pds-2021-g2-nest/nest_backend/routes/repository/alerts/alert.py

from flask import render_template, abort, jsonify, request
from nest_backend.database import *
from flask_jwt_extended import jwt_required, get_jwt_identity
from nest_backend.gestione import *
from flask_cors import cross_origin
import datetime


@cross_origin()
@jwt_required()
@repository_auth
def page_alert(aid):
    """
    ---
    get:
        summary: Get details about an alert.
        parameters:
        - in: path
          schema: AlertParameterSchema
        security:
        - jwt: []
        responses:
            '200':
                description: The details about the requested alert. The schema is incapsulated in Success.
                content:
                    application/json:
                        schema: Alert
            '404':
                description: Could not find the requested repository.
                content:
                    application/json:
                        schema: Error
            '403':
                description: The user is not authorized.
                content:
                    application/json:
                        schema: Error
            '401':
                description: The user is not logged in.
                content:
                    application/json:
                        schema: Error
        tags:
            - alert-related
    delete:
        summary: Deletes an alert.
        parameters:
        - in: path
          schema: AlertParameterSchema
        security:
        - jwt: []
        responses:
            '204':
                description: The repository has been deleted successfully.
            '404':
                description: Could not find the requested repository.
                content:
                    application/json:
                        schema: Error
            '403':
                description: The user is not authorized.
                content:
                    application/json:
                        schema: Error
            '401':
                description: The user is not logged in.
                content:
                    application/json:
                        schema: Error
            '500':
                description: Could not delete the repository.
                content:
                    application/json:
                        schema: Error
        tags:
            - alert-related
    patch:
        summary: Updates an alert and the boolops structure.
        security:
        - jwt: []
        requestBody:
            required: true
            content:
                application/json:
                    schema: Alert
        parameters:
        - in: path
          schema: AlertParameterSchema

        responses:
            '204':
                description: The alert has been updated successfully.
                content:
                    application/json:
                        schema: Alert
            '404':
                description: Could not find the requested repository.
                content:
                    application/json:
                        schema: Error
            '403':
                description: The user is not authorized.
                content:
                    application/json:
                        schema: Error
            '401':
                description: The user is not logged in.
                content:
                    application/json:
                        schema: Error
        tags:
            - alert-related
    """
    user = find_user(get_jwt_identity())
    alert = Alert.query.filter_by(id=aid).first()
    if alert.repository_id not in user.owner_of:
        return json_error("The user is not authorized."), 403
    if not alert:
        return json_error("Could not find alert."), 404
    if alert.repository not in [a.repository for a in user.authorizations] + user.owner_of:
        json_error("You are not authorized to proceed."), 403
    if request.method == "GET":
        return json_success(alert.to_json()), 200
    if alert.repository not in user.owner_of:
        json_error("You are not authorized to proceed."), 403
    if request.method == "PATCH":
        if 'name' in request.json:
            alert.name = request.json['name']
        if 'limit' in request.json:
            alert.limit = request.json['limit']
        if 'window_size' in request.json:
            alert.window_size = request.json['window_size']
        ext.session.commit()
        return json_success(alert.to_json()), 204
    elif request.method == "DELETE":
        try:
            ext.session.delete(alert)
            ext.session.commit()
        except Exception:
            return json_error("Something went wrong while deleting alert."), 500
        return json_success("Deletion completed."), 204
    elif request.method == "PUT":
        if not json_request_authorizer(request.json, alert):
            return json_error("Missing one or more parameters in repository json."), 400
        alert.limit = request.json['limit']
        alert.name = request.json['name']
        alert.window_size = request.json['window_size']
        if (mode := request.json.get("evaluation_mode")) is not None:
            try:
                alert.evaluation_mode = ConditionMode(mode)
            except KeyError:
                return json_error("Unknown `type` specified."), 400
            except Exception as e:
                return json_error("Unknown error:" + str(e)), 400
        if request.json['conditions'] is not None:
