From ace28a69af4a7049b4d4dbe4b4cbe9a64f0a00f9 Mon Sep 17 00:00:00 2001 From: Sam Date: Wed, 4 Jul 2018 14:13:19 +0200 Subject: [PATCH] store user picture w/ relative path instead of absolute path --- .../fittrackee_api/activities/stats.py | 1 - .../fittrackee_api/tests/test_auth_api.py | 19 +++++++++++++++ fittrackee_api/fittrackee_api/users/auth.py | 23 +++++++++++++------ fittrackee_api/fittrackee_api/users/users.py | 4 +++- 4 files changed, 38 insertions(+), 9 deletions(-) diff --git a/fittrackee_api/fittrackee_api/activities/stats.py b/fittrackee_api/fittrackee_api/activities/stats.py index 6f840a70..4fd493e3 100644 --- a/fittrackee_api/fittrackee_api/activities/stats.py +++ b/fittrackee_api/fittrackee_api/activities/stats.py @@ -40,7 +40,6 @@ def get_activities(user_id, filter_type): if sport_id: sport = Sport.query.filter_by(id=sport_id).first() if not sport: - print('not sport') response_object = { 'status': 'not found', 'message': 'Sport does not exist.' diff --git a/fittrackee_api/fittrackee_api/tests/test_auth_api.py b/fittrackee_api/fittrackee_api/tests/test_auth_api.py index 9506ee69..ee2f8200 100644 --- a/fittrackee_api/fittrackee_api/tests/test_auth_api.py +++ b/fittrackee_api/fittrackee_api/tests/test_auth_api.py @@ -705,6 +705,25 @@ def test_update_user_picture(app, user_1): assert data['status'] == 'success' assert data['message'] == 'User picture updated.' assert response.status_code == 200 + assert 'avatar.png' in user_1.picture + + response = client.post( + '/api/auth/picture', + data=dict( + file=(BytesIO(b'avatar2'), 'avatar2.png') + ), + headers=dict( + content_type='multipart/form-data', + authorization='Bearer ' + + json.loads(resp_login.data.decode())['auth_token'] + ) + ) + data = json.loads(response.data.decode()) + assert data['status'] == 'success' + assert data['message'] == 'User picture updated.' + assert response.status_code == 200 + assert 'avatar.png' not in user_1.picture + assert 'avatar2.png' in user_1.picture def test_update_user_no_picture(app, user_1): diff --git a/fittrackee_api/fittrackee_api/users/auth.py b/fittrackee_api/fittrackee_api/users/auth.py index 6f6faaf3..4618b757 100644 --- a/fittrackee_api/fittrackee_api/users/auth.py +++ b/fittrackee_api/fittrackee_api/users/auth.py @@ -6,6 +6,7 @@ from flask import Blueprint, current_app, jsonify, request from sqlalchemy import exc, or_ from werkzeug.utils import secure_filename +from ..activities.utils_files import get_absolute_file_path from .models import User from .utils import authenticate, register_controls, verify_extension @@ -250,14 +251,21 @@ def edit_picture(user_id): ) if not os.path.exists(dirpath): os.makedirs(dirpath) - filepath = os.path.join(dirpath, filename) + absolute_picture_path = os.path.join(dirpath, filename) + relative_picture_path = os.path.join( + 'pictures', + str(user_id), + filename + ) try: user = User.query.filter_by(id=user_id).first() - if user.picture is not None and os.path.isfile(user.picture): - os.remove(user.picture) - file.save(filepath) - user.picture = filepath + if user.picture is not None: + old_picture_path = get_absolute_file_path(user.picture) + if os.path.isfile(get_absolute_file_path(old_picture_path)): + os.remove(old_picture_path) + file.save(absolute_picture_path) + user.picture = relative_picture_path db.session.commit() response_object = { @@ -281,8 +289,9 @@ def edit_picture(user_id): def del_picture(user_id): try: user = User.query.filter_by(id=user_id).first() - if os.path.isfile(user.picture): - os.remove(user.picture) + picture_path = get_absolute_file_path(user.picture) + if os.path.isfile(picture_path): + os.remove(picture_path) user.picture = None db.session.commit() diff --git a/fittrackee_api/fittrackee_api/users/users.py b/fittrackee_api/fittrackee_api/users/users.py index 4c4ff0e2..6d0a7f59 100644 --- a/fittrackee_api/fittrackee_api/users/users.py +++ b/fittrackee_api/fittrackee_api/users/users.py @@ -1,5 +1,6 @@ from flask import Blueprint, jsonify, send_file +from ..activities.utils_files import get_absolute_file_path from .models import User users_blueprint = Blueprint('users', __name__) @@ -50,7 +51,8 @@ def get_picture(user_id): if not user: return jsonify(response_object), 404 else: - return send_file(user.picture) + picture_path = get_absolute_file_path(user.picture) + return send_file(picture_path) except ValueError: return jsonify(response_object), 404