From 13d5ed897d28510ca0583f4a2508cb3bef064b9e Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Tue, 18 Jun 2019 13:20:12 +0530 Subject: [PATCH 01/11] Get and delete event favourite using event_id --- app/api/user_favourite_events.py | 9 +++++---- docs/api/api_blueprint.apib | 4 ++-- tests/hook_main.py | 4 ++-- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index dbf8c51064..aaa3f146d6 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -1,14 +1,14 @@ -from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship from flask import request, current_app as app from flask_jwt import current_identity as current_user, _jwt_required +from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship -from app.models.user import User from app.api.helpers.db import safe_query -from app.api.helpers.permission_manager import has_access from app.api.helpers.exceptions import ForbiddenException, ConflictException +from app.api.helpers.permission_manager import has_access from app.api.helpers.utilities import require_relationship from app.api.schema.user_favourite_events import UserFavouriteEventSchema from app.models import db +from app.models.user import User from app.models.user_favourite_event import UserFavouriteEvent @@ -83,7 +83,8 @@ class UserFavouriteEventDetail(ResourceDetail): methods = ['GET', 'DELETE'] schema = UserFavouriteEventSchema data_layer = {'session': db.session, - 'model': UserFavouriteEvent} + 'model': UserFavouriteEvent, + 'id_field': 'event_id'} class UserFavouriteEventRelationship(ResourceRelationship): diff --git a/docs/api/api_blueprint.apib b/docs/api/api_blueprint.apib index 25e1c39fb4..b35e2521bb 100644 --- a/docs/api/api_blueprint.apib +++ b/docs/api/api_blueprint.apib @@ -25594,9 +25594,9 @@ This Group's APIs can be used for adding a particular event to the favourite lis } } -## Favourite Events Detail [/v1/user-favourite-events/{user_favourite_event_id}] +## Favourite Events Detail [/v1/user-favourite-events/{event_id}] + Parameters - + user_favourite_event_id: 1 (integer) - ID of the Favourite Event + + event_id: 1 (integer) - ID of the Event in the form of an integer ### Get Details [GET] diff --git a/tests/hook_main.py b/tests/hook_main.py index 09fbab8a10..cbf1ddb9b4 100644 --- a/tests/hook_main.py +++ b/tests/hook_main.py @@ -4371,7 +4371,7 @@ def favourite_event_details_get(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory() + user_fav_event = UserFavouriteEventFactory(event_id=1) db.session.add(user_fav_event) db.session.commit() @@ -4384,7 +4384,7 @@ def favourite_event_delete(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory() + user_fav_event = UserFavouriteEventFactory(event_id=1) db.session.add(user_fav_event) db.session.commit() From f9e835f0558375473a9ad4688a2fba329972c615 Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Tue, 18 Jun 2019 14:00:35 +0530 Subject: [PATCH 02/11] Fix dredd errors --- tests/hook_main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/hook_main.py b/tests/hook_main.py index cbf1ddb9b4..09fbab8a10 100644 --- a/tests/hook_main.py +++ b/tests/hook_main.py @@ -4371,7 +4371,7 @@ def favourite_event_details_get(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory(event_id=1) + user_fav_event = UserFavouriteEventFactory() db.session.add(user_fav_event) db.session.commit() @@ -4384,7 +4384,7 @@ def favourite_event_delete(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory(event_id=1) + user_fav_event = UserFavouriteEventFactory() db.session.add(user_fav_event) db.session.commit() From 2a615ba4d755ca0d1fda8a2bd613f979b676183e Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Tue, 18 Jun 2019 19:34:30 +0530 Subject: [PATCH 03/11] Implement proper permissions --- app/api/user_favourite_events.py | 2 ++ tests/hook_main.py | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index aaa3f146d6..3fcc75052f 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -2,6 +2,7 @@ from flask_jwt import current_identity as current_user, _jwt_required from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship +from app.api.bootstrap import api from app.api.helpers.db import safe_query from app.api.helpers.exceptions import ForbiddenException, ConflictException