Skip to content

Commit

Permalink
Merge pull request #2937 from hotosm/develop
Browse files Browse the repository at this point in the history 
v4.0.5 release
  • Loading branch information
@pantierra
pantierra authored May 12, 2020
2 parents 4f4617e + e266dc8 commit 2fce3e5
Show file tree
Hide file tree
Showing 39 changed files with 337 additions and 227 deletions.
8 changes: 4 additions & 4 deletions backend/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,18 +41,18 @@ def create_app(env=None):
)

# Load configuration options from environment
app.config.from_object(f"backend.config.EnvironmentConfig")
app.config.from_object("backend.config.EnvironmentConfig")

# Enable logging to files
initialise_logger(app)
app.logger.info(f"Starting up a new Tasking Manager application")
app.logger.info("Starting up a new Tasking Manager application")

# Connect to database
app.logger.debug(f"Connecting to the database")
app.logger.debug("Connecting to the database")
db.init_app(app)
migrate.init_app(app, db)

app.logger.debug(f"Initialising frontend routes")
app.logger.debug("Initialising frontend routes")

# Main route to frontend
@app.route("/")
Expand Down
4 changes: 2 additions & 2 deletions backend/api/annotations/resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,10 +127,10 @@ def post(self, project_id: int, annotation_type: str):
application_token
)
except NotFound:
current_app.logger.error(f"Invalid token")
current_app.logger.error("Invalid token")
return {"Error": "Invalid token"}, 500
else:
current_app.logger.error(f"No token supplied")
current_app.logger.error("No token supplied")
return {"Error": "No token supplied"}, 500

try:
Expand Down
13 changes: 7 additions & 6 deletions backend/api/campaigns/resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from backend.services.campaign_service import CampaignService
from backend.services.organisation_service import OrganisationService
from backend.models.postgis.utils import NotFound
from backend.services.users.authentication_service import token_auth, tm
from backend.services.users.authentication_service import token_auth


class CampaignsRestAPI(Resource):
Expand Down Expand Up @@ -44,9 +44,10 @@ def get(self, campaign_id):
description: Internal Server Error
"""
try:
if tm.authenticated_user_id:
authenticated_user_id = token_auth.current_user()
if authenticated_user_id:
campaign = CampaignService.get_campaign_as_dto(
campaign_id, tm.authenticated_user_id
campaign_id, authenticated_user_id
)
else:
campaign = CampaignService.get_campaign_as_dto(campaign_id, 0)
Expand Down Expand Up @@ -120,7 +121,7 @@ def patch(self, campaign_id):
"""
try:
orgs_dto = OrganisationService.get_organisations_managed_by_user_as_dto(
tm.authenticated_user_id
token_auth.current_user()
)
if len(orgs_dto.organisations) < 1:
raise ValueError("User not a Org Manager")
Expand Down Expand Up @@ -185,7 +186,7 @@ def delete(self, campaign_id):
"""
try:
orgs_dto = OrganisationService.get_organisations_managed_by_user_as_dto(
tm.authenticated_user_id
token_auth.current_user()
)
if len(orgs_dto.organisations) < 1:
raise ValueError("User not a Org Manager")
Expand Down Expand Up @@ -284,7 +285,7 @@ def post(self):
"""
try:
orgs_dto = OrganisationService.get_organisations_managed_by_user_as_dto(
tm.authenticated_user_id
token_auth.current_user()
)
if len(orgs_dto.organisations) < 1:
raise ValueError("User not a Org Manager")
Expand Down
12 changes: 6 additions & 6 deletions backend/api/comments/resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,13 +52,13 @@ def post(self, project_id):
500:
description: Internal Server Error
"""

if UserService.is_user_blocked(tm.authenticated_user_id):
authenticated_user_id = token_auth.current_user()
if UserService.is_user_blocked(authenticated_user_id):
return "User is on read only mode", 403

try:
chat_dto = ChatMessageDTO(request.get_json())
chat_dto.user_id = tm.authenticated_user_id
chat_dto.user_id = authenticated_user_id
chat_dto.project_id = project_id
chat_dto.validate()
except DataError as e:
Expand All @@ -67,7 +67,7 @@ def post(self, project_id):

