/pet-rescue-center

Python, SQLAlchemy, Flask, Auth0, RBAC, Heroku.

Primary LanguagePython

pet-rescue-center

SPA platform in Python and Angular 9 for Udacity

Public url of backend https://pet-rescue-center.herokuapp.com/ Public url of the project https://pet-rescue-center.herokuapp-app.com/ Frontend in Ionic calls the API server without CORS issues

Description

Web application that lists pet ads for potential adoption.

Back-End

Python 3.7

Styleguide

PEP 8

Virtual Env

Use virtual env https://virtualenv.pypa.io/en/latest/

python3 -m venv venv; . venv/bin/activate

Pip Dependencies

pip3 install -r requirements.txt

Running the web server locally

Run the following commands to run the project locally

export DATABASE_URL="postgres://localhost:5432/petrescuecenter" export AUTH0_DOMAIN="drnio13.eu.auth0.com" export ALGORITHMS=['RS256'] export API_AUDIENCE='pets' python3 manage.py db init python3 manage.py db migrate python3 manage.py db upgrade python3 app.py

There is a frontend project associated with this web server api. Git clone https://github.com/DrNio13/pet-rescue-center-app and follow it's README.md file.

Dependencies

Web application most important dependencies are:

Flask https://flask.palletsprojects.com/en/1.1.x/

Flask-SQLAlchemy https://flask-sqlalchemy.palletsprojects.com/en/2.x/

SQLAlchemy https://www.sqlalchemy.org/

Database

database_name = "petrescuecenter"

Roles and Permissions

setup.sh contains valid jwt tokens for each role

Guest Users GET /pets Customer GET /pets and /pets-details POST /enquiries Moderator All APIS except permissions to Delete Manager All permissions granted

Status Codes

All endpoints return the following status codes in its API:

Status Code Description 200 OK 201 CREATED 400 BAD REQUEST 403 FORBIDDEN 404 NOT FOUND 500 INTERNAL SERVER ERROR

Testing

capstone-collection.postman_collection.json Postman tests for each role and success and error cases.

API

Title: GET /pets

Description: Read all pets

Success Response 200 OK [ { "id": 4, "name": "bobby", "seeking_owner": false }, { "id": 3, "name": "bobby", "seeking_owner": true } ]

  • All APIs above require Authentication and contain RBAC controls

Error Response in case user is not authenticated

401 UNAUTHORIZED { "code": "authorization_header_missing", "description": "Authorization header is expected" }

Error Response in case user is not authorized to access the API

403 FORBIDDEN { "code": "unauthorized", "description": "Permission not found." }

Title: GET /pets/{id}

Description: Read pet specific values based on id url parameter. Requires authentication

Success Response 200 OK { "breed": "dog", "description": "tessa is so lovely", "id": 1, "name": "Tessa", "seeking_owner": false }

Title: GET /pets/details

Description: Read pet details. Requires authentication

Success Response 200 OK [ { "breed": "huskky", "description": "bobby is a lovely puppy", "id": 4, "name": "bobby", "seeking_owner": false }, { "breed": "huskky", "description": "bobby is a lovely puppy", "id": 3, "name": "bobby", "seeking_owner": true } ]

Title: POST /pets

Description: Create pet ad. Requires authentication

Request Body example

{ "breed": "huskky", "description": "bobbie3 is a lovely puppy", "name": "bobbie3", "seeking_owner": false }

Success Response 200 OK { "breed": "huskky", "description": "bobbie3 is a lovely puppy", "id": 8, "name": "bobbie3", "seeking_owner": false }

Title: PATCH /pets/{id}

Description: Update pet ad. Requires authentication

Request Body example

{ "description": "Another description for Bobby", "seeking_owner": true }

Success Response 200 OK { "breed": "dog", "description": "tessa is so lovely", "id": 1, "name": "Tessa", "seeking_owner": false }

Title: DELETE /pets/5

Description: Delete pet ad base on url parameter. Requires authentication

Success Response 200 OK { "delete": 5, "success": true }

Title: GET /enquiries

Description: Read all enquiries for pets from users. Requires authentication

Success Response 200 OK [ { "customer_id": 1, "pet_id": 1 }, { "customer_id": 1, "pet_id": 4 }, { "customer_id": 3, "pet_id": 5 }, { "customer_id": 4, "pet_id": 5 } ]

Title: GET /enquiries/{id}

Description: Read all enquiries for pets from customers. Requires authentication

Success Response 200 OK { "customer_id": 1, "pet_id": 1 }

Title: POST /enquiries

Description: Create an enquiry for a pet from customer. Requires authentication

Request payload { "email": "aaag@gmail.com", "id": 5 }

Success Response 200 OK { "customer_id": 5, "pet_id": 3 }

Title: GET /customers

Description: Read all customers. Requires authentication

Success Response 200 OK [ { "email": "g@gmail.com", "id": 1 }, { "email": "h@gmail.com", "id": 2 }, { "email": "gh@gmail.com", "id": 3 }, { "email": "ghs@gmail.com", "id": 4 }, { "email": "aaag@gmail.com", "id": 5 } ]

Title: GET /customers/{id}

Description: Read customer info based on id url param. Requires authentication

Success Response 200 OK { "email": "g@gmail.com", "id": 1 }