API - refactor api responses
This commit is contained in:
parent
21e79c8883
commit
4705393a08
@ -240,7 +240,8 @@
|
||||
<dt class="field-even">Status Codes</dt>
|
||||
<dd class="field-even"><ul class="simple">
|
||||
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a> – Successfully logged in.</p></li>
|
||||
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5">404 Not Found</a> – Invalid credentials.</p></li>
|
||||
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1">400 Bad Request</a> – Invalid payload.</p></li>
|
||||
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a> – Invalid credentials.</p></li>
|
||||
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.5.1">500 Internal Server Error</a> – Error. Please try again or contact the administrator.</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
|
File diff suppressed because one or more lines are too long
@ -5,7 +5,15 @@ from datetime import datetime, timedelta
|
||||
|
||||
import requests
|
||||
from fittrackee import appLog, db
|
||||
from flask import Blueprint, Response, current_app, jsonify, request, send_file
|
||||
from fittrackee.responses import (
|
||||
DataInvalidPayloadErrorResponse,
|
||||
DataNotFoundErrorResponse,
|
||||
InternalServerErrorResponse,
|
||||
InvalidPayloadErrorResponse,
|
||||
NotFoundErrorResponse,
|
||||
handle_error_and_return_response,
|
||||
)
|
||||
from flask import Blueprint, Response, current_app, request, send_file
|
||||
from sqlalchemy import exc
|
||||
|
||||
from ..users.utils import (
|
||||
@ -251,7 +259,7 @@ def get_activities(auth_user_id):
|
||||
.paginate(page, per_page, False)
|
||||
.items
|
||||
)
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {
|
||||
'activities': [
|
||||
@ -259,15 +267,8 @@ def get_activities(auth_user_id):
|
||||
]
|
||||
},
|
||||
}
|
||||
code = 200
|
||||
except Exception as e:
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
return handle_error_and_return_response(e)
|
||||
|
||||
|
||||
@activities_blueprint.route(
|
||||
@ -360,27 +361,17 @@ def get_activity(auth_user_id, activity_short_id):
|
||||
"""
|
||||
activity_uuid = decode_short_id(activity_short_id)
|
||||
activity = Activity.query.filter_by(uuid=activity_uuid).first()
|
||||
activities_list = []
|
||||
if not activity:
|
||||
return DataNotFoundErrorResponse('activities')
|
||||
|
||||
if activity:
|
||||
response_object, code = can_view_activity(
|
||||
auth_user_id, activity.user_id
|
||||
)
|
||||
if response_object:
|
||||
return jsonify(response_object), code
|
||||
error_response = can_view_activity(auth_user_id, activity.user_id)
|
||||
if error_response:
|
||||
return error_response
|
||||
|
||||
activities_list.append(activity.serialize())
|
||||
status = 'success'
|
||||
code = 200
|
||||
else:
|
||||
status = 'not found'
|
||||
code = 404
|
||||
|
||||
response_object = {
|
||||
'status': status,
|
||||
'data': {'activities': activities_list},
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'activities': [activity.serialize()]},
|
||||
}
|
||||
return jsonify(response_object), code
|
||||
|
||||
|
||||
def get_activity_data(
|
||||
@ -389,59 +380,44 @@ def get_activity_data(
|
||||
"""Get data from an activity gpx file"""
|
||||
activity_uuid = decode_short_id(activity_short_id)
|
||||
activity = Activity.query.filter_by(uuid=activity_uuid).first()
|
||||
content = ''
|
||||
if activity:
|
||||
response_object, code = can_view_activity(
|
||||
auth_user_id, activity.user_id
|
||||
if not activity:
|
||||
return DataNotFoundErrorResponse(
|
||||
data_type=data_type,
|
||||
message=f'Activity not found (id: {activity_short_id})',
|
||||
)
|
||||
if response_object:
|
||||
return jsonify(response_object), code
|
||||
if not activity.gpx or activity.gpx == '':
|
||||
message = (
|
||||
f'No gpx file for this activity (id: {activity_short_id})'
|
||||
)
|
||||
response_object = {'status': 'error', 'message': message}
|
||||
return jsonify(response_object), 404
|
||||
|
||||
try:
|
||||
absolute_gpx_filepath = get_absolute_file_path(activity.gpx)
|
||||
if data_type == 'chart':
|
||||
content = get_chart_data(absolute_gpx_filepath, segment_id)
|
||||
else: # data_type == 'gpx'
|
||||
with open(absolute_gpx_filepath, encoding='utf-8') as f:
|
||||
content = f.read()
|
||||
if segment_id is not None:
|
||||
content = extract_segment_from_gpx_file(
|
||||
content, segment_id
|
||||
)
|
||||
except ActivityGPXException as e:
|
||||
appLog.error(e.message)
|
||||
response_object = {'status': e.status, 'message': e.message}
|
||||
code = 404 if e.status == 'not found' else 500
|
||||
return jsonify(response_object), code
|
||||
except Exception as e:
|
||||
appLog.error(e)
|
||||
response_object = {'status': 'error', 'message': 'internal error'}
|
||||
return jsonify(response_object), 500
|
||||
error_response = can_view_activity(auth_user_id, activity.user_id)
|
||||
if error_response:
|
||||
return error_response
|
||||
if not activity.gpx or activity.gpx == '':
|
||||
return NotFoundErrorResponse(
|
||||
f'No gpx file for this activity (id: {activity_short_id})'
|
||||
)
|
||||
|
||||
status = 'success'
|
||||
message = ''
|
||||
code = 200
|
||||
else:
|
||||
status = 'not found'
|
||||
message = f'Activity not found (id: {activity_short_id})'
|
||||
code = 404
|
||||
try:
|
||||
absolute_gpx_filepath = get_absolute_file_path(activity.gpx)
|
||||
if data_type == 'chart_data':
|
||||
content = get_chart_data(absolute_gpx_filepath, segment_id)
|
||||
else: # data_type == 'gpx'
|
||||
with open(absolute_gpx_filepath, encoding='utf-8') as f:
|
||||
content = f.read()
|
||||
if segment_id is not None:
|
||||
content = extract_segment_from_gpx_file(
|
||||
content, segment_id
|
||||
)
|
||||
except ActivityGPXException as e:
|
||||
appLog.error(e.message)
|
||||
if e.status == 'not found':
|
||||
return NotFoundErrorResponse(e.message)
|
||||
return InternalServerErrorResponse(e.message)
|
||||
except Exception as e:
|
||||
return handle_error_and_return_response(e)
|
||||
|
||||
response_object = {
|
||||
'status': status,
|
||||
'message': message,
|
||||
'data': (
|
||||
{'chart_data': content}
|
||||
if data_type == 'chart'
|
||||
else {'gpx': content}
|
||||
),
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': '',
|
||||
'data': ({data_type: content}),
|
||||
}
|
||||
return jsonify(response_object), code
|
||||
|
||||
|
||||
@activities_blueprint.route(
|
||||
@ -558,7 +534,7 @@ def get_activity_chart_data(auth_user_id, activity_short_id):
|
||||
:statuscode 500:
|
||||
|
||||
"""
|
||||
return get_activity_data(auth_user_id, activity_short_id, 'chart')
|
||||
return get_activity_data(auth_user_id, activity_short_id, 'chart_data')
|
||||
|
||||
|
||||
@activities_blueprint.route(
|
||||
@ -681,7 +657,7 @@ def get_segment_chart_data(auth_user_id, activity_short_id, segment_id):
|
||||
|
||||
"""
|
||||
return get_activity_data(
|
||||
auth_user_id, activity_short_id, 'chart', segment_id
|
||||
auth_user_id, activity_short_id, 'chart_data', segment_id
|
||||
)
|
||||
|
||||
|
||||
@ -718,18 +694,11 @@ def get_map(map_id):
|
||||
try:
|
||||
activity = Activity.query.filter_by(map_id=map_id).first()
|
||||
if not activity:
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Map does not exist',
|
||||
}
|
||||
return jsonify(response_object), 404
|
||||
else:
|
||||
absolute_map_filepath = get_absolute_file_path(activity.map)
|
||||
return send_file(absolute_map_filepath)
|
||||
return NotFoundErrorResponse('Map does not exist.')
