From dfd1e67fab5143d224f4f1984ff69f8c7185a89b Mon Sep 17 00:00:00 2001 From: Lorenzo Balugani Date: Wed, 12 May 2021 17:27:28 +0200 Subject: [PATCH 1/4] Resolve issue #227. --- code/backend/nest_backend/routes/repository/repositories.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/code/backend/nest_backend/routes/repository/repositories.py b/code/backend/nest_backend/routes/repository/repositories.py index 7ae3d12..0f40f4a 100644 --- a/code/backend/nest_backend/routes/repository/repositories.py +++ b/code/backend/nest_backend/routes/repository/repositories.py @@ -70,8 +70,7 @@ def page_repositories(): spectator = spectator.filter(not Repository.is_active) owner = owner.all() spectator = spectator.all() - return json_success({"owner": [r.to_json() for r in owner], - "spectator": [r.repository.to_json() for r in spectator]}) + return json_success([r.to_json() for r in owner]+[r.repository.to_json() for r in spectator]) elif request.method == "POST": # Users will be tolerated if they change parameters they're not supposed to touch. We'll ignore them for now. if not request.json.get("name") or not request.json.get("conditions") or not str(request.json.get("evaluation_mode")): From 1019a438325598d2ef51a32250c8082e3dcfc874 Mon Sep 17 00:00:00 2001 From: Lorenzo Balugani Date: Wed, 12 May 2021 17:32:37 +0200 Subject: [PATCH 2/4] Resolve issues #103 and #225 --- .../nest_backend/routes/repository/repositories.py | 2 +- code/backend/nest_backend/routes/users/users.py | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/code/backend/nest_backend/routes/repository/repositories.py b/code/backend/nest_backend/routes/repository/repositories.py index 0f40f4a..de4ded7 100644 --- a/code/backend/nest_backend/routes/repository/repositories.py +++ b/code/backend/nest_backend/routes/repository/repositories.py @@ -17,7 +17,7 @@ def page_repositories(): - jwt: [] responses: '200': - description: The list of the repositories related to the user (divided in "owner" and "spectator" dict keys), incapsulated in Success. + description: The list of the repositories related to the user, incapsulated in Success. '403': description: The user is not authorized. content: diff --git a/code/backend/nest_backend/routes/users/users.py b/code/backend/nest_backend/routes/users/users.py index 04a83ad..b90e86c 100644 --- a/code/backend/nest_backend/routes/users/users.py +++ b/code/backend/nest_backend/routes/users/users.py @@ -49,6 +49,11 @@ def page_users(): content: application/json: schema: Error + '406': + description: The user already exists. + content: + application/json: + schema: Error '401': description: The user is not logged in. content: @@ -66,8 +71,11 @@ def page_users(): if request.method == "POST": if not user.isAdmin: return json_error("User is not admin. Thou art not authorized."), 403 + if not request.json.get("email") or request.json.get("password") or request.json.get("username"): + return json_error("Missing required fields."), 400 + if User.query.filter_by(email=request.json.get("email")).first(): + return json_error("User already exists."), 406 new_user = User(email=request.json.get("email"), password=gen_password(request.json.get("password")), username=request.json.get("username")) ext.session.add(new_user) - ext.session.commit() return json_success(new_user.to_json()), 201 From 315996bb175444738989ada8354b90e770159f6c Mon Sep 17 00:00:00 2001 From: Lorenzo Balugani Date: Wed, 12 May 2021 17:35:41 +0200 Subject: [PATCH 3/4] Resolve issue #224 --- code/backend/nest_backend/routes/users/users.