def delete(self, thread_id, invitation_id):
        """
        @api {DELETE} /threads/<String:thread_id>/invitations/<String:invitation_id> Cancel sent thread invitation
        @apiGroup Thread
        @apiDescription Cancel sent thread invitation

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadInvitationModel
            }
        """
        caller_user_id = auth.user_id

        # Verifications

        # Thread verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify user is thread owner
        thread_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Invitation verifications
        invitation_verifications = InvitationVerifications(thread_id=thread_id,
                                                           value=invitation_id)
        thread_invitation_model = invitation_verifications.thread_invitation_model
        # Verify user is invitation owner
        invitation_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Update invitation and mark as deleted
        ThreadInvitationHandler().delete(
            thread_invitation_model=thread_invitation_model)

        return thread_invitation_model.jsonify()
    def delete(self, thread_id, message_id):
        """
        @api {DELETE} /threads/<String:thread_id>/messages/<String:message_id> Remove thread message
        @apiGroup Thread
        @apiDescription Remove thread message as message owner

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadMessageModel
            }
        """
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        message_verifications = MessageVerifications(thread_id=thread_id,
                                                     value=message_id)
        thread_message_model = message_verifications.thread_message_model
        # Verify user is thread member
        thread_verifications.verify_user_is_member(user_id=caller_user_id)
        # Verify user is message owner
        message_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Mark message as deleted
        thread_message_model = ThreadMessageHandler().delete(
            thread_message_model=thread_message_model)

        return thread_message_model.jsonify()
    def post(self, owner_user_id, user_ids, thread_model):
        # Exclude users who are already invited or members
        thread_verifications = ThreadVerifications(model=thread_model)
        user_ids = [
            user_id for user_id in user_ids
            if not thread_verifications.check_user_is_invited(user_id)
            and not thread_verifications.check_user_is_member(user_id)
        ]

        # Create ThreadInvitationModel objects
        thread_invitation_models = [
            ThreadInvitationModel(user=user_id,
                                  thread_id=thread_model.id,
                                  invited_by=owner_user_id,
                                  users_in_thread=thread_model.users)
            for user_id in user_ids
        ]

        # Register invitations
        for thread_invitation_model in thread_invitation_models:
            # Register invitation for thread
            threads_invitations[thread_model.id].insert(
                0, thread_invitation_model)
            # Register invitation for user
            users_thread_invitations[thread_invitation_model.user].insert(
                0, thread_invitation_model)

        return ModelsList(list_of_models=thread_invitation_models)
    def post(self, thread_id, application_id):
        """
        @api {POST} /threads/<String:thread_id>/applications/<String:application_id> Accept or reject received thread application
        @apiGroup Thread

        @apiParam (JSON param) {Boolean} accept Accept or reject the application

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadApplicationModel
            }
        """
        args = self.reqparse.parse_args()
        caller_user_id = auth.user_id

        # Verifications

        # Thread verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify user is thread owner
        thread_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Application verifications
        application_verifications = ApplicationVerifications(
            thread_id=thread_id, value=application_id)
        thread_application_model = application_verifications.thread_application_model
        # Verify application exists
        application_verifications.verify_application_exists()

        # Add user to thread, mark application as accepted or rejected
        ThreadApplicationHandler().post(
            thread_application_model=thread_application_model,
            accept=args.accept)

        return thread_application_model.jsonify()
    def get(self, thread_id, invitation_id):
        """
        @api {GET} /threads/<String:thread_id>/invitations/<String:invitation_id> Get sent thread invitation
        @apiGroup Thread
        @apiDescription Get sent thread invitation

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadInvitationModel
            }
        """
        caller_user_id = auth.user_id

        # Verifications

        # Thread verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify user is thread owner
        thread_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Invitation verifications
        invitation_verifications = InvitationVerifications(thread_id=thread_id,
                                                           value=invitation_id)
        # Verify user is invitation owner
        invitation_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Get thread invitation
        thread_invitation_model = ThreadInvitationHandler().get(
            thread_id=thread_id, invitation_id=invitation_id)

        return thread_invitation_model.jsonify()
    def get(self, thread_id, application_id):
        """
        @api {GET} /threads/<String:thread_id>/applications/<String:application_id> Get received thread application
        @apiGroup Thread
        @apiDescription Get received thread application by id

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadApplicationModel
            }
        """
        caller_user_id = auth.user_id

        # Verifications

        # Thread verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify user is thread owner
        thread_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Application verifications
        application_verifications = ApplicationVerifications(
            thread_id=thread_id, value=application_id)
        # Verify application exists
        application_verifications.verify_application_exists()