|
||||
absolute_map_filepath = get_absolute_file_path(activity.map)
|
||||
return send_file(absolute_map_filepath)
|
||||
except Exception as e:
|
||||
appLog.error(e)
|
||||
response_object = {'status': 'error', 'message': 'internal error.'}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(e)
|
||||
|
||||
|
||||
@activities_blueprint.route(
|
||||
@ -887,16 +856,13 @@ def post_activity(auth_user_id):
|
||||
:statuscode 500:
|
||||
|
||||
"""
|
||||
response_object, response_code = verify_extension_and_size(
|
||||
'activity', request
|
||||
)
|
||||
if response_object['status'] != 'success':
|
||||
return jsonify(response_object), response_code
|
||||
error_response = verify_extension_and_size('activity', request)
|
||||
if error_response:
|
||||
return error_response
|
||||
|
||||
activity_data = json.loads(request.form['data'])
|
||||
if not activity_data or activity_data.get('sport_id') is None:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
|
||||
activity_file = request.files['file']
|
||||
upload_dir = os.path.join(
|
||||
@ -921,20 +887,19 @@ def post_activity(auth_user_id):
|
||||
]
|
||||
},
|
||||
}
|
||||
code = 201
|
||||
else:
|
||||
response_object = {'status': 'fail', 'data': {'activities': []}}
|
||||
code = 400
|
||||
return DataInvalidPayloadErrorResponse('activities', 'fail')
|
||||
except ActivityException as e:
|
||||
db.session.rollback()
|
||||
if e.e:
|
||||
appLog.error(e.e)
|
||||
response_object = {'status': e.status, 'message': e.message}
|
||||
code = 500 if e.status == 'error' else 400
|
||||
if e.status == 'error':
|
||||
return InternalServerErrorResponse(e.message)
|
||||
return InvalidPayloadErrorResponse(e.message)
|
||||
|
||||
shutil.rmtree(folders['extract_dir'], ignore_errors=True)
|
||||
shutil.rmtree(folders['tmp_dir'], ignore_errors=True)
|
||||
return jsonify(response_object), code
|
||||
return response_object, 201
|
||||
|
||||
|
||||
@activities_blueprint.route('/activities/no_gpx', methods=['POST'])
|
||||
@ -1059,8 +1024,7 @@ def post_activity_no_gpx(auth_user_id):
|
||||
or activity_data.get('distance') is None
|
||||
or activity_data.get('activity_date') is None
|
||||
):
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
|
||||
try:
|
||||
user = User.query.filter_by(id=auth_user_id).first()
|
||||
@ -1068,20 +1032,21 @@ def post_activity_no_gpx(auth_user_id):
|
||||
db.session.add(new_activity)
|
||||
db.session.commit()
|
||||
|
||||
response_object = {
|
||||
'status': 'created',
|
||||
'data': {'activities': [new_activity.serialize()]},
|
||||
}
|
||||
return jsonify(response_object), 201
|
||||
return (
|
||||
{
|
||||
'status': 'created',
|
||||
'data': {'activities': [new_activity.serialize()]},
|
||||
},
|
||||
201,
|
||||
)
|
||||
|
||||
except (exc.IntegrityError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'Error during activity save.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(
|
||||
error=e,
|
||||
message='Error during activity save.',
|
||||
status='fail',
|
||||
db=db,
|
||||
)
|
||||
|
||||
|
||||
@activities_blueprint.route(
|
||||
@ -1207,41 +1172,27 @@ def update_activity(auth_user_id, activity_short_id):
|
||||
"""
|
||||
activity_data = request.get_json()
|
||||
if not activity_data:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
|
||||
try:
|
||||
activity_uuid = decode_short_id(activity_short_id)
|
||||
activity = Activity.query.filter_by(uuid=activity_uuid).first()
|
||||
if activity:
|
||||
response_object, code = can_view_activity(
|
||||
auth_user_id, activity.user_id
|
||||
)
|
||||
if response_object:
|
||||
return jsonify(response_object), code
|
||||
if not activity:
|
||||
return DataNotFoundErrorResponse('activities')
|
||||
|
||||
activity = edit_activity(activity, activity_data, auth_user_id)
|
||||
db.session.commit()
|
||||
response_object = {
|
||||
'status': 'success',
|
||||
'data': {'activities': [activity.serialize()]},
|
||||
}
|
||||
code = 200
|
||||
else:
|
||||
response_object = {
|
||||
'status': 'not found',
|
||||
'data': {'activities': []},
|
||||
}
|
||||
code = 404
|
||||
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
response_object = can_view_activity(auth_user_id, activity.user_id)
|
||||
if response_object:
|
||||
return response_object
|
||||
|
||||
activity = edit_activity(activity, activity_data, auth_user_id)
|
||||
db.session.commit()
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'activities': [activity.serialize()]},
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
|
||||
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
||||
return handle_error_and_return_response(e)
|
||||
|
||||
|
||||
@activities_blueprint.route(
|
||||
@ -1284,34 +1235,19 @@ def delete_activity(auth_user_id, activity_short_id):
|
||||
try:
|
||||
activity_uuid = decode_short_id(activity_short_id)
|
||||
activity = Activity.query.filter_by(uuid=activity_uuid).first()
|
||||
if activity:
|
||||
response_object, code = can_view_activity(
|
||||
auth_user_id, activity.user_id
|
||||
)
|
||||
if response_object:
|
||||
return jsonify(response_object), code
|
||||
if not activity:
|
||||
return DataNotFoundErrorResponse('activities')
|
||||
error_response = can_view_activity(auth_user_id, activity.user_id)
|
||||
if error_response:
|
||||
return error_response
|
||||
|
||||
db.session.delete(activity)
|
||||
db.session.commit()
|
||||
response_object = {'status': 'no content'}
|
||||
code = 204
|
||||
else:
|
||||
response_object = {
|
||||
'status': 'not found',
|
||||
'data': {'activities': []},
|
||||
}
|
||||
code = 404
|
||||
db.session.delete(activity)
|
||||
db.session.commit()
|
||||
return {'status': 'no content'}, 204
|
||||
except (
|
||||
exc.IntegrityError,
|
||||
exc.OperationalError,
|
||||
ValueError,
|
||||
OSError,
|
||||
) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
@ -1,4 +1,4 @@
|
||||
from flask import Blueprint, jsonify
|
||||
from flask import Blueprint
|
||||
|
||||
from ..users.utils import authenticate
|
||||
from .models import Record
|
||||
@ -103,14 +103,12 @@ def get_records(auth_user_id):
|
||||
- Invalid token. Please log in again.
