diff --git a/flaschengeist/plugins/users/__init__.py b/flaschengeist/plugins/users/__init__.py index 23dac59..e65e9df 100644 --- a/flaschengeist/plugins/users/__init__.py +++ b/flaschengeist/plugins/users/__init__.py @@ -2,20 +2,23 @@ Provides routes used to manage users """ -from http.client import CREATED -from flask import Blueprint, request, jsonify, make_response, after_this_request, Response -from werkzeug.exceptions import BadRequest, Forbidden, MethodNotAllowed -from datetime import datetime -from . import permissions +from datetime import datetime +from http.client import CREATED + +from flask import Blueprint, Response, after_this_request, jsonify, make_response, request +from werkzeug.exceptions import BadRequest, Forbidden, MethodNotAllowed + from flaschengeist import logger from flaschengeist.config import config -from flaschengeist.plugins import Plugin -from flaschengeist.models import User -from flaschengeist.utils.decorators import login_required, extract_session, headers from flaschengeist.controller import userController -from flaschengeist.utils.HTTP import created, no_content +from flaschengeist.models import User +from flaschengeist.plugins import Plugin from flaschengeist.utils.datetime import from_iso_format +from flaschengeist.utils.decorators import extract_session, headers, login_required +from flaschengeist.utils.HTTP import created, no_content + +from . import permissions class UsersPlugin(Plugin): @@ -58,7 +61,7 @@ def register(): @UsersPlugin.blueprint.route("/users", methods=["GET"]) @login_required() -@headers({"Cache-Control": "private, must-revalidate, max-age=3600"}) +# @headers({"Cache-Control": "private, must-revalidate, max-age=3600"}) def list_users(current_session): """List all existing users @@ -260,3 +263,21 @@ def shortcuts(userid, current_session): user.set_attribute("users_link_shortcuts", data) userController.persist() return no_content() + + +@UsersPlugin.blueprint.route("/users//setting/", methods=["GET", "PUT"]) +@login_required() +def settings(userid, setting, current_session): + if userid != current_session.user_.userid: + raise Forbidden + user = userController.get_user(userid) + if request.method == "GET": + retVal = user.get_attribute(setting, None) + logger.debug(f"Get setting >>{setting}<< for user >>{user.userid}<< with >>{retVal}<<") + return jsonify(retVal) + else: + data = request.get_json() + logger.debug(f"Set setting >>{setting}<< for user >>{user.userid}<< to >>{data}<<") + user.set_attribute(setting, data) + userController.persist() + return no_content()