pds-2021-g2-nest/code/backend/nest_backend/routes/users/user.py

from flask import render_template, abort, jsonify, request
from ...database import *
from flask_jwt_extended import jwt_required
from ...gestione import *
from flask_cors import cross_origin


@cross_origin()
@jwt_required()
def page_user(email):
    """
    User <email>:
        + GET: gets info about the specified user.
        + PATCH: password, username -> Updates data about the user, returns the updated user.
        + DELETE: deletes the specified user.
    """
    user = find_user(get_jwt_identity())
    target = find_user(email)
    if not target:
        return json_error("Could not locate the user."), 404
    if request.method == "GET":
        if not email == user.email and not user.isAdmin:
            return json_error("Thou art not authorized."), 403
        return json_success(target.to_json())
    elif request.method == "DELETE":
        if not user.isAdmin:
            return json_error("User is not admin."), 403
        if user == target:
            return json_error("The user cant delete himself. Its a sin."), 406
        Base.session.delete(target)
        try:
            Base.session.commit()
        except Exception:
            Base.session.rollback()
            return json_error("Could not delete the user."), 500
        return json_success("The user has been deleted.")
    elif request.method == "PATCH":
        if not email == user.email and not user.isAdmin:
            return json_error("Thou art not authorized."), 403
        target = find_user(email)
        if request.json.get("username"):
            target.username = request.json.get("username")
        if request.json.get("password"):
            target.password = gen_password(request.json.get("password"))
        Base.session.commit()
        return json_success(target.to_json())
Breaking changes! All the urls have been changed, and several have been regrouped. Please check the docstrings. 2021-04-29 19:59:05 +00:00			`from flask import render_template, abort, jsonify, request`
			`from ...database import *`
			`from flask_jwt_extended import jwt_required`
			`from ...gestione import *`
			`from flask_cors import cross_origin`


			`@cross_origin()`
			`@jwt_required()`
			`def page_user(email):`
			`"""`
			`User <email>:`
			`+ GET: gets info about the specified user.`
			`+ PATCH: password, username -> Updates data about the user, returns the updated user.`
			`+ DELETE: deletes the specified user.`
			`"""`
			`user = find_user(get_jwt_identity())`
Several fixes Now all the tests should pass. 2021-05-01 12:25:50 +00:00			`target = find_user(email)`
			`if not target:`
			`return json_error("Could not locate the user."), 404`
Breaking changes! All the urls have been changed, and several have been regrouped. Please check the docstrings. 2021-04-29 19:59:05 +00:00			`if request.method == "GET":`
			`if not email == user.email and not user.isAdmin:`
			`return json_error("Thou art not authorized."), 403`
Several fixes Now all the tests should pass. 2021-05-01 12:25:50 +00:00			`return json_success(target.to_json())`
Breaking changes! All the urls have been changed, and several have been regrouped. Please check the docstrings. 2021-04-29 19:59:05 +00:00			`elif request.method == "DELETE":`
			`if not user.isAdmin:`
			`return json_error("User is not admin."), 403`
			`if user == target:`
			`return json_error("The user cant delete himself. Its a sin."), 406`
			`Base.session.delete(target)`
Several fixes Now all the tests should pass. 2021-05-01 12:25:50 +00:00			`try:`
			`Base.session.commit()`
			`except Exception:`
			`Base.session.rollback()`
			`return json_error("Could not delete the user."), 500`
Breaking changes! All the urls have been changed, and several have been regrouped. Please check the docstrings. 2021-04-29 19:59:05 +00:00			`return json_success("The user has been deleted.")`
			`elif request.method == "PATCH":`
			`if not email == user.email and not user.isAdmin:`
			`return json_error("Thou art not authorized."), 403`
			`target = find_user(email)`
			`if request.json.get("username"):`
			`target.username = request.json.get("username")`
			`if request.json.get("password"):`
			`target.password = gen_password(request.json.get("password"))`
			`Base.session.commit()`
Several fixes Now all the tests should pass. 2021-05-01 12:25:50 +00:00			`return json_success(target.to_json())`