from flask import request, jsonify, redirect
from flask_classful import route
from werkzeug.datastructures import MultiDict

from app.sql.common import db, Session
from app.sql.models.user import User, UserForm
from app.controllers.crud_controller import CrudView
from app.utils.auth_utils import encrypt_password

from flask_jwt_extended import get_jwt_identity

class UserView(CrudView):
  model = User
  form = UserForm

  def on_create(self, session, form, item):
    current_user = get_jwt_identity()
    if not current_user['is_admin']:
      raise ValueError("Unauthorized")
    if 'password' in form:
      item.password = encrypt_password(form['password'])
    else:
      raise ValueError("No password specified")
    if 'settings' in form:
      item.settings = form['settings']

  def on_update(self, session, form, item):
    if not current_user['is_admin']:
      if item.id != current_user['id']:
        raise ValueError("Unauthorized")
      if current_user['is_admin'] != item.is_admin:
        raise ValueError("Unauthorized")
    if 'password' in form:
      item.password = encrypt_password(form['password'])
    if 'settings' in form:
      item.settings = form['settings']

  def on_destroy(self, session, item):
    if not current_user['is_admin']:
      raise ValueError("Unauthorized")
    if item.id == current_user['id']:
      raise ValueError("Unauthorized")