Browse Source

added places documentation and updated documentation

master
Julio Biason 11 years ago
parent
commit
98d229e589
  1. 1
      doc/client/index.rst
  2. 9
      doc/client/places.rst
  3. 198
      luncho/blueprints/groups.py
  4. 137
      luncho/blueprints/places.py
  5. 7
      luncho/blueprints/token.py
  6. 34
      luncho/blueprints/users.py

1
doc/client/index.rst

@ -73,4 +73,5 @@ API
:maxdepth: 3 :maxdepth: 3
users_and_tokens users_and_tokens
places
groups groups

9
doc/client/places.rst

@ -0,0 +1,9 @@
Places
=======
List of places groups will go.
.. autoflask:: luncho.server:app
:blueprints: places
:undoc-endpoints: static, show_api

198
luncho/blueprints/groups.py

@ -75,10 +75,13 @@ LOG = logging.getLogger('luncho.blueprints.groups')
@groups.route('', methods=['GET']) @groups.route('', methods=['GET'])
@auth @auth
def user_groups(): def user_groups():
"""*Authenticated request* Return a list of the groups the user belongs or """*Authenticated request*
it's the owner.
**Success (200)**: Return a list of the groups the user belongs or it's the owner.
:header Authorization: Access token from `/token/`.
:status 200: Success
.. sourcecode:: http .. sourcecode:: http
@ -87,15 +90,14 @@ def user_groups():
{ "status": "OK", "groups": [ { "id": "<group id>" , { "status": "OK", "groups": [ { "id": "<group id>" ,
"name": "<group name>", "name": "<group name>",
"admin": <true if the user is admin>}, "admin": <true if the user is
admin>},
...] } ...] }
**User not found (via token) (404)**: :status 404: User not found (via token)
:py:class:`UserNotFoundException` (:py:class:`UserNotFoundException`)
:status 412: Authorization required
**Authorization required (412)**: (:py:class:`AuthorizationRequiredException`)
:py:class:`AuthorizationRequiredException`
""" """
user = request.user user = request.user
groups = {} groups = {}
@ -108,12 +110,14 @@ def user_groups():
groups=groups.values()) groups=groups.values())
@groups.route('', methods=['PUT']) @groups.route('', methods=['POST'])
@ForceJSON(required=['name']) @ForceJSON(required=['name'])
@auth @auth
def create_group(): def create_group():
"""*Authenticated request* Create a new group. Once the group is created, """*Authenticated request*
the user becomes the administrator of the group.
Create a new group. Once the group is created, the user becomes the
administrator of the group.
**Example request**: **Example request**:
@ -121,7 +125,9 @@ def create_group():
{ "name": "Name for the group" } { "name": "Name for the group" }
**Success (200)**: :header Authorization: Access token from `/token/`.
:status 200: Success
.. sourcecode:: http .. sourcecode:: http
@ -130,15 +136,12 @@ def create_group():
{ "status": "OK", "id": <new group id> } { "status": "OK", "id": <new group id> }
**User not found (via token) (404)**: :status 404: User not found (via token)
:py:class:`UserNotFoundException` (:py:class:`UserNotFoundException`)
:status 412: Authorization required
**Authorization required (412)**: (:py:class:`AuthorizationRequiredException`)
:py:class:`AuthorizationRequiredException` :status 412: Account not verified
(:py:class:`AccountNotVerifiedException`)
**Account not verified (412)**:
:py:class:`AccountNotVerifiedException`
""" """
user = request.user user = request.user
LOG.debug('User status: {verified}'.format(verified=user.verified)) LOG.debug('User status: {verified}'.format(verified=user.verified))
@ -160,13 +163,15 @@ def create_group():
id=new_group.id) id=new_group.id)
@groups.route('<groupId>/', methods=['POST']) @groups.route('<groupId>/', methods=['PUT'])
@ForceJSON() @ForceJSON()
@auth @auth
def update_group(groupId): def update_group(groupId):
"""*Authenticated request* Update group information. The user must be """*Authenticated request*
the administrator of the group to change any information. Partial requests
are accepted and missing fields are not changed. Update group information. The user must be the administrator of the group
to change any information. Partial requests are accepted and missing
fields are not changed.
The administrator of the group can be changed by sending the The administrator of the group can be changed by sending the
"admin" field with the username of the new administrator. "admin" field with the username of the new administrator.
@ -177,29 +182,19 @@ def update_group(groupId):
{ "name": "new group name": "admin": "newAdmin"} { "name": "new group name": "admin": "newAdmin"}
**Success (200)**: :header Authorization: Access token from `/token/`.
.. sourcecode:: http :status 200: Success
:status 400: Request not in JSON format
HTTP/1.1 200 OK (:py:class:`RequestMustBeJSONException`)
Content-Type: text/json :status 403: User is not the group administrator
(:py:class:`UserIsNotAdminException`)
{ "status": "OK" } :status 404: User not found (via token)
(:py:class:`UserNotFoundException`)
**Request not in JSON format (400)**: :status 404: New administrator does not exist
:py:class:`RequestMustBeJSONException` (:py:class:`NewMaintainerDoesNotExistException`)
:status 412: Authorization required
