Minor restructuring and add documentation
This commit is contained in:
april
40
api/database/utils.py
Normal file
40
api/database/utils.py
Normal file
@@ -0,0 +1,40 @@
|
||||
import bcrypt
|
||||
from flask import jsonify
|
||||
from mongoengine import DoesNotExist
|
||||
|
||||
from database.models import User, AuthLevel
|
||||
|
||||
|
||||
def update_profile(user_id, username=None, password=None, auth_level=None):
|
||||
"""
|
||||
Update the profile of the given user
|
||||
|
||||
:param user_id: ID of user to update
|
||||
:param username: New username
|
||||
:param password: New password
|
||||
:param auth_level: New authorization level
|
||||
:return: Error message if user not found or access unauthorized, else 200
|
||||
"""
|
||||
try:
|
||||
user = User.objects.get(id=user_id)
|
||||
except DoesNotExist:
|
||||
return {"msg": "user not found"}, 401
|
||||
|
||||
if username:
|
||||
existing_users = User.objects(username=username).count()
|
||||
if existing_users != 0:
|
||||
return jsonify({"msg": "Username not available"})
|
||||
if password:
|
||||
hashed_password = bcrypt.hashpw(password.encode('UTF-8'), bcrypt.gensalt())
|
||||
if auth_level:
|
||||
if AuthLevel(user.level) < AuthLevel.ADMIN:
|
||||
return jsonify({"msg": "Unauthorized attempt to change auth level"}), 403
|
||||
|
||||
if username:
|
||||
user.update_one(username=username)
|
||||
if password:
|
||||
user.update_one(password=password)
|
||||
if auth_level:
|
||||
user.update_one(level=auth_level)
|
||||
|
||||
return '', 200
|
||||
Reference in New Issue
Block a user