from app.api.helpers.permission_manager import has_access @@ -81,6 +82,7 @@ class UserFavouriteEventDetail(ResourceDetail): """ methods = ['GET', 'DELETE'] + decorators = (api.has_permission('is_user_itself'),) schema = UserFavouriteEventSchema data_layer = {'session': db.session, 'model': UserFavouriteEvent, diff --git a/tests/hook_main.py b/tests/hook_main.py index 09fbab8a10..cbf1ddb9b4 100644 --- a/tests/hook_main.py +++ b/tests/hook_main.py @@ -4371,7 +4371,7 @@ def favourite_event_details_get(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory() + user_fav_event = UserFavouriteEventFactory(event_id=1) db.session.add(user_fav_event) db.session.commit() @@ -4384,7 +4384,7 @@ def favourite_event_delete(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory() + user_fav_event = UserFavouriteEventFactory(event_id=1) db.session.add(user_fav_event) db.session.commit() From 14a16473ba8d2d56a0b57deb42017816b8520a5c Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Wed, 19 Jun 2019 15:16:53 +0530 Subject: [PATCH 04/11] Correct decorator --- app/api/user_favourite_events.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index 3fcc75052f..6890527755 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -82,7 +82,7 @@ class UserFavouriteEventDetail(ResourceDetail): """ methods = ['GET', 'DELETE'] - decorators = (api.has_permission('is_user_itself'),) + decorators = (api.has_permission('is_user_itself', fetch="user_id", model=UserFavouriteEvent),) schema = UserFavouriteEventSchema data_layer = {'session': db.session, 'model': UserFavouriteEvent, From 27037428b4a32c20bebefa5d4adc4496f8d70f16 Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Thu, 20 Jun 2019 15:54:04 +0530 Subject: [PATCH 05/11] Correct Logic --- app/api/user_favourite_events.py | 36 +++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index 6890527755..b502dfa867 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -1,8 +1,9 @@ from flask import request, current_app as app from flask_jwt import current_identity as current_user, _jwt_required from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship +from flask_rest_jsonapi.exceptions import ObjectNotFound +from sqlalchemy.orm.exc import NoResultFound -from app.api.bootstrap import api from app.api.helpers.db import safe_query from app.api.helpers.exceptions import ForbiddenException, ConflictException from app.api.helpers.permission_manager import has_access @@ -80,13 +81,42 @@ class UserFavouriteEventDetail(ResourceDetail): """ User Favourite Events detail by id """ + def before_get_object(self, view_kwargs): + if view_kwargs.get('id') is not None: + try: + user_favourite_event = UserFavouriteEvent.query.filter_by( + event_id=view_kwargs['id']).first() + except NoResultFound: + raise ObjectNotFound({'source': ''}, "Object: not found") + else: + if user_favourite_event: + if user_favourite_event.event_id is not None: + view_kwargs['id'] = user_favourite_event.id + else: + view_kwargs['id'] = None + + def before_delete_object(self, view_kwargs): + if view_kwargs.get('id') is not None: + try: + user_favourite_event = UserFavouriteEvent.query.filter_by( + event_id=view_kwargs['id']).first() + except NoResultFound: + raise ObjectNotFound({'source': ''}, "Object: not found") + else: + if user_favourite_event: + if user_favourite_event.event_id is not None: + view_kwargs['id'] = user_favourite_event.id + else: + view_kwargs['id'] = None methods = ['GET', 'DELETE'] - decorators = (api.has_permission('is_user_itself', fetch="user_id", model=UserFavouriteEvent),) schema = UserFavouriteEventSchema data_layer = {'session': db.session, 'model': UserFavouriteEvent, - 'id_field': 'event_id'} + 'methods': { + 'before_delete_object': before_delete_object, + 'before_get_object': before_get_object, + }} class UserFavouriteEventRelationship(ResourceRelationship): From b6ccadfe9ccfb94a5b53870c7d7a6bb75152a6c7 Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Thu, 20 Jun 2019 16:13:10 +0530 Subject: [PATCH 06/11] Use proper authorization --- app/api/user_favourite_events.