An ebook/comic library service and web client
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

96 lines
2.9 KiB

  1. """User API blueprint and endpoint definitions."""
  2. from flask import Blueprint, abort, request, g
  3. from atheneum.api.decorators import return_json
  4. from atheneum.api.model import APIResponse, APIMessage
  5. from atheneum.middleware import authentication_middleware
  6. from atheneum.model import User
  7. from atheneum.service import (
  8. patch_service,
  9. transformation_service,
  10. user_service
  11. )
  12. from atheneum.service.patch_service import get_patch_fields
  13. from atheneum.service.role_service import Role
  14. USER_BLUEPRINT = Blueprint(
  15. name='user', import_name=__name__, url_prefix='/user')
  16. @USER_BLUEPRINT.route('/<name>', methods=['GET'])
  17. @return_json
  18. @authentication_middleware.require_token_auth
  19. @authentication_middleware.require_role(required_role=Role.USER)
  20. def get_user(name: str) -> APIResponse:
  21. """
  22. Get a user.
  23. :return: user if exists, else 404
  24. """
  25. user = user_service.find_by_name(name)
  26. if user is not None:
  27. return APIResponse(user, 200)
  28. return abort(404)
  29. @USER_BLUEPRINT.route('/<name>', methods=['PATCH'])
  30. @return_json
  31. @authentication_middleware.require_token_auth
  32. @authentication_middleware.require_role(required_role=Role.USER)
  33. def patch_user(name: str) -> APIResponse:
  34. """
  35. Patch a user.
  36. :return: user if patched, 4xx error on patching issue, 404 on nonexistent
  37. """
  38. user = user_service.find_by_name(name)
  39. if user is not None:
  40. user_patch: User = transformation_service.deserialize_model(
  41. User, request.json)
  42. patched_user = patch_service.patch(
  43. g.user, user, user_patch, get_patch_fields(request.json))
  44. return APIResponse(patched_user, 200)
  45. return abort(404)
  46. @USER_BLUEPRINT.route('/', methods=['POST'])
  47. @return_json
  48. @authentication_middleware.require_token_auth
  49. @authentication_middleware.require_role(required_role=Role.ADMIN)
  50. def register_user() -> APIResponse:
  51. """
  52. Register a user with the service.
  53. :return: The newly registered User
  54. """
  55. new_user: User = transformation_service.deserialize_model(
  56. User, request.json)
  57. requested_password = None
  58. if 'password' in request.json:
  59. requested_password = request.json['password'].strip()
  60. registered_user = user_service.register(
  61. name=new_user.name,
  62. password=requested_password,
  63. role=new_user.role
  64. )
  65. return APIResponse(payload=registered_user, status=200)
  66. @USER_BLUEPRINT.route('/<name>', methods=['DELETE'])
  67. @return_json
  68. @authentication_middleware.require_token_auth
  69. @authentication_middleware.require_role(required_role=Role.ADMIN)
  70. def delete_user(name: str) -> APIResponse:
  71. """
  72. Delete a user with the service.
  73. :return: The newly registered User
  74. """
  75. user = user_service.find_by_name(name)
  76. if user is not None:
  77. user_service.delete(user)
  78. return APIResponse(
  79. APIMessage(True, 'Successfully Deleted'), status=200)
  80. return abort(404)