FitTrackee/fittrackee/users/utils.py

import re
from datetime import timedelta
from functools import wraps

import humanize
from fittrackee.responses import (
    ForbiddenErrorResponse,
    InvalidPayloadErrorResponse,
    PayloadTooLargeErrorResponse,
    UnauthorizedErrorResponse,
)
from flask import current_app, request

from .models import User


def is_admin(user_id):
    user = User.query.filter_by(id=user_id).first()
    return user.admin


def is_valid_email(email):
    mail_pattern = r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"
    return re.match(mail_pattern, email) is not None


def check_passwords(password, password_conf):
    ret = ''
    if password_conf != password:
        ret = 'Password and password confirmation don\'t match.\n'
    if len(password) < 8:
        ret += 'Password: 8 characters required.\n'
    return ret


def register_controls(username, email, password, password_conf):
    ret = ''
    if not 2 < len(username) < 13:
        ret += 'Username: 3 to 12 characters required.\n'
    if not is_valid_email(email):
        ret += 'Valid email must be provided.\n'
    ret += check_passwords(password, password_conf)
    return ret


def verify_extension_and_size(file_type, req):
    if 'file' not in req.files:
        return InvalidPayloadErrorResponse('No file part.', 'fail')

    file = req.files['file']
    if file.filename == '':
        return InvalidPayloadErrorResponse('No selected file.', 'fail')

    allowed_extensions = (
        'ACTIVITY_ALLOWED_EXTENSIONS'
        if file_type == 'activity'
        else 'PICTURE_ALLOWED_EXTENSIONS'
    )

    file_extension = (
        file.filename.rsplit('.', 1)[1].lower()
        if '.' in file.filename
        else None
    )
    max_file_size = current_app.config['max_single_file_size']

    if not (
        file_extension
        and file_extension in current_app.config.get(allowed_extensions)
    ):
        return InvalidPayloadErrorResponse(
            'File extension not allowed.', 'fail'
        )

    if file_extension != 'zip' and req.content_length > max_file_size:
        return PayloadTooLargeErrorResponse(
            'Error during picture update, file size exceeds '
            f'{display_readable_file_size(max_file_size)}.'
        )

    return None


def verify_user(current_request, verify_admin):
    default_message = 'Provide a valid auth token.'
    auth_header = current_request.headers.get('Authorization')
    if not auth_header:
        return UnauthorizedErrorResponse(default_message), None
    auth_token = auth_header.split(' ')[1]
    resp = User.decode_auth_token(auth_token)
    if isinstance(resp, str):
        return UnauthorizedErrorResponse(resp), None
    user = User.query.filter_by(id=resp).first()
    if not user:
        return UnauthorizedErrorResponse(default_message), None
    if verify_admin and not is_admin(resp):
        return ForbiddenErrorResponse(), None
    return None, resp


def authenticate(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        verify_admin = False
        response_object, resp = verify_user(request, verify_admin)
        if response_object:
            return response_object
        return f(resp, *args, **kwargs)

    return decorated_function


def authenticate_as_admin(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        verify_admin = True
        response_object, resp = verify_user(request, verify_admin)
        if response_object:
            return response_object
        return f(resp, *args, **kwargs)

    return decorated_function


def can_view_activity(auth_user_id, activity_user_id):
    if auth_user_id != activity_user_id:
        return ForbiddenErrorResponse()
    return None


def display_readable_file_size(size_in_bytes):
    if size_in_bytes == 0:
        return '0 bytes'
    if size_in_bytes == 1:
        return '1 byte'
    for unit in [' bytes', 'KB', 'MB', 'GB', 'TB']:
        if abs(size_in_bytes) < 1024.0:
            return f"{size_in_bytes:3.1f}{unit}"
        size_in_bytes /= 1024.0
    return f"{size_in_bytes} bytes"