**User is not administrator of the group (403)**: (:py:class:`AuthorizationRequiredException`)
:py:class:`UserIsNotAdminException`
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**The new admin does not exist (404)**:
:py:class:`NewMaintainerDoesNotExistException`
**Authorization required (412)**:
:py:class:`AuthorizationRequiredException`
""" """
user = request.user user = request.user
group = Group.query.get(groupId) group = Group.query.get(groupId)
@ -231,26 +226,21 @@ def update_group(groupId):
@groups.route('<groupId>/', methods=['DELETE']) @groups.route('<groupId>/', methods=['DELETE'])
@auth @auth
def delete_group(groupId): def delete_group(groupId):
"""*Authenticated request* Delete a group. Only the administrator of the """*Authenticated request*
group can delete it.
**Success (200)**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{ "status": "OK" } Delete a group. Only the administrator of the group can delete it.
**User is not administrator of the group (403)**: :param groupId: The group Id
:py:class:`UserIsNotAdminException`
**User not found (via token) (404)**: :header Authorization: Access token from `/token/`.
:py:class:`UserNotFoundException`
**Authorization required (412)**: :status 200: Success
:py:class:`AuthorizationRequiredException` :status 403: User is not the group administrator
(:py:class:`UserIsNotAdminException`)
:status 404: User not found (via token)
(:py:class:`UserNotFoundException`)
:status 412: Authorization required
(:py:class:`AuthorizationRequiredException`)
""" """
user = request.user user = request.user
group = Group.query.get(groupId) group = Group.query.get(groupId)
@ -270,38 +260,33 @@ def delete_group(groupId):
@ForceJSON(required=['usernames']) @ForceJSON(required=['usernames'])
@auth @auth
def add_users_to_group(groupId): def add_users_to_group(groupId):
"""*Authenticated request* Add users to the group. Only the group """*Authenticated request*
administrator can add users to their groups.
**Example request**:
.. sourcecode:: http Add users to the group. Only the group administrator can add users to
their groups.
{ "usernames": ["<username>", "<username>", ...] } :param groupId: The group Id
**Success (200)**: **Example request**:
.. sourcecode:: http .. sourcecode:: http
HTTP/1.1 200 OK { "usernames": ["<username>", "<username>", ...] }
Content-Type: text/json
{ "status": "OK" }
**Request not in JSON format (400)**:
:py:class:`RequestMustBeJSONException`
**User is not administrator of the group (403)**:
:py:class:`UserIsNotAdminException`
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**Incomplete request, some users not found (404)**:
:py:class:`SomeUsersNotFoundException`
**Authorization required (412)**: :header Authorization: Access token from `/token/`.
:py:class:`AuthorizationRequiredException`
:status 200: Success
:status 400: Request not in JSON format
(:py:class:`RequestMustBeJSONException`)
:status 403: User is not the group administrator
(:py:class:`UserIsNotAdminException`)
:status 404: User not found (via token)
(:py:class:`UserNotFoundException`)
:status 404: Incomplete request, some users not found; users that couldn't
be found will return in the "missing" field.
(:py:class:`SomeUsersNotFoundException`)
:status 412: Authorization required
(:py:class:`AuthorizationRequiredException`)
""" """
user = request.user user = request.user
group = Group.query.get(groupId) group = Group.query.get(groupId)
@ -330,10 +315,16 @@ def add_users_to_group(groupId):
@groups.route('<groupId>/users/', methods=['GET']) @groups.route('<groupId>/users/', methods=['GET'])
@auth @auth
def list_group_members(groupId): def list_group_members(groupId):
"""*Authenticated request* Return a list of the users in the group. The """*Authenticated request*
user must be part of the group to request this list.
Return a list of the users in the group. The user must be part of the
group to request this list.
**Success (200)**: :parma groupId: The group Id
:header Authorization: Access token from `/token/`.
:status 200: Success
.. sourcecode:: http .. sourcecode:: http
@ -344,17 +335,12 @@ def list_group_members(groupId):
"full_name": "<full name>"}, "full_name": "<full name>"},
...] } ...] }
**User is not member of the group (403)**: :status 403: The user is not a member of the group
:py:class:`UserIsNotMemberException` (:py:class:`UserIsNotMemberException`)
:status 404: User not found (via token)
**User not found (via token) (404)**: (:py:class:`UserNotFoundException`)
:py:class:`UserNotFoundException` :status 412: Authorization required
(:py:class:`AuthorizationRequiredException`)
**Incomplete request, some users not found (404)**:
:py:class:`SomeUsersNotFoundException`
**Authorization required (412)**:
:py:class:`AuthorizationRequiredException`
""" """
user = request.user user = request.user
group = Group.query.get(groupId) group = Group.query.get(groupId)
@ -363,7 +349,7 @@ def list_group_members(groupId):
LOG.debug('user groups: {groups}'.format(groups=user.groups)) LOG.debug('user groups: {groups}'.format(groups=user.groups))
if not group in user.groups: if group not in user.groups:
raise UserIsNotMemberException() raise UserIsNotMemberException()
users = [] users = []

