Merge pull request #12 from rpdswtk/development

Add seller parameters
DiptoChakrabarty · Oct 5, 2020 · ed1a8a5 · ed1a8a5
2 parents a8047b9 + d698a95
commit ed1a8a5
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 4 deletions.
diff --git a/model/users.py b/model/users.py
@@ -22,12 +22,14 @@ class UserModel(db.Model):
     password = db.Column(db.String(20),nullable=True)
     email = db.Column(db.String(40),nullable=False,unique=True)
     activated = db.Column(db.Boolean,default=False)    #set default as False
+    seller = db.Column(db.Boolean, default=False)
 
-    def __init__(self,username,password,email,activated=True):
+    def __init__(self,username,password,email,activated=True,seller=False):
         self.username=username
         self.password=password
         self.email = email
         self.activated = activated
+        self.seller = seller
 
     def save_to_db(self):
         db.session.add(self)

diff --git a/resource/stores.py b/resource/stores.py
@@ -1,8 +1,9 @@
 from flask_restful import Resource
 from model.store import StoreModel
+from model.users import UserModel
 from flask import request
 from schemas.stores import StoreSchema
-from flask_jwt_extended import  jwt_required,fresh_jwt_required
+from flask_jwt_extended import  jwt_required,fresh_jwt_required, get_jwt_identity
 
 store_schema = StoreSchema()
 store_list_schema = StoreSchema(many=True)
@@ -19,10 +20,16 @@ def get(self):
 
     @jwt_required
     def post(self):
+        user = UserModel.find_by_id(get_jwt_identity())
+
+        if not user.seller:
+            return {"msg": "User is not a seller"}, 403
+
         data=request.get_json()
         name=data["name"]
-
+       
         store = StoreModel.find_by_name(name)
+
         if store:
             return {"msg": "Store exists already"},400
 
@@ -36,6 +43,11 @@ def post(self):
 
     @fresh_jwt_required    
     def delete(self):
+        user = UserModel.find_by_id(get_jwt_identity())
+
+        if not user.seller:
+            return {"msg": "User is not a seller"}, 403
+
         data=request.get_json()
         name=data["name"]
 

diff --git a/resource/users.py b/resource/users.py
@@ -22,6 +22,7 @@ def post(self):
         username = data.username
         passwd = data.password
         email = data.email
+        seller = data.seller
 
         print(username,passwd,email)
         hashed = bcrypt.hashpw(passwd.encode('utf-8'),bcrypt.gensalt())
@@ -32,7 +33,7 @@ def post(self):
         if UserModel.find_by_email(email):
             return {"msg": "user with email id  exists"} 
 
-        user = UserModel(username,hashed,email)
+        user = UserModel(username,hashed,email,seller=seller)
         user.save_to_db()
 
         user.generate_mail()     #send emails to new users