From 6d2bebe4b0c4a4731257a10cb788d74adcdf9306 Mon Sep 17 00:00:00 2001 From: Casu Al Snek Date: Sat, 11 Jan 2025 16:58:38 +0545 Subject: [PATCH 1/3] Added author->Course relationship in model, Fix require role decorator --- backend/blueprints/profile/__init__.py | 17 +++++++++++++++++ backend/db/model.py | 3 +++ backend/utils/auth.py | 3 +-- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/backend/blueprints/profile/__init__.py b/backend/blueprints/profile/__init__.py index edc594a..f87c59e 100644 --- a/backend/blueprints/profile/__init__.py +++ b/backend/blueprints/profile/__init__.py @@ -98,3 +98,20 @@ def register(): except Exception as e: db.session.rollback() return jsonify({"error": "Registration failed, please try again later."}), 500 + +# TODO: Implement laters +@profile.route('/update', methhods=['UPDATE', 'DELETE']) +def update(): + if request.method == 'DELETE': + pass + if request.method == 'UPDATE': + pass + +@profile.route('/me') +def my_profile(): + pass + +@profile.route('/info/') +def profile_info(user_uuid): + return user_uuid + diff --git a/backend/db/model.py b/backend/db/model.py index 6e64434..be44ffe 100644 --- a/backend/db/model.py +++ b/backend/db/model.py @@ -29,6 +29,7 @@ class User(db.Model): chats: Mapped[List["Chat"]] = relationship(back_populates="user", cascade="all, delete-orphan") notifications: Mapped[List["Notification"]] = relationship(back_populates="user", cascade="all, delete-orphan") user_badges: Mapped[List["UserBadge"]] = relationship(back_populates="user", cascade="all, delete-orphan") + publications: Mapped[List["Course"]] = relationship(back_populates="author", cascade="all, delete-orphan") dob: Mapped[datetime] = mapped_column(DateTime, nullable=False, default=datetime.fromisocalendar(2002, 1, 1)) pfpFilename: Mapped[str] = mapped_column(String(256), nullable=False, default=DEFAULT_PROFILE_FILE) joinedDate: Mapped[datetime] = mapped_column(DateTime, nullable=False, default=func.now()) @@ -75,6 +76,8 @@ class Course(db.Model): creationDate: Mapped[datetime] = mapped_column(DateTime, nullable=False, default=func.now()) coverImage: Mapped[str] = mapped_column(String(256), nullable=False, default=DEFAULT_COURSE_COVER) serverFilename: Mapped[str] = mapped_column(String(256), nullable=False, default='') + authorID: Mapped[uuid.UUID] = mapped_column(ForeignKey("user.id")) + author: Mapped["User"] = relationship(back_populates="publications") class Enrollment(db.Model): diff --git a/backend/utils/auth.py b/backend/utils/auth.py index fb490cd..fe60db9 100644 --- a/backend/utils/auth.py +++ b/backend/utils/auth.py @@ -3,9 +3,8 @@ from flask import request, jsonify from sqlalchemy import select, and_ from ..db.model import User, Session, db from ..constants import UserRole -from typing import Union -def requires_role(roles: Union[None, UserRole] = None): +def requires_role(roles=None): if roles is None: roles = [UserRole.USER] roles = [int(r) for r in roles] From ae218caf0916c6e31e2f7cf4a7fa8d837152897e Mon Sep 17 00:00:00 2001 From: Casu Al Snek Date: Sat, 11 Jan 2025 17:00:23 +0545 Subject: [PATCH 2/3] default require role now allows admins and users by default --- backend/utils/auth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/utils/auth.py b/backend/utils/auth.py index fe60db9..1829726 100644 --- a/backend/utils/auth.py +++ b/backend/utils/auth.py @@ -6,7 +6,7 @@ from ..constants import UserRole def requires_role(roles=None): if roles is None: - roles = [UserRole.USER] + roles = [UserRole.USER, UserRole.ADMIN] roles = [int(r) for r in roles] def decorator(f): @wraps(f) From ed455cb995ebf7ac069c3a915244f9c100de208e Mon Sep 17 00:00:00 2001 From: Casu Al Snek Date: Sat, 11 Jan 2025 17:13:14 +0545 Subject: [PATCH 3/3] Add user and session to request globals --- backend/utils/auth.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/backend/utils/auth.py b/backend/utils/auth.py index 1829726..a8bc72e 100644 --- a/backend/utils/auth.py +++ b/backend/utils/auth.py @@ -1,5 +1,5 @@ from functools import wraps -from flask import request, jsonify +from flask import request, jsonify, g from sqlalchemy import select, and_ from ..db.model import User, Session, db from ..constants import UserRole @@ -23,9 +23,12 @@ def requires_role(roles=None): ).scalar() if not session: return jsonify({'error': 'Invalid or expired session'}), 401 - user = session.user + + user: User = session.user if not user: return jsonify({'error': 'User not found for the Access token'}), 401 + g.current_session = session + g.current_user = user # If no roles specified, allow access if not roles: return f(*args, **kwargs)