Skip to content
Permalink
Browse files

Rest Api I guess. Undocumented for now, may be buggy as hell. Might d…

…eactivate this later until I test it.
  • Loading branch information...
Depado committed May 11, 2015
1 parent 2d48371 commit 9e4d27320f7050273ad8af192be22381775ffe36
Showing with 28 additions and 7 deletions.
  1. +20 −1 app/api/post.py
  2. +1 −1 app/api/user.py
  3. +2 −2 app/api/utils.py
  4. +5 −3 app/models/user.py
@@ -7,11 +7,14 @@
from app import manager
from app.models import Post

from .user import UserSchema
from .user import UserSchema, user_serializer, user_deserializer
from .utils import auth_required


class PostSchema(Schema):
"""
The Schema representing a Post.
"""
id = fields.Integer()
title = fields.String()
content = fields.String()
@@ -32,6 +35,13 @@ def post_deserializer(data):


def owner_single(instance_id=None, **kw):
"""
Checks if the current user is the owner of the post.
Raises an exception if not found or the current user isn't the user.
Note that this fucntion should always be associated with the auth_required preprocessor.
:param instance_id: The instance id of the post
"""
post = Post.query.filter_by(id=instance_id).first()
if post:
if post.user != g.user:
@@ -46,6 +56,12 @@ def post_preprocessor(data=None, **kwargs):
data = post_serializer(post)


def get_many_postprocessor(result=None, search_params=None, **kw):
if result:
for post in result['objects']:
post['user'] = user_serializer(user_deserializer(post['user']))


manager.create_api(
Post,
methods=['GET', 'POST', 'PATCH', 'PUT', 'DELETE'],
@@ -57,6 +73,9 @@ def post_preprocessor(data=None, **kwargs):
DELETE_SINGLE=[auth_required, owner_single],
DELETE_MANY=[auth_required, owner_single]
),
postprocessors=dict(
GET_MANY=[get_many_postprocessor],
),
url_prefix="/api/v1",
collection_name="article",
serializer=post_serializer,
@@ -17,7 +17,7 @@ class UserSchema(Schema):
blog_public = fields.String()

def make_object(self, data):
return User(**data)
return User(api_purpose=True, **data)


def user_serializer(instance):
@@ -8,9 +8,9 @@


def auth_required(data=None, **kwargs):
if not data and 'Authorization' in request.headers:
if 'Authorization' in request.headers:
token = request.headers.get('Authorization')
elif 'token' in data:
elif data and 'token' in data:
token = data.pop('token', None)
else:
raise ProcessingException(description="Authorization Token Required", code=401)
@@ -73,22 +73,24 @@ class User(db.Model):
blog_paginate = db.Column(db.Boolean(), default=False)
blog_paginate_by = db.Column(db.Integer(), default=10)

# Blog Visual
# Blog Design
blog_truncate_posts = db.Column(db.Boolean(), default=False)
blog_syntax_highlighter_css = db.Column(db.Enum(*SYNTAX_HIGHLIGHTER_CHOICES), default='monokai.css')

posts = db.relationship('Post', backref='user', lazy='dynamic')

def __init__(self, active=True, superuser=False, **kwargs):
def __init__(self, active=True, superuser=False, api_purpose=False, **kwargs):
"""
:param username: The username of the user, will become the blog subdomain once slugified.
:param password: The raw password to be encrypted and stored.
:param active: To change once postfix is setup and app can send mails.
:param superuser: Set if the user is a superuser (currently no use for that)
:param api_purpose: If using this with Marshmallow, do not bother to generate a password.
"""
super(User, self).__init__(active=active, superuser=superuser, **kwargs)
now = datetime.utcnow()
self.set_password(self.password)
if not api_purpose:
self.set_password(self.password)
self.register_date = now
self.last_login = now
self.blog_slug = slugify(self.username)

0 comments on commit 9e4d273

Please sign in to comment.
You can’t perform that action at this time.