Ft: Allow admin mods from profile API

6 months ago · 4169e265ab
parent da3204380d
commit 4169e265ab
3 changed files with 104 additions and 3 deletions
--- a/backend/blueprints/course/init.py
+++ b/backend/blueprints/course/init.py
@ -129,7 +129,7 @@ def create_course():
    if course_uploaded_pdf is not None:
        pdf_file_name: str = random_string_generator(32) +"."+ course_uploaded_pdf.filename.split('.')[-1]
        course_uploaded_pdf.save(os.path.join(USER_UPLOADS_DIR, pdf_file_name))
-    published_status: PublishedStatus = PublishedStatus.DRAFT
+    published_status: PublishedStatus = PublishedStatus.PENDING
    try:
        course_name: str = form_data['course_name']
    except KeyError:
@ -358,3 +358,81 @@ def update_category():
            selected_category.isActive = bool(int(form_data.get('isActive')))
        db.session.commit()
        return jsonify({'message': 'Category updated'}), 200
+
+@course.route('/enrolled')
+@auth_required()
+def enrolled_courses():
+    enrollments: Course = db.session.execute(
+        select(Enrollment).where(
+            and_(Enrollment.userID == g.current_user.id, Course.publishedStatus == int(PublishedStatus.APPROVED))
+        )
+    ).scalars()
+    enrolled_list: list[dict] = []
+    for enroll_row in enrollments:
+        item = enroll_row.course
+        enrolled_list.append(
+            {
+                'id': enroll_row.id,
+                'course_id': enroll_row.courseID,
+                'lastActivity': enroll_row.lastActivity,
+                'currentPage': enroll_row.currentPage,
+                'maxPage': enroll_row.maxPage,
+                'joinedDate': enroll_row.joinedDate,
+                'userID': enroll_row.userID,
+                'name': item.name,
+                'description': item.description,
+                'isActive': item.isActive,
+                'creationDate': item.creationDate,
+                'coverImage': url_for('send_file', filename=item.coverImage),
+                'totalEnrolled': item.totalEnrolled,
+                'author': {
+                    'id': item.author.id,
+                    'firstName': item.author.firstName,
+                    'lastName': item.author.lastName,
+                    'username': item.author.username,
+                    'bio': item.author.bio,
+                    'lastOnline': item.author.lastOnline,
+                    'pfpFilename': url_for('send_file', filename=item.author.pfpFilename)
+                },
+                'category': {
+                    'id': item.categoryID,
+                    'name': item.category.name,
+                    'description': item.category.description
+                }
+            })
+
+    return jsonify(enrolled_list), 200
+
+@course.route('/myCourses')
+@auth_required()
+def enrolled_courses():
+    courses: Course = db.session.execute(select(Course).where(Course.authorID == g.current_user.id)
+    ).scalars()
+    course_list: list[dict] = []
+    for item in courses:
+        course_list.append(
+            {
+                'id': item.id,
+                'name': item.name,
+                'description': item.description,
+                'isActive': item.isActive,
+                'publishedStatus': item.publishedStatus,
+                'creationDate': item.creationDate,
+                'coverImage': url_for('send_file', filename=item.coverImage),
+                'totalEnrolled': item.totalEnrolled,
+                'author': {
+                    'id': item.author.id,
+                    'firstName': item.author.firstName,
+                    'lastName': item.author.lastName,
+                    'username': item.author.username,
+                    'bio': item.author.bio,
+                    'lastOnline': item.author.lastOnline,
+                    'pfpFilename': url_for('send_file', filename=item.author.pfpFilename)
+                },
+                'category': {
+                    'id': item.categoryID,
+                    'name': item.category.name,
+                    'description': item.category.description
+                }
+            })
+    return jsonify(course_list), 200
--- a/backend/blueprints/profile/init.py
+++ b/backend/blueprints/profile/init.py
@ -1,5 +1,6 @@
 from email.policy import default
 from flask import Blueprint, request, jsonify, current_app, g,url_for
+from sqlalchemy import select
 from werkzeug.utils import secure_filename
 from datetime import datetime
 from utils.auth import auth_required, requires_role
@ -109,6 +110,14 @@ def manage_profile():
    Handle GET and PUT requests for the logged-in user's profile.
    """
    current_user: User = g.current_user
+    if g.current_user.role == int(UserRole.ADMIN) and request.form.get('user_id'):
+        target_user: User = db.session.execute(
+            select(User).where(User.id == uuid.uuid(request.form.get('user_id')))
+        ).scalar()
+        if not target_user:
+            return jsonify({'message': 'User not found'}), 404
+        else:
+            current_user = target_user
    if request.method == 'GET':
        profile_picture = url_for('send_file', filename=current_user.pfpFilename, _external=True)
        try:
@ -138,6 +147,7 @@ def manage_profile():
            username = request.form.get('username')
            dob = request.form.get('dob')
            bio = request.form.get('bio')
+            is_activated = request.form.get('isActivated')
            if first_name:
                current_user.firstName = first_name
            if last_name:
@ -148,6 +158,8 @@ def manage_profile():
                current_user.dob = dob  # Ensure the date format is validated
            if bio:
                current_user.bio = bio
+            if is_activated:
+                current_user.isActivated = bool(int(is_activated))
            db.session.commit()
            return jsonify({"message": "Profile updated successfully."}), 200
        except IntegrityError:
@ -211,6 +223,17 @@ def change_password():
    """
    user = g.current_user
    data = request.form
+
+    if g.current_user.role == int(UserRole.ADMIN) and request.form.get('user_id'):
+        new_password = data.get('new_password')
+        target_user: User = db.session.execute(
+            select(User).where(User.id == uuid.uuid(request.form.get('user_id')))
+        ).scalar()
+        if not target_user:
+            return jsonify({'message': 'User not found'}), 404
+        target_user.hash_password = generate_password_hash(new_password)
+        db.session.commit()
+        return jsonify({'message': 'Password changed successfully'}), 200
    # Validate input data
    current_password = data.get('current_password')
    new_password = data.get('new_password')
@ -232,4 +255,4 @@ def change_password():
    # Update the user's password
    user.hash_password = generate_password_hash(new_password)
    db.session.commit()
-    return jsonify({"message": "Password updated successfully"}), 200
+    return jsonify({"message": "Password updated successfully"}), 200
--- a/backend/db/model.py
+++ b/backend/db/model.py
@ -77,7 +77,7 @@ class Course(db.Model):
    totalPages: Mapped[int] = mapped_column(Integer, nullable=False, default=1)
    totalEnrolled: Mapped[int] = mapped_column(Integer, nullable=False, default=0)
    isActive: Mapped[bool] = mapped_column(Boolean, nullable=False, default=True)
-    publishedStatus: Mapped[int] = mapped_column(SmallInteger, nullable=False, default=PublishedStatus.DRAFT)
+    publishedStatus: Mapped[int] = mapped_column(SmallInteger, nullable=False, default=int(PublishedStatus.PENDING))
    creationDate: Mapped[datetime] = mapped_column(DateTime, nullable=False, default=func.now())
    coverImage: Mapped[str] = mapped_column(String(256), nullable=False, default=DEFAULT_COURSE_COVER)
    serverFilename: Mapped[str] = mapped_column(String(256), nullable=False, default='')