def get_readable_duration(duration, locale='en'):
    if locale is not None and locale != 'en':
        _t = humanize.i18n.activate(locale)  # noqa
    readable_duration = humanize.naturaldelta(timedelta(seconds=duration))
    if locale is not None and locale != 'en':
        humanize.i18n.deactivate()
    return readable_duration
API & Client: registration controls 2018-01-01 11:10:39 +01:00			`import re`
API - display password reset link expiration delay in email 2020-07-11 19:35:20 +02:00			`from datetime import timedelta`
API & Client: pre-commit lint 2018-01-14 20:49:35 +01:00			`from functools import wraps`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00
API - display password reset link expiration delay in email 2020-07-11 19:35:20 +02:00			`import humanize`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`from fittrackee.responses import (`
			`ForbiddenErrorResponse,`
			`InvalidPayloadErrorResponse,`
			`PayloadTooLargeErrorResponse,`
			`UnauthorizedErrorResponse,`
			`)`
			`from flask import current_app, request`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00
			`from .models import User`


API: sports - minor refactor 2018-05-09 16:50:30 +02:00			`def is_admin(user_id):`
			`user = User.query.filter_by(id=user_id).first()`
			`return user.admin`


			`def is_valid_email(email):`
			`mail_pattern = r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"`
			`return re.match(mail_pattern, email) is not None`


API - add route to update password and email templates - #50 2020-05-17 16:42:44 +02:00			`def check_passwords(password, password_conf):`
			`ret = ''`
			`if password_conf != password:`
			`ret = 'Password and password confirmation don\'t match.\n'`
			`if len(password) < 8:`
			`ret += 'Password: 8 characters required.\n'`
			`return ret`


API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`def register_controls(username, email, password, password_conf):`
			`ret = ''`
			`if not 2 < len(username) < 13:`
			`ret += 'Username: 3 to 12 characters required.\n'`
			`if not is_valid_email(email):`
			`ret += 'Valid email must be provided.\n'`
API - add route to update password and email templates - #50 2020-05-17 16:42:44 +02:00			`ret += check_passwords(password, password_conf)`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`return ret`


API & Client: set file size limit for upload - fix #33 2019-08-31 14:11:00 +02:00			`def verify_extension_and_size(file_type, req):`
API: add an activity (w/ gpx file) 2018-05-01 17:51:38 +02:00			`if 'file' not in req.files:`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return InvalidPayloadErrorResponse('No file part.', 'fail')`
API: add an activity (w/ gpx file) 2018-05-01 17:51:38 +02:00
			`file = req.files['file']`
			`if file.filename == '':`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return InvalidPayloadErrorResponse('No selected file.', 'fail')`
API: add an activity (w/ gpx file) 2018-05-01 17:51:38 +02:00
API: minr refactor 2018-05-01 17:58:51 +02:00			`allowed_extensions = (`
			`'ACTIVITY_ALLOWED_EXTENSIONS'`
			`if file_type == 'activity'`
			`else 'PICTURE_ALLOWED_EXTENSIONS'`
			`)`

API & Client: set file size limit for upload - fix #33 2019-08-31 14:11:00 +02:00			`file_extension = (`
			`file.filename.rsplit('.', 1)[1].lower()`
			`if '.' in file.filename`
			`else None`
			`)`
API - move some app configuration parameters in database 2019-11-13 18:40:01 +01:00			`max_file_size = current_app.config['max_single_file_size']`
API & Client: set file size limit for upload - fix #33 2019-08-31 14:11:00 +02:00
API - reformat python files w/ black 2019-08-28 13:25:39 +02:00			`if not (`
API & Client: set file size limit for upload - fix #33 2019-08-31 14:11:00 +02:00			`file_extension`
			`and file_extension in current_app.config.get(allowed_extensions)`
API - reformat python files w/ black 2019-08-28 13:25:39 +02:00			`):`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return InvalidPayloadErrorResponse(`
			`'File extension not allowed.', 'fail'`
			`)`