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index b502dfa867..8480719632 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -82,10 +82,15 @@ class UserFavouriteEventDetail(ResourceDetail): User Favourite Events detail by id """ def before_get_object(self, view_kwargs): + if 'Authorization' in request.headers: + _jwt_required(app.config['JWT_DEFAULT_REALM']) + else: + raise ForbiddenException({'source': ''}, 'Only Authorized Users can view an event') + if view_kwargs.get('id') is not None: try: user_favourite_event = UserFavouriteEvent.query.filter_by( - event_id=view_kwargs['id']).first() + user=current_user, event_id=view_kwargs['id']).first() except NoResultFound: raise ObjectNotFound({'source': ''}, "Object: not found") else: @@ -96,10 +101,15 @@ def before_get_object(self, view_kwargs): view_kwargs['id'] = None def before_delete_object(self, view_kwargs): + if 'Authorization' in request.headers: + _jwt_required(app.config['JWT_DEFAULT_REALM']) + else: + raise ForbiddenException({'source': ''}, 'Only Authorized Users can delete an event') + if view_kwargs.get('id') is not None: try: user_favourite_event = UserFavouriteEvent.query.filter_by( - event_id=view_kwargs['id']).first() + user=current_user, event_id=view_kwargs['id']).first() except NoResultFound: raise ObjectNotFound({'source': ''}, "Object: not found") else: From e5822547ad0fc98c4068b08c4c4fe883cff4facb Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Thu, 20 Jun 2019 22:34:22 +0530 Subject: [PATCH 07/11] Fix travis errors --- tests/hook_main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/hook_main.py b/tests/hook_main.py index cbf1ddb9b4..09fbab8a10 100644 --- a/tests/hook_main.py +++ b/tests/hook_main.py @@ -4371,7 +4371,7 @@ def favourite_event_details_get(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory(event_id=1) + user_fav_event = UserFavouriteEventFactory() db.session.add(user_fav_event) db.session.commit() @@ -4384,7 +4384,7 @@ def favourite_event_delete(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory(event_id=1) + user_fav_event = UserFavouriteEventFactory() db.session.add(user_fav_event) db.session.commit() From c7446037220f3ed7e43e395ab30472be4b9f32d0 Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Fri, 21 Jun 2019 22:13:26 +0530 Subject: [PATCH 08/11] Correct conditionals --- app/api/user_favourite_events.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index 8480719632..18758d7a81 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -94,9 +94,8 @@ def before_get_object(self, view_kwargs): except NoResultFound: raise ObjectNotFound({'source': ''}, "Object: not found") else: - if user_favourite_event: - if user_favourite_event.event_id is not None: - view_kwargs['id'] = user_favourite_event.id + if user_favourite_event is not None: + view_kwargs['id'] = user_favourite_event.id else: view_kwargs['id'] = None From e873d9521181b8d8385546125c8a6ffa6f5a5f85 Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Fri, 21 Jun 2019 22:45:12 +0530 Subject: [PATCH 09/11] Use decorators --- app/api/user_favourite_events.py | 12 +++--------- tests/hook_main.py | 4 ++-- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index 18758d7a81..2c8b0b2f29 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -1,5 +1,5 @@ from flask import request, current_app as app -from flask_jwt import current_identity as current_user, _jwt_required +from flask_jwt import current_identity as current_user, _jwt_required, jwt_required from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship from flask_rest_jsonapi.exceptions import ObjectNotFound from sqlalchemy.orm.exc import NoResultFound @@ -81,11 +81,8 @@ class UserFavouriteEventDetail(ResourceDetail): """ User Favourite Events detail by id """ + @jwt_required() def before_get_object(self, view_kwargs): - if 'Authorization' in request.headers: - _jwt_required(app.config['JWT_DEFAULT_REALM']) - else: - raise ForbiddenException({'source': ''}, 'Only Authorized Users can view an event') if view_kwargs.get('id') is not None: try: @@ -99,11 +96,8 @@ def before_get_object(self, view_kwargs): else: view_kwargs['id'] = None + @jwt_required() def before_delete_object(self, view_kwargs): - if 'Authorization' in request.headers: - _jwt_required(app.config['JWT_DEFAULT_REALM']) - else: - raise ForbiddenException({'source': ''}, 