Mirror/app-MAIL-temp
1
0
Fork 0
mirror of https://github.com/simple-login/app.git synced 2024-11-10 21:27:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
e71d6264a7
app-MAIL-temp/app/api/views/alias.py

480 lines
12 KiB
Python
Raw Normal View History

support pinned parameter in /api/v2/aliases
2022-02-03 11:16:42 +01:00
from deprecated import deprecated
GET /api/aliases
2020-02-04 17:26:59 +01:00
from flask import g
use parseaddr instead of get_email_part
2020-03-15 22:32:48 +01:00
from flask import jsonify
from flask import request
GET /api/aliases
2020-02-04 17:26:59 +01:00
make sure to add alias into global trash when deleting it
2020-05-07 22:27:27 +02:00
from app import alias_utils
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
from app.api.base import api_bp, require_api_auth
Move methods to api/serializer.py
2020-04-05 16:32:38 +02:00
from app.api.serializer import (
Fix duplicate results
2020-03-17 20:16:20 +01:00
AliasInfo,
Move methods to api/serializer.py
2020-04-05 16:32:38 +02:00
serialize_alias_info,
serialize_contact,
get_alias_infos_with_pagination,
get_alias_contacts,
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
serialize_alias_info_v2,
use the alias v2 format for GET /api/aliases/:alias_id, POST /api/v2/alias/custom/new, POST /api/v2/alias/random/new
2020-05-23 19:18:24 +02:00
get_alias_info_v2,
create get_alias_infos_with_pagination_v3 - reduce nb queries used in get_alias_infos_with_pagination_v2
2020-08-21 19:51:48 +02:00
get_alias_infos_with_pagination_v3,
Fix duplicate results
2020-03-17 20:16:20 +01:00
)
Prevent free users from creating reverse-alias
2022-04-21 18:40:24 +02:00
from app.dashboard.views.alias_contact_manager import create_contact
Move methods to api/serializer.py
2020-04-05 16:32:38 +02:00
from app.dashboard.views.alias_log import get_alias_log
do not use flask-sqlalchemy - add __tablename__ for all models - use sa and orm instead of db - rollback all changes in tests - remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
from app.db import Session
Prevent free users from creating reverse-alias
2022-04-21 18:40:24 +02:00
from app.errors import (
CannotCreateContactForReverseAlias,
ErrContactErrorUpgradeNeeded,
ErrContactAlreadyExists,
ErrAddressInvalid,
sanitize contact email
2021-01-11 12:27:02 +01:00
)
Rate limit index endpoint (#1948)
2023-11-21 14:42:24 +01:00
from app.extensions import limiter
Create jobs to trigger sending all alias as create events (#2126) * Create jobs to trigger sending all alias as create events * Set events in past tense * fix test * Removed debug log * Log messages
2024-06-07 15:36:18 +02:00
from app.log import LOG
add mailboxes to GET /api/v2/aliases
2020-05-03 15:56:45 +02:00
from app.models import Alias, Contact, Mailbox, AliasMailbox
GET /api/aliases
2020-02-04 17:26:59 +01:00
support pinned parameter in /api/v2/aliases
2022-02-03 11:16:42 +01:00
@deprecated
Take into account query in GET /api/aliases
2020-03-17 19:32:45 +01:00
@api_bp.route("/aliases", methods=["GET", "POST"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
Increase limit for the dashboard and do it by user
2023-12-19 17:27:55 +01:00
@limiter.limit("10/minute", key_func=lambda: g.user.id)
GET /api/aliases
2020-02-04 17:26:59 +01:00
def get_aliases():
"""
Get aliases
Input:
page_id: in query
Output:
- aliases: list of alias:
- id
- email
- creation_date
- creation_timestamp
- nb_forward
- nb_block
- nb_reply
return note in GET /api/aliases
2020-03-11 12:13:38 +01:00
- note
GET /api/aliases
2020-02-04 17:26:59 +01:00
"""
user = g.user
try:
page_id = int(request.args.get("page_id"))
except (ValueError, TypeError):
return jsonify(error="page_id must be provided in request query"), 400
Take into account query in GET /api/aliases
2020-03-17 19:32:45 +01:00
