From 53529cd73727dd2812cf769c8807f91d4de48803 Mon Sep 17 00:00:00 2001 From: Davor Date: Tue, 21 Jun 2022 14:41:54 +0200 Subject: [PATCH] add me endpoint --- areas/users/user_service.py | 30 ++++++++++++++++++++++++++++++ areas/users/users.py | 29 ++++++++++++++++++++++++++++- helpers/auth_guard.py | 6 +++--- 3 files changed, 61 insertions(+), 4 deletions(-) diff --git a/areas/users/user_service.py b/areas/users/user_service.py index d394460..a0b50c3 100644 --- a/areas/users/user_service.py +++ b/areas/users/user_service.py @@ -68,6 +68,36 @@ class UserService: return UserService.get_user(id) + @staticmethod + def put_personal_info(id, data): + kratos_data = { + "schema_id": "default", + "traits": {"email": data["email"], "name": data["name"]}, + } + KratosApi.put("/admin/identities/{}".format(id), kratos_data) + + # TODO: if the user is no admin - he can't change app roles - implement + + if data["app_roles"]: + app_roles = data["app_roles"] + for ar in app_roles: + app = App.query.filter_by(slug=ar["name"]).first() + app_role = AppRole.query.filter_by(user_id=id, app_id=app.id).first() + + if app_role: + app_role.role_id = ar["role_id"] if "role_id" in ar else None + db.session.commit() + else: + appRole = AppRole( + user_id=id, + role_id=ar["role_id"] if "role_id" in ar else None, + app_id=app.id, + ) + db.session.add(appRole) + db.session.commit() + + return UserService.get_user(id) + @staticmethod def delete_user(id): app_role = AppRole.query.filter_by(user_id=id).all() diff --git a/areas/users/users.py b/areas/users/users.py index 4536586..03d059d 100644 --- a/areas/users/users.py +++ b/areas/users/users.py @@ -1,5 +1,5 @@ from flask import jsonify, request -from flask_jwt_extended import jwt_required +from flask_jwt_extended import get_jwt, jwt_required from flask_cors import cross_origin from flask_expects_json import expects_json @@ -23,6 +23,7 @@ def get_users(): @api_v1.route("/users/", methods=["GET"]) @jwt_required() @cross_origin() +@admin_required() def get_user(id): res = UserService.get_user(id) return jsonify(res) @@ -43,6 +44,7 @@ def post_user(): @jwt_required() @cross_origin() @expects_json(schema) +@admin_required() def put_user(id): data = request.get_json() res = UserService.put_user(id, data) @@ -59,3 +61,28 @@ def delete_user(id): UserService.delete_user(id) return jsonify(), res.status_code return jsonify(res.json()), res.status_code + + +@api_v1.route("/me", methods=["GET"]) +@jwt_required() +@cross_origin() +def get_personal_info(): + user_id = __get_user_id_from_jwt() + res = UserService.get_user(user_id) + return jsonify(res) + + +@api_v1.route("/me", methods=["PUT"]) +@jwt_required() +@cross_origin() +@expects_json(schema) +def update_personal_info(): + data = request.get_json() + user_id = __get_user_id_from_jwt() + res = UserService.put_user(user_id, data) + return jsonify(res) + + +def __get_user_id_from_jwt(): + claims = get_jwt() + return claims["user_id"] diff --git a/helpers/auth_guard.py b/helpers/auth_guard.py index 900e35e..36bbeeb 100644 --- a/helpers/auth_guard.py +++ b/helpers/auth_guard.py @@ -2,10 +2,10 @@ from functools import wraps from areas.roles.role_service import RoleService -from flask_jwt_extended import verify_jwt_in_request -from flask_jwt_extended import get_jwt +from flask_jwt_extended import get_jwt, verify_jwt_in_request from helpers import Unauthorized + def admin_required(): def wrapper(fn): @wraps(fn) @@ -21,4 +21,4 @@ def admin_required(): return decorator - return wrapper \ No newline at end of file + return wrapper