try:
project_messages = ChatService.post_message(
chat_dto, project_id, tm.authenticated_user_id
chat_dto, project_id, authenticated_user_id
)
return project_messages.to_primitive(), 201
except ValueError as e:
Expand Down Expand Up @@ -188,7 +188,7 @@ def post(self, project_id, task_id):
"""
try:
task_comment = TaskCommentDTO(request.get_json())
task_comment.user_id = tm.authenticated_user_id
task_comment.user_id = token_auth.current_user()
task_comment.task_id = task_id
task_comment.project_id = project_id
task_comment.validate()
Expand Down Expand Up @@ -263,7 +263,7 @@ def get(self, project_id, task_id):
"""
try:
task_comment = TaskCommentDTO(request.get_json())
task_comment.user_id = tm.authenticated_user_id
task_comment.user_id = token_auth.current_user()
task_comment.task_id = task_id
task_comment.project_id = project_id
task_comment.validate()
Expand Down
10 changes: 5 additions & 5 deletions backend/api/interests/resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from backend.models.postgis.utils import NotFound
from backend.services.interests_service import InterestService
from backend.services.organisation_service import OrganisationService
from backend.services.users.authentication_service import token_auth, tm
from backend.services.users.authentication_service import token_auth

from sqlalchemy.exc import IntegrityError

Expand Down Expand Up @@ -50,7 +50,7 @@ def post(self):
"""
try:
orgs_dto = OrganisationService.get_organisations_managed_by_user_as_dto(
tm.authenticated_user_id
token_auth.current_user()
)
if len(orgs_dto.organisations) < 1:
raise ValueError("User not a Org Manager")
Expand Down Expand Up @@ -145,7 +145,7 @@ def get(self, interest_id):
"""
try:
orgs_dto = OrganisationService.get_organisations_managed_by_user_as_dto(
tm.authenticated_user_id
token_auth.current_user()
)
if len(orgs_dto.organisations) < 1:
raise ValueError("User not a Org Manager")
Expand Down Expand Up @@ -206,7 +206,7 @@ def patch(self, interest_id):
"""
try:
orgs_dto = OrganisationService.get_organisations_managed_by_user_as_dto(
tm.authenticated_user_id
token_auth.current_user()
)
if len(orgs_dto.organisations) < 1:
raise ValueError("User not a Org Manager")
Expand Down Expand Up @@ -265,7 +265,7 @@ def delete(self, interest_id):
"""
try:
orgs_dto = OrganisationService.get_organisations_managed_by_user_as_dto(
tm.authenticated_user_id
token_auth.current_user()
)
if len(orgs_dto.organisations) < 1:
raise ValueError("User not a Org Manager")
Expand Down
4 changes: 2 additions & 2 deletions backend/api/licenses/actions.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
from flask_restful import Resource, current_app

from backend.services.users.authentication_service import token_auth, tm
from backend.services.users.authentication_service import token_auth
from backend.services.users.user_service import UserService, NotFound


Expand Down Expand Up @@ -38,7 +38,7 @@ def post(self, license_id):
description: Internal Server Error
"""
try:
UserService.accept_license_terms(tm.authenticated_user_id, license_id)
UserService.accept_license_terms(token_auth.current_user(), license_id)
return {"Success": "Terms Accepted"}, 200
except NotFound:
return {"Error": "User or mapping not found"}, 404
Expand Down
2 changes: 1 addition & 1 deletion backend/api/notifications/actions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ def delete(self):
message_ids = request.get_json()["messageIds"]
if message_ids:
MessageService.delete_multiple_messages(
message_ids, tm.authenticated_user_id
message_ids, token_auth.current_user()
)

return {"Success": "Messages deleted"}, 200
Expand Down
8 changes: 4 additions & 4 deletions backend/api/notifications/resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ def get(self, message_id):
"""
try:
user_message = MessageService.get_message_as_dto(
message_id, tm.authenticated_user_id
message_id, token_auth.current_user()
)
return user_message.to_primitive(), 200
except MessageServiceError:
Expand Down Expand Up @@ -89,7 +89,7 @@ def delete(self, message_id):
description: Internal Server Error
"""
try:
MessageService.delete_message(message_id, tm.authenticated_user_id)
MessageService.delete_message(message_id, token_auth.current_user())
return {"Success": "Message deleted"}, 200
except MessageServiceError:
return {"Error": "Unable to delete message"}, 403
Expand Down Expand Up @@ -171,7 +171,7 @@ def get(self):
project = request.args.get("project", None, int)
task_id = request.args.get("taskId", None, int)
user_messages = MessageService.get_all_messages(
tm.authenticated_user_id,
token_auth.current_user(),
preferred_locale,
page,
page_size,
Expand Down Expand Up @@ -215,7 +215,7 @@ def get(self):
"""
try:
unread_count = MessageService.has_user_new_messages(
tm.authenticated_user_id
token_auth.current_user()
)
return unread_count, 200
except Exception as e:
Expand Down
6 changes: 3 additions & 3 deletions backend/api/organisations/campaigns.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
from backend.services.organisation_service import OrganisationService
from backend.models.postgis.utils import NotFound
from backend.models.postgis.campaign import Campaign
from backend.services.users.authentication_service import token_auth, tm
from backend.services.users.authentication_service import token_auth


