diff --git a/app/exceptions/UserException.py b/app/exceptions/UserException.py index abfdeda..a3c275b 100644 --- a/app/exceptions/UserException.py +++ b/app/exceptions/UserException.py @@ -6,3 +6,9 @@ def __init__(self, id: int): status_code = status.HTTP_404_NOT_FOUND detail = f"User with id {id} not found" super().__init__(status_code=status_code, detail=detail) + +class InvalidURL(HTTPException): + def __init__(self, id: int): + status_code = status.HTTP_400_BAD_REQUEST + detail = f"Invalid URL" + super().__init__(status_code=status_code, detail=detail) diff --git a/app/schemas/Schemas.py b/app/schemas/Schemas.py index 0aa08d6..fa5a930 100644 --- a/app/schemas/Schemas.py +++ b/app/schemas/Schemas.py @@ -21,4 +21,4 @@ class LoginRequest(BaseModel): class UpdateUserSchema(BaseModel): name: Optional[str] = None gender: Optional[str] = None - photo: Optional[HttpUrl] = None + photo: str diff --git a/app/service/Users.py b/app/service/Users.py index 763237f..d0f7875 100644 --- a/app/service/Users.py +++ b/app/service/Users.py @@ -1,9 +1,10 @@ -from exceptions.UserException import UserNotFound +from exceptions.UserException import UserNotFound, InvalidURL from exceptions.LoginException import AuthenticationError from models.users import User from repository.Users import UsersRepository import requests import os +import re class UsersService: @@ -76,4 +77,9 @@ def update_user(self, user_id: int, update_data: dict): # es el propio usuario editando sus datos y no permitir # que un usuario edite los de un tercero self.get_user(user_id) - self.user_repository.edit_user(user_id, update_data) + filtered_update_data = {k: v for k, v in update_data.items() if v is not None} + if 'photo' in filtered_update_data: + photo_url = filtered_update_data['photo'] + if not re.match(r'^https?://(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}(?:/[^/#?]+)+\.(?:jpg|jpeg|png|gif)$', photo_url): + raise InvalidURL("Invalid photo URL") + self.user_repository.edit_user(user_id, filtered_update_data)