'Only Authorized Users can delete an event') if view_kwargs.get('id') is not None: try: diff --git a/tests/hook_main.py b/tests/hook_main.py index 09fbab8a10..cbf1ddb9b4 100644 --- a/tests/hook_main.py +++ b/tests/hook_main.py @@ -4371,7 +4371,7 @@ def favourite_event_details_get(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory() + user_fav_event = UserFavouriteEventFactory(event_id=1) db.session.add(user_fav_event) db.session.commit() @@ -4384,7 +4384,7 @@ def favourite_event_delete(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory() + user_fav_event = UserFavouriteEventFactory(event_id=1) db.session.add(user_fav_event) db.session.commit() From 1f60d59627e9995af6be480f28414024aa0bcb47 Mon Sep 17 00:00:00 2001 From: iamareebjamal Date: Sat, 22 Jun 2019 02:16:32 +0530 Subject: [PATCH 10/11] fix --- app/factories/user_favourite_events.py | 5 +++-- tests/hook_main.py | 8 ++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/app/factories/user_favourite_events.py b/app/factories/user_favourite_events.py index e17820cc2a..33e0013a36 100644 --- a/app/factories/user_favourite_events.py +++ b/app/factories/user_favourite_events.py @@ -3,6 +3,7 @@ from app.factories.user import UserFactory from app.factories.event import EventFactoryBasic from app.models.user_favourite_event import db, UserFavouriteEvent +from app.models.user import User class UserFavouriteEventFactory(factory.alchemy.SQLAlchemyModelFactory): @@ -10,5 +11,5 @@ class Meta: model = UserFavouriteEvent sqlalchemy_session = db.session - user = factory.RelatedFactory(UserFactory) - event = factory.RelatedFactory(EventFactoryBasic) + user = factory.LazyAttribute(lambda a: User.query.first()) + event = factory.SubFactory(EventFactoryBasic) diff --git a/tests/hook_main.py b/tests/hook_main.py index cbf1ddb9b4..abc43589d2 100644 --- a/tests/hook_main.py +++ b/tests/hook_main.py @@ -4358,8 +4358,8 @@ def favourite_events_list_post(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory() - db.session.add(user_fav_event) + event = EventFactoryBasic() + db.session.add(event) db.session.commit() @@ -4371,7 +4371,7 @@ def favourite_event_details_get(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory(event_id=1) + user_fav_event = UserFavouriteEventFactory() db.session.add(user_fav_event) db.session.commit() @@ -4384,7 +4384,7 @@ def favourite_event_delete(transaction): :return: """ with stash['app'].app_context(): - user_fav_event = UserFavouriteEventFactory(event_id=1) + user_fav_event = UserFavouriteEventFactory() db.session.add(user_fav_event) db.session.commit() From a19271a119bce02fb5c22e2f72325c598e9e6411 Mon Sep 17 00:00:00 2001 From: prateekj117 Date: Sat, 22 Jun 2019 14:24:57 +0530 Subject: [PATCH 11/11] Required changes --- app/api/user_favourite_events.py | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/app/api/user_favourite_events.py b/app/api/user_favourite_events.py index 2c8b0b2f29..36051bc57a 100644 --- a/app/api/user_favourite_events.py +++ b/app/api/user_favourite_events.py @@ -89,35 +89,18 @@ def before_get_object(self, view_kwargs): user_favourite_event = UserFavouriteEvent.query.filter_by( user=current_user, event_id=view_kwargs['id']).first() except NoResultFound: - raise ObjectNotFound({'source': ''}, "Object: not found") + raise ObjectNotFound({'source': '/data/relationships/event'}, "Object: not found") else: if user_favourite_event is not None: view_kwargs['id'] = user_favourite_event.id else: view_kwargs['id'] = None - @jwt_required() - def before_delete_object(self, view_kwargs): - - if view_kwargs.get('id') is not None: - try: - user_favourite_event = UserFavouriteEvent.query.filter_by( - user=current_user, event_id=view_kwargs['id']).first() - except NoResultFound: - raise ObjectNotFound({'source': ''}, "Object: not found") - else: - if user_favourite_event: - if user_favourite_event.event_id is not None: - view_kwargs['id'] = user_favourite_event.id - else: - view_kwargs['id'] = None - methods = ['GET', 'DELETE'] schema = UserFavouriteEventSchema data_layer = {'session': db.session, 'model': UserFavouriteEvent, 'methods': { - 'before_delete_object': before_delete_object, 'before_get_object': before_get_object, }}