Skip to content

Commit

Permalink
feat: revoke admin role
Browse files Browse the repository at this point in the history
  • Loading branch information
@isabelcosta
isabelcosta committed Jun 22, 2018
1 parent ce371b8 commit c71a2b0
Show file tree
Hide file tree
Showing 9 changed files with 316 additions and 45 deletions.
34 changes: 30 additions & 4 deletions app/api/dao/admin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,45 @@
class AdminDAO:

@staticmethod
def assign_new_user(data):
def assign_new_user(assigner_user_id, data):

new_admin_user_id = data['user_id']

if assigner_user_id is new_admin_user_id:
return {"message": "You cannot assign yourself as an Admin."}, 400

new_admin_user = UserModel.find_by_id(new_admin_user_id)

if new_admin_user:

if new_admin_user.is_admin:
return {"message": "User is already an Admin"}, 201
return {"message": "User is already an Admin."}, 200

new_admin_user.is_admin = True
new_admin_user.save_to_db()

return {"message": "User is now an Admin"}, 201
return {"message": "User is now an Admin."}, 200

return {"message": "User does not exist."}, 400

@staticmethod
def revoke_admin_user(revoker_user_id, data):

admin_user_id = data['user_id']

if revoker_user_id is admin_user_id:
return {"message": "You cannot revoke your admin status."}, 400

new_admin_user = UserModel.find_by_id(admin_user_id)

if new_admin_user:

if not new_admin_user.is_admin:
return {"message": "User is not an Admin."}, 400

new_admin_user.is_admin = False
new_admin_user.save_to_db()

return {"message": "User admin status was revoked."}, 200

return {"message": "User does not exist"}, 401
return {"message": "User does not exist."}, 400
13 changes: 11 additions & 2 deletions app/api/dao/user.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
class UserDAO:
FAIL_USER_ALREADY_EXISTS = "FAIL_USER_ALREADY_EXISTS"
SUCCESS_USER_CREATED = "SUCCESS_USER_CREATED"
MIN_NUMBER_OF_ADMINS = 1

@staticmethod
def create_user(data):
Expand All @@ -29,12 +30,20 @@ def create_user(data):

@staticmethod
def delete_user(user_id):
user = UserModel.find_by_id(user_id).one()
user = UserModel.find_by_id(user_id)

# check if this user is the only admin
if user.is_admin:

admins_list_count = len(UserModel.get_all_admins())
if admins_list_count <= UserDAO.MIN_NUMBER_OF_ADMINS:
return {"message": "You cannot delete your account, since you are the only Admin left."}, 400

if user:
user.delete_from_db()
return {"message": "User was deleted successfully"}, 201

return {"message": "User does not exist"}, 201
return {"message": "User does not exist"}, 400

@staticmethod
def get_user(user_id):
Expand Down
4 changes: 2 additions & 2 deletions app/api/models/admin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@


def add_models_to_namespace(api_namespace):
api_namespace.models[assign_new_admin_request_body.name] = assign_new_admin_request_body
api_namespace.models[assign_and_revoke_user_admin_request_body.name] = assign_and_revoke_user_admin_request_body


assign_new_admin_request_body = Model('Assign User model', {
assign_and_revoke_user_admin_request_body = Model('Assign User model', {
'user_id': fields.Integer(
required=True,
description='The unique identifier of a user'
Expand Down
30 changes: 26 additions & 4 deletions app/api/resources/admin.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
from flask import request
from flask_restplus import Resource
from flask_jwt import jwt_required, current_identity

from run import api
from app.api.models.admin import *
from app.api.dao.admin import AdminDAO
Expand All @@ -17,17 +18,38 @@ class AssignNewUserAdmin(Resource):

@classmethod
@jwt_required()
@admin_ns.expect(auth_header_parser, assign_new_admin_request_body, validate=True)
@admin_ns.expect(auth_header_parser, assign_and_revoke_user_admin_request_body, validate=True)
def post(cls):
"""
Assigns a User as a new Admin.
"""

if current_identity.is_admin:
data = request.json
return DAO.assign_new_user(data)
return DAO.assign_new_user(current_identity.id, data)

else:
return {
"message": "You don't have admin status. You can't assign other user as admin."
}, 400


@admin_ns.route('admin/remove')
class RevokeUserAdmin(Resource):

@classmethod
@jwt_required()
@admin_ns.expect(auth_header_parser, assign_and_revoke_user_admin_request_body, validate=True)
def post(cls):
"""
Revoke admin status from another User Admin.
"""

if current_identity.is_admin:
data = request.json
return DAO.revoke_admin_user(current_identity.id, data)

else:
return {
"message": "You don't have admin status. You can't assign another admin"
}, 401
"message": "You don't have admin status. You can't revoke other admin user."
}, 400
4 changes: 4 additions & 0 deletions app/database/models/user.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,10 @@ def find_by_email(cls, email):
def find_by_id(cls, _id):
return cls.query.filter_by(id=_id).first()

@classmethod
def get_all_admins(cls, is_admin=True):
return cls.query.filter_by(is_admin=is_admin).all()

