2022-09-02 13:07:30 +02:00
|
|
|
from flask import abort, current_app, request
|
|
|
|
from flask_login import current_user, login_required
|
|
|
|
from threading import Thread
|
|
|
|
from app import db
|
|
|
|
from app.models import User
|
|
|
|
from . import bp
|
|
|
|
|
|
|
|
|
|
|
|
@bp.route('/<hashid:user_id>')
|
|
|
|
@login_required
|
|
|
|
def user(user_id):
|
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
if not (user == current_user or current_user.is_administrator()):
|
|
|
|
abort(403)
|
|
|
|
backrefs = request.args.get('backrefs', 'false').lower() == 'true'
|
|
|
|
relationships = (
|
|
|
|
request.args.get('relationships', 'false').lower() == 'true')
|
2022-11-24 12:24:29 +01:00
|
|
|
return user.to_json_serializeable(backrefs=backrefs, relationships=relationships), 200
|
2022-09-02 13:07:30 +02:00
|
|
|
|
|
|
|
|
|
|
|
@bp.route('/<hashid:user_id>', methods=['DELETE'])
|
|
|
|
@login_required
|
|
|
|
def delete_user(user_id):
|
|
|
|
def _delete_user(app, user_id):
|
|
|
|
with app.app_context():
|
|
|
|
user = User.query.get(user_id)
|
|
|
|
user.delete()
|
|
|
|
db.session.commit()
|
|
|
|
|
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
if not (user == current_user or current_user.is_administrator()):
|
|
|
|
abort(403)
|
|
|
|
thread = Thread(
|
|
|
|
target=_delete_user,
|
|
|
|
args=(current_app._get_current_object(), user_id)
|
|
|
|
)
|
|
|
|
thread.start()
|
|
|
|
return {}, 202
|