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/backend/nest_backend/routes/users/users.py b/code/backend/nest_backend/routes/users/users.py index b90e86c..86eff1c 100644 --- a/code/backend/nest_backend/routes/users/users.py +++ b/code/backend/nest_backend/routes/users/users.py @@ -60,7 +60,7 @@ def page_users(): application/json: schema: Error tags: - - user-related + - admin-only """ user = find_user(get_jwt_identity()) if request.method == "GET": From 1e84796bd4a32e0deae6adac3d848e39208d3ad4 Mon Sep 17 00:00:00 2001 From: Lorenzo Balugani Date: Wed, 12 May 2021 18:06:59 +0200 Subject: [PATCH 4/4] Resolve issue #146 --- code/backend/nest_backend/__main__.py | 1 + code/backend/nest_backend/gestione.py | 12 +++++++++++- code/backend/nest_backend/routes/__init__.py | 5 ++++- .../nest_backend/routes/repository/__init__.py | 5 ++++- .../routes/repository/alerts/__init__.py | 3 ++- .../routes/repository/conditions/__init__.py | 3 ++- .../conditions/repository_conditions.py | 15 ++++++++++----- .../backend/nest_backend/routes/users/__init__.py | 3 ++- 8 files changed, 36 insertions(+), 11 deletions(-) diff --git a/code/backend/nest_backend/__main__.py b/code/backend/nest_backend/__main__.py index aab0585..374686a 100644 --- a/code/backend/nest_backend/__main__.py +++ b/code/backend/nest_backend/__main__.py @@ -6,6 +6,7 @@ import sys from .gestione import * from .app import app, extension_sqlalchemy +from .database import User print(" * Swagger docs will be available at http://127.0.0.1:5000/docs") diff --git a/code/backend/nest_backend/gestione.py b/code/backend/nest_backend/gestione.py index 6b1f60e..90c8f00 100644 --- a/code/backend/nest_backend/gestione.py +++ b/code/backend/nest_backend/gestione.py @@ -2,11 +2,16 @@ Gestione adds many fancy thingamajigs to the flask application, such as a login system and such. """ -from .database import * +from nest_backend.database import * import bcrypt import functools from flask_jwt_extended import get_jwt_identity from flask import jsonify +from re import sub + +__all__ = ["authenticate", "identity", "gen_password", "find_user", "admin_or_403", + "repository_auth", "json_request_authorizer", "json_error", + "json_success", "error_handler", "hashtag_validator"] def authenticate(username, password): @@ -110,3 +115,8 @@ def json_request_authorizer(json, serializable): json_keys = json.keys() serializable_keys = serializable.to_json().keys() return all(key in json_keys for key in serializable_keys) + + +def hashtag_validator(hashtag): + return sub( + "([^a-z0-9_\u00c0-\u00d6\u00d8-\u00f6\u00f8-\u00ff\u0100-\u024f\u0253-\u0254\u0256-\u0257\u0300-\u036f\u1e00-\u1eff\u0400-\u04ff\u0500-\u0527\u2de0-\u2dff\ua640-\ua69f\u0591-\u05bf\u05c1-\u05c2\u05c4-\u05c5\u05d0-\u05ea\u05f0-\u05f4\ufb12-\ufb28\ufb2a-\ufb36\ufb38-\ufb3c\ufb40-\ufb41\ufb43-\ufb44\ufb46-\ufb4f\u0610-\u061a\u0620-\u065f\u066e-\u06d3\u06d5-\u06dc\u06de-\u06e8\u06ea-\u06ef\u06fa-\u06fc\u0750-\u077f\u08a2-\u08ac\u08e4-\u08fe\ufb50-\ufbb1\ufbd3-\ufd3d\ufd50-\ufd8f\ufd92-\ufdc7\ufdf0-\ufdfb\ufe70-\ufe74\ufe76-\ufefc\u200c\u0e01-\u0e3a\u0e40-\u0e4e\u1100-\u11ff\u3130-\u3185\ua960-\ua97f\uac00-\ud7af\ud7b0-\ud7ff\uffa1-\uffdc\u30a1-\u30fa\u30fc-\u30fe\uff66-\uff9f\uff10-\uff19\uff21-\uff3a\uff41-\uff5a\u3041-\u3096\u3099-\u309e\u3400-\u4dbf\u4e00-\u9fff\u20000-\u2a6df\u2a700-\u2b73\u2b740-\u2b81\u2f800-\u2fa1])", "", hashtag) diff --git a/code/backend/nest_backend/routes/__init__.py b/code/backend/nest_backend/routes/__init__.py index 02fa51e..b5db332 100644 --- a/code/backend/nest_backend/routes/__init__.py +++ b/code/backend/nest_backend/routes/__init__.py @@ -4,4 +4,7 @@ This module imports all the routes that return something to the frontend. from .doa import page_doa from .users import * -from .repository import * \ No newline at end of file +from .repository import * +__all__ = ["page_alert", "page_repository_alerts", "page_repository", "page_doa", + "page_condition", "page_repository_conditions", "page_repositories", + "page_login", "page_user", "page_users"] \ No newline at end of file diff --git a/code/backend/nest_backend/routes/repository/__init__.py