|
||||
|
||||
"""
|
||||
|
||||
records = (
|
||||
Record.query.filter_by(user_id=auth_user_id)
|
||||
.order_by(Record.sport_id.asc(), Record.record_type.asc())
|
||||
.all()
|
||||
)
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'records': [record.serialize() for record in records]},
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
@ -1,5 +1,10 @@
|
||||
from fittrackee import appLog, db
|
||||
from flask import Blueprint, jsonify, request
|
||||
from fittrackee import db
|
||||
from fittrackee.responses import (
|
||||
DataNotFoundErrorResponse,
|
||||
InvalidPayloadErrorResponse,
|
||||
handle_error_and_return_response,
|
||||
)
|
||||
from flask import Blueprint, request
|
||||
from sqlalchemy import exc
|
||||
|
||||
from ..users.models import User
|
||||
@ -143,14 +148,12 @@ def get_sports(auth_user_id):
|
||||
- Invalid token. Please log in again.
|
||||
|
||||
"""
|
||||
|
||||
user = User.query.filter_by(id=int(auth_user_id)).first()
|
||||
sports = Sport.query.order_by(Sport.id).all()
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'sports': [sport.serialize(user.admin) for sport in sports]},
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
||||
|
||||
@sports_blueprint.route('/sports/<int:sport_id>', methods=['GET'])
|
||||
@ -238,19 +241,14 @@ def get_sport(auth_user_id, sport_id):
|
||||
:statuscode 404: sport not found
|
||||
|
||||
"""
|
||||
|
||||
user = User.query.filter_by(id=int(auth_user_id)).first()
|
||||
sport = Sport.query.filter_by(id=sport_id).first()
|
||||
if sport:
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'sports': [sport.serialize(user.admin)]},
|
||||
}
|
||||
code = 200
|
||||
else:
|
||||
response_object = {'status': 'not found', 'data': {'sports': []}}
|
||||
code = 404
|
||||
return jsonify(response_object), code
|
||||
return DataNotFoundErrorResponse('sports')
|
||||
|
||||
|
||||
@sports_blueprint.route('/sports/<int:sport_id>', methods=['PATCH'])
|
||||
@ -325,28 +323,19 @@ def update_sport(auth_user_id, sport_id):
|
||||
"""
|
||||
sport_data = request.get_json()
|
||||
if not sport_data or sport_data.get('is_active') is None:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
|
||||
try:
|
||||
sport = Sport.query.filter_by(id=sport_id).first()
|
||||
if sport:
|
||||
sport.is_active = sport_data.get('is_active')
|
||||
db.session.commit()
|
||||
response_object = {
|
||||
'status': 'success',
|
||||
'data': {'sports': [sport.serialize(True)]},
|
||||
}
|
||||
code = 200
|
||||
else:
|
||||
response_object = {'status': 'not found', 'data': {'sports': []}}
|
||||
code = 404
|
||||
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
if not sport:
|
||||
return DataNotFoundErrorResponse('sports')
|
||||
|
||||
sport.is_active = sport_data.get('is_active')
|
||||
db.session.commit()
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'sports': [sport.serialize(True)]},
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
|
||||
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
@ -1,7 +1,13 @@
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
from fittrackee import appLog, db
|
||||
from flask import Blueprint, jsonify, request
|
||||
from fittrackee import db
|
||||
from fittrackee.responses import (
|
||||
InvalidPayloadErrorResponse,
|
||||
NotFoundErrorResponse,
|
||||
UserNotFoundErrorResponse,
|
||||
handle_error_and_return_response,
|
||||
)
|
||||
from flask import Blueprint, request
|
||||
from sqlalchemy import func
|
||||
|
||||
from ..users.models import User
|
||||
@ -17,11 +23,7 @@ def get_activities(user_name, filter_type):
|
||||
try:
|
||||
user = User.query.filter_by(username=user_name).first()
|
||||
if not user:
|
||||
response_object = {
|
||||
'status': 'not found',
|
||||
'message': 'User does not exist.',
|
||||
}
|
||||
return jsonify(response_object), 404
|
||||
return UserNotFoundErrorResponse()
|
||||
|
||||
params = request.args.copy()
|
||||
date_from = params.get('from')
|
||||
@ -42,11 +44,7 @@ def get_activities(user_name, filter_type):
|
||||
if sport_id:
|
||||
sport = Sport.query.filter_by(id=sport_id).first()
|
||||
if not sport:
|
||||
response_object = {
|
||||
'status': 'not found',
|
||||
'message': 'Sport does not exist.',
|
||||
}
|
||||
return jsonify(response_object), 404
|
||||
return NotFoundErrorResponse('Sport does not exist.')
|
||||
|
||||
activities = (
|
||||
Activity.query.filter(
|
||||
@ -103,11 +101,9 @@ def get_activities(user_name, filter_type):
|
||||
activity.activity_date, "%Y"
|
||||
)
|
||||
else:
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'Invalid time period.',
|
||||
}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse(
|
||||
'Invalid time period.', 'fail'
|
||||
)
|
||||
sport_id = activity.sport_id
|
||||
if time_period not in activities_list:
|
||||
activities_list[time_period] = {}
|
||||
@ -125,19 +121,12 @@ def get_activities(user_name, filter_type):
|
||||
'total_duration'
|
||||
] += convert_timedelta_to_integer(activity.moving)
|
||||
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'statistics': activities_list},
|
||||
}
|
||||
code = 200
|
||||
except Exception as e:
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
return handle_error_and_return_response(e)
|
||||
|
||||
|
||||
@stats_blueprint.route('/stats/<user_name>/by_time', methods=['GET'])
|
||||
@ -371,7 +360,7 @@ def get_application_stats(auth_user_id):
|
||||
.group_by(Activity.sport_id)
|
||||
.count()
|
||||
)
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {
|
||||
'activities': nb_activities,
|
||||
@ -380,4 +369,3 @@ def get_application_stats(auth_user_id):
|
||||
'uploads_dir_size': get_upload_dir_size(),
|
||||
},
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
@ -1,5 +1,9 @@
|
||||
from fittrackee import appLog, db
|
||||
from flask import Blueprint, current_app, jsonify, request
|
||||
from fittrackee import db
|
||||
from fittrackee.responses import (
|
||||
InvalidPayloadErrorResponse,
|
||||
handle_error_and_return_response,
|
||||
)
|
||||
from flask import Blueprint, current_app, request
|
||||
from sqlalchemy.orm.exc import MultipleResultsFound, NoResultFound
|
||||
|
||||
from ..users.utils import authenticate_as_admin
|
||||
@ -46,15 +50,11 @@ def get_application_config():
|
||||
|
||||
try:
|
||||
config = AppConfig.query.one()
|
||||
response_object = {'status': 'success', 'data': config.serialize()}
|
||||
return jsonify(response_object), 200
|
||||
return {'status': 'success', 'data': config.serialize()}
|
||||
except (MultipleResultsFound, NoResultFound) as e:
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error on getting configuration.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(
|
||||
e, message='Error on getting configuration.'
