Plan-At · 1toldyou · May 28, 2022 · May 28, 2022 · May 28, 2022 · May 28, 2022
diff --git a/constant.py b/constant.py
@@ -32,6 +32,30 @@ class ContentLimit:
     IMAGE_SIZE = 1024 * 1024 * 4
 
 
+class MediaAssets:
+    FAVICON = "https://cdn.jsdelivr.net/gh/Plan-At/static-image/2022/02/17/favicon.ico"
+
+
+class APITag:
+    AUTH = ["Authorization"]
+    HOSTING = ["Content Hosting"]
+    CALENDAR = ["Calendar Related"]
+    USER = ["User Related"]
+    CAPTCHA = ["Captcha"]
+    EXAMPLE = ["Example Data"]
+
+
+class DBName:
+    THIS = "PlanAtDev"
+    CLUSTER_NAME = "Cluster1"
+    TOKEN = "TokenV3"
+    LOGIN = "LoginV2"
+    USER_PROFILE = "User"
+    CALENDAR_EVENT_INDEX = "CalendarEventIndex"
+    CALENDAR_EVENT = "CalendarEventEntry"
+    IMAGE_HOSTING = "ImageHosting"
+
+
 class RateLimitConfig:
     ENABLE_RL = False
     if ENABLE_RL:
@@ -68,16 +92,3 @@ class RateLimitConfig:
         MID_SENSITIVITY = "100/second"
         HIGH_SENSITIVITY = "100/second"
         BURST = "1000/second"
-
-
-class MediaAssets:
-    FAVICON = "https://cdn.jsdelivr.net/gh/Plan-At/static-image/2022/02/17/favicon.ico"
-
-
-class APITag:
-    AUTH = ["Authorization"]
-    HOSTING = ["Content Hosting"]
-    CALENDAR = ["Calendar Related"]
-    USER = ["User Related"]
-    CAPTCHA = ["Captcha"]
-    EXAMPLE = ["Example Data"]
diff --git a/route/v2_auth.py b/route/v2_auth.py
@@ -11,6 +11,7 @@
 # Local file
 from util import json_body, token_tool
 import util.pymongo_wrapper as DocumentDB
+from constant import DBName
 
 router = APIRouter()
 