query = None
data = request.get_json(silent=True)
if data:
query = data.get("query")
Fix duplicate results
2020-03-17 20:16:20 +01:00
alias_infos: [AliasInfo] = get_alias_infos_with_pagination(
user, page_id=page_id, query=query
)
GET /api/aliases
2020-02-04 17:26:59 +01:00
return (
jsonify(
reformat: create serialize_alias_info()
2020-03-26 19:35:44 +01:00
aliases=[serialize_alias_info(alias_info) for alias_info in alias_infos]
GET /api/aliases
2020-02-04 17:26:59 +01:00
),
200,
)
Add DELETE /api/aliases/:alias_id endpoint
2020-02-05 12:21:17 +01:00
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
@api_bp.route("/v2/aliases", methods=["GET", "POST"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
reduce rate limit on /v2/aliases endpoint (#1979) Co-authored-by: Son NK <son@simplelogin.io>
2023-12-27 16:42:58 +01:00
@limiter.limit("50/minute", key_func=lambda: g.user.id)
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
def get_aliases_v2():
"""
Get aliases
Input:
page_id: in query
support pinned parameter in /api/v2/aliases
2022-02-03 11:16:42 +01:00
pinned: in query
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
disabled: in query
support "enabled" param in /api/v2/aliases
2022-04-28 17:24:35 +02:00
enabled: in query
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
Output:
- aliases: list of alias:
- id
- email
- creation_date
- creation_timestamp
- nb_forward
- nb_block
- nb_reply
- note
add mailboxes to GET /api/v2/aliases
2020-05-03 15:56:45 +02:00
- mailbox
- mailboxes
Return support_pgp in GET /api/v2/aliases
2020-08-04 20:09:42 +02:00
- support_pgp
replace pgp_enabled by disable_pgp
2020-08-06 14:22:28 +02:00
- disable_pgp
return latest_activity=null if there's no activity in GET /api/v2/aliases
2020-11-01 12:32:20 +01:00
- latest_activity: null if no activity.
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
- timestamp
- action: forward|reply|block|bounced
- contact:
- email
- name
- reverse_alias
"""
user = g.user
try:
page_id = int(request.args.get("page_id"))
except (ValueError, TypeError):
return jsonify(error="page_id must be provided in request query"), 400
support pinned parameter in /api/v2/aliases
2022-02-03 11:16:42 +01:00
pinned = "pinned" in request.args
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
disabled = "disabled" in request.args
support "enabled" param in /api/v2/aliases
2022-04-28 17:24:35 +02:00
enabled = "enabled" in request.args
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
if pinned:
alias_filter = "pinned"
elif disabled:
alias_filter = "disabled"
support "enabled" param in /api/v2/aliases
2022-04-28 17:24:35 +02:00
elif enabled:
alias_filter = "enabled"
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
else:
alias_filter = None
support pinned parameter in /api/v2/aliases
2022-02-03 11:16:42 +01:00
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
query = None
data = request.get_json(silent=True)
if data:
query = data.get("query")
create get_alias_infos_with_pagination_v3 - reduce nb queries used in get_alias_infos_with_pagination_v2
2020-08-21 19:51:48 +02:00
alias_infos: [AliasInfo] = get_alias_infos_with_pagination_v3(
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
user, page_id=page_id, query=query, alias_filter=alias_filter
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
)
return (
jsonify(
aliases=[serialize_alias_info_v2(alias_info) for alias_info in alias_infos]
),
200,
)
Add DELETE /api/aliases/:alias_id endpoint
2020-02-05 12:21:17 +01:00
@api_bp.route("/aliases/<int:alias_id>", methods=["DELETE"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
Add DELETE /api/aliases/:alias_id endpoint
2020-02-05 12:21:17 +01:00
def delete_alias(alias_id):
"""
Delete alias
Input:
alias_id: in url
Output:
