Improve users table sanitization
This commit is contained in:
parent
7573e9ab41
commit
5a5486b751
|
@ -18,8 +18,6 @@ class UserCreate(UserBase):
|
||||||
user_image: Optional[str] = None
|
user_image: Optional[str] = None
|
||||||
device_type: int = Query(None, ge=1, le=2)
|
device_type: int = Query(None, ge=1, le=2)
|
||||||
city_id: int
|
city_id: int
|
||||||
access_key: str
|
|
||||||
badge: int
|
|
||||||
|
|
||||||
class Config:
|
class Config:
|
||||||
orm_mode = True
|
orm_mode = True
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
from secrets import token_hex
|
||||||
from sqlalchemy import Column, DateTime, Enum, ForeignKey, Integer, String, Text, text
|
from sqlalchemy import Column, DateTime, Enum, ForeignKey, Integer, String, Text, text
|
||||||
from sqlalchemy.sql import func
|
from sqlalchemy.sql import func
|
||||||
|
|
||||||
|
@ -10,24 +11,25 @@ class Users(Base):
|
||||||
id = Column(Integer, primary_key=True, autoincrement=True)
|
id = Column(Integer, primary_key=True, autoincrement=True)
|
||||||
social_id = Column(Text)
|
social_id = Column(Text)
|
||||||
type = Column(Integer, nullable=True)
|
type = Column(Integer, nullable=True)
|
||||||
full_name = Column(String(255), index=True, unique=True, nullable=False)
|
full_name = Column(String(255), index=True, nullable=False)
|
||||||
email = Column(String(255), index=True, unique=True, nullable=False)
|
email = Column(String(255), index=True, unique=True, nullable=False)
|
||||||
password = Column(String(255))
|
password = Column(String(255))
|
||||||
gender = Column(Integer)
|
gender = Column(Integer)
|
||||||
mobile = Column(String(255), nullable=False)
|
mobile = Column(String(255), unique=True, nullable=False)
|
||||||
user_image = Column(String(255))
|
user_image = Column(String(255))
|
||||||
city_id = Column(Integer, ForeignKey("cities.id"))
|
city_id = Column(Integer, ForeignKey("cities.id"))
|
||||||
user_type = Column(Integer)
|
user_type = Column(Integer)
|
||||||
otp = Column(String(255))
|
otp = Column(String(255))
|
||||||
otp_valid_time = Column(DateTime)
|
otp_valid_time = Column(DateTime)
|
||||||
access_key = Column(Text)
|
access_key = Column(Text, unique=True, default=token_hex)
|
||||||
lang_type = Column(Integer)
|
lang_type = Column(Integer)
|
||||||
badge = Column(Integer)
|
badge = Column(Integer, server_default=text("0"))
|
||||||
status = Column(Integer, server_default=text("0"))
|
status = Column(Integer, server_default=text("0"))
|
||||||
admin_status = Column(Integer, server_default=text("0"))
|
admin_status = Column(Integer, server_default=text("0"))
|
||||||
device_id = Column(Text)
|
device_id = Column(Text)
|
||||||
device_type = Column(Integer)
|
device_type = Column(Integer)
|
||||||
created = Column(DateTime, nullable=False, server_default=func.now())
|
created = Column(DateTime, nullable=False, server_default=func.now())
|
||||||
|
updated = Column(DateTime, nullable=True, onupdate=func.now())
|
||||||
|
|
||||||
|
|
||||||
class Cities(Base):
|
class Cities(Base):
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
"""set default value for badge
|
||||||
|
|
||||||
|
Revision ID: 1387db583e1d
|
||||||
|
Revises: 9ee45f714f8b
|
||||||
|
Create Date: 2020-09-15 19:31:15.709945
|
||||||
|
|
||||||
|
"""
