local-it/dashboard
0
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add me endpoint

Browse source
This commit is contained in:
Davor 2022-06-21 14:41:54 +02:00 committed by Maarten de Waard
parent 420c85cf8d
commit 53529cd737
3 changed files with 61 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
areas/users/user_service.py
View file

@ -68,6 +68,36 @@ class UserService:
return UserService.get_user(id) return UserService.get_user(id)
@staticmethod
def put_personal_info(id, data):
kratos_data = {
"schema_id": "default",
"traits": {"email": data["email"], "name": data["name"]},
}
KratosApi.put("/admin/identities/{}".format(id), kratos_data)
# TODO: if the user is no admin - he can't change app roles - implement
if data["app_roles"]:
app_roles = data["app_roles"]
for ar in app_roles:
app = App.query.filter_by(slug=ar["name"]).first()
app_role = AppRole.query.filter_by(user_id=id, app_id=app.id).first()
if app_role:
app_role.role_id = ar["role_id"] if "role_id" in ar else None
db.session.commit()
else:
appRole = AppRole(
user_id=id,
role_id=ar["role_id"] if "role_id" in ar else None,
app_id=app.id,
)
db.session.add(appRole)
db.session.commit()
return UserService.get_user(id)
@staticmethod @staticmethod
def delete_user(id): def delete_user(id):
app_role = AppRole.query.filter_by(user_id=id).all() app_role = AppRole.query.filter_by(user_id=id).all()

29
areas/users/users.py
View file

@ -1,5 +1,5 @@
from flask import jsonify, request from flask import jsonify, request
from flask_jwt_extended import jwt_required from flask_jwt_extended import get_jwt, jwt_required
from flask_cors import cross_origin from flask_cors import cross_origin
from flask_expects_json import expects_json from flask_expects_json import expects_json
@ -23,6 +23,7 @@ def get_users():
@api_v1.route("/users/<string:id>", methods=["GET"]) @api_v1.route("/users/<string:id>", methods=["GET"])
@jwt_required() @jwt_required()
@cross_origin() @cross_origin()
@admin_required()
def get_user(id): def get_user(id):
res = UserService.get_user(id) res = UserService.get_user(id)
return jsonify(res) return jsonify(res)
@ -43,6 +44,7 @@ def post_user():
@jwt_required() @jwt_required()
@cross_origin() @cross_origin()
@expects_json(schema) @expects_json(schema)
@admin_required()
def put_user(id): def put_user(id):
data = request.get_json() data = request.get_json()
res = UserService.put_user(id, data) res = UserService.put_user(id, data)
@ -59,3 +61,28 @@ def delete_user(id):
UserService.delete_user(id) UserService.delete_user(id)
return jsonify(), res.status_code return jsonify(), res.status_code
return jsonify(res.json()), res.status_code return jsonify(res.json()), res.status_code
@api_v1.route("/me", methods=["GET"])
@jwt_required()
@cross_origin()
def get_personal_info():
user_id = __get_user_id_from_jwt()
res = UserService.get_user(user_id)
return jsonify(res)
@api_v1.route("/me", methods=["PUT"])
@jwt_required()
@cross_origin()
@expects_json(schema)
def update_personal_info():
data = request.get_json()
user_id = __get_user_id_from_jwt()
res = UserService.put_user(user_id, data)
return jsonify(res)
def __get_user_id_from_jwt():
claims = get_jwt()
return claims["user_id"]

4
helpers/auth_guard.py
View file

@ -2,10 +2,10 @@ from functools import wraps
from areas.roles.role_service import RoleService from areas.roles.role_service import RoleService
from flask_jwt_extended import verify_jwt_in_request from flask_jwt_extended import get_jwt, verify_jwt_in_request
from flask_jwt_extended import get_jwt
from helpers import Unauthorized from helpers import Unauthorized
def admin_required(): def admin_required():
def wrapper(fn): def wrapper(fn):
@wraps(fn) @wraps(fn)