|
||||
)
|
||||
|
||||
|
||||
@config_blueprint.route('/config', methods=['PATCH'])
|
||||
@ -111,8 +111,7 @@ def update_application_config(auth_user_id):
|
||||
"""
|
||||
config_data = request.get_json()
|
||||
if not config_data:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
|
||||
try:
|
||||
config = AppConfig.query.one()
|
||||
@ -129,18 +128,12 @@ def update_application_config(auth_user_id):
|
||||
|
||||
db.session.commit()
|
||||
update_app_config_from_database(current_app, config)
|
||||
|
||||
response_object = {'status': 'success', 'data': config.serialize()}
|
||||
code = 200
|
||||
return {'status': 'success', 'data': config.serialize()}
|
||||
|
||||
except Exception as e:
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error on updating configuration.',
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
return handle_error_and_return_response(
|
||||
e, message='Error on updating configuration.'
|
||||
)
|
||||
|
||||
|
||||
@config_blueprint.route('/ping', methods=['GET'])
|
||||
@ -169,4 +162,4 @@ def health_check():
|
||||
:statuscode 200: success
|
||||
|
||||
"""
|
||||
return jsonify({'status': 'success', 'message': 'pong!'})
|
||||
return {'status': 'success', 'message': 'pong!'}
|
||||
|
117
fittrackee/responses.py
Normal file
117
fittrackee/responses.py
Normal file
@ -0,0 +1,117 @@
|
||||
from json import dumps
|
||||
|
||||
from fittrackee import appLog
|
||||
from flask import Response
|
||||
|
||||
|
||||
def get_empty_data_for_datatype(data_type):
|
||||
return '' if data_type in ['gpx', 'chart_data'] else []
|
||||
|
||||
|
||||
class HttpResponse(Response):
|
||||
def __init__(
|
||||
self,
|
||||
response=None,
|
||||
status_code=None,
|
||||
content_type=None,
|
||||
):
|
||||
if isinstance(response, dict):
|
||||
response = dumps(response)
|
||||
content_type = (
|
||||
'application/json' if content_type is None else content_type
|
||||
)
|
||||
super().__init__(
|
||||
response=response,
|
||||
status=status_code,
|
||||
content_type=content_type,
|
||||
)
|
||||
|
||||
|
||||
class GenericErrorResponse(HttpResponse):
|
||||
def __init__(self, status_code, message, status=None):
|
||||
response = {
|
||||
'status': 'error' if status is None else status,
|
||||
'message': message,
|
||||
}
|
||||
super().__init__(
|
||||
response=response,
|
||||
status_code=status_code,
|
||||
)
|
||||
|
||||
|
||||
class InvalidPayloadErrorResponse(GenericErrorResponse):
|
||||
def __init__(self, message=None, status=None):
|
||||
message = 'Invalid payload.' if message is None else message
|
||||
super().__init__(status_code=400, message=message, status=status)
|
||||
|
||||
|
||||
class DataInvalidPayloadErrorResponse(HttpResponse):
|
||||
def __init__(self, data_type, status=None):
|
||||
response = {
|
||||
'status': 'error' if status is None else status,
|
||||
'data': {data_type: get_empty_data_for_datatype(data_type)},
|
||||
}
|
||||
super().__init__(response=response, status_code=400)
|
||||
|
||||
|
||||
class UnauthorizedErrorResponse(GenericErrorResponse):
|
||||
def __init__(self, message=None):
|
||||
message = (
|
||||
'Invalid token. Please request a new token.'
|
||||
if message is None
|
||||
else message
|
||||
)
|
||||
super().__init__(status_code=401, message=message)
|
||||
|
||||
|
||||
class ForbiddenErrorResponse(GenericErrorResponse):
|
||||
def __init__(self, message=None):
|
||||
message = (
|
||||
'You do not have permissions.' if message is None else message
|
||||
)
|
||||
super().__init__(status_code=403, message=message)
|
||||
|
||||
|
||||
class NotFoundErrorResponse(GenericErrorResponse):
|
||||
def __init__(self, message):
|
||||
super().__init__(status_code=404, message=message, status='not found')
|
||||
|
||||
|
||||
class UserNotFoundErrorResponse(NotFoundErrorResponse):
|
||||
def __init__(self):
|
||||
super().__init__(message='User does not exist.')
|
||||
|
||||
|
||||
class DataNotFoundErrorResponse(HttpResponse):
|
||||
def __init__(self, data_type, message=None):
|
||||
response = {
|
||||
'status': 'not found',
|
||||
'data': {data_type: get_empty_data_for_datatype(data_type)},
|
||||
}
|
||||
if message:
|
||||
response['message'] = message
|
||||
super().__init__(response=response, status_code=404)
|
||||
|
||||
|
||||
class PayloadTooLargeErrorResponse(GenericErrorResponse):
|
||||
def __init__(self, message):
|
||||
super().__init__(status_code=413, message=message, status='fail')
|
||||
|
||||
|
||||
class InternalServerErrorResponse(GenericErrorResponse):
|
||||
def __init__(self, message=None, status=None):
|
||||
message = (
|
||||
'Error. Please try again or contact the administrator.'
|
||||
if message is None
|
||||
else message
|
||||
)
|
||||
super().__init__(status_code=500, message=message, status=status)
|
||||
|
||||
|
||||
def handle_error_and_return_response(
|
||||
error, message=None, status=None, db=None
|
||||
):
|
||||
if db is not None:
|
||||
db.session.rollback()
|
||||
appLog.error(error)
|
||||
return InternalServerErrorResponse(message=message, status=status)
|
@ -833,7 +833,7 @@ class TestGetActivity:
|
||||
|
||||
data = json.loads(response.data.decode())
|
||||
assert response.status_code == 404
|
||||
assert 'error' in data['status']
|
||||
assert 'not found' in data['status']
|
||||
assert (
|
||||
f'No gpx file for this activity (id: {activity_short_id})'
|
||||
in data['message']
|
||||
@ -860,7 +860,7 @@ class TestGetActivity:
|
||||
|
||||
data = json.loads(response.data.decode())
|
||||
assert response.status_code == 404
|
||||
assert 'error' in data['status']
|
||||
assert 'not found' in data['status']
|
||||
assert (
|
||||
f'No gpx file for this activity (id: {activity_short_id})'
|
||||
in data['message']
|
||||
@ -888,7 +888,10 @@ class TestGetActivity:
|
||||
data = json.loads(response.data.decode())
|
||||
assert response.status_code == 500
|
||||
assert 'error' in data['status']
|
||||
assert 'internal error' in data['message']
|
||||
assert (
|
||||
'Error. Please try again or contact the administrator.'
|
||||
in data['message']
|
||||
)
|
||||
assert 'data' not in data
|
||||
|
||||
def test_it_returns_500_on_getting_chart_data_if_an_activity_has_invalid_gpx_pathname( # noqa
|
||||
@ -913,7 +916,10 @@ class TestGetActivity:
|
||||
data = json.loads(response.data.decode())
|
||||
assert response.status_code == 500
|
||||
assert 'error' in data['status']
|
||||
assert 'internal error' in data['message']
|
||||
assert (
|
||||
'Error. Please try again or contact the administrator.'