@@ -20,7 +21,7 @@ async def v2_revoke_auth_token(request: Request, pa_token: str = Header(None)):
     mongo_client = DocumentDB.get_client()
     db_client = mongo_client.get_database(DocumentDB.DB)
     token_deletion_query = DocumentDB.delete_one(
-        collection="TokenV3",
+        collection=DBName.TOKEN,
         find_filter={"token_value": pa_token},
         db_client=db_client)
     mongo_client.close()
@@ -36,7 +37,7 @@ async def v2_revoke_auth_token(request: Request, pa_token: str = Header(None)):
 async def v2_verify_auth_password(request: Request, cred: json_body.PasswordLoginBody):
     mongo_client = DocumentDB.get_client()
     db_client = mongo_client.get_database(DocumentDB.DB)
-    credential_verify_query = DocumentDB.find_one(collection="LoginV2",
+    credential_verify_query = DocumentDB.find_one(collection=DBName.LOGIN,
                                                   find_filter={"person_id": cred.person_id},
                                                   db_client=db_client)
     print(credential_verify_query)
@@ -61,7 +62,7 @@ async def v2_verify_auth_password(request: Request, cred: json_body.PasswordLogi
 async def v2_update_auth_password(request: Request, old_cred: json_body.PasswordLoginBody, new_cred: json_body.PasswordLoginBody):
     mongo_client = DocumentDB.get_client()
     db_client = mongo_client.get_database(DocumentDB.DB)
-    credential_verify_query = DocumentDB.find_one(collection="LoginV2",
+    credential_verify_query = DocumentDB.find_one(collection=DBName.LOGIN,
                                                   find_filter={"person_id": old_cred.person_id},
                                                   db_client=db_client)
     print(credential_verify_query)
@@ -79,7 +80,7 @@ async def v2_update_auth_password(request: Request, old_cred: json_body.Password
         "password_hash": hashlib.sha512(new_cred.password.encode("utf-8")).hexdigest(),
         "password_length": len(new_cred.password),
     }
-    credential_update_query = DocumentDB.replace_one(collection="LoginV2",
+    credential_update_query = DocumentDB.replace_one(collection=DBName.LOGIN,
                                                      find_filter={"person_id": old_cred.person_id},
                                                      document_body=new_credential_entry,
                                                      db_client=db_client)
@@ -98,7 +99,7 @@ async def v2_enable_auth_totp(request: Request, cred: json_body.PasswordLoginBod
     mongo_client = DocumentDB.get_client()
     db_client = mongo_client.get_database(DocumentDB.DB)
     # same as the traditional plain-password login
-    credential_verify_query = DocumentDB.find_one(collection="LoginV2",
+    credential_verify_query = DocumentDB.find_one(collection=DBName.LOGIN,
                                                   find_filter={"person_id": cred.person_id},
                                                   db_client=db_client)
     print(credential_verify_query)
@@ -118,7 +119,7 @@ async def v2_enable_auth_totp(request: Request, cred: json_body.PasswordLoginBod
     authenticator_url = pyotp.totp.TOTP(new_secret_key).provisioning_uri(name=cred.person_id,
                                                                          issuer_name='Plan-At')
     credential_modify_query = DocumentDB.update_one(db_client=db_client,
-                                                    collection="LoginV2",
+                                                    collection=DBName.LOGIN,
                                                     find_filter={"person_id": cred.person_id},
                                                     changes={"$set": {"totp_status": "enabled",
                                                                       "totp_secret_key": new_secret_key}})
@@ -140,7 +141,7 @@ async def v2_disable_auth_totp(request: Request, cred: json_body.PasswordLoginBo
     mongo_client = DocumentDB.get_client()
     db_client = mongo_client.get_database(DocumentDB.DB)
     # same as the traditional plain-password login
-    credential_verify_query = DocumentDB.find_one(collection="LoginV2",
+    credential_verify_query = DocumentDB.find_one(collection=DBName.LOGIN,
                                                   find_filter={"person_id": cred.person_id},
                                                   db_client=db_client)
     print(credential_verify_query)
@@ -158,7 +159,7 @@ async def v2_disable_auth_totp(request: Request, cred: json_body.PasswordLoginBo
                             content={"status": "Time-based OTP not enabled for this user",
                                      "person_id": cred.person_id})
     credential_modify_query = DocumentDB.update_one(db_client=db_client,
-                                                    collection="LoginV2",
+                                                    collection=DBName.LOGIN,
                                                     find_filter={"person_id": cred.person_id},
                                                     changes={"$set": {"totp_status": "disabled",
                                                                       "totp_secret_key": ""}})
@@ -184,7 +185,7 @@ async def v2_verify_auth_totp(request: Request, person_id: str, totp_code: str):
                             content={"status": "totp_code malformed",
                                      "totp_code": totp_code})
     # same as the traditional plain-password login
-    credential_verify_query = DocumentDB.find_one(collection="LoginV2",
+    credential_verify_query = DocumentDB.find_one(collection=DBName.LOGIN,
                                                   find_filter={"person_id": person_id},
                                                   db_client=db_client)
     print(credential_verify_query)

diff --git a/route/v2_calendar.py b/route/v2_calendar.py
@@ -11,6 +11,7 @@
 from util.token_tool import get_person_id_with_token
 import util.pymongo_wrapper as DocumentDB
 import util.json_filter as JSONFilter
+from constant import DBName
 
 router = APIRouter()
 