        # Get thread application
        thread_application_model = ThreadApplicationHandler().get(
            thread_id=thread_id, application_id=application_id)

        return thread_application_model.jsonify()
Ejemplo n.º 7
0
    def post(self, thread_id):
        """
        @api {POST} /threads/<String:thread_id>/apply Apply to thread
        @apiGroup Thread

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadApplicationModel
            }
        """
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        thread_model = thread_verifications.thread_model
        # Verify if thread exists
        thread_verifications.verify_thread_exists()
        # Verify it is not thread owner applying
        thread_verifications.verify_user_is_not_owner(user_id=caller_user_id)
        # Verify thread is not private
        thread_verifications.verify_thread_is_not_private()
        # Verify user did not already apply
        thread_verifications.verify_user_not_applied(user_id=caller_user_id)

        # Create and register application
        thread_application_model = ThreadApplyHandler().post(
            user_id=caller_user_id, thread_model=thread_model)

        return thread_application_model.jsonify()
    def post(self, thread_id, message_id):
        """
        @api {POST} /threads/<String:thread_id>/messages/<String:message_id> Edit thread message
        @apiGroup Thread
        @apiDescription Edit thread message as message owner

        @apiParam (JSON param) {String} message New message. Length 1-300

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadMessageModel
            }
        """
        args = self.reqparse.parse_args()
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        message_verifications = MessageVerifications(thread_id=thread_id,
                                                     value=message_id)
        thread_message_model = message_verifications.thread_message_model
        # Verify user is thread member
        thread_verifications.verify_user_is_member(user_id=caller_user_id)
        # Verify user is message owner
        message_verifications.verify_user_is_owner(user_id=caller_user_id)
        # Verify new message length
        TextVerifications(text=args.message).verify_text_length(min_l=1,
                                                                max_l=300)

        # Update thread message
        thread_message_model = ThreadMessageHandler().post(
            thread_message_model=thread_message_model, message=args.message)

        return thread_message_model.jsonify()
    def get(self, thread_id, message_id):
        """
        @api {GET} /threads/<String:thread_id>/messages/<String:message_id> Get thread message
        @apiGroup Thread
        @apiDescription Get thread message as member of thread

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadMessageModel
            }
        """
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify user is thread member
        thread_verifications.verify_user_is_member(user_id=caller_user_id)
        # Verify message exists
        MessageVerifications(thread_id=thread_id,
                             value=message_id).verify_message_exists()

        # Get thread message
        thread_message_model = ThreadMessageHandler().get(
            thread_id=thread_id, message_id=message_id)

        return thread_message_model.jsonify()
    def post(self, thread_id):
        """
        @api {POST} /threads/<String:thread_id>/invite Invite users to thread
        @apiGroup Thread

        @apiParam (JSON param) {String[]} users List of user ids

        @apiSuccessExample {JSON} Success-Response:
            {
                "items": ThreadInvitationModel[]
            }
        """
        args = self.reqparse.parse_args()
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        thread_model = thread_verifications.thread_model
        # Verify user is owner of thread
        thread_verifications.verify_user_is_owner(user_id=caller_user_id)
        # Verify that owner is not inviting himself
        thread_verifications.verify_excludes_owner(user_ids=args.users)
        # Verify users to be invited exist and are not already invited
        for user_id in args.users:
            UserVerifications(value=user_id).verify_user_exists()
            thread_verifications.verify_user_not_invited(user_id=user_id)

        # Create and register invitations
        thread_invitation_models = ThreadInviteHandler().post(
            owner_user_id=caller_user_id,
            user_ids=args.users,
            thread_model=thread_model)

        return thread_invitation_models.jsonify()
Ejemplo n.º 11
0
    def post(self):
        """
        @api {POST} /threads Create thread
        @apiGroup Thread

        @apiParam (JSON param) {String} name Name of the thread. Has to be unique, must not be a number, length 2-50
        @apiParam (JSON param) {Boolean} private Whether the thread is to be private or not

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadModel
            }
        """
        args = self.reqparse.parse_args()
        user_id = auth.user_id

        # Validate thread name
        if ThreadVerifications(by="name",
                               value=args.name).check_thread_exists():
            HttpException.throw_409("Thread name already taken")
        elif args.name.isdigit():
            HttpException.throw_422("Thread name must not be a number")
        # Intentional bug with validation between 2 and 60 characters for workshop purposes
        elif not validate_length(2, 60, args.name):
            HttpException.throw_422(
                "Thread name length must be between 2 and 50 characters")