|
||||||
|
from alembic import op
|
||||||
|
import sqlalchemy as sa
|
||||||
|
|
||||||
|
|
||||||
|
# revision identifiers, used by Alembic.
|
||||||
|
revision = "1387db583e1d"
|
||||||
|
down_revision = "9ee45f714f8b"
|
||||||
|
branch_labels = None
|
||||||
|
depends_on = None
|
||||||
|
|
||||||
|
|
||||||
|
def upgrade():
|
||||||
|
with op.batch_alter_table("users") as batch_op:
|
||||||
|
batch_op.alter_column(column_name="badge", server_default=sa.text("0"))
|
||||||
|
|
||||||
|
|
||||||
|
def downgrade():
|
||||||
|
pass
|
|
@ -17,40 +17,34 @@ depends_on = None
|
||||||
|
|
||||||
def upgrade():
|
def upgrade():
|
||||||
nullable = {
|
nullable = {
|
||||||
"full_name": "users",
|
"users": ["full_name", "email", "mobile"],
|
||||||
"email": "users",
|
"cities": ["name"],
|
||||||
"mobile": "users",
|
"web_bookings": ["name", "email", "contact", "message", "game", "city"],
|
||||||
"name": "cities",
|
"games": ["name", "price"],
|
||||||
"name": "games",
|
"venues": ["address", "name"],
|
||||||
"price": "games",
|
"sports": ["spanish_name"],
|
||||||
"name": "web_bookings",
|
"user_ratings": ["rating"],
|
||||||
"email": "web_bookings",
|
"sports": ["name"],
|
||||||
"contact": "web_bookings",
|
|
||||||
"message": "web_bookings",
|
|
||||||
"game": "web_bookings",
|
|
||||||
"city": "web_bookings",
|
|
||||||
"address": "venues",
|
|
||||||
"name": "venues",
|
|
||||||
"spanish_name": "sports",
|
|
||||||
"rating": "user_ratings",
|
|
||||||
"name": "sports",
|
|
||||||
}
|
}
|
||||||
non_nullable = {
|
non_nullable = {
|
||||||
"social_id": "users",
|
"users": ["social_id", "type"],
|
||||||
"type": "users",
|
|
||||||
}
|
}
|
||||||
for field, table in nullable.items():
|
for table, field in nullable.items():
|
||||||
query = "UPDATE {0} SET {1} = '' WHERE {1} IS NULL".format(table, field)
|
for item in field:
|
||||||
|
query = "UPDATE {0} SET {1} = '' WHERE {1} IS NULL".format(table, item)
|
||||||
op.execute(query)
|
op.execute(query)
|
||||||
with op.batch_alter_table(table) as batch_op:
|
with op.batch_alter_table(table) as batch_op:
|
||||||
batch_op.alter_column(
|
batch_op.alter_column(
|
||||||
column_name=field, nullable=False, server_default=None
|
column_name=item, nullable=False, server_default=None
|
||||||
)
|
)
|
||||||
for field, table in non_nullable.items():
|
for table, field in non_nullable.items():
|
||||||
|
for item in field:
|
||||||
with op.batch_alter_table(table) as batch_op:
|
with op.batch_alter_table(table) as batch_op:
|
||||||
batch_op.alter_column(column_name=field, nullable=True, server_default=None)
|
batch_op.alter_column(
|
||||||
|
column_name=item, nullable=True, server_default=None
|
||||||
|
)
|
||||||
query = "UPDATE {0} SET {1} = NULL WHERE {1} = '' OR {1} = '0'".format(
|
query = "UPDATE {0} SET {1} = NULL WHERE {1} = '' OR {1} = '0'".format(
|
||||||
table, field
|
table, item
|
||||||
)
|
)
|
||||||
op.execute(query)
|
op.execute(query)
|
||||||
|
|
||||||
|
|
|
@ -17,8 +17,6 @@ def test_registration():
|
||||||
"device_type": 1,
|
"device_type": 1,
|
||||||
"device_id": token_hex(16),
|
"device_id": token_hex(16),
|
||||||
"city_id": 5,
|
"city_id": 5,
|
||||||
"access_key": token_hex(16),
|
|
||||||
"badge": 1,
|
|
||||||
}
|
}
|
||||||
response = client.post("/register", json=user)
|
response = client.post("/register", json=user)
|
||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
|
|
Loading…
Reference in New Issue