_claims())
        if user_claims.is_admin():
            user.add_to_role(RoleTypes.ADMIN)
        else:
            user.add_to_role(RoleTypes.CLIENT)

        # Send confirmation mail that user was created
        if app.config['REQUIRE_MAIL_CONFIRMATION']:
            send_confirmation_token(user.email)
        else:
            user.confirm_account()

        # Save model to DB
        user.commit()

        # Map saved user to response body
        log.info(f'Sucessfuly created new user')
        return self.user_schema.dump(user), 201
示例#4
0
    def put(self, uuid):
        # Map input data
        try:
            user_update_schema = UpdateUserSchema()
            update_info = user_update_schema.load(api.payload)
        except ValidationError as err:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(details=err.messages, error='validation errors'))
            log.info(f'Validation errors during user update: {error_response}')
            return error_response, 400

        # Try to find user
        try:
            uuid = UUID(uuid)
        except ValueError:
            return self.incorrect_uuid(uuid), 404

        user = User.find_by_uuid(uuid)

        # If there is no user with given id
        if not user:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(
                    details={'uuid': f'User with {uuid} uuid does not exist'},
                    error='User not found'))
            log.info(f'User not found: {error_response}')
            return error_response, 404

        # update user properties
        for key, value in update_info.items():
            setattr(user, key, value)
        user.commit()

        # return updated user
        return self.user_schema.dump(user), 200
示例#5
0
    def get(self):

        # Get optional page number
        try:
            page = int(request.args.get('page'))
        except ValueError:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(details={'page': 'Page should be number'},
                              error='validation errors'))
            log.info(f'Invalid page query argument: {error_response}')
            return error_response, 400

        # Find all users on that page
        users = User.find_all_users(page or 1, 20)

        # Map users to schema
        paginated_user_schema = PaginatedUserSchema()
        return paginated_user_schema.dump(users), 200
示例#6
0
    def delete(self, uuid):
        # Try to find user
        try:
            uuid = UUID(uuid)
        except ValueError:
            return self.incorrect_uuid(uuid), 404

        user = User.find_by_uuid(uuid)

        # If there is no user with given id
        if not user:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(
                    details={'uuid': f'User with {uuid} uuid does not exist'},
                    error='User not found'))
            log.info(f'User not found: {error_response}')
            return error_response, 404

        # delete user
        user.remove()

        return '', 204
示例#7
0
    def get(self):
        # Get identity of user from refresh token
        current_user_uuid = get_jwt_identity()

        # Try to find user in db
        user = User.find_by_uuid(UUID(current_user_uuid))
        if not user:
            error_schema = ErrorResponseSchema()
            error_response = error_schema.dump(
                ErrorResponse(
                    details={'user': ['There is no user with given email']},
                    error='not existing user'))
            log.warn(f'Non existing user {current_user_uuid}' +
                     f' trying to refresh token: {error_response}')
            return error_response, 404

        # Generate new access token with user
        token = TokenDto(create_access_token(identity=user))

        # Return only access token
        token_schema = TokenSchema(only=['access_token'])
        log.info(f'Access token refresh successful')
        return token_schema.dump(token), 200