@classmethod
def is_empty(cls):
return cls.query.first() is None
Expand Down
81 changes: 74 additions & 7 deletions docs/Mentorship Backend.postman_collection.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\":\"tita maria\",\n\t\"username\":\"tita\",\n\t\"password\":\"lala\", \n\t\"email\":\"tita@email.com\",\n\t\"terms_and_conditions_checked\":true\n}"
"raw": "{\n\t\"name\":\"Joana\",\n\t\"username\":\"joana\",\n\t\"password\":\"lala\", \n\t\"email\":\"joana@email.com\",\n\t\"terms_and_conditions_checked\":true\n}"
},
"description": "get users"
},
Expand All @@ -30,7 +30,7 @@
{
"name": "GET /users/",
"request": {
"url": "http://127.0.0.1:5000/users/",
"url": "http://127.0.0.1:5000/users",
"method": "GET",
"header": [],
"body": {},
Expand All @@ -52,7 +52,7 @@
],
"body": {
"mode": "raw",
"raw": "{\n \"username\":\"Joana\",\n \"password\":\"lala\"\n}"
"raw": "{\n \"username\":\"joana\",\n \"password\":\"string\"\n}"
},
"description": ""
},
Expand All @@ -61,12 +61,12 @@
{
"name": "GET /users/{id}",
"request": {
"url": "http://127.0.0.1:5000/users/2",
"url": "http://127.0.0.1:5000/users/1",
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjc3NzA0NDcsImlhdCI6MTUyNzc3MDE0NywibmJmIjoxNTI3NzcwMTQ3LCJpZGVudGl0eSI6MX0.lG_KS9NBE1Q9lvtdjkex_yNUrw8Vq4PgfaVH6S6BC_0",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjk2MzIwMDEsImlhdCI6MTUyOTAyNzIwMSwibmJmIjoxNTI5MDI3MjAxLCJpZGVudGl0eSI6M30.Za713OqskdhWsSdBhkqUXSwYu2ulRXv8fWgjChW4AcM",
"description": ""
}
],
Expand Down Expand Up @@ -108,7 +108,7 @@
"header": [
{
"key": "Authorization",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjc4MDAwODIsImlhdCI6MTUyNzc5OTc4MiwibmJmIjoxNTI3Nzk5NzgyLCJpZGVudGl0eSI6MX0.7f2td8S3JFbzSYqueDp9eTQhW-zmoDd4fe3yq3GeffY",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjc4NjExNjQsImlhdCI6MTUyNzg2MDg2NCwibmJmIjoxNTI3ODYwODY0LCJpZGVudGl0eSI6MX0.mghX8p4lphzqsqEpk-zpOWqlPlUqyXoW1r44AaRhjwA",
"description": ""
}
],
Expand Down Expand Up @@ -150,7 +150,7 @@
"header": [
{
"key": "Authorization",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjc3NzA0NDcsImlhdCI6MTUyNzc3MDE0NywibmJmIjoxNTI3NzcwMTQ3LCJpZGVudGl0eSI6MX0.lG_KS9NBE1Q9lvtdjkex_yNUrw8Vq4PgfaVH6S6BC_0",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjc4NTI3NzEsImlhdCI6MTUyNzg1MjQ3MSwibmJmIjoxNTI3ODUyNDcxLCJpZGVudGl0eSI6MX0.bXm5OrEvZnS6PxI4XQkOF4z-ZcFbYZreanutmYTUWyA",
"description": ""
},
{
Expand All @@ -166,6 +166,73 @@
"description": "Assign a new user as an Admin"
},
"response": []
},
{
"name": "POST /admin/remove",
"request": {
"url": "http://127.0.0.1:5000/admin/new",
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjc4NTI3NzEsImlhdCI6MTUyNzg1MjQ3MSwibmJmIjoxNTI3ODUyNDcxLCJpZGVudGl0eSI6MX0.bXm5OrEvZnS6PxI4XQkOF4z-ZcFbYZreanutmYTUWyA",
"description": ""
},
{
"key": "Content-Type",
"value": "application/json",
"description": ""
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"user_id\": 2\n}"
},
"description": "Assign a new user as an Admin"
},
"response": []
},
{
"name": "GET /mentorship-relations",
"request": {
"url": "http://127.0.0.1:5000/mentorship-relations",
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjk2MzIzNTMsImlhdCI6MTUyOTAyNzU1MywibmJmIjoxNTI5MDI3NTUzLCJpZGVudGl0eSI6MX0.h4iZTah7_K7wiyS7WBc5JdxfY_7uYVetqpRFfexvcbQ",
"description": ""
}
],
"body": {},
"description": "Get all mentorship relations. Requires JWT"
},
"response": []
},
{
"name": "POST /mentorship-relation/send_request",
"request": {
"url": "http://127.0.0.1:5000/mentorship-relation/send_request",
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json",
"description": ""
},
{
"key": "Authorization",
"value": "JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Mjk2MzI4OTEsImlhdCI6MTUyOTAyODA5MSwibmJmIjoxNTI5MDI4MDkxLCJpZGVudGl0eSI6MX0.8FSuFHBQbH-8TAhms5ei6uaQdCTG_wkQLEQXd67ZHPc",
"description": ""
}
],
"body": {
"mode": "raw",
"raw": "{\n \"mentor_id\": 2,\n \"mentee_id\": 1,\n \"end_date\": 1534298832,\n \"notes\": \"stridfdgfdfgbdfng\"\n}"
},
"description": "Send a mentorship request. Requires JWT"
},
"response": []
}
]
}
Loading

0 comments on commit c71a2b0

Please sign in to comment.