def delete(self, team_id, project_id):
"""
Deletes the specified team project assignment
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: message_id
in: path
description: Unique message ID
required: true
type: integer
default: 1
responses:
200:
description: Team unassigned of the project
401:
description: Forbidden, if user is not a manager of the project
403:
description: Forbidden, if user is not authenticated
404:
description: Not found
500:
description: Internal Server Error
"""
if not TeamService.is_user_team_manager(team_id,
token_auth.current_user()):
return {
"Error": "User is not an admin or a manager for the team"
}, 401
try:
TeamService.delete_team_project(team_id, project_id)
return {"Success": True}, 200
except NotFound:
return {"Error": "No team found"}, 404
except Exception as e:
error_msg = f"TeamMembers DELETE - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
def delete(self, team_id):
"""
Deletes a Team
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: team_id
in: path
description: The unique team ID
required: true
type: integer
default: 1
responses:
200:
description: Team deleted
401:
description: Unauthorized - Invalid credentials
403:
description: Forbidden - Team has associated projects
404:
description: Team not found
500:
description: Internal Server Error
"""
if not TeamService.is_user_team_manager(team_id,
token_auth.current_user()):
return {"Error": "User is not a manager for the team"}, 401
try:
TeamService.delete_team(team_id)
return {"Success": "Team deleted"}, 200
except NotFound:
return {"Error": "Team Not Found"}, 404
except Exception as e:
error_msg = f"Team DELETE - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
def post(self, team_id):
"""
Updates a team information
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: team_id
in: path
description: Unique team ID
required: true
type: integer
default: 1
- in: body
name: body
required: true
description: JSON object for updating a team
schema:
properties:
name:
type: string
default: HOT - Mappers
logo:
type: string
default: https://tasks.hotosm.org/assets/img/hot-tm-logo.svg
members:
type: array
items:
schema:
$ref: "#/definitions/TeamMembers"
organisation:
type: string
default: HOT
description:
type: string
default: HOT's mapping editors
inviteOnly:
type: boolean
default: false
responses:
201:
description: Team updated successfully
400:
description: Client Error - Invalid Request
401:
description: Unauthorized - Invalid credentials
500:
description: Internal Server Error
"""
try:
team_dto = TeamDTO(request.get_json())
team_dto.team_id = team_id
team_dto.validate()
authenticated_user_id = token_auth.current_user()
team_details_dto = TeamService.get_team_as_dto(
team_id, authenticated_user_id)
org = TeamService.assert_validate_organisation(
team_dto.organisation_id)
TeamService.assert_validate_members(team_details_dto)
if not TeamService.is_user_team_manager(
team_id, authenticated_user_id
) and not OrganisationService.can_user_manage_organisation(
org.id, authenticated_user_id):
return {
"Error": "User is not a admin or a manager for the team"
}, 401
except DataError as e:
current_app.logger.error(f"error validating request: {str(e)}")
return str(e), 400
try:
TeamService.update_team(team_dto)
return {"Status": "Updated"}, 200
except NotFound as e:
return {"Error": str(e)}, 404
except TeamServiceError as e:
return str(e), 402
except Exception as e:
error_msg = f"Team POST - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
def patch(self, team_id):
"""
Take action on a team invite
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: team_id
in: path
description: Unique team ID
required: true
type: integer
default: 1
- in: body
name: body
required: true
description: JSON object to accept or reject a request to join team
schema:
properties:
username:
type: string
required: true
type:
type: string
default: join-response
required: true
role:
type: string
default: member
required: false
action:
type: string
default: accept
required: true
responses:
200:
description: Member added
403:
description: Forbidden
404:
description: Not found
500:
description: Internal Server Error
"""
try:
json_data = request.get_json(force=True)
username = json_data["username"]
request_type = json_data.get("type", "join-response")
action = json_data["action"]
role = json_data.get("role", "member")
except DataError as e:
current_app.logger.error(f"error validating request: {str(e)}")
return str(e), 400
try:
authenticated_user_id = token_auth.current_user()
if request_type == "join-response":
if TeamService.is_user_team_manager(team_id,
authenticated_user_id):
TeamService.accept_reject_join_request(
team_id, authenticated_user_id, username, role, action)
return {"Success": "True"}, 200
else:
return (
{
"Error":
"You don't have permissions to approve this join team request"
},
403,
)
elif request_type == "invite-response":
TeamService.accept_reject_invitation_request(
team_id, authenticated_user_id, username, role, action)
return {"Success": "True"}, 200
except Exception as e:
raise
error_msg = f"Team Join PUT - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
def post(self, team_id):
"""
Message all team members
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: team_id
in: path
description: Unique team ID
required: true
type: integer
default: 1
- in: body
name: body
