From dee958aa2b143e14f63b939ad29f709f1df29fa8 Mon Sep 17 00:00:00 2001 From: Scott Idem Date: Thu, 18 Nov 2021 15:25:06 -0500 Subject: [PATCH] Work on user endpoints --- app/main.py | 2 +- app/methods/account_methods.py | 3 +- app/methods/user_methods.py | 28 ++++++----- app/routers/user.py | 86 ++++++++++++++++++++++++++++------ 4 files changed, 89 insertions(+), 30 deletions(-) diff --git a/app/main.py b/app/main.py index 1d56155..ecc1a92 100644 --- a/app/main.py +++ b/app/main.py @@ -282,7 +282,7 @@ app.include_router( ) app.include_router( user.router, - prefix='/user', + # prefix='/user', tags=['User'], ) app.include_router( diff --git a/app/methods/account_methods.py b/app/methods/account_methods.py index e0c92fc..f8682b1 100644 --- a/app/methods/account_methods.py +++ b/app/methods/account_methods.py @@ -532,8 +532,7 @@ def load_account_obj( # Updated 2021-06-17 if inc_user_list: if user_rec_list_result := get_user_rec_list( - for_obj_type = 'account', - for_obj_id = account_id, + account_id = account_id, limit = limit, enabled = enabled, ): diff --git a/app/methods/user_methods.py b/app/methods/user_methods.py index 513e0ee..74ca0ce 100644 --- a/app/methods/user_methods.py +++ b/app/methods/user_methods.py @@ -428,28 +428,32 @@ def load_user_obj( # ### BEGIN ### API User Methods ### get_user_rec_list() ### def get_user_rec_list( - for_obj_type: str, - for_obj_id: str, - limit: int = 1000, + account_id: int|str, + hidden: str = 'not_hidden', # hidden, not_hidden, all enabled: str = 'enabled', # enabled, disabled, all + limit: int = 1000, ) -> list|bool: log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL log.debug(locals()) - if for_obj_id := redis_lookup_id_random(record_id_random=for_obj_id, table_name=for_obj_type): pass + if account_id := redis_lookup_id_random(record_id_random=account_id, table_name='account'): pass else: return False + data = {} - data[f'{for_obj_type}_id'] = for_obj_id + data['account_id'] = account_id + sql_where_account_id = f'`user`.account_id = :account_id' + + # data[f'{for_obj_type}_id'] = for_obj_id # data['for_obj_type'] = for_obj_type - sql_obj_type_id = f'`tbl`.{for_obj_type}_id = :{for_obj_type}_id' + # sql_obj_type_id = f'`user`.{for_obj_type}_id = :{for_obj_type}_id' if enabled in ['enabled', 'disabled', 'all']: if enabled == 'enabled': data['enable'] = True - sql_enabled = f'AND `tbl`.enable = :enable' + sql_enabled = f'AND `user`.enable = :enable' elif enabled == 'disabled': data['enable'] = False - sql_enabled = f'AND `tbl`.enable = :enable' + sql_enabled = f'AND `user`.enable = :enable' elif enabled == 'all': sql_enabled = '' @@ -460,12 +464,12 @@ def get_user_rec_list( sql_limit = '' sql = f""" - SELECT `tbl`.id AS 'user_id', `tbl`.id_random AS 'user_id_random' - FROM `user` AS `tbl` + SELECT `user`.id AS 'user_id', `user`.id_random AS 'user_id_random' + FROM `user` AS `user` WHERE - {sql_obj_type_id} + {sql_where_account_id} {sql_enabled} - ORDER BY `tbl`.created_on DESC, `tbl`.updated_on DESC + ORDER BY user.name, user.email, user.username, `user`.created_on DESC, `user`.updated_on DESC {sql_limit}; """ diff --git a/app/routers/user.py b/app/routers/user.py index e878054..1fb932f 100644 --- a/app/routers/user.py +++ b/app/routers/user.py @@ -10,7 +10,7 @@ from app.db_sql import sql_insert, sql_update, sql_insert_or_update, sql_select, from app.routers.api_crud import delete_obj_template, get_obj_template, get_obj_li_template, patch_obj_template, post_obj_template from app.methods.order_methods import get_order_rec_list, load_order_obj -from app.methods.user_methods import create_user_obj, load_user_obj +from app.methods.user_methods import create_user_obj, get_user_rec_list, load_user_obj from app.models.common_field_schema