            # Possibile vulnearabilità! Un utente potrebbe aggiungere conditions non del suo repo!
            for c in request.json['conditions']:
                if c['id'] not in alert.repository.conditions:
                    return json_error("Stop! You violated the law!"), 403
            # Wow very pythonic so much wow
            # Obtain list of no longer needed connections
            to_be_deleted = [c.cid for c in alert.conditions if
                             c.cid not in [json['id'] for json in request.json['conditions']]]
            # RIP AND TEAR UNTIL ITS DONE
            for elem in to_be_deleted:
                conn = MadeOf.query.filter_by(cid=elem, aid=alert.id).first()
                if conn:
                    ext.session.delete(conn)
                    ext.session.commit()
            for c in request.json['conditions']:
                conn = MadeOf(cid=c['id'], aid=alert.id)
                ext.session.add(conn)
                ext.session.commit()
        return json_success(alert.to_json()), 200
Add alert creation 2021-05-07 17:15:14 +00:00			`from flask import render_template, abort, jsonify, request`
			`from nest_backend.database import *`
Fixes 2021-05-12 20:22:42 +00:00			`from flask_jwt_extended import jwt_required, get_jwt_identity`
Add alert creation 2021-05-07 17:15:14 +00:00			`from nest_backend.gestione import *`
			`from flask_cors import cross_origin`
			`import datetime`


			`@cross_origin()`
			`@jwt_required()`
			`@repository_auth`
Add docs 2021-05-07 17:31:57 +00:00			`def page_alert(aid):`
Add alert creation 2021-05-07 17:15:14 +00:00			`"""`
			`---`
			`get:`
Add docs 2021-05-07 17:31:57 +00:00			`summary: Get details about an alert.`
Add alert creation 2021-05-07 17:15:14 +00:00			`parameters:`
			`- in: path`
Add docs 2021-05-07 17:31:57 +00:00			`schema: AlertParameterSchema`
Add alert creation 2021-05-07 17:15:14 +00:00			`security:`
			`- jwt: []`
			`responses:`
			`'200':`
Add docs 2021-05-07 17:31:57 +00:00			`description: The details about the requested alert. The schema is incapsulated in Success.`
Add alert creation 2021-05-07 17:15:14 +00:00			`content:`
			`application/json:`
Add docs 2021-05-07 17:31:57 +00:00			`schema: Alert`
Add alert creation 2021-05-07 17:15:14 +00:00			`'404':`
			`description: Could not find the requested repository.`
			`content:`
			`application/json:`
			`schema: Error`
			`'403':`
			`description: The user is not authorized.`
			`content:`
			`application/json:`
			`schema: Error`
			`'401':`
			`description: The user is not logged in.`
			`content:`
			`application/json:`
			`schema: Error`
			`tags:`
Add docs 2021-05-07 17:31:57 +00:00			`- alert-related`
Add alert creation 2021-05-07 17:15:14 +00:00			`delete:`
Add docs 2021-05-07 17:31:57 +00:00			`summary: Deletes an alert.`
Add alert creation 2021-05-07 17:15:14 +00:00			`parameters:`
			`- in: path`
Add docs 2021-05-07 17:31:57 +00:00			`schema: AlertParameterSchema`
Add alert creation 2021-05-07 17:15:14 +00:00			`security:`
			`- jwt: []`
			`responses:`
Updated how POST works, changed http response codes 2021-05-11 17:08:14 +00:00			`'204':`
Add alert creation 2021-05-07 17:15:14 +00:00			`description: The repository has been deleted successfully.`
			`'404':`
			`description: Could not find the requested repository.`
			`content:`
			`application/json:`
			`schema: Error`
			`'403':`
			`description: The user is not authorized.`
			`content:`
			`application/json:`
			`schema: Error`
			`'401':`
			`description: The user is not logged in.`
			`content:`
			`application/json:`
			`schema: Error`
			`'500':`
			`description: Could not delete the repository.`
			`content:`
			`application/json:`
			`schema: Error`
			`tags:`
Add docs 2021-05-07 17:31:57 +00:00			`- alert-related`
Add alert creation 2021-05-07 17:15:14 +00:00			`patch:`
Add alert PUT 2021-05-10 09:00:21 +00:00			`summary: Updates an alert and the boolops structure.`
Add alert creation 2021-05-07 17:15:14 +00:00			`security:`
			`- jwt: []`
			`requestBody:`
			`required: true`
			`content:`
			`application/json:`
Add alert PUT 2021-05-10 09:00:21 +00:00			`schema: Alert`
Add alert creation 2021-05-07 17:15:14 +00:00			`parameters:`
			`- in: path`
Add docs 2021-05-07 17:31:57 +00:00			`schema: AlertParameterSchema`