b/code/backend/nest_backend/routes/repository/__init__.py index f5a9ca5..a358981 100644 --- a/code/backend/nest_backend/routes/repository/__init__.py +++ b/code/backend/nest_backend/routes/repository/__init__.py @@ -2,4 +2,7 @@ from .conditions import page_repository_conditions from .repository import page_repository from .repositories import page_repositories from .conditions import * -from .alerts import * \ No newline at end of file +from .alerts import * + +__all__ = ["page_condition", "page_repository_conditions", "page_repositories", + "page_alert", "page_repository", "page_repository_alerts"] diff --git a/code/backend/nest_backend/routes/repository/alerts/__init__.py b/code/backend/nest_backend/routes/repository/alerts/__init__.py index 3858608..185b84e 100644 --- a/code/backend/nest_backend/routes/repository/alerts/__init__.py +++ b/code/backend/nest_backend/routes/repository/alerts/__init__.py @@ -1,2 +1,3 @@ from .repository_alerts import page_repository_alerts -from .alert import page_alert \ No newline at end of file +from .alert import page_alert +__all__ = ["page_repository_alerts", "page_alert"] \ No newline at end of file diff --git a/code/backend/nest_backend/routes/repository/conditions/__init__.py b/code/backend/nest_backend/routes/repository/conditions/__init__.py index 1cb5200..1ac19f8 100644 --- a/code/backend/nest_backend/routes/repository/conditions/__init__.py +++ b/code/backend/nest_backend/routes/repository/conditions/__init__.py @@ -1,2 +1,3 @@ from .repository_conditions import page_repository_conditions -from .condition import page_condition \ No newline at end of file +from .condition import page_condition +__all__ = ["page_condition", "page_repository_conditions"] \ No newline at end of file diff --git a/code/backend/nest_backend/routes/repository/conditions/repository_conditions.py b/code/backend/nest_backend/routes/repository/conditions/repository_conditions.py index 298fab2..a7ac435 100644 --- a/code/backend/nest_backend/routes/repository/conditions/repository_conditions.py +++ b/code/backend/nest_backend/routes/repository/conditions/repository_conditions.py @@ -1,9 +1,10 @@ from flask import request from flask_jwt_extended import jwt_required from nest_backend.gestione import repository_auth, json_error, json_success, ConditionType, Condition, Repository, \ - find_user, get_jwt_identity -from nest_backend.database import ext as extension_sqlalchemy + find_user, get_jwt_identity +from nest_backend.database import ext from flask_cors import cross_origin +from gestione import hashtag_validator @cross_origin() @@ -43,6 +44,9 @@ def page_repository_conditions(rid): summary: Creates a condition and attaches it to the repository. security: - jwt: [] + parameters: + - in: path + schema: IntegerParameterSchema requestBody: required: true content: @@ -90,9 +94,10 @@ def page_repository_conditions(rid): if not (content := request.json.get("content")): return json_error("Missing `content` parameter."), 400 - + if type_ == ConditionType.hashtag: + content = hashtag_validator(content) condition = Condition(content=content, type=type_, repository_id=rid) - extension_sqlalchemy.session.add(condition) - extension_sqlalchemy.session.commit() + ext.session.add(condition) + ext.session.commit() return json_success(condition.to_json()), 201 diff --git a/code/backend/nest_backend/routes/users/__init__.py b/code/backend/nest_backend/routes/users/__init__.py index 6b5f6da..64e644e 100644 --- a/code/backend/nest_backend/routes/users/__init__.py +++ b/code/backend/nest_backend/routes/users/__init__.py @@ -1,3 +1,4 @@ from .users import page_users from .login import page_login -from .user import page_user \ No newline at end of file +from .user import page_user +__all__ = ["page_users", "page_user", "page_login"] \ No newline at end of file