def decorated_function(*args, **kwargs):
# Are you logged in?
if g.user_id == None:
raise AppError(message="You are not logged in.", status_code=401)
# Are you an admin?
u = User.filter(User.id == g.user_id).first()
if not u.is_admin:
raise AppError(message='You are not an Administrator.',
status_code=403)
# Else user is an admin and logged in so just execute.
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if not request.headers.get('Authorization'):
raise AppError(message="Missing Authorizaiton Header",
status_code=401)
try:
payload = parse_token(request)
except jwt.DecodeError as e:
raise AppError(message="Token is invalid", status_code=401)
except jwt.ExpiredSignature as e:
raise AppError(message="Token has expired.", status_code=401)
g.user = User.get_by_username_or_id(payload['sub'])
return f(*args, **kwargs)
def from_json(jsn):
parent_field = Field.query.filter_by(name=jsn.get("name", ""))
if parent_field == None:
raise AppError(status_code=404, message="No field with that name")
fv = FieldValue(name=jsn.get("name"), value=jsn.get("value"))
fv.set_value()
return fv
def project_index(team_slug):
t = Team.query.\
join(Team.projects).\
filter(Team.url_slug == team_slug).\
first()
if t == None:
raise AppError(status_code=404, message="Team not found.")
return jsonify([ p.to_json() for p in t.projects ])
def project_update(team_slug, pkey):
p = Project.get_by_key(team_slug, pkey)
if g.user.id == p.project_lead_id or g.user.is_admin:
p.update(request.get_json())
db.session.add(p)
db.session.commit()
return jsonify(message="Project successfully updated.")
raise AppError(status_code=403,
message="You are not permitted to perform that action")
def get_by_username_or_id(param):
try:
i = int(param)
u = User.query.filter(User.id == i).first()
except:
u = User.query.filter_by(username=param).first()
if u == None:
raise AppError(status_code=404, message="User not found.")
return u
def validate_value(self):
if ((self.field.data_type == DataTypes.INTEGER
and type(self.value) is not int)
or (self.field.data_type == DataTypes.FLOAT
and type(self.value) is not float)
or (self.field.data_type == DataTypes.TEXT
and type(self.value) is not str)
or (self.field.data_type == DataTypes.STRING
and type(self.value) is not str)):
raise AppError(status_code=400,
message='Invalid type for the field: ' + self.name)
def set_value(self):
self.validate_value()
if self.field.data_type == DataTypes.INTEGER:
self.integer_value = self.value
elif self.field.data_type == DataTypes.FLOAT:
self.float_value = self.value
elif self.field.data_type == DataTypes.TEXT:
self.text_value = self.value
elif self.field.data_type == DataTypes.STRING:
self.string_value = self.value
else:
raise AppError(status_code=500,
message='Uknown error setting field value')