Add alert creation 2021-05-07 17:15:14 +00:00
			`responses:`
Updated how POST works, changed http response codes 2021-05-11 17:08:14 +00:00			`'204':`
Add alert PUT 2021-05-10 09:00:21 +00:00			`description: The alert has been updated successfully.`
Add alert creation 2021-05-07 17:15:14 +00:00			`content:`
			`application/json:`
Add docs 2021-05-07 17:31:57 +00:00			`schema: Alert`
Add alert creation 2021-05-07 17:15:14 +00:00			`'404':`
			`description: Could not find the requested repository.`
			`content:`
			`application/json:`
			`schema: Error`
			`'403':`
			`description: The user is not authorized.`
			`content:`
			`application/json:`
			`schema: Error`
			`'401':`
			`description: The user is not logged in.`
			`content:`
			`application/json:`
			`schema: Error`
			`tags:`
Add docs 2021-05-07 17:31:57 +00:00			`- alert-related`
Add alert creation 2021-05-07 17:15:14 +00:00			`"""`
			`user = find_user(get_jwt_identity())`
			`alert = Alert.query.filter_by(id=aid).first()`
Add alert editing routes 2021-05-10 14:34:34 +00:00			`if alert.repository_id not in user.owner_of:`
			`return json_error("The user is not authorized."), 403`
Add alert creation 2021-05-07 17:15:14 +00:00			`if not alert:`
			`return json_error("Could not find alert."), 404`
			`if alert.repository not in [a.repository for a in user.authorizations] + user.owner_of:`
			`json_error("You are not authorized to proceed."), 403`
			`if request.method == "GET":`
			`return json_success(alert.to_json()), 200`
			`if alert.repository not in user.owner_of:`
			`json_error("You are not authorized to proceed."), 403`
			`if request.method == "PATCH":`
			`if 'name' in request.json:`
			`alert.name = request.json['name']`
			`if 'limit' in request.json:`
			`alert.limit = request.json['limit']`
			`if 'window_size' in request.json:`
			`alert.window_size = request.json['window_size']`
⤴ Merge, resolving conflicts 2021-05-07 17:51:03 +00:00			`ext.session.commit()`
Updated how POST works, changed http response codes 2021-05-11 17:08:14 +00:00			`return json_success(alert.to_json()), 204`
Add alert creation 2021-05-07 17:15:14 +00:00			`elif request.method == "DELETE":`
			`try:`
⤴ Merge, resolving conflicts 2021-05-07 17:51:03 +00:00			`ext.session.delete(alert)`
			`ext.session.commit()`
Add alert creation 2021-05-07 17:15:14 +00:00			`except Exception:`
			`return json_error("Something went wrong while deleting alert."), 500`
Updated how POST works, changed http response codes 2021-05-11 17:08:14 +00:00			`return json_success("Deletion completed."), 204`
Add alert creation 2021-05-07 17:15:14 +00:00			`elif request.method == "PUT":`
Add alert PUT 2021-05-10 09:00:21 +00:00			`if not json_request_authorizer(request.json, alert):`
			`return json_error("Missing one or more parameters in repository json."), 400`
			`alert.limit = request.json['limit']`
			`alert.name = request.json['name']`
			`alert.window_size = request.json['window_size']`
New alert conditions 2021-05-17 13:29:08 +00:00			`if (mode := request.json.get("evaluation_mode")) is not None:`
			`try:`
			`alert.evaluation_mode = ConditionMode(mode)`
			`except KeyError:`
			return json_error("Unknown `type` specified."), 400
			`except Exception as e:`
			`return json_error("Unknown error:" + str(e)), 400`
			`if request.json['conditions'] is not None:`
			`# Possibile vulnearabilità! Un utente potrebbe aggiungere conditions non del suo repo!`
			`for c in request.json['conditions']:`
			`if c['id'] not in alert.repository.conditions:`
			`return json_error("Stop! You violated the law!"), 403`
			`# Wow very pythonic so much wow`
			`# Obtain list of no longer needed connections`
			`to_be_deleted = [c.cid for c in alert.conditions if`
			`c.cid not in [json['id'] for json in request.json['conditions']]]`
			`# RIP AND TEAR UNTIL ITS DONE`
			`for elem in to_be_deleted:`
			`conn = MadeOf.query.filter_by(cid=elem, aid=alert.id).first()`
			`if conn:`
			`ext.session.delete(conn)`
			`ext.session.commit()`
			`for c in request.json['conditions']:`
			`conn = MadeOf(cid=c['id'], aid=alert.id)`
			`ext.session.add(conn)`
Add alert PUT 2021-05-10 09:00:21 +00:00			`ext.session.commit()`
Updated how POST works, changed http response codes 2021-05-11 17:08:14 +00:00			`return json_success(alert.to_json()), 200`