university-final-iot-backend/app/api/resources/account.py

from flask_restful import Resource, abort
from flask import g
from marshmallow import Schema, fields
from webargs.flaskparser import use_args
from flasgger import swag_from
import app.accounts.api as accounts
from app.api import ProtectedResource, requires_permission


class UserSchema(Schema):
    username = fields.Str(required=True)
    email = fields.Email(required=True)
    password = fields.Str(required=True, load_only=True)


class RoleUpdateSchema(Schema):
    role_id = fields.Integer(required=True, load_only=True, location='json')


class RoleSchema(Schema):
    id = fields.Integer(required=True, location='json')
    display_name = fields.String(required=True, location='json')
    permissions = fields.List(fields.String, required=True,
                              location='json', many=True)


class RoleWrapperSchema(Schema):
    role = fields.Nested(RoleSchema, required=True, location='json')


class RolesWrapperSchema(Schema):
    roles = fields.Nested(RoleSchema, required=True,
                          location='json', many=True)


class RoleCreationSchema(Schema):
    display_name = fields.String(required=True, location='json')
    permissions = fields.List(fields.String, required=True,
                              location='json', many=True)


class RoleCreationWrapperSchema(Schema):
    role = fields.Nested(RoleCreationSchema, required=True, location='json')


class UserWrapperSchema(Schema):
    user = fields.Nested(UserSchema, required=True, location='json')


class AccountResource(ProtectedResource):
    @swag_from('swagger/get_account_spec.yaml')
    def get(self, account_id):
        if g.current_account.id == account_id:
            return UserWrapperSchema().dump({'user': g.current_account}), 200
        abort(403, message='You can only get your own account', status='error')


class RoleResource(ProtectedResource):
    @swag_from('swagger/get_role_spec.yaml')
    def get(self, role_id):
        return RoleWrapperSchema().dump(
                {'role': accounts.get_role(role_id)}), 200


class RolesResource(ProtectedResource):
    @requires_permission('CREATE_ROLE', 'Role creation')
    @use_args(RoleCreationWrapperSchema())
    @swag_from('swagger/create_role_spec.yaml')
    def post(self, args):
        args = args['role']
        success = accounts.create_role(args['display_name'],
                                       args['permissions'])
        if success:
            return '', 201

    @swag_from('swagger/get_roles_spec.yaml')
    def get(self):
        return RolesWrapperSchema().dump(
                {'roles': accounts.get_all_roles()}), 200


class AccountRoleResource(ProtectedResource):
    @use_args(RoleUpdateSchema())
    @swag_from('swagger/update_account_role_spec.yaml')
    def put(self, args, account_id):
        if g.current_account.id == account_id:
            abort(403, message='You may not change your own roles',
                  status='error')
        success = accounts.update_account_role(account_id, args['role_id'])
        if success:
            return '', 204


class AccountListResource(Resource):
    @use_args(UserWrapperSchema())
    @swag_from('swagger/create_account_spec.yaml')
    def post(self, args):
        try:
            args = args['user']
            success = accounts.create_account(
                    args['username'],
                    args['email'],
                    args['password'])
            if success:
                return '', 201
        except ValueError:
            abort(422, message='Account already exists', status='error')
Use marshmallow and webargs for parsing and marshaling 2018-05-07 11:57:53 +00:00			`from flask_restful import Resource, abort`
Add get account fake endpoint 2018-05-08 08:52:36 +00:00			`from flask import g`
Add basic device endpoints 2018-05-08 14:45:09 +00:00			`from marshmallow import Schema, fields`
Use marshmallow and webargs for parsing and marshaling 2018-05-07 11:57:53 +00:00			`from webargs.flaskparser import use_args`
Add swagger documentation 2018-05-07 14:13:07 +00:00			`from flasgger import swag_from`
Remove code from accounts __init__ to separate modules 2018-10-06 11:38:27 +00:00			`import app.accounts.api as accounts`
Add decorator for role protection 2018-09-22 23:33:31 +00:00			`from app.api import ProtectedResource, requires_permission`
Restfulify account creation and login 2018-05-06 19:42:21 +00:00

Add basic device endpoints 2018-05-08 14:45:09 +00:00			`class UserSchema(Schema):`
			`username = fields.Str(required=True)`
			`email = fields.Email(required=True)`
			`password = fields.Str(required=True, load_only=True)`


Add role update call 2018-09-22 17:01:50 +00:00			`class RoleUpdateSchema(Schema):`
			`role_id = fields.Integer(required=True, load_only=True, location='json')`