|
||||
in data['message']
|
||||
)
|
||||
assert 'data' not in data
|
||||
|
||||
def test_it_returns_404_if_activity_has_no_map(self, app, user_1):
|
||||
@ -933,5 +939,5 @@ class TestGetActivity:
|
||||
data = json.loads(response.data.decode())
|
||||
|
||||
assert response.status_code == 404
|
||||
assert 'error' in data['status']
|
||||
assert 'not found' in data['status']
|
||||
assert 'Map does not exist' in data['message']
|
||||
|
@ -843,7 +843,10 @@ class TestPostAndGetActivityWithGpx:
|
||||
|
||||
assert response.status_code == 500
|
||||
assert data['status'] == 'error'
|
||||
assert data['message'] == 'internal error.'
|
||||
assert (
|
||||
data['message']
|
||||
== 'Error. Please try again or contact the administrator.'
|
||||
)
|
||||
|
||||
def test_it_gets_an_activity_created_with_gpx(
|
||||
self, app, user_1, sport_1_cycling, gpx_file
|
||||
|
@ -162,7 +162,7 @@ class TestUserRegistration:
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 400
|
||||
|
||||
def test_it_returns_error_if_paylaod_is_invalid(self, app):
|
||||
def test_it_returns_error_if_payload_is_invalid(self, app):
|
||||
client = app.test_client()
|
||||
response = client.post(
|
||||
'/api/auth/register',
|
||||
@ -278,43 +278,49 @@ class TestUserRegistration:
|
||||
class TestUserLogin:
|
||||
def test_user_can_register(self, app, user_1):
|
||||
client = app.test_client()
|
||||
|
||||
response = client.post(
|
||||
'/api/auth/login',
|
||||
data=json.dumps(dict(email='test@test.com', password='12345678')),
|
||||
content_type='application/json',
|
||||
)
|
||||
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 200
|
||||
data = json.loads(response.data.decode())
|
||||
assert data['status'] == 'success'
|
||||
assert data['message'] == 'Successfully logged in.'
|
||||
assert data['auth_token']
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 200
|
||||
|
||||
def test_it_returns_error_if_user_does_not_exists(self, app):
|
||||
client = app.test_client()
|
||||
|
||||
response = client.post(
|
||||
'/api/auth/login',
|
||||
data=json.dumps(dict(email='test@test.com', password='12345678')),
|
||||
content_type='application/json',
|
||||
)
|
||||
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 401
|
||||
data = json.loads(response.data.decode())
|
||||
assert data['status'] == 'error'
|
||||
assert data['message'] == 'Invalid credentials.'
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 404
|
||||
|
||||
def test_it_returns_error_on_invalid_payload(self, app):
|
||||
client = app.test_client()
|
||||
|
||||
response = client.post(
|
||||
'/api/auth/login',
|
||||
data=json.dumps(dict()),
|
||||
content_type='application/json',
|
||||
)
|
||||
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 400
|
||||
data = json.loads(response.data.decode())
|
||||
assert data['status'] == 'error'
|
||||
assert data['message'] == 'Invalid payload.'
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 400
|
||||
|
||||
def test_it_returns_error_if_password_is_invalid(self, app, user_1):
|
||||
client = app.test_client()
|
||||
@ -325,11 +331,11 @@ class TestUserLogin:
|
||||
content_type='application/json',
|
||||
)
|
||||
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 401
|
||||
data = json.loads(response.data.decode())
|
||||
assert data['status'] == 'error'
|
||||
assert data['message'] == 'Invalid credentials.'
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
class TestUserLogout:
|
||||
|
@ -111,7 +111,7 @@ class TestGetUser:
|
||||
data = json.loads(response.data.decode())
|
||||
|
||||
assert response.status_code == 404
|
||||
assert 'fail' in data['status']
|
||||
assert 'not found' in data['status']
|
||||
assert 'User does not exist.' in data['message']
|
||||
|
||||
|
||||
@ -972,7 +972,7 @@ class TestGetUserPicture:
|
||||
|
||||
data = json.loads(response.data.decode())
|
||||
assert response.status_code == 404
|
||||
assert 'fail' in data['status']
|
||||
assert 'not found' in data['status']
|
||||
assert 'User does not exist.' in data['message']
|
||||
|
||||
|
||||
|
@ -3,8 +3,15 @@ import os
|
||||
|
||||
import jwt
|
||||
from fittrackee import appLog, bcrypt, db
|
||||
from fittrackee.responses import (
|
||||
ForbiddenErrorResponse,
|
||||
InvalidPayloadErrorResponse,
|
||||
PayloadTooLargeErrorResponse,
|
||||
UnauthorizedErrorResponse,
|
||||
handle_error_and_return_response,
|
||||
)
|
||||
from fittrackee.tasks import reset_password_email
|
||||
from flask import Blueprint, current_app, jsonify, request
|
||||
from flask import Blueprint, current_app, request
|
||||
from sqlalchemy import exc, or_
|
||||
from werkzeug.exceptions import RequestEntityTooLarge
|
||||
from werkzeug.utils import secure_filename
|
||||
@ -84,11 +91,8 @@ def register_user():
|
||||
|
||||
"""
|
||||
if not current_app.config.get('is_registration_enabled'):
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Registration is disabled.',
|
||||
}
|
||||
return jsonify(response_object), 403
|
||||
return ForbiddenErrorResponse('Error. Registration is disabled.')
|
||||
|
||||
# get post data
|
||||
post_data = request.get_json()
|
||||
if (
|
||||
@ -98,8 +102,7 @@ def register_user():
|
||||
or post_data.get('password') is None
|
||||
or post_data.get('password_conf') is None
|
||||
):
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
username = post_data.get('username')
|
||||
email = post_data.get('email')
|
||||
password = post_data.get('password')
|
||||
@ -108,53 +111,36 @@ def register_user():
|
||||
try:
|
||||
ret = register_controls(username, email, password, password_conf)
|
||||
except TypeError as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
if ret != '':
|
||||
response_object = {'status': 'error', 'message': ret}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse(ret)
|
||||
|
||||
try:
|
||||
# check for existing user
|
||||
user = User.query.filter(
|
||||
or_(User.username == username, User.email == email)
|
||||
).first()
|
||||
if not user:
|
||||
# add new user to db
|
||||
new_user = User(username=username, email=email, password=password)
|
||||
new_user.timezone = 'Europe/Paris'
|
||||
db.session.add(new_user)
|
||||
db.session.commit()
|
||||
# generate auth token
|
||||
auth_token = new_user.encode_auth_token(new_user.id)
|
||||
response_object = {
|
||||
'status': 'success',
|
||||
'message': 'Successfully registered.',
|
||||
'auth_token': auth_token,
|
||||
}
|
||||
return jsonify(response_object), 201
|
||||
else:
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Sorry. That user already exists.',
|
||||
}
|
||||
return jsonify(response_object), 400
|
||||
if user:
|
||||
return InvalidPayloadErrorResponse(
|
||||
'Sorry. That user already exists.'