			`if file_extension != 'zip' and req.content_length > max_file_size:`
			`return PayloadTooLargeErrorResponse(`
			`'Error during picture update, file size exceeds '`
			`f'{display_readable_file_size(max_file_size)}.'`
			`)`
API: add an activity (w/ gpx file) 2018-05-01 17:51:38 +02:00
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return None`
API: add an activity (w/ gpx file) 2018-05-01 17:51:38 +02:00

API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`def verify_user(current_request, verify_admin):`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`default_message = 'Provide a valid auth token.'`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`auth_header = current_request.headers.get('Authorization')`
			`if not auth_header:`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return UnauthorizedErrorResponse(default_message), None`
			`auth_token = auth_header.split(' ')[1]`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`resp = User.decode_auth_token(auth_token)`
			`if isinstance(resp, str):`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return UnauthorizedErrorResponse(resp), None`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`user = User.query.filter_by(id=resp).first()`
			`if not user:`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return UnauthorizedErrorResponse(default_message), None`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`if verify_admin and not is_admin(resp):`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return ForbiddenErrorResponse(), None`
			`return None, resp`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00

Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`def authenticate(f):`
			`@wraps(f)`
			`def decorated_function(args, *kwargs):`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`verify_admin = False`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`response_object, resp = verify_user(request, verify_admin)`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`if response_object:`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return response_object`
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`return f(resp, args, *kwargs)`
API: add an activity (w/ gpx file) 2018-05-01 17:51:38 +02:00
Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register Client: login/register 2017-12-25 17:45:28 +01:00			`return decorated_function`


API: sports - minor refactor 2018-05-09 16:50:30 +02:00			`def authenticate_as_admin(f):`
			`@wraps(f)`
			`def decorated_function(args, *kwargs):`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`verify_admin = True`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`response_object, resp = verify_user(request, verify_admin)`
API: auth - minor refactor 2018-05-09 17:00:22 +02:00			`if response_object:`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return response_object`
API: sports - minor refactor 2018-05-09 16:50:30 +02:00			`return f(resp, args, *kwargs)`
API & Client: registration controls 2018-01-01 11:10:39 +01:00
API: sports - minor refactor 2018-05-09 16:50:30 +02:00			`return decorated_function`
API: only activity owner can view his activity 2018-06-15 10:50:37 +02:00

			`def can_view_activity(auth_user_id, activity_user_id):`
			`if auth_user_id != activity_user_id:`
API - refactor api responses 2021-01-01 16:39:25 +01:00			`return ForbiddenErrorResponse()`
			`return None`
API & Client: set file size limit for upload - fix #33 2019-08-31 14:11:00 +02:00

			`def display_readable_file_size(size_in_bytes):`
			`if size_in_bytes == 0:`
			`return '0 bytes'`
			`if size_in_bytes == 1:`
			`return '1 byte'`
			`for unit in [' bytes', 'KB', 'MB', 'GB', 'TB']:`
			`if abs(size_in_bytes) < 1024.0:`
			`return f"{size_in_bytes:3.1f}{unit}"`
			`size_in_bytes /= 1024.0`
			`return f"{size_in_bytes} bytes"`
API - display password reset link expiration delay in email 2020-07-11 19:35:20 +02:00

			`def get_readable_duration(duration, locale='en'):`
API - fix localization 2020-07-15 10:10:54 +02:00			`if locale is not None and locale != 'en':`
API - display password reset link expiration delay in email 2020-07-11 19:35:20 +02:00			`_t = humanize.i18n.activate(locale) # noqa`
			`readable_duration = humanize.naturaldelta(timedelta(seconds=duration))`
API - fix localization 2020-07-15 10:10:54 +02:00			`if locale is not None and locale != 'en':`
API - display password reset link expiration delay in email 2020-07-11 19:35:20 +02:00			`humanize.i18n.deactivate()`
			`return readable_duration`