137
luncho/blueprints/places.py

@ -24,8 +24,10 @@ places = Blueprint('places', __name__)
@ForceJSON(required=['name']) @ForceJSON(required=['name'])
@auth @auth
def create_place(): def create_place():
"""*Authenticated request* Create a new place. The user becomes the """*Authenticated request*
maintainer of the place once it is created.
Create a new place. The user becomes the maintainer of the place once it
is created.
**Example request**: **Example request**:
@ -33,23 +35,20 @@ def create_place():
{ "name": "<place name>" } { "name": "<place name>" }
**Success (200)** :reqheader Authorization: The token received in `/token/`.
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{ "status": "OK", "id": <new group id> } :statuscode 200: Success, the new place id will be returned in the
response
**User not found (via token) (404)**: .. sourcecode:: http
:py:class:`UserNotFoundException`
**Authorization required (412)**:
:py:class:`AuthorizationRequiredException`
**Account not verified (412)**: { "status": "OK", "id": <place id> }
:py:class:`AccountNotVerifiedException` :statuscode 404: User not found (via token)
(:py:class:`UserNotFoundException`)
:statuscode 412: Authorization required
(:py:class:`AuthorizationRequiredException`)
:statuscode 412: Account not verified
(:py:class:`AccountNotVerifiedException`)
""" """
if not request.user.verified: if not request.user.verified:
raise AccountNotVerifiedException() raise AccountNotVerifiedException()
@ -66,10 +65,14 @@ def create_place():
@places.route('', methods=['GET']) @places.route('', methods=['GET'])
@auth @auth
def get_places(): def get_places():
"""*Authenticated request* Return the list of places the user is the """*Authenticated request*
maintainer or belongs to one of the user's groups.
**Success (200)** Return the list of places the user is the maintainer or belongs to one of
the user's groups.
:reqheader Authorization: Access token received from `/token/`
:statuscode 200: Success
.. sourcecode:: http .. sourcecode:: http
@ -78,15 +81,14 @@ def get_places():
{ "status": "OK", "places": [ { "id": "<placeId>", { "status": "OK", "places": [ { "id": "<placeId>",
"name": "<place name>", "name": "<place name>",
"maintainer": <true if the user is the "maintainer": <true if the user is
group maintainer>}, the group maintainer>},
...] } ...] }
**User not found (via token) (404)**: :statuscode 404: User not found (via token)
:py:class:`UserNotFoundException` (:py:class:`UserNotFoundException`)
:statuscode 412: Authorization required
**Authorization required (412)**: (:py:class:`AuthorizationRequiredException`)
:py:class:`AuthorizationRequiredException`
""" """
user = request.user user = request.user
places = {} places = {}
@ -111,42 +113,34 @@ def get_places():
@ForceJSON() @ForceJSON()
@auth @auth
def update_place(placeId): def update_place(placeId):
"""*Authenticated request* Update the place information. The user must be """*Authenticated request*
the maintainer of the place to change any information. Partial requests
are accepted and missing fields will not be changed.
**Example request**:
.. sourcecode:: http Update the place information. The user must be the maintainer of the place
to change any information. Partial requests are accepted and missing
fields will not be changed.
{ "name": "New name", "admin": "newAdmin" } :param placeId: Id for the place, as returned via GET or POST.
**Success (200)**: **Example request**:
.. sourcecode:: http .. sourcecode:: http
HTTP/1.1 200 OK { "name": "New name", "admin": "newAdmin" }
Content-Type: text/json
{ "status": "OK" }
**Request not in JSON format (400)**:
:py:class:`RequestMustBeJSONException`
**User is not administrator of the group (403)**:
:py:class:`UserIsNotAdminException`
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**The new admin does not exist (404)**:
:py:class:`NewMaintainerDoesNotExistException`
**The place does not exist (404)**:
:py:class:`ElementNotFoundException`
**Authorization required (412)**: :reqheader Authorization: Access token received from `/token/`.
:py:class:`AuthorizationRequiredException`
:status 200: Success
:status 400: Request must be in JSON format
(:py:class:`RequestMustBeJSONException`)
:status 403: User is not administrator of the group
(:py:class:`UserIsNotAdminException`)
:status 404: User not found (via token)
(:py:class:`UserNotFoundException`)
:status 404: New maintainer does not exist
(:py:class:`NewMaintainerDoesNotExistException`)
:status 404: Place does not exist (:py:class:`ElementNotFoundException`)
:status 412: Authorization required
(:py:class:`AuthorizationRequiredException`)
""" """
place = Place.query.get(placeId) place = Place.query.get(placeId)
if not place: if not place:
@ -174,29 +168,24 @@ def update_place(placeId):
@places.route('<placeId>/', methods=['DELETE']) @places.route('<placeId>/', methods=['DELETE'])
@auth @auth
def delete_place(placeId): def delete_place(placeId):
"""*Authenticated request* Delete the place. The user must be """*Authenticated request*
the maintainer of the place to delete it.
**Success (200)**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{ "status": "OK" }
**User is not administrator of the group (403)**: Delete the place. The user must be the maintainer of the place to delete
:py:class:`UserIsNotAdminException` it.
**User not found (via token) (404)**: :param placeId: The place Id, as returned by GET or POST
:py:class:`UserNotFoundException`
**The place does not exist (404)**: :header Authorization: Access token from `/token/`
:py:class:`ElementNotFoundException`
**Authorization required (412)**: :status 200: Success
:py:class:`AuthorizationRequiredException` :status 403: User is not the group administrator
(:py:class:`UserIsNotAdminException`)
:status 404: User not found (via token)
(:py:class:`UserNotFoundException`)
:status 404: Place does not exist
(:py:class:`ElementNotFoundException`)
:status 412: Authorization required
(:py:class:`AuthorizationRequiredException`)
""" """
place = Place.query.get(placeId) place = Place.query.get(placeId)
if not place: if not place:

7
luncho/blueprints/token.py

@ -78,9 +78,10 @@ def get_token():
{ "status": "OK", "token": "access_token" } { "status": "OK", "token": "access_token" }
**Invalid password (401)**: :py:class:`InvalidPasswordException` :statuscode 200: Success
:statuscode 401: Wrong password (:py:class:`InvalidPasswordException`)
**Unknown user (404)**: :py:class:`UserDoesNotExistException` :statuscode 404: User does not exist
(:py:class:`UserDoesNotExistException`)
""" """
json = request.get_json(force=True) json = request.get_json(force=True)

34
luncho/blueprints/users.py

@ -62,7 +62,9 @@ def create_user():
{ "status": "OK" } { "status": "OK" }
**User already exists (409)**: :py:class:`UsernameAlreadyExistsException` :statuscode 200: Success
:statuscode 409: Username already exists
(:py:class:`UsernameAlreadyExistsException`)
""" """
json = request.get_json(force=True) json = request.get_json(force=True)
@ -84,8 +86,9 @@ def create_user():
@ForceJSON() @ForceJSON()
@auth @auth
def update_user(): def update_user():
"""*Authenticated request* Update user information. Only the fields send """*Authenticated request*
with be changed.
Update user information. Only the fields send with be changed.
**Example request** **Example request**
@ -110,14 +113,15 @@ def update_user():
{ "status": "OK" } { "status": "OK" }
**Request not in JSON format (400)**: :reqheader Authorization: Token received in `/token/`
:py:class:`RequestMustBeJSONException`
**User not found (via token) (404)**:
:py:class:`UserNotFoundException`
**Authorization required (412)**: :statuscode 200: Success
:py:class:`AuthorizationRequiredException` :statuscode 400: Request not in JSON format
(:py:class:`RequestMustBeJSONException`)
:statuscode 404: User not found (via token)
(:py:class:`UserNotFoundException`)
:statuscode 412: Authorization required
(:py:class:`AuthorizationRequiredException`)
""" """
json = request.get_json(force=True) json = request.get_json(force=True)
user = request.user user = request.user
@ -148,11 +152,11 @@ def delete_user():
{ "status": "OK" } { "status": "OK" }
**User not found (via token) (404)**: :statuscode 200: Success
:py:class:`UserNotFoundException` :statuscode 404: User not found (via token)
(:py:class:`UserNotFoundException`)
**Authorization required (412)**: :statuscode 412: Authorization required
:py:class:`AuthorizationRequiredException` (:py:class:`AuthorizationRequiredException`)
""" """
db.session.delete(request.user) db.session.delete(request.user)
db.session.commit() db.session.commit()

Loading…
Cancel
Save