|
||||
)
|
||||
|
||||
# add new user to db
|
||||
new_user = User(username=username, email=email, password=password)
|
||||
new_user.timezone = 'Europe/Paris'
|
||||
db.session.add(new_user)
|
||||
db.session.commit()
|
||||
# generate auth token
|
||||
auth_token = new_user.encode_auth_token(new_user.id)
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': 'Successfully registered.',
|
||||
'auth_token': auth_token,
|
||||
}, 201
|
||||
# handler errors
|
||||
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/login', methods=['POST'])
|
||||
@ -200,15 +186,15 @@ def login_user():
|
||||
:<json string password_conf: password confirmation
|
||||
|
||||
:statuscode 200: Successfully logged in.
|
||||
:statuscode 404: Invalid credentials.
|
||||
:statuscode 400: Invalid payload.
|
||||
:statuscode 401: Invalid credentials.
|
||||
:statuscode 500: Error. Please try again or contact the administrator.
|
||||
|
||||
"""
|
||||
# get post data
|
||||
post_data = request.get_json()
|
||||
if not post_data:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
email = post_data.get('email')
|
||||
password = post_data.get('password')
|
||||
try:
|
||||
@ -217,27 +203,15 @@ def login_user():
|
||||
if user and bcrypt.check_password_hash(user.password, password):
|
||||
# generate auth token
|
||||
auth_token = user.encode_auth_token(user.id)
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': 'Successfully logged in.',
|
||||
'auth_token': auth_token,
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
else:
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Invalid credentials.',
|
||||
}
|
||||
return jsonify(response_object), 404
|
||||
return UnauthorizedErrorResponse('Invalid credentials.')
|
||||
# handler errors
|
||||
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/logout', methods=['GET'])
|
||||
@ -287,24 +261,18 @@ def logout_user(auth_user_id):
|
||||
"""
|
||||
# get auth token
|
||||
auth_header = request.headers.get('Authorization')
|
||||
if auth_header:
|
||||
auth_token = auth_header.split(" ")[1]
|
||||
resp = User.decode_auth_token(auth_token)
|
||||
if not isinstance(auth_user_id, str):
|
||||
response_object = {
|
||||
'status': 'success',
|
||||
'message': 'Successfully logged out.',
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
else:
|
||||
response_object = {'status': 'error', 'message': resp}
|
||||
return jsonify(response_object), 401
|
||||
else:
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Provide a valid auth token.',
|
||||
}
|
||||
return jsonify(response_object), 401
|
||||
if not auth_header:
|
||||
return UnauthorizedErrorResponse('Provide a valid auth token.')
|
||||
|
||||
auth_token = auth_header.split(' ')[1]
|
||||
resp = User.decode_auth_token(auth_token)
|
||||
if isinstance(auth_user_id, str):
|
||||
return UnauthorizedErrorResponse(resp)
|
||||
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': 'Successfully logged out.',
|
||||
}
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/profile', methods=['GET'])
|
||||
@ -365,8 +333,7 @@ def get_authenticated_user_profile(auth_user_id):
|
||||
|
||||
"""
|
||||
user = User.query.filter_by(id=auth_user_id).first()
|
||||
response_object = {'status': 'success', 'data': user.serialize()}
|
||||
return jsonify(response_object), 200
|
||||
return {'status': 'success', 'data': user.serialize()}
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/profile/edit', methods=['POST'])
|
||||
@ -455,8 +422,8 @@ def edit_user(auth_user_id):
|
||||
'weekm',
|
||||
}
|
||||
if not post_data or not post_data.keys() >= user_mandatory_data:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
|
||||
first_name = post_data.get('first_name')
|
||||
last_name = post_data.get('last_name')
|
||||
bio = post_data.get('bio')
|
||||
@ -471,8 +438,7 @@ def edit_user(auth_user_id):
|
||||
if password is not None and password != '':
|
||||
message = check_passwords(password, password_conf)
|
||||
if message != '':
|
||||
response_object = {'status': 'error', 'message': message}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse(message)
|
||||
password = bcrypt.generate_password_hash(
|
||||
password, current_app.config.get('BCRYPT_LOG_ROUNDS')
|
||||
).decode()
|
||||
@ -495,22 +461,15 @@ def edit_user(auth_user_id):
|
||||
user.weekm = weekm
|
||||
db.session.commit()
|
||||
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': 'User profile updated.',
|
||||
'data': user.serialize(),
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
||||
# handler errors
|
||||
except (exc.IntegrityError, exc.OperationalError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/picture', methods=['POST'])
|
||||
@ -557,20 +516,16 @@ def edit_picture(auth_user_id):
|
||||
|
||||
"""
|
||||
try:
|
||||
response_object, response_code = verify_extension_and_size(
|
||||
'picture', request
|
||||
)
|
||||
response_object = verify_extension_and_size('picture', request)
|
||||
except RequestEntityTooLarge as e:
|
||||
appLog.error(e)
|
||||
max_file_size = current_app.config['MAX_CONTENT_LENGTH']
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'Error during picture update, file size exceeds '
|
||||
f'{display_readable_file_size(max_file_size)}.',
|
||||
}
|
||||
return jsonify(response_object), 413
|
||||
if response_object['status'] != 'success':
|
||||
return jsonify(response_object), response_code
|
||||
return PayloadTooLargeErrorResponse(
|
||||
'Error during picture update, file size exceeds '
|
||||
f'{display_readable_file_size(max_file_size)}.'
