2021-04-29 19:59:05 +00:00
|
|
|
from flask import render_template, abort, jsonify, request
|
2021-05-05 20:21:04 +00:00
|
|
|
from nest_backend.database import *
|
2021-05-12 20:22:42 +00:00
|
|
|
from flask_jwt_extended import jwt_required, get_jwt_identity
|
2021-05-05 20:21:04 +00:00
|
|
|
from nest_backend.gestione import *
|
2021-04-29 19:59:05 +00:00
|
|
|
from flask_cors import cross_origin
|
2021-05-17 14:19:32 +00:00
|
|
|
from nest_backend.errors import *
|
2021-04-29 19:59:05 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@cross_origin()
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def page_users():
|
|
|
|
|
"""
|
2021-05-05 20:21:04 +00:00
|
|
|
---
|
|
|
|
|
get:
|
2021-05-06 01:07:34 +00:00
|
|
|
summary: Get a list of users.
|
2021-05-06 09:25:39 +00:00
|
|
|
security:
|
|
|
|
|
- jwt: []
|
2021-05-05 20:21:04 +00:00
|
|
|
responses:
|
|
|
|
|
'200':
|
|
|
|
|
description: A list of User schemas, incapsulated in Success.
|
|
|
|
|
'403':
|
|
|
|
|
description: The user is not authorized.
|
|
|
|
|
content:
|
|
|
|
|
application/json:
|
|
|
|
|
schema: Error
|
|
|
|
|
'401':
|
|
|
|
|
description: The user is not logged in.
|
|
|
|
|
content:
|
|
|
|
|
application/json:
|
|
|
|
|
schema: Error
|
|
|
|
|
tags:
|
|
|
|
|
- admin-only
|
|
|
|
|
post:
|
2021-05-06 01:07:34 +00:00
|
|
|
summary: Creates a user.
|
2021-05-06 09:25:39 +00:00
|
|
|
security:
|
|
|
|
|
- jwt: []
|
2021-05-05 20:21:04 +00:00
|
|
|
requestBody:
|
|
|
|
|
required: true
|
|
|
|
|
content:
|
|
|
|
|
application/json:
|
|
|
|
|
schema: CreateUser
|
|
|
|
|
responses:
|
2021-05-11 17:08:14 +00:00
|
|
|
'201':
|
2021-05-05 20:21:04 +00:00
|
|
|
description: The user has been created successfully.
|
|
|
|
|
content:
|
|
|
|
|
application/json:
|
|
|
|
|
schema: User
|
|
|
|
|
'403':
|
|
|
|
|
description: The user is not authorized.
|
|
|
|
|
content:
|
|
|
|
|
application/json:
|
|
|
|
|
schema: Error
|
2021-05-12 15:32:37 +00:00
|
|
|
'406':
|
|
|
|
|
description: The user already exists.
|
|
|
|
|
content:
|
|
|
|
|
application/json:
|
|
|
|
|
schema: Error
|
2021-05-05 20:21:04 +00:00
|
|
|
'401':
|
|
|
|
|
description: The user is not logged in.
|
|
|
|
|
content:
|
|
|
|
|
application/json:
|
|
|
|
|
schema: Error
|
|
|
|
|
tags:
|
2021-05-12 15:35:41 +00:00
|
|
|
- admin-only
|
2021-04-29 19:59:05 +00:00
|
|
|
"""
|
|
|
|
|
user = find_user(get_jwt_identity())
|
|
|
|
|
if request.method == "GET":
|
|
|
|
|
if not user.isAdmin:
|
2021-05-17 14:19:32 +00:00
|
|
|
return json_error("User is not admin. Thou art not authorized", USER_NOT_ADMIN), 403
|
2021-04-29 19:59:05 +00:00
|
|
|
users = User.query.all()
|
2021-05-11 17:08:14 +00:00
|
|
|
return json_success([user.to_json() for user in users]), 200
|
2021-04-29 19:59:05 +00:00
|
|
|
if request.method == "POST":
|
|
|
|
|
if not user.isAdmin:
|
2021-05-17 14:19:32 +00:00
|
|
|
return json_error("User is not admin. Thou art not authorized.", USER_NOT_ADMIN), 403
|
2021-05-12 21:09:29 +00:00
|
|
|
if not request.json.get("email") or not request.json.get("password") or not request.json.get("username"):
|
2021-05-17 14:19:32 +00:00
|
|
|
return json_error("Missing required fields.", GENERIC_MISSING_FIELDS), 400
|
2021-05-12 15:32:37 +00:00
|
|
|
if User.query.filter_by(email=request.json.get("email")).first():
|
2021-05-17 14:19:32 +00:00
|
|
|
return json_error("User already exists.", GENERIC_ALREADY_EXISTS), 406
|
2021-04-29 19:59:05 +00:00
|
|
|
new_user = User(email=request.json.get("email"), password=gen_password(request.json.get("password")),
|
|
|
|
|
username=request.json.get("username"))
|
2021-05-07 17:46:14 +00:00
|
|
|
ext.session.add(new_user)
|
2021-05-12 21:09:29 +00:00
|
|
|
ext.session.commit()
|
2021-05-11 17:08:14 +00:00
|
|
|
return json_success(new_user.to_json()), 201
|
