Lunching for groups.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

212 lines
5.5 KiB

11 years ago
#!/usr/bin/env python
# -*- encoding: utf-8 -*-
from flask import Blueprint
from flask import request
from flask import jsonify
from luncho.server import Place
11 years ago
from luncho.server import User
11 years ago
from luncho.server import db
from luncho.helpers import auth
from luncho.helpers import ForceJSON
from luncho.exceptions import AccountNotVerifiedException
11 years ago
from luncho.exceptions import ElementNotFoundException
11 years ago
from luncho.exceptions import UserIsNotAdminException
from luncho.exceptions import NewMaintainerDoesNotExistException
11 years ago
places = Blueprint('places', __name__)
@places.route('', methods=['POST'])
@ForceJSON(required=['name'])
@auth
def create_place():
"""*Authenticated request* Create a new place. The user becomes the
maintainer of the place once it is created.
**Example request**:
.. sourcecode:: http
{ "name": "<place name>" }
**Success (200)**
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{ "status": "OK", "id": <new group id> }
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**Authorization required (412)**:
:py:class:`AuthorizationRequiredException`
**Account not verified (412)**:
:py:class:`AccountNotVerifiedException`
"""
if not request.user.verified:
raise AccountNotVerifiedException()
json = request.get_json(force=True)
11 years ago
new_place = Place(name=json['name'], owner=request.user)
11 years ago
db.session.add(new_place)
db.session.commit()
return jsonify(status='OK',
id=new_place.id)
@places.route('', methods=['GET'])
@auth
def get_places():
"""*Authenticated request* Return the list of places the user is the
maintainer or belongs to one of the user's groups.
**Success (200)**
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{ "status": "OK", "places": [ { "id": "<placeId>",
"name": "<place name>",
"maintainer": <true if the user is the
group maintainer>},
...] }
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**Authorization required (412)**:
:py:class:`AuthorizationRequiredException`
"""
user = request.user
places = {}
for group in user.groups:
for place in group.places:
maintainer = place.owner == user.username
places[place.id] = {'id': place.id,
'name': place.name,
'maintainer': maintainer}
for place in Place.query.filter_by(owner=user.username):
maintainer = place.owner == user.username
places[place.id] = {'id': place.id,
'name': place.name,
'maintainer': maintainer}
return jsonify(status='OK',
places=places.values())
11 years ago
@places.route('<placeId>/', methods=['PUT'])
@ForceJSON()
@auth
def update_place(placeId):
"""*Authenticated request* Update the place information. The user must be
the maintainer of the place to change any information. Partial requests
are accepted and missing fields will not be changed.
**Example request**:
.. sourcecode:: http
{ "name": "New name", "admin": "newAdmin" }
**Success (200)**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
11 years ago
{ "status": "OK" }
11 years ago
**Request not in JSON format (400)**:
:py:class:`RequestMustBeJSONException`
**User is not administrator of the group (403)**:
:py:class:`UserIsNotAdminException`
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**The new admin does not exist (404)**:
:py:class:`NewMaintainerDoesNotExistException`
**The place does not exist (404)**:
:py:class:`ElementNotFoundException`
**Authorization required (412)**:
:py:class:`AuthorizationRequiredException`
"""
place = Place.query.get(placeId)
if not place:
raise ElementNotFoundException('Place')
if not place.owner == request.user.username:
raise UserIsNotAdminException()
name = request.as_json.get('name')
if name:
place.name = name
admin = request.as_json.get('admin')
if admin:
new_maintainer = User.query.get(admin)
if not new_maintainer:
raise NewMaintainerDoesNotExistException()
place.owner = new_maintainer.username
db.session.commit()
return jsonify(status='OK')
11 years ago
@places.route('<placeId>/', methods=['DELETE'])
@auth
def delete_place(placeId):
"""*Authenticated request* Delete the place. The user must be
the maintainer of the place to delete it.
**Success (200)**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{ "status": "OK" }
**User is not administrator of the group (403)**:
:py:class:`UserIsNotAdminException`
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**The place does not exist (404)**:
:py:class:`ElementNotFoundException`
**Authorization required (412)**:
:py:class:`AuthorizationRequiredException`
"""
place = Place.query.get(placeId)
if not place:
raise ElementNotFoundException('Place')
if not place.owner == request.user.username:
raise UserIsNotAdminException()
db.session.delete(place)
db.session.commit()
return jsonify(status='OK')