|
||||
)
|
||||
if response_object:
|
||||
return response_object
|
||||
|
||||
file = request.files['file']
|
||||
filename = secure_filename(file.filename)
|
||||
@ -593,21 +548,15 @@ def edit_picture(auth_user_id):
|
||||
file.save(absolute_picture_path)
|
||||
user.picture = relative_picture_path
|
||||
db.session.commit()
|
||||
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': 'User picture updated.',
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
||||
except (exc.IntegrityError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'Error during picture update.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(
|
||||
e, message='Error during picture update.', status='fail', db=db
|
||||
)
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/picture', methods=['DELETE'])
|
||||
@ -647,18 +596,11 @@ def del_picture(auth_user_id):
|
||||
os.remove(picture_path)
|
||||
user.picture = None
|
||||
db.session.commit()
|
||||
|
||||
response_object = {'status': 'no content'}
|
||||
return jsonify(response_object), 204
|
||||
|
||||
return {'status': 'no content'}, 204
|
||||
except (exc.IntegrityError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'Error during picture deletion.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(
|
||||
e, message='Error during picture deletion.', status='fail', db=db
|
||||
)
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/password/reset-request', methods=['POST'])
|
||||
@ -693,8 +635,7 @@ def request_password_reset():
|
||||
"""
|
||||
post_data = request.get_json()
|
||||
if not post_data or post_data.get('email') is None:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
email = post_data.get('email')
|
||||
|
||||
user = User.query.filter(User.email == email).first()
|
||||
@ -718,11 +659,10 @@ def request_password_reset():
|
||||
'email': user.email,
|
||||
}
|
||||
reset_password_email.send(user_data, email_data)
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': 'Password reset request processed.',
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
||||
|
||||
@auth_blueprint.route('/auth/password/update', methods=['POST'])
|
||||
@ -766,45 +706,31 @@ def update_password():
|
||||
or post_data.get('password_conf') is None
|
||||
or post_data.get('token') is None
|
||||
):
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
password = post_data.get('password')
|
||||
password_conf = post_data.get('password_conf')
|
||||
token = post_data.get('token')
|
||||
|
||||
invalid_token_response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Invalid token. Please request a new token.',
|
||||
}
|
||||
try:
|
||||
user_id = decode_user_token(token)
|
||||
except (jwt.ExpiredSignatureError, jwt.InvalidTokenError):
|
||||
return jsonify(invalid_token_response_object), 401
|
||||
return UnauthorizedErrorResponse()
|
||||
|
||||
message = check_passwords(password, password_conf)
|
||||
if message != '':
|
||||
response_object = {'status': 'error', 'message': message}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse(message)
|
||||
|
||||
user = User.query.filter(User.id == user_id).first()
|
||||
if not user:
|
||||
return jsonify(invalid_token_response_object), 401
|
||||
return UnauthorizedErrorResponse()
|
||||
try:
|
||||
user.password = bcrypt.generate_password_hash(
|
||||
password, current_app.config.get('BCRYPT_LOG_ROUNDS')
|
||||
).decode()
|
||||
db.session.commit()
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'message': 'Password updated.',
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
||||
except (exc.OperationalError, ValueError) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
return jsonify(response_object), 500
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
@ -1,8 +1,15 @@
|
||||
import os
|
||||
import shutil
|
||||
|
||||
from fittrackee import appLog, db
|
||||
from flask import Blueprint, jsonify, request, send_file
|
||||
from fittrackee import db
|
||||
from fittrackee.responses import (
|
||||
ForbiddenErrorResponse,
|
||||
InvalidPayloadErrorResponse,
|
||||
NotFoundErrorResponse,
|
||||
UserNotFoundErrorResponse,
|
||||
handle_error_and_return_response,
|
||||
)
|
||||
from flask import Blueprint, request, send_file
|
||||
from sqlalchemy import exc
|
||||
|
||||
from ..activities.utils_files import get_absolute_file_path
|
||||
@ -156,7 +163,7 @@ def get_users(auth_user_id):
|
||||
.paginate(page, per_page, False)
|
||||
)
|
||||
users = users_pagination.items
|
||||
response_object = {
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'users': [user.serialize() for user in users]},
|
||||
'pagination': {
|
||||
@ -167,7 +174,6 @@ def get_users(auth_user_id):
|
||||
'total': users_pagination.total,
|
||||
},
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
|
||||
|
||||
@users_blueprint.route('/users/<user_name>', methods=['GET'])
|
||||
@ -232,20 +238,16 @@ def get_single_user(auth_user_id, user_name):
|
||||
:statuscode 404:
|
||||
- User does not exist.
|
||||
"""
|
||||
|
||||
response_object = {'status': 'fail', 'message': 'User does not exist.'}
|
||||
try:
|
||||
user = User.query.filter_by(username=user_name).first()
|
||||
if not user:
|
||||
return jsonify(response_object), 404
|
||||
else:
|
||||
response_object = {
|
||||
if user:
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'users': [user.serialize()]},
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
except ValueError:
|
||||
return jsonify(response_object), 404
|
||||
pass
|
||||
return UserNotFoundErrorResponse()
|
||||
|
||||
|
||||
@users_blueprint.route('/users/<user_name>/picture', methods=['GET'])
|
||||
@ -274,21 +276,16 @@ def get_picture(user_name):
|
||||
- No picture.
|
||||
|
||||
"""
|
||||
response_object = {'status': 'not found', 'message': 'No picture.'}
|
||||
try:
|
||||
user = User.query.filter_by(username=user_name).first()
|
||||
if not user:
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'User does not exist.',
|
||||
}
|
||||
return jsonify(response_object), 404
|
||||
return UserNotFoundErrorResponse()
|
||||
if user.picture is not None:
|
||||
picture_path = get_absolute_file_path(user.picture)
|
||||
return send_file(picture_path)
|
||||
return jsonify(response_object), 404
|
||||
except Exception:
|
||||
return jsonify(response_object), 404
|
||||
pass
|
||||
return NotFoundErrorResponse('No picture.')
|
||||
|
||||
|
||||
@users_blueprint.route('/users/<user_name>', methods=['PATCH'])
|
||||
@ -359,34 +356,23 @@ def update_user(auth_user_id, user_name):
|
||||
- User does not exist.
|
||||
:statuscode 500:
|
||||
"""
|
||||
response_object = {'status': 'fail', 'message': 'User does not exist.'}
|
||||
user_data = request.get_json()
|
||||
if 'admin' not in user_data:
|
||||
response_object = {'status': 'error', 'message': 'Invalid payload.'}
|
||||
return jsonify(response_object), 400
|
||||
return InvalidPayloadErrorResponse()
|
||||
|
||||
try:
|
||||
user = User.query.filter_by(username=user_name).first()
|
||||
if not user:
|
||||
return jsonify(response_object), 404
|
||||
else:
|
||||
user.admin = user_data['admin']
|
||||
db.session.commit()
|
||||
response_object = {
|
||||
'status': 'success',
|
||||
'data': {'users': [user.serialize()]},
|
||||
}
|
||||
return jsonify(response_object), 200
|
||||
return UserNotFoundErrorResponse()
|
||||
|
||||
except exc.StatementError as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
user.admin = user_data['admin']
|
||||
db.session.commit()
|
||||
return {
|
||||
'status': 'success',
|
||||
'data': {'users': [user.serialize()]},
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
except exc.StatementError as e:
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
||||
|
||||
@users_blueprint.route('/users/<user_name>', methods=['DELETE'])
|
||||
@ -435,62 +421,43 @@ def delete_user(auth_user_id, user_name):
|
||||
try:
|
||||
auth_user = User.query.filter_by(id=auth_user_id).first()
|
||||
user = User.query.filter_by(username=user_name).first()
|
||||
if user:
|
||||
if user.id != auth_user_id and not auth_user.admin:
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'You do not have permissions.',
|
||||
}
|
||||
return response_object, 403
|
||||
if (
|
||||
user.admin is True
|
||||
and User.query.filter_by(admin=True).count() == 1
|
||||
):
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': (
|
||||
'You can not delete your account, '
|
||||
'no other user has admin rights.'
|
||||
),
|
||||
}
|
||||
return response_object, 403
|
||||
for activity in Activity.query.filter_by(user_id=user.id).all():
|
||||
db.session.delete(activity)
|
||||
db.session.flush()
|
||||
user_picture = user.picture
|
||||
db.session.delete(user)
|
||||
db.session.commit()
|
||||
if user_picture:
|
||||
picture_path = get_absolute_file_path(user.picture)
|
||||
if os.path.isfile(picture_path):
|
||||
os.remove(picture_path)
|
||||
shutil.rmtree(
|
||||
get_absolute_file_path(f'activities/{user.id}'),
|
||||
ignore_errors=True,
|
||||
if not user:
|
||||
return UserNotFoundErrorResponse()
|
||||
|
||||
if user.id != auth_user_id and not auth_user.admin:
|
||||
return ForbiddenErrorResponse()
|
||||
if (
|
||||
user.admin is True
|
||||
and User.query.filter_by(admin=True).count() == 1
|
||||
):
|
||||
return ForbiddenErrorResponse(
|
||||
'You can not delete your account, '
|
||||
'no other user has admin rights.'