200 if deleted successfully
"""
user = g.user
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
alias = Alias.get(alias_id)
Add DELETE /api/aliases/:alias_id endpoint
2020-02-05 12:21:17 +01:00
fix alias can be none in delete alias endpoint
2020-06-28 09:47:56 +02:00
if not alias or alias.user_id != user.id:
Add DELETE /api/aliases/:alias_id endpoint
2020-02-05 12:21:17 +01:00
return jsonify(error="Forbidden"), 403
make sure to add alias into global trash when deleting it
2020-05-07 22:27:27 +02:00
alias_utils.delete_alias(alias, user)
Add DELETE /api/aliases/:alias_id endpoint
2020-02-05 12:21:17 +01:00
return jsonify(deleted=True), 200
add POST /api/aliases/:alias_id/toggle endpoint
2020-02-05 12:28:54 +01:00
@api_bp.route("/aliases/<int:alias_id>/toggle", methods=["POST"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
add POST /api/aliases/:alias_id/toggle endpoint
2020-02-05 12:28:54 +01:00
def toggle_alias(alias_id):
"""
Enable/disable alias
Input:
alias_id: in url
Output:
200 along with new status:
- enabled
"""
user = g.user
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
alias: Alias = Alias.get(alias_id)
add POST /api/aliases/:alias_id/toggle endpoint
2020-02-05 12:28:54 +01:00
handle case alias can be None in toggle_alias
2020-09-05 20:54:08 +02:00
if not alias or alias.user_id != user.id:
add POST /api/aliases/:alias_id/toggle endpoint
2020-02-05 12:28:54 +01:00
return jsonify(error="Forbidden"), 403
Add sync events (#2113) * feat: add protocol buffers for events * chore: add EventDispatcher * chore: add WebhookEvent class * chore: emit events * feat: initial version of event listener * chore: emit user plan change with new timestamp * feat: emit metrics + add alias status to create event * chore: add newrelic decorator to functions * fix: event emitter fixes * fix: take null end_time into account * fix: avoid double-commits * chore: move UserDeleted event to User.delete method * db: add index to sync_event created_at and taken_time columns * chore: add index to model
2024-05-23 10:27:08 +02:00
alias_utils.change_alias_status(alias, enabled=not alias.enabled)
Create jobs to trigger sending all alias as create events (#2126) * Create jobs to trigger sending all alias as create events * Set events in past tense * fix test * Removed debug log * Log messages
2024-06-07 15:36:18 +02:00
LOG.i(f"User {user} changed alias {alias} enabled status to {alias.enabled}")
do not use flask-sqlalchemy - add __tablename__ for all models - use sa and orm instead of db - rollback all changes in tests - remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Session.commit()
add POST /api/aliases/:alias_id/toggle endpoint
2020-02-05 12:28:54 +01:00
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
return jsonify(enabled=alias.enabled), 200
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
@api_bp.route("/aliases/<int:alias_id>/activities")
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
def get_alias_activities(alias_id):
"""
Get aliases
Input:
page_id: in query
Output:
- activities: list of activity:
- from
- to
- timestamp
Add GET /api/v2/aliases
2020-04-06 22:26:35 +02:00
- action: forward|reply|block|bounced
Add reverse_alias to GET /api/aliases/:alias_id/activities
2020-04-04 19:18:07 +02:00
- reverse_alias
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
"""
user = g.user
try:
page_id = int(request.args.get("page_id"))
except (ValueError, TypeError):
return jsonify(error="page_id must be provided in request query"), 400
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
alias: Alias = Alias.get(alias_id)
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
check if alias exists
2020-06-07 12:50:30 +02:00
if not alias or alias.user_id != user.id:
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