Add role management routes 2018-09-22 23:22:19 +00:00			`class RoleSchema(Schema):`
Fix swagger roles issue 2018-09-23 11:56:41 +00:00			`id = fields.Integer(required=True, location='json')`
Add role management routes 2018-09-22 23:22:19 +00:00			`display_name = fields.String(required=True, location='json')`
			`permissions = fields.List(fields.String, required=True,`
			`location='json', many=True)`


			`class RoleWrapperSchema(Schema):`
			`role = fields.Nested(RoleSchema, required=True, location='json')`


			`class RolesWrapperSchema(Schema):`
			`roles = fields.Nested(RoleSchema, required=True,`
			`location='json', many=True)`


			`class RoleCreationSchema(Schema):`
			`display_name = fields.String(required=True, location='json')`
			`permissions = fields.List(fields.String, required=True,`
			`location='json', many=True)`


			`class RoleCreationWrapperSchema(Schema):`
			`role = fields.Nested(RoleCreationSchema, required=True, location='json')`


Add basic device endpoints 2018-05-08 14:45:09 +00:00			`class UserWrapperSchema(Schema):`
			`user = fields.Nested(UserSchema, required=True, location='json')`
Restfulify account creation and login 2018-05-06 19:42:21 +00:00
Add get account fake endpoint 2018-05-08 08:52:36 +00:00
Add basic device endpoints 2018-05-08 14:45:09 +00:00			`class AccountResource(ProtectedResource):`
Add get account fake endpoint 2018-05-08 08:52:36 +00:00			`@swag_from('swagger/get_account_spec.yaml')`
			`def get(self, account_id):`
			`if g.current_account.id == account_id:`
Add basic device endpoints 2018-05-08 14:45:09 +00:00			`return UserWrapperSchema().dump({'user': g.current_account}), 200`
Add get account fake endpoint 2018-05-08 08:52:36 +00:00			`abort(403, message='You can only get your own account', status='error')`


Add role management routes 2018-09-22 23:22:19 +00:00			`class RoleResource(ProtectedResource):`
			`@swag_from('swagger/get_role_spec.yaml')`
			`def get(self, role_id):`
			`return RoleWrapperSchema().dump(`
			`{'role': accounts.get_role(role_id)}), 200`


			`class RolesResource(ProtectedResource):`
Fix swagger roles issue 2018-09-23 11:56:41 +00:00			`@requires_permission('CREATE_ROLE', 'Role creation')`
Add role management routes 2018-09-22 23:22:19 +00:00			`@use_args(RoleCreationWrapperSchema())`
			`@swag_from('swagger/create_role_spec.yaml')`
			`def post(self, args):`
			`args = args['role']`
			`success = accounts.create_role(args['display_name'],`
			`args['permissions'])`
			`if success:`
			`return '', 201`

			`@swag_from('swagger/get_roles_spec.yaml')`
			`def get(self):`
			`return RolesWrapperSchema().dump(`
			`{'roles': accounts.get_all_roles()}), 200`


Add role update call 2018-09-22 17:01:50 +00:00			`class AccountRoleResource(ProtectedResource):`
			`@use_args(RoleUpdateSchema())`
			`@swag_from('swagger/update_account_role_spec.yaml')`
			`def put(self, args, account_id):`
			`if g.current_account.id == account_id:`
			`abort(403, message='You may not change your own roles',`
			`status='error')`
			`success = accounts.update_account_role(account_id, args['role_id'])`
			`if success:`
			`return '', 204`


Add get account fake endpoint 2018-05-08 08:52:36 +00:00			`class AccountListResource(Resource):`
Add basic device endpoints 2018-05-08 14:45:09 +00:00			`@use_args(UserWrapperSchema())`
Add swagger documentation 2018-05-07 14:13:07 +00:00			`@swag_from('swagger/create_account_spec.yaml')`
Use marshmallow and webargs for parsing and marshaling 2018-05-07 11:57:53 +00:00			`def post(self, args):`
Restfulify account creation and login 2018-05-06 19:42:21 +00:00			`try:`
Use marshmallow and webargs for parsing and marshaling 2018-05-07 11:57:53 +00:00			`args = args['user']`
Restfulify account creation and login 2018-05-06 19:42:21 +00:00			`success = accounts.create_account(`
			`args['username'],`
			`args['email'],`
			`args['password'])`
			`if success:`
			`return '', 201`
			`except ValueError:`
			`abort(422, message='Account already exists', status='error')`