def get(self, public_id):
User.abort_if_not_admin()
# Get one user
user = User.query.filter_by(public_id=public_id).first()
if not user:
api.abort(404, "User not found")
return user
def put(self, public_id):
# Promote one user
User.abort_if_not_admin()
user = User.query.filter_by(public_id=public_id).first()
if not user:
api.abort(404, "User not found")
if user.admin:
api.abort(400, "User is already an admin")
user.admin = True
db.session.commit()
return user
def delete(self, public_id):
# Delete one user
current_user = get_jwt_identity()
User.abort_if_not_admin(current_user=current_user)
user = User.query.filter_by(public_id=public_id).first()
if not user:
api.abort(404, "User not found")
if user.name == current_user["name"]:
api.abort(400, "Cannot delete your own user")
db.session.delete(user)
db.session.commit()
return user
def get(self):
User.abort_if_not_admin()
# Get all users
users = User.query.all()
return users