return jsonify(error="Forbidden"), 403
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
alias_logs = get_alias_log(alias, page_id)
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
activities = []
for alias_log in alias_logs:
Add reverse_alias to GET /api/aliases/:alias_id/activities
2020-04-04 19:18:07 +02:00
activity = {
"timestamp": alias_log.when.timestamp,
"reverse_alias": alias_log.reverse_alias,
Add reverse_alias_address to GET /api/aliases/:alias_id/activities
2020-11-17 09:27:30 +01:00
"reverse_alias_address": alias_log.contact.reply_email,
Add reverse_alias to GET /api/aliases/:alias_id/activities
2020-04-04 19:18:07 +02:00
}
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
if alias_log.is_reply:
activity["from"] = alias_log.alias
set contact name, use website_email instead of website_from in alias endpoint
2020-04-05 12:58:06 +02:00
activity["to"] = alias_log.website_email
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
activity["action"] = "reply"
else:
activity["to"] = alias_log.alias
set contact name, use website_email instead of website_from in alias endpoint
2020-04-05 12:58:06 +02:00
activity["from"] = alias_log.website_email
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
disable bounced email in alias log
2020-02-22 07:27:22 +01:00
if alias_log.bounced:
activity["action"] = "bounced"
elif alias_log.blocked:
add GET /api/aliases/:alias_id/activities endpoint
2020-02-05 12:57:11 +01:00
activity["action"] = "block"
else:
activity["action"] = "forward"
activities.append(activity)
GET /api/aliases/:alias_id/contacts
2020-03-14 12:22:43 +01:00
return jsonify(activities=activities), 200
PUT /api/aliases/:alias_id
2020-03-14 11:38:39 +01:00
Support pinned in PATCH /api/aliases/:alias_id
2020-11-15 18:45:58 +01:00
@api_bp.route("/aliases/<int:alias_id>", methods=["PUT", "PATCH"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
PUT /api/aliases/:alias_id
2020-03-14 11:38:39 +01:00
def update_alias(alias_id):
"""
Update alias note
Input:
alias_id: in url
improve doc
2020-05-03 14:24:17 +02:00
note (optional): in body
name (optional): in body
mailbox_id (optional): in body
Support disable_pgp in update alias endpoint
2020-05-16 12:55:21 +02:00
disable_pgp (optional): in body
PUT /api/aliases/:alias_id
2020-03-14 11:38:39 +01:00
Output:
200
"""
data = request.get_json()
if not data:
return jsonify(error="request body cannot be empty"), 400
user = g.user
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
alias: Alias = Alias.get(alias_id)
PUT /api/aliases/:alias_id
2020-03-14 11:38:39 +01:00
fix alias can be none in update alias endpoint
2020-06-28 09:47:09 +02:00
if not alias or alias.user_id != user.id:
PUT /api/aliases/:alias_id
2020-03-14 11:38:39 +01:00
return jsonify(error="Forbidden"), 403
Support update mailbox_id in PUT /aliases/:aliasID
2020-04-25 13:10:00 +02:00
changed = False
if "note" in data:
new_note = data.get("note")
alias.note = new_note
changed = True
if "mailbox_id" in data:
mailbox_id = int(data.get("mailbox_id"))
mailbox = Mailbox.get(mailbox_id)
if not mailbox or mailbox.user_id != user.id or not mailbox.verified:
return jsonify(error="Forbidden"), 400
alias.mailbox_id = mailbox_id
changed = True
Support mailbox_ids in PUT /api/aliases/:alias_id
2020-05-03 16:02:46 +02:00
if "mailbox_ids" in data:
mailbox_ids = [int(m_id) for m_id in data.get("mailbox_ids")]
mailboxes: [Mailbox] = []
# check if all mailboxes belong to user
for mailbox_id in mailbox_ids:
mailbox = Mailbox.get(mailbox_id)
if not mailbox or mailbox.user_id != user.id or not mailbox.verified:
return jsonify(error="Forbidden"), 400
mailboxes.append(mailbox)
if not mailboxes:
return jsonify(error="Must choose at least one mailbox"), 400