        # Create thread
        thread_model = ThreadsHandler().post(user_id=user_id,
                                             name=args.name,
                                             private=args.private)

        # Return thread
        return thread_model.jsonify()
    def get(self, thread_id):
        """
        @api {GET} /threads/<String:thread_id> Get thread
        @apiGroup Thread
        @apiDescription Get thread by id

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadModel
            }
        """
        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify thread exists
        thread_verifications.verify_thread_exists()

        thread_model = ThreadHandler().get(thread_id=thread_id)

        return thread_model.jsonify()
    def post(self, thread_id):
        """
        @api {POST} /threads/<String:thread_id>/kick Kick users from thread
        @apiGroup Thread

        @apiParam (JSON param) {String[]} users List of user ids

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadModel
            }
        """
        args = self.reqparse.parse_args()
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        thread_model = thread_verifications.thread_model
        # Verify if user is owner of thread
        # Intentional bug to allow non thread owners to kick people for workshop purposes
        # thread_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Verify user is not trying to kick himself
        thread_verifications.verify_excludes_owner(user_ids=args.users)
        # Verify users to be kicked are members of the thread
        for user_id in args.users:
            thread_verifications.verify_user_is_member(user_id=user_id)

        # Kick users from thread
        thread_model = ThreadKickHandler().post(thread_model=thread_model,
                                                user_ids=args.users)

        return thread_model.jsonify()
    def post(self, thread_id):
        """
        @api {POST} /threads/<String:thread_id>/messages Send message in thread
        @apiGroup Thread
        @apiDescription Send message in thread as thread owner

        @apiParam (JSON param) {String} message Message to send. Length 1-300

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadMessageModel
            }
        """
        args = self.reqparse.parse_args()
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        thread_model = thread_verifications.thread_model
        # Verify thread exists
        thread_verifications.verify_thread_exists()
        # Verify user is thread member
        thread_verifications.verify_user_is_member(user_id=caller_user_id)
        # Verify message length
        TextVerifications(text=args.message).verify_text_length(min_l=1, max_l=300)

        # Create thread message
        thread_message_model = ThreadMessagesHandler().post(
            thread_model=thread_model,
            user_id=caller_user_id,
            message=args.message
        )

        return thread_message_model.jsonify()
    def get(self, thread_id):
        """
        @api {GET} /threads/<String:thread_id>/messages Get thread messages
        @apiGroup Thread
        @apiDescription Get last 100 thread messages as member of thread

        @apiSuccessExample {JSON} Success-Response:
            {
                "items": ThreadMessageModel[]
            }
        """
        args = self.reqparse.parse_args()
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify thread exists
        thread_verifications.verify_thread_exists()
        # Verify user is thread member
        thread_verifications.verify_user_is_member(user_id=caller_user_id)

        # Get thread messages
        thread_message_models = ThreadMessagesHandler().get(
            thread_id=thread_id,
            start=args.start,
            limit=args.limit
        )

        return thread_message_models.jsonify()
Ejemplo n.º 16
0
    def get(self, thread_id):
        """
        @api {GET} /threads/<String:thread_id>/applications Get received thread applications
        @apiGroup Thread
        @apiDescription Get received thread applications as thread owner

        @apiSuccessExample {JSON} Success-Response:
            {
                "items": ThreadApplicationModel[]
            }
        """
        args = self.reqparse.parse_args()
        caller_user_id = auth.user_id

        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        # Verify thread exists
        thread_verifications.verify_thread_exists()
        # Verify user is thread owner
        thread_verifications.verify_user_is_owner(user_id=caller_user_id)

        # Get thread applications
        thread_application_models = ThreadApplicationsHandler().get(
            thread_id=thread_id, start=args.start, limit=args.limit)

        return thread_application_models.jsonify()
    def delete(self, thread_id):
        """
        @api {DELETE} /threads/<String:thread_id> Delete thread
        @apiGroup Thread
        @apiDescription Delete thread by id as thread owner

        @apiSuccessExample {JSON} Success-Response:
            {
                ThreadModel
            }
        """
        # Verifications
        thread_verifications = ThreadVerifications(value=thread_id)
        thread_model = thread_verifications.thread_model
        # Verify if user is thread owner
        thread_verifications.verify_user_is_owner(user_id=auth.user_id)

        # Delete thread
        thread_model = ThreadHandler().delete(thread_model=thread_model)

        # Intentional bug that returns empty json instead of ThreadModel for workshop purposes
        return dict()