import default_num_bytes from app.models.response_models import Resp_Body_Base, mk_resp @@ -20,7 +20,7 @@ from app.models.user_models import User_Base, User_New_Base, User_Out_Base router = APIRouter() -@router.post('', response_model=Resp_Body_Base) +@router.post('/user', response_model=Resp_Body_Base) async def post_user_obj( obj: User_Base, x_account_id: str = Header(...), @@ -46,7 +46,7 @@ async def post_user_obj( # ### BEGIN ### API User ### post_user_obj_new() ### # Updated 2021-08-21 (complete re-write) -@router.post('/new', response_model=Resp_Body_Base) +@router.post('/user/new', response_model=Resp_Body_Base) async def post_user_obj_new( user_obj: User_New_Base, allow_update: bool = False, @@ -86,7 +86,7 @@ async def post_user_obj_new( # ### BEGIN ### API User ### user_obj_change_password() ### -@router.patch('/{user_id}/change_password', response_model=Resp_Body_Base) +@router.patch('/user/{user_id}/change_password', response_model=Resp_Body_Base) async def user_obj_change_password( user_id: Union[int,str], user_obj: User_Base, @@ -148,7 +148,7 @@ async def user_obj_change_password( # ### END ### API User ### user_obj_change_password() ### -@router.patch('/{obj_id}', response_model=Resp_Body_Base) +@router.patch('/user/{obj_id}', response_model=Resp_Body_Base) async def patch_user_obj( obj: User_Base, obj_id: str = Query(..., min_length=1, max_length=22), @@ -178,7 +178,7 @@ async def patch_user_obj( # ### BEGIN ### API User Routers ### user_new_auth_key() ### # Generate a new one time use authorization key -@router.get('/new_auth_key', response_model=Resp_Body_Base) +@router.get('/user/new_auth_key', response_model=Resp_Body_Base) async def user_new_auth_key( user_id: Optional[str] = Query(None, min_length=2, max_length=50), x_account_id: str = Header(...), @@ -223,7 +223,7 @@ async def user_new_auth_key( # A new key will need to be requested for a particular user each time. # NOTE: Should this be divided into username/password and user ID/auth key endpoints? # Updated 2021-10-06 -@router.get('/authenticate', response_model=Resp_Body_Base) +@router.get('/user/authenticate', response_model=Resp_Body_Base) async def user_authenticate( account_id: Optional[Union[int,str]] = None, user_id: Optional[str] = Query(None, min_length=11, max_length=22), @@ -380,7 +380,7 @@ async def user_authenticate( # ### BEGIN ### API User ### user_verify_password() ### # @router.post('/{user_id}/verify_password', response_model=Resp_Body_Base) -@router.post('/verify_password', response_model=Resp_Body_Base) +@router.post('/user/verify_password', response_model=Resp_Body_Base) async def user_verify_password( user_obj: User_Base, # user_id: Optional[str] = Query(None, min_length=11, max_length=22), @@ -471,7 +471,63 @@ async def user_verify_password( # ### END ### API User ### user_verify_password() ### -@router.get('/list', response_model=Resp_Body_Base) + +@router.get('/account/{account_id}/user/list', response_model=Resp_Body_Base) +async def get_account_user_obj_li( + account_id: str = Query(..., min_length=11, max_length=22), + limit: int = 500, # For now this covers any included objects or object lists + enabled: str = 'enabled', # For now this covers any included objects or object lists + hidden: str = 'not_hidden', # hidden, not_hidden, all + inc_address: bool = False, # Priority l1 + inc_contact: bool = False, # Priority l1 + inc_person: bool = False, # Priority l1 + inc_user_role_list: bool = False, # Priority l1 + x_account_id: str = Header(...), + by_alias: Optional[bool] = True, + exclude_unset: Optional[bool] = True, + response: Response = Response, + ): + log.setLevel(logging.INFO) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL + log.debug(locals()) + + if