@@ -64,13 +65,13 @@ async def v2_create_calendar_event(request: Request, req_body: json_body.Calenda
     if not least_one_access_control:
         return JSONResponse(status_code=400, content={"status": "person_id or canonical_name in access_control_list is required"})
     print(new_event_entry)
-    insert_query = DocumentDB.insert_one(collection="CalendarEventEntry",
+    insert_query = DocumentDB.insert_one(collection=DBName.CALENDAR_EVENT,
                                          document_body=new_event_entry,
                                          db_client=db_client)
     print(insert_query.inserted_id)
     """add record to the index"""
     index_update_query = DocumentDB.update_one(
-        collection="CalendarEventIndex",
+        collection=DBName.CALENDAR_EVENT_INDEX,
         find_filter={"person_id": person_id},
         changes={"$push": {"event_id_list": new_event_id}},
         db_client=db_client)
@@ -97,7 +98,7 @@ async def v2_edit_calendar_event(request: Request,
     if person_id == "":
         return JSONResponse(status_code=403, content={"status": "user not found"})
     # Check is have sufficient permission to modify the event
-    find_query = DocumentDB.find_one(collection="CalendarEventEntry",
+    find_query = DocumentDB.find_one(collection=DBName.CALENDAR_EVENT,
                                      find_filter={"event_id": event_id},
                                      db_client=db_client)
     print(find_query)
@@ -141,7 +142,7 @@ async def v2_edit_calendar_event(request: Request,
     least_one_access_control = False
     for each_access_control in req_body.access_control_list:
         print(each_access_control)
-        if (each_access_control.canonical_name != None) or (each_access_control.person_id != None):
+        if (each_access_control.canonical_name is not None) or (each_access_control.person_id is not None):
             updated_event_entry["access_control_list"].append({
                 "canonical_name": each_access_control.canonical_name,
                 "person_id": each_access_control.person_id,
@@ -152,8 +153,10 @@ async def v2_edit_calendar_event(request: Request,
         return JSONResponse(status_code=400,
                             content={"status": "person_id or canonical_name in access_control_list is required"})
     print(updated_event_entry)
-    insert_query = DocumentDB.replace_one(collection="CalendarEventEntry", find_filter={"event_id": event_id},
-                                          document_body=updated_event_entry, db_client=db_client)
+    insert_query = DocumentDB.replace_one(collection=DBName.CALENDAR_EVENT,
+                                          find_filter={"event_id": event_id},
+                                          document_body=updated_event_entry,
+                                          db_client=db_client)
     print(insert_query)
     mongo_client.close()
     return JSONResponse(status_code=200, content={"status": "success", "event_id": event_id})
@@ -179,7 +182,7 @@ async def v2_delete_calendar_event(request: Request, event_id: int, pa_token: st
         mongo_client.close()
         return JSONResponse(status_code=403,
                             content={"status": f"unable to delete calendar_event {event_id} with current token"})
-    deletion_query = DocumentDB.delete_one(collection="CalendarEventEntry",
+    deletion_query = DocumentDB.delete_one(collection=DBName.CALENDAR_EVENT,
                                            find_filter={"event_id": event_id},
                                            db_client=db_client)
     print(deletion_query)
@@ -190,7 +193,7 @@ async def v2_delete_calendar_event(request: Request, event_id: int, pa_token: st
         return JSONResponse(status_code=404,
                             content={"status": "calendar_event deleted but some error occurred", "event_id": event_id})
     """remove from the index"""
-    update_query = DocumentDB.update_one(collection="CalendarEventIndex",
+    update_query = DocumentDB.update_one(collection=DBName.CALENDAR_EVENT_INDEX,
                                          find_filter={"person_id": person_id},
                                          changes={"$pull": {"event_id_list": event_id}},
                                          db_client=db_client)
@@ -219,15 +222,14 @@ async def v2_get_calendar_event(request: Request,
             if len(str(event_id)) != 16:
                 result_calendar_event.append({"status": "malformed event_id", "event_id": event_id})
             else:
-                find_query = DocumentDB.find_one(collection="CalendarEventEntry",
+                find_query = DocumentDB.find_one(collection=DBName.CALENDAR_EVENT,
                                                  find_filter={"event_id": event_id},
                                                  db_client=db_client)
                 if find_query is None:
                     result_calendar_event.append({"status": "calendar_event not found", "event_id": event_id})
-                processed_find_query = JSONFilter.universal_calendar_event(
-                    input_json=find_query,
-                    person_id=person_id,
-                    required_permission_list=["read_full"])
+                processed_find_query = JSONFilter.universal_calendar_event(input_json=find_query,
+                                                                           person_id=person_id,
+                                                                           required_permission_list=["read_full"])
                 if processed_find_query:
                     result_calendar_event.append(processed_find_query)
         except (Exception, OSError, IOError) as e:
@@ -245,7 +247,7 @@ async def v2_get_calendar_event_index(request: Request, pa_token: str = Header(N
     if person_id == "":
         mongo_client.close()
         return JSONResponse(status_code=403, content={"status": "user not found with this token", "pa_token": pa_token})
-    db_query = DocumentDB.find_one(collection="CalendarEventIndex", find_filter={"person_id": person_id}, db_client=db_client)
+    db_query = DocumentDB.find_one(collection=DBName.CALENDAR_EVENT_INDEX, find_filter={"person_id": person_id}, db_client=db_client)
     if db_query is None:
         return JSONResponse(status_code=403, content={"status": "CalendarEvent index for this user not found", "person_id": person_id})
     mongo_client.close()