|
||||
)
|
||||
shutil.rmtree(
|
||||
get_absolute_file_path(f'pictures/{user.id}'),
|
||||
ignore_errors=True,
|
||||
)
|
||||
response_object = {'status': 'no content'}
|
||||
code = 204
|
||||
else:
|
||||
response_object = {
|
||||
'status': 'not found',
|
||||
'message': 'User does not exist.',
|
||||
}
|
||||
code = 404
|
||||
|
||||
for activity in Activity.query.filter_by(user_id=user.id).all():
|
||||
db.session.delete(activity)
|
||||
db.session.flush()
|
||||
user_picture = user.picture
|
||||
db.session.delete(user)
|
||||
db.session.commit()
|
||||
if user_picture:
|
||||
picture_path = get_absolute_file_path(user.picture)
|
||||
if os.path.isfile(picture_path):
|
||||
os.remove(picture_path)
|
||||
shutil.rmtree(
|
||||
get_absolute_file_path(f'activities/{user.id}'),
|
||||
ignore_errors=True,
|
||||
)
|
||||
shutil.rmtree(
|
||||
get_absolute_file_path(f'pictures/{user.id}'),
|
||||
ignore_errors=True,
|
||||
)
|
||||
return {'status': 'no content'}, 204
|
||||
except (
|
||||
exc.IntegrityError,
|
||||
exc.OperationalError,
|
||||
ValueError,
|
||||
OSError,
|
||||
) as e:
|
||||
db.session.rollback()
|
||||
appLog.error(e)
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Please try again or contact the administrator.',
|
||||
}
|
||||
code = 500
|
||||
return jsonify(response_object), code
|
||||
return handle_error_and_return_response(e, db=db)
|
||||
|
@ -3,7 +3,13 @@ from datetime import timedelta
|
||||
from functools import wraps
|
||||
|
||||
import humanize
|
||||
from flask import current_app, jsonify, request
|
||||
from fittrackee.responses import (
|
||||
ForbiddenErrorResponse,
|
||||
InvalidPayloadErrorResponse,
|
||||
PayloadTooLargeErrorResponse,
|
||||
UnauthorizedErrorResponse,
|
||||
)
|
||||
from flask import current_app, request
|
||||
|
||||
from .models import User
|
||||
|
||||
@ -38,17 +44,12 @@ def register_controls(username, email, password, password_conf):
|
||||
|
||||
|
||||
def verify_extension_and_size(file_type, req):
|
||||
response_object = {'status': 'success'}
|
||||
code = 400
|
||||
|
||||
if 'file' not in req.files:
|
||||
response_object = {'status': 'fail', 'message': 'No file part.'}
|
||||
return response_object, code
|
||||
return InvalidPayloadErrorResponse('No file part.', 'fail')
|
||||
|
||||
file = req.files['file']
|
||||
if file.filename == '':
|
||||
response_object = {'status': 'fail', 'message': 'No selected file.'}
|
||||
return response_object, code
|
||||
return InvalidPayloadErrorResponse('No selected file.', 'fail')
|
||||
|
||||
allowed_extensions = (
|
||||
'ACTIVITY_ALLOWED_EXTENSIONS'
|
||||
@ -67,52 +68,43 @@ def verify_extension_and_size(file_type, req):
|
||||
file_extension
|
||||
and file_extension in current_app.config.get(allowed_extensions)
|
||||
):
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'File extension not allowed.',
|
||||
}
|
||||
elif file_extension != 'zip' and req.content_length > max_file_size:
|
||||
response_object = {
|
||||
'status': 'fail',
|
||||
'message': 'Error during picture update, file size exceeds '
|
||||
f'{display_readable_file_size(max_file_size)}.',
|
||||
}
|
||||
code = 413
|
||||
return InvalidPayloadErrorResponse(
|
||||
'File extension not allowed.', 'fail'
|
||||
)
|
||||
|
||||
return response_object, code
|
||||
if file_extension != 'zip' and req.content_length > max_file_size:
|
||||
return PayloadTooLargeErrorResponse(
|
||||
'Error during picture update, file size exceeds '
|
||||
f'{display_readable_file_size(max_file_size)}.'
|
||||
)
|
||||
|
||||
return None
|
||||
|
||||
|
||||
def verify_user(current_request, verify_admin):
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Something went wrong. Please contact us.',
|
||||
}
|
||||
code = 401
|
||||
default_message = 'Provide a valid auth token.'
|
||||
auth_header = current_request.headers.get('Authorization')
|
||||
if not auth_header:
|
||||
response_object['message'] = 'Provide a valid auth token.'
|
||||
return response_object, code, None
|
||||
auth_token = auth_header.split(" ")[1]
|
||||
return UnauthorizedErrorResponse(default_message), None
|
||||
auth_token = auth_header.split(' ')[1]
|
||||
resp = User.decode_auth_token(auth_token)
|
||||
if isinstance(resp, str):
|
||||
response_object['message'] = resp
|
||||
return response_object, code, None
|
||||
return UnauthorizedErrorResponse(resp), None
|
||||
user = User.query.filter_by(id=resp).first()
|
||||
if not user:
|
||||
return response_object, code, None
|
||||
return UnauthorizedErrorResponse(default_message), None
|
||||
if verify_admin and not is_admin(resp):
|
||||
response_object['message'] = 'You do not have permissions.'
|
||||
return response_object, 403, None
|
||||
return None, None, resp
|
||||
return ForbiddenErrorResponse(), None
|
||||
return None, resp
|
||||
|
||||
|
||||
def authenticate(f):
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
verify_admin = False
|
||||
response_object, code, resp = verify_user(request, verify_admin)
|
||||
response_object, resp = verify_user(request, verify_admin)
|
||||
if response_object:
|
||||
return jsonify(response_object), code
|
||||
return response_object
|
||||
return f(resp, *args, **kwargs)
|
||||
|
||||
return decorated_function
|
||||
@ -122,9 +114,9 @@ def authenticate_as_admin(f):
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
verify_admin = True
|
||||
response_object, code, resp = verify_user(request, verify_admin)
|
||||
response_object, resp = verify_user(request, verify_admin)
|
||||
if response_object:
|
||||
return jsonify(response_object), code
|
||||
return response_object
|
||||
return f(resp, *args, **kwargs)
|
||||
|
||||
return decorated_function
|
||||
@ -132,12 +124,8 @@ def authenticate_as_admin(f):
|
||||
|
||||
def can_view_activity(auth_user_id, activity_user_id):
|
||||
if auth_user_id != activity_user_id:
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'You do not have permissions.',
|
||||
}
|
||||
return response_object, 403
|
||||
return None, None
|
||||
return ForbiddenErrorResponse()
|
||||
return None
|
||||
|
||||
|
||||
def display_readable_file_size(size_in_bytes):
|
||||
|
Loading…
Reference in New Issue
Block a user