account_id := redis_lookup_id_random(record_id_random=account_id, table_name='account'): pass + else: return mk_resp(data=None, status_code=404, response=response) + + # Updated 2021-11-18 + if user_rec_list_result := get_user_rec_list( + account_id = account_id, + hidden = hidden, # hidden, not_hidden, all + enabled = enabled, + limit = limit, + ): + user_result_list = [] + for user_rec in user_rec_list_result: + if load_user_result := load_user_obj( + user_id = user_rec.get('user_id', None), + enabled = enabled, + # hidden = hidden, + limit = limit, + inc_address = inc_address, + inc_contact = inc_contact, + inc_person = inc_person, + inc_user_role_list = inc_user_role_list, + by_alias = by_alias, + exclude_unset = exclude_unset, + # model_as_dict = model_as_dict, + ): + user_result_list.append(load_user_result) + else: + user_result_list.append(None) + response_data = user_result_list + elif isinstance(user_rec_list_result, list): + return mk_resp(data=False, status_code=404, response=response) # Not Found + else: + return mk_resp(data=False, status_code=400, response=response) # Bad Request + + return mk_resp(data=response_data, response=response) + + +@router.get('/user/list', response_model=Resp_Body_Base) async def get_user_obj_li( for_obj_type: Optional[str] = Query(None, min_length=2, max_length=50), for_obj_id: Optional[str] = Query(None, min_length=1, max_length=22), @@ -495,7 +551,7 @@ async def get_user_obj_li( # Look up is only for account or person records -@router.get('/lookup', response_model=Resp_Body_Base) +@router.get('/user/lookup', response_model=Resp_Body_Base) async def lookup_user_obj( for_obj_id: Union[int,str], for_obj_type: str = Query(..., min_length=2, max_length=50), @@ -573,7 +629,7 @@ async def lookup_user_obj( # Look up a user with an email address for an account -@router.get('/lookup_email', response_model=Resp_Body_Base) +@router.get('/user/lookup_email', response_model=Resp_Body_Base) async def lookup_email( account_id: Union[int,str], email: str = Query(..., min_length=2, max_length=50), @@ -673,7 +729,7 @@ async def lookup_email( # Look up is only for account or person records # Look up a user with a username for an account -@router.get('/lookup_username', response_model=Resp_Body_Base) +@router.get('/user/lookup_username', response_model=Resp_Body_Base) async def lookup_username( account_id: Union[int,str], username: str = Query(..., min_length=2, max_length=50), @@ -752,7 +808,7 @@ async def lookup_username( # ### BEGIN ### API User ### get_user_obj() ### # Working well as of 2021-06-25. Using as a template for other routes. -@router.get('/{user_id}', response_model=Resp_Body_Base) +@router.get('/user/{user_id}', response_model=Resp_Body_Base) async def get_user_obj( user_id: str = Query(..., min_length=1, max_length=22), limit: int = 500, # For now this covers any included objects or object lists @@ -823,7 +879,7 @@ async def get_user_obj( # ### BEGIN ### API User ### get_user_obj_order_list() ### # Working well as of 2021-06-28. Using as a template for other routes. -@router.get('/{user_id}/order_list', response_model=Resp_Body_Base) +@router.get('/user/{user_id}/order_list', response_model=Resp_Body_Base) async def get_user_obj_order_list( user_id: str = Query(..., min_length=1, max_length=22), limit: int = 500, # For now this covers any included objects or object lists @@ -883,7 +939,7 @@ async def get_user_obj_order_list( # ### END ### API User ### get_user_obj_order_list() ### -@router.delete('/{obj_id}', response_model=Resp_Body_Base) +@router.delete('/user/{obj_id}', response_model=Resp_Body_Base) async def delete_user_obj( obj_id: str = Query(..., min_length=1, max_length=22), x_account_id: str = Header(...),