diff --git a/route/v2_hosting.py b/route/v2_hosting.py
@@ -7,7 +7,7 @@
 import util.pymongo_wrapper as DocumentDB
 from util.token_tool import get_person_id_with_token
 from util import image4io
-from constant import ServerConfig, ContentLimit
+from constant import ServerConfig, ContentLimit, DBName
 
 router = APIRouter()
 
@@ -43,7 +43,7 @@ async def v2_upload_image(request: Request, image_file_bytes: bytes = File(...,
         "image_height": image_info["uploadedFiles"][0]["height"],
         "hosting_provider": "image4io"
     }
-    db_action_result = DocumentDB.insert_one(collection="ImageHosting", document_body=report_card, db_client=db_client)
+    db_action_result = DocumentDB.insert_one(collection=DBName.IMAGE_HOSTING, document_body=report_card, db_client=db_client)
     print(db_action_result)
     mongo_client.close()
     return JSONResponse(status_code=201,
@@ -57,7 +57,7 @@ async def v2_delete_image(request: Request, image_id: str, pa_token: str = Heade
     person_id = get_person_id_with_token(pa_token, db_client)
     if person_id == "":
         return JSONResponse(status_code=403, content={"status": "you need to upload an image", "pa_token": pa_token})
-    image_info_query = DocumentDB.find_one(collection="ImageHosting", find_filter={"image_id": image_id}, db_client=db_client)
+    image_info_query = DocumentDB.find_one(collection=DBName.IMAGE_HOSTING, find_filter={"image_id": image_id}, db_client=db_client)
     print(image_info_query)
     resp = image4io.deleteImage(
         authorization=image4io.calculate_basic_auth(
@@ -69,7 +69,7 @@ async def v2_delete_image(request: Request, image_id: str, pa_token: str = Heade
         return JSONResponse(status_code=500, content={"status": "image deletion failed", "reason": resp.json()["errors"]})
     image_info = resp.json()
     print(image_info)
-    db_action_result = DocumentDB.delete_one(collection="ImageHosting", find_filter={"image_id": image_id}, db_client=db_client)
+    db_action_result = DocumentDB.delete_one(collection=DBName.IMAGE_HOSTING, find_filter={"image_id": image_id}, db_client=db_client)
     if db_action_result.deleted_count != 1:
         return JSONResponse(status_code=500,
                             content={"status": "image deleted from hosting service but failed to remove relevant record from our database", "image_id": image_id})