# <<< update alias mailboxes >>>
# first remove all existing alias-mailboxes links
do not use flask-sqlalchemy - add __tablename__ for all models - use sa and orm instead of db - rollback all changes in tests - remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
AliasMailbox.filter_by(alias_id=alias.id).delete()
Session.flush()
Support mailbox_ids in PUT /api/aliases/:alias_id
2020-05-03 16:02:46 +02:00
# then add all new mailboxes
for i, mailbox in enumerate(mailboxes):
if i == 0:
alias.mailbox_id = mailboxes[0].id
else:
remove AliasMailbox.user_id column
2020-05-15 16:35:57 +02:00
AliasMailbox.create(alias_id=alias.id, mailbox_id=mailbox.id)
Support mailbox_ids in PUT /api/aliases/:alias_id
2020-05-03 16:02:46 +02:00
# <<< END update alias mailboxes >>>
changed = True
Accept "name" in PUT /api/aliases/:alias_id
2020-04-26 10:38:16 +02:00
if "name" in data:
make sure alias name does not contain a linebreak
2020-11-20 18:39:23 +01:00
# to make sure alias name doesn't contain linebreak
fix
2020-11-22 13:50:57 +01:00
new_name = data.get("name")
fix
2021-11-08 11:52:41 +01:00
if new_name and len(new_name) > 128:
return error if name too long when updating alias
2021-11-08 11:26:10 +01:00
return jsonify(error="Name can't be longer than 128 characters"), 400
handle new name can be null
2020-11-22 12:10:19 +01:00
if new_name:
new_name = new_name.replace("\n", "")
Accept "name" in PUT /api/aliases/:alias_id
2020-04-26 10:38:16 +02:00
alias.name = new_name
changed = True
Support disable_pgp in update alias endpoint
2020-05-16 12:55:21 +02:00
if "disable_pgp" in data:
alias.disable_pgp = data.get("disable_pgp")
changed = True
Support pinned in PATCH /api/aliases/:alias_id
2020-11-15 18:45:58 +01:00
if "pinned" in data:
alias.pinned = data.get("pinned")
changed = True
Support update mailbox_id in PUT /aliases/:aliasID
2020-04-25 13:10:00 +02:00
if changed:
do not use flask-sqlalchemy - add __tablename__ for all models - use sa and orm instead of db - rollback all changes in tests - remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Session.commit()
Support update mailbox_id in PUT /aliases/:aliasID
2020-04-25 13:10:00 +02:00
return jsonify(ok=True), 200
GET /api/aliases/:alias_id/contacts
2020-03-14 12:22:43 +01:00
GET /api/aliases/:alias_id
2020-03-26 19:44:00 +01:00
@api_bp.route("/aliases/<int:alias_id>", methods=["GET"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
GET /api/aliases/:alias_id
2020-03-26 19:44:00 +01:00
def get_alias(alias_id):
"""
Get alias
Input:
alias_id: in url
Output:
Alias info, same as in get_aliases
"""
user = g.user
alias: Alias = Alias.get(alias_id)
handle case where alias is None
2020-06-19 23:44:16 +02:00
if not alias:
return jsonify(error="Unknown error"), 400
GET /api/aliases/:alias_id
2020-03-26 19:44:00 +01:00
if alias.user_id != user.id:
return jsonify(error="Forbidden"), 403
use the alias v2 format for GET /api/aliases/:alias_id, POST /api/v2/alias/custom/new, POST /api/v2/alias/random/new
2020-05-23 19:18:24 +02:00
return jsonify(**serialize_alias_info_v2(get_alias_info_v2(alias))), 200
GET /api/aliases/:alias_id
2020-03-26 19:44:00 +01:00
GET /api/aliases/:alias_id/contacts
2020-03-14 12:22:43 +01:00
@api_bp.route("/aliases/<int:alias_id>/contacts")
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
GET /api/aliases/:alias_id/contacts
2020-03-14 12:22:43 +01:00
def get_alias_contacts_route(alias_id):
"""
Get alias contacts
Input:
page_id: in query
Output:
- contacts: list of contacts:
- creation_date
- creation_timestamp
- last_email_sent_date
- last_email_sent_timestamp
- contact
- reverse_alias
"""
user = g.user
try:
page_id = int(request.args.get("page_id"))
except (ValueError, TypeError):
return jsonify(error="page_id must be provided in request query"), 400
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