required: true
description: JSON object for creating message
schema:
properties:
subject:
type: string
default: Thanks
required: true
message:
type: string
default: Thanks for your contribution
required: true
responses:
200:
description: Message sent successfully
401:
description: Unauthorized - Invalid credentials
403:
description: Forbidden
500:
description: Internal Server Error
"""
try:
authenticated_user_id = token_auth.current_user()
team_id = request.view_args["team_id"]
message_dto = MessageDTO(request.get_json())
# Validate if team is present
try:
team = TeamService.get_team_by_id(team_id)
except NotFound:
return {"Error": "Team not found"}, 404
is_manager = TeamService.is_user_team_manager(
team_id, authenticated_user_id)
if not is_manager:
raise ValueError
message_dto.from_user_id = authenticated_user_id
message_dto.validate()
if not message_dto.message.strip(
) or not message_dto.subject.strip():
raise DataError({"Validation": "Empty message not allowed"})
except DataError as e:
current_app.logger.error(f"Error validating request: {str(e)}")
return {"Error": "Request payload did not match validation"}, 400
except ValueError:
return {
"Error": "Unauthorised to send message to team members"
}, 403
try:
threading.Thread(
target=TeamService.send_message_to_all_team_members,
args=(team_id, team.name, message_dto),
).start()
return {"Success": "Message sent successfully"}, 200
except ValueError as e:
return {"Error": str(e)}, 403
except Exception as e:
error_msg = f"Send message all - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": "Unable to send messages to team members"}, 500
def post(self, team_id):
"""
Removes a user from a team
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: team_id
in: path
description: Unique team ID
required: true
type: integer
default: 1
- in: body
name: body
required: true
description: JSON object to remove user from team
schema:
properties:
username:
type: string
default: 1
required: true
responses:
200:
description: Member deleted
403:
description: Forbidden, if user attempting to ready other messages
404:
description: Not found
500:
description: Internal Server Error
"""
try:
authenticated_user_id = token_auth.current_user()
username = request.get_json(force=True)["username"]
request_user = User.get_by_id(authenticated_user_id)
if (TeamService.is_user_team_manager(team_id,
authenticated_user_id)
or request_user.username == username):
TeamService.leave_team(team_id, username)
return {"Success": "User removed from the team"}, 200
else:
return (
{
"Error":
"You don't have permissions to remove {} from this team."
.format(username)
},
403,
)
except NotFound:
return {"Error": "No team member found"}, 404
except Exception as e:
error_msg = f"TeamMembers DELETE - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
def post(self, team_id):
"""
Request to join a team
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: team_id
in: path
description: Unique team ID
required: true
type: integer
default: 1
- in: body
name: body
required: true
description: JSON object to join team
schema:
properties:
username:
type: string
required: true
role:
type: string
required: false
responses:
200:
description: Member added
403:
description: Forbidden
404:
description: Not found
500:
description: Internal Server Error
"""
try:
post_data = request.get_json(force=True)
username = post_data["username"]
role = post_data.get("role", None)
except (DataError, KeyError) as e:
current_app.logger.error(f"error validating request: {str(e)}")
return str(e), 400
try:
authenticated_user_id = token_auth.current_user()
TeamService.join_team(team_id, authenticated_user_id, username,
role)
if TeamService.is_user_team_manager(team_id,
authenticated_user_id):
return {"Success": "User added to the team"}, 200
else:
return {
"Success": "Request to join the team sent successfully."
}, 200
except TeamJoinNotAllowed as e:
return {"Error": str(e)}, 403
except Exception as e:
error_msg = f"User POST - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
def post(self, team_id, project_id):
""" Assign a team to a project
---
tags:
- teams
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: project_id
in: path
description: Unique project ID
required: true
type: integer
default: 1
- name: team_id
in: path
description: Unique team ID
required: true
type: integer
default: 1
- in: body
name: body
required: true
description: The role that the team will have on the project
schema:
properties:
role:
type: string
responses:
201:
description: Team project assignment created
401:
description: Forbidden, if user is not a manager of the project
403:
description: Forbidden, if user is not authenticated
404:
description: Not found
500:
description: Internal Server Error
"""
if not TeamService.is_user_team_manager(team_id,
token_auth.current_user()):
return {
"Error": "User is not an admin or a manager for the team"
}, 401
try:
role = request.get_json(force=True)["role"]
except DataError as e:
current_app.logger.error(f"Error validating request: {str(e)}")
return str(e), 400
try:
TeamService.add_team_project(team_id, project_id, role)
return (
{
"Success":
"Team {} assigned to project {} with role {}".format(
team_id, project_id, role)
},
201,
)
except Exception as e:
error_msg = f"Project Team POST - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500