class OrganisationsCampaignsAPI(Resource):
Expand Down Expand Up @@ -50,7 +50,7 @@ def post(self, organisation_id, campaign_id):
"""
try:
if OrganisationService.can_user_manage_organisation(
organisation_id, tm.authenticated_user_id
organisation_id, token_auth.current_user()
):
if Campaign.campaign_organisation_exists(campaign_id, organisation_id):
message = "Campaign {} is already assigned to organisation {}.".format(
Expand Down Expand Up @@ -155,7 +155,7 @@ def delete(self, organisation_id, campaign_id):
"""
try:
if OrganisationService.can_user_manage_organisation(
organisation_id, tm.authenticated_user_id
organisation_id, token_auth.current_user()
):
CampaignService.delete_organisation_campaign(
organisation_id, campaign_id
Expand Down
26 changes: 12 additions & 14 deletions backend/api/organisations/resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
)

from backend.services.users.user_service import UserService
from backend.services.users.authentication_service import token_auth, tm, verify_token
from backend.services.users.authentication_service import token_auth


class OrganisationsRestAPI(Resource):
Expand Down Expand Up @@ -70,7 +70,7 @@ def post(self):
500:
description: Internal Server Error
"""
request_user = User.get_by_id(tm.authenticated_user_id)
request_user = User.get_by_id(token_auth.current_user())
if request_user.role != 1:
return {"Error": "Only admin users can create organisations."}, 403

Expand Down Expand Up @@ -128,7 +128,7 @@ def delete(self, organisation_id):
description: Internal Server Error
"""
if not OrganisationService.can_user_manage_organisation(
organisation_id, tm.authenticated_user_id
organisation_id, token_auth.current_user()
):
return {"Error": "User is not an admin for the org"}, 403
try:
Expand Down Expand Up @@ -174,10 +174,11 @@ def get(self, organisation_id):
description: Internal Server Error
"""
try:
if tm.authenticated_user_id is None:
authenticated_user_id = token_auth.current_user()
if authenticated_user_id is None:
user_id = 0
else:
user_id = tm.authenticated_user_id
user_id = authenticated_user_id
organisation_dto = OrganisationService.get_organisation_by_id_as_dto(
organisation_id, user_id
)
Expand Down Expand Up @@ -247,7 +248,7 @@ def patch(self, organisation_id):
description: Internal Server Error
"""
if not OrganisationService.can_user_manage_organisation(
organisation_id, tm.authenticated_user_id
organisation_id, token_auth.current_user()
):
return {"Error": "User is not an admin for the org"}, 403
try:
Expand All @@ -272,6 +273,7 @@ def patch(self, organisation_id):


class OrganisationsAllAPI(Resource):
@token_auth.login_required(optional=True)
def get(self):
"""
List all organisations
Expand Down Expand Up @@ -307,22 +309,18 @@ def get(self):
"""

# Restrict some of the parameters to some permissions
authenticated_user_id = token_auth.current_user()
try:
manager_user_id = int(request.args.get("manager_user_id"))
except Exception:
manager_user_id = None

if manager_user_id is not None:
try:
# Verify login
verify_token(
request.environ.get("HTTP_AUTHORIZATION").split(None, 1)[1]
)

# Check whether user is admin (can do any query) or user is checking for own projects
if (
not UserService.is_user_an_admin(tm.authenticated_user_id)
and tm.authenticated_user_id != manager_user_id
not UserService.is_user_an_admin(authenticated_user_id)
and authenticated_user_id != manager_user_id
):
raise ValueError

Expand All @@ -332,7 +330,7 @@ def get(self):
# Obtain organisations
try:
results_dto = OrganisationService.get_organisations_as_dto(
manager_user_id, tm.authenticated_user_id
manager_user_id, authenticated_user_id
)
return results_dto.to_primitive(), 200
except NotFound:
Expand Down
Loading

0 comments on commit 2fce3e5

Please sign in to comment.