def get_user_in_token(request): user = None try: user = User.get_user_in_token(request) except AuthorizationError: pass return user
def add_event(): if not request.is_json: return gen_error_response("Request was not JSON.") try: data = request.get_json() if isinstance(data, str): # TODO: better error message return gen_failure_response("Request must be JSON, not string.") except: return gen_error_response("Request was malformatted.") try: # Check that the correct parameters have been given. missing_fields = get_missing_fields(data) if len(missing_fields) > 0: return gen_error_response("Request was missing %s parameter(s)." % ",".join(missing_fields)) # Make sure creator matches authorized user. user = User.get_user_in_token(request) if user is None: return gen_error_response("Invalid authorization.") if user.netid != data["creator"]: return gen_error_response( "Attempted to create event for different user.") if controller.is_banned(user): return gen_error_response(banned_text) # Try to add new event. new_event = controller.add_event(data) # Return id of newly added event. return gen_data_response({"id": str(new_event.id)}) except Exception as e: return gen_error_response(error_handler.main_handler(e))
def remove_event_fav(userid, eventid): try: event = controller.get_event(eventid) user = controller.get_user_by_uid(userid) if event is None: return gen_error_response("No event with that id exists.") elif user is None: return gen_error_response("No user with that id exists.") # Make sure favoriter matches authorized user. try: token_user = User.get_user_in_token(request) if token_user is None or token_user.netid != user.netid: return gen_error_response( "Attempted to remove a favorite for different user.") except AuthorizationError: return gen_error_response("Invalid authorization.") if eventid in user.favorites: controller.remove_user_favorite(user, eventid) else: return gen_error_response( "You can't un-favorite an event that isn't in your favorites!") return gen_data_response(event.favorites) except Exception as e: return gen_error_response(error_handler.main_handler(e))
def delete_event(id): try: event = controller.get_event(id) if event is None: return gen_error_response("No event with that id exists.") # Make sure it is the creator that is deleting the event. event_creator_netid = controller.get_event_creator(id) try: user = User.get_user_in_token(request) if user is None: return gen_error_response("Invalid authorization.") if user.netid != event_creator_netid: return gen_error_response( "Attempted to delete event for different user.") except AuthorizationError: return gen_error_response("Invalid authorization.") event = controller.delete_event(id) if event is None: return gen_error_response(event_dne_text) return gen_data_response(get_raw_event(event)) except Exception as e: return gen_error_response(error_handler.main_handler(e))
def edit_event(id): if not request.is_json: return gen_error_response("Request was not JSON.") try: data = request.get_json() except Exception as e: return gen_failure_response("Request was malformatted.") # Make sure creator matches authorized user. try: event = controller.get_event(id) if event is None: return gen_error_response(event_dne_text) user = User.get_user_in_token(request) if user is None: return gen_error_response("Invalid authorization.") if user.netid != event.creator: return gen_error_response( "Attempted to edit event for different user.") if controller.is_banned(user): return gen_error_response(banned_text) updated_event = controller.edit_event(id, data) except Exception as e: return gen_error_response(error_handler.main_handler(e)) if updated_event is None: return gen_error_response(event_dne_text) return gen_data_response(get_raw_event(updated_event))
def get_favorites(userid): try: user = controller.get_user_by_uid(userid) if user is None: return gen_error_response("No user with that id exists.") # Make sure caller matches authorized user. try: token_user = User.get_user_in_token(request) if token_user is None or token_user.netid != user.netid: return gen_error_response( "Attempted to get a different user's favorites.") except AuthorizationError: return gen_error_response("Invalid authorization.") try: events = controller.get_favorite_events(user.favorites) events = [get_raw_event(event) for event in events] return gen_data_response(events) except Exception as e: return gen_error_response(error_handler.main_handler(e)) except Exception as e: return gen_error_response(error_handler.main_handler(e))
def report_event(eventid): try: if not request.is_json: return gen_error_response("Request was not JSON.") try: data = request.get_json() except Exception as e: return gen_error_response("JSON was malformatted.") if "reason" not in data: return gen_error_response("Request was missing field 'reason'.") try: user = User.get_user_in_token(request) report = controller.add_report(user, data["reason"], eventid) except RateError as e: return gen_error_response(str(e)) return gen_data_response(report) except ValidationError as e: return gen_error_response(str(e)) except Exception as e: return gen_error_response(error_handler.main_handler(e))
def add_event_fav(userid, eventid): try: event = controller.get_event(eventid) user = controller.get_user_by_uid(userid) if event is None: return gen_error_response("No event with that id exists.") elif user is None: return gen_error_response("No user with that id exists.") # Make sure favoriter matches authorized user. try: token_user = User.get_user_in_token(request) if token_user is None or token_user.netid != user.netid: return gen_error_response( "Attempted to add a favorite for different user.") except AuthorizationError: return gen_error_response("Invalid authorization.") if eventid not in user.favorites: controller.add_user_favorite(user, eventid) return gen_data_response( event.favorites) # need to return something or views gets angry except Exception as e: return gen_error_response(error_handler.main_handler(e))
def get_created_events(userid, include_past): try: user = controller.get_user_by_uid(userid) if user is None: return gen_error_response("No user with that id exists.") # Make sure creator matches authorized user. try: token_user = User.get_user_in_token(request) if token_user is None or token_user.netid != user.netid: return gen_error_response( "Attempted to get created events for different user.") except AuthorizationError: return gen_error_response("Invalid authorization.") if isinstance(include_past, str): # include_past defaults to True when an invalid value is passed. include_past = include_past != "False" events = controller.get_events_by_creator(str(user.netid), include_past) events = [get_raw_event(event) for event in events] return gen_data_response(events) except Exception as e: return gen_error_response(error_handler.main_handler(e))