alias: Alias = Alias.get(alias_id)
GET /api/aliases/:alias_id/contacts
2020-03-14 12:22:43 +01:00
check if alias is not none
2022-01-18 09:40:50 +01:00
if not alias:
return jsonify(error="No such alias"), 404
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
if alias.user_id != user.id:
GET /api/aliases/:alias_id/contacts
2020-03-14 12:22:43 +01:00
return jsonify(error="Forbidden"), 403
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
contacts = get_alias_contacts(alias, page_id)
GET /api/aliases/:alias_id/contacts
2020-03-14 12:22:43 +01:00
return jsonify(contacts=contacts), 200
POST /api/aliases/:alias_id/contacts
2020-03-14 12:55:38 +01:00
@api_bp.route("/aliases/<int:alias_id>/contacts", methods=["POST"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
POST /api/aliases/:alias_id/contacts
2020-03-14 12:55:38 +01:00
def create_contact_route(alias_id):
"""
Create contact for an alias
Input:
alias_id: in url
contact: in body
Output:
201 if success
409 if contact already added
"""
data = request.get_json()
if not data:
return jsonify(error="request body cannot be empty"), 400
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
alias: Alias = Alias.get(alias_id)
POST /api/aliases/:alias_id/contacts
2020-03-14 12:55:38 +01:00
Prevent free users from creating reverse-alias
2022-04-21 18:40:24 +02:00
if alias.user_id != g.user.id:
POST /api/aliases/:alias_id/contacts
2020-03-14 12:55:38 +01:00
return jsonify(error="Forbidden"), 403
Prevent free users from creating reverse-alias
2022-04-21 18:40:24 +02:00
contact_address = data.get("contact")
POST /api/aliases/:alias_id/contacts
2020-03-14 12:55:38 +01:00
handle CannotCreateContactForReverseAlias when user creates a new contact
2022-01-07 10:47:36 +01:00
try:
Prevent free users from creating reverse-alias
2022-04-21 18:40:24 +02:00
contact = create_contact(g.user, alias, contact_address)
except ErrContactErrorUpgradeNeeded as err:
return jsonify(error=err.error_for_user()), 403
except (ErrAddressInvalid, CannotCreateContactForReverseAlias) as err:
return jsonify(error=err.error_for_user()), 400
except ErrContactAlreadyExists as err:
return jsonify(**serialize_contact(err.contact, existed=True)), 200
POST /api/aliases/:alias_id/contacts
2020-03-14 12:55:38 +01:00
rename ForwardEmail to Contact
2020-03-17 10:56:59 +01:00
return jsonify(**serialize_contact(contact)), 201
Add DELETE /api/contacts/:contact_id
2020-03-17 19:18:26 +01:00
@api_bp.route("/contacts/<int:contact_id>", methods=["DELETE"])
rename verify_api_key -> require_api_auth
2020-04-24 14:08:00 +02:00
@require_api_auth
Add DELETE /api/contacts/:contact_id
2020-03-17 19:18:26 +01:00
def delete_contact(contact_id):
"""
Delete contact
Input:
contact_id: in url
Output:
200
"""
user = g.user
contact = Contact.get(contact_id)
if not contact or contact.alias.user_id != user.id:
return jsonify(error="Forbidden"), 403
Contact.delete(contact_id)
do not use flask-sqlalchemy - add __tablename__ for all models - use sa and orm instead of db - rollback all changes in tests - remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Session.commit()
Add DELETE /api/contacts/:contact_id
2020-03-17 19:18:26 +01:00
return jsonify(deleted=True), 200
Add POST /api/contacts/:contact_id/toggle
2021-10-28 10:14:20 +02:00
@api_bp.route("/contacts/<int:contact_id>/toggle", methods=["POST"])
@require_api_auth
def toggle_contact(contact_id):
"""
Block/Unblock contact
Input:
contact_id: in url
Output:
200
"""
user = g.user
contact = Contact.get(contact_id)
if not contact or contact.alias.user_id != user.id:
return jsonify(error="Forbidden"), 403
contact.block_forward = not contact.block_forward
Session.commit()
return jsonify(block_forward=contact.block_forward), 200
Reference in New Issue Copy Permalink