def admin(): if request.method == "GET": return base_req( response=[asdict(admin) for admin in Admin.query.all()]) if request.method == "POST": if "email" not in request.json: abort(400, "Missing key email") admin = Admin(email=request.json["email"]) db.session.add(admin) db.session.commit() return base_req() if request.method == "DELETE": if "email" not in request.json: abort(400, "Missing key email") search = Admin.query.filter_by(email=request.json["email"]).all() if not search: abort(404, "Admin with specified email does not exist") db.session.delete( Admin.query.filter_by(email=request.json["email"]).one()) db.session.commit() return base_req()
def validate(): user = User.query.filter_by(email=session["google_email"]).one() # Update Google picture URL in database user.google_picture_url = session["google_picture_url"] db.session.add(user) db.session.commit() return base_req( message="User valid.", response={ "google": True, "registered": True, "email": session["google_email"], "name": session["google_name"], "avatar": session["google_picture_url"], "school_class": user.school_class, "is_admin": session["is_admin"], "event": { "event_date": EVENT_DATE, "swish_phone": SWISH_PHONE, "swish_name": SWISH_NAME, }, }, )
def register(): user = User.query.filter_by(email=session["google_email"]).all() if len(user) > 0: abort(400, "User already registered.") password = request.json["password"] school_class = request.json["school_class"].upper() if password != REGISTER_PASSWORD: abort(401, "Invalid password") if input_validation(school_class) and length_validation( school_class, 4, 6, vanity="School class"): user = User(email=session["google_email"], school_class=school_class) db.session.add(user) db.session.commit() return base_req( message="user registered", response={ "email": session["google_email"], "name": session["google_name"], "avatar": session["google_picture_url"], "school_class": school_class, "is_admin": session["is_admin"], }, ) abort(500)
def modify(id): json = request.json seat_type = json["seat_type"] if "seat_type" in json else None if request.method == "DELETE": booking = None booking = (Booking.query.get(id) if seat_type == "standard" else (ConsoleBooking.query.get(id) if seat_type == "console" else abort(400, "Invalid seat_type"))) if not booking: abort(404, "Booking does not exist") db.session.delete(booking) db.session.commit() return base_req() if request.method == "PUT": paid = json["paid"] if "paid" in json else None seat = json["seat"] if "seat" in json else None name = json["name"] if "name" in json else None email = json["email"] if "email" in json else None school_class = json["school_class"].upper( ) if "school_class" in json else None booking = None booking = (Booking.query.get(id) if seat_type == "standard" else (ConsoleBooking.query.get(id) if seat_type == "console" else abort(400, "Invalid seat_type"))) if not booking: abort(404, "Booking does not exist") booking.seat = seat if seat is not None else booking.seat booking.paid = paid if paid is not None else booking.paid booking.name = name if name is not None else booking.name booking.email = email if email is not None else booking.email booking.school_class = (school_class if school_class is not None else booking.school_class) db.session.commit() return base_req()
def bookings(): bookings = Booking.query.all() console_bookings = ConsoleBooking.query.all() return base_req( response={ "bookings": [{ "seat": booking.seat, "name": booking.name, "school_class": booking.school_class, "email": None if len( Admin.query.filter_by(email=session["google_email"]).all() ) < 1 else booking.email, "paid": booking.paid, "picture_url": User.query.filter_by( email=booking.email).first().google_picture_url if len(User.query.filter_by( email=booking.email).all()) != 0 else "", "time_created": str(booking.time_created), "time_updated": str(booking.time_updated), } for booking in bookings], "console_bookings": [{ "seat": booking.seat, "name": booking.name, "school_class": booking.school_class, "email": None if len( Admin.query.filter_by(email=session["google_email"]).all() ) < 1 else booking.email, "paid": booking.paid, "picture_url": User.query.filter_by( email=booking.email).first().google_picture_url if len(User.query.filter_by( email=booking.email).all()) != 0 else "", "time_created": str(booking.time_created), "time_updated": str(booking.time_updated), } for booking in console_bookings], "num_seats": NUM_SEATS, "num_console_seats": NUM_CONSOLE_SEATS, })
def error_401(e): return base_req( status=False, http_code=401, message=e.description["description"] if type(e.description) is dict else e.description, response=e.description["response"] if type(e.description) is dict else {}, )
def available(): return base_req( response={ "available_seats": [i for i in range(1, NUM_SEATS + 1) if not Booking.query.get(i)], "available_console_seats": [ i for i in range(1, NUM_CONSOLE_SEATS + 1) if not ConsoleBooking.query.get(i) ], })
def login(): # Find out what URL to hit for Google login google_provider_cfg = get_google_provider_cfg() authorization_endpoint = google_provider_cfg["authorization_endpoint"] # Use library to construct the request for Google login and provide # scopes that let you retrieve user's profile from Google request_uri = client.prepare_request_uri( authorization_endpoint, redirect_uri=BACKEND_URL + "/api/auth/login/callback", scope=["openid", "email", "profile"], ) return base_req(response={"login_url": request_uri})
def user(): if request.method == "GET": return base_req(response=[asdict(user) for user in User.query.all()]) if request.method == "POST": if "email" not in request.json: abort(400, "Missing key email") if "school_class" not in request.json: abort(400, "Missing key school_class") email = request.json["email"] school_class = request.json["school_class"].upper() user = User.query.filter_by(email=email).all() if len(user) > 0: abort(400, "User already registered.") if input_validation(school_class) and length_validation( school_class, 4, 6, vanity="School class"): user = User(email=email, school_class=school_class) db.session.add(user) db.session.commit() return base_req( message="user registered", response={ "email": email, "school_class": school_class, }, ) abort(500) abort(501, f"{request.method} on this method not yet supported")
def book(): seat = request.json["seat"] seat_type = request.json["seat_type"] # Validate user input, must be an integer if not is_integer(seat): abort(400, "Seat must be integer") # Seat integer must be within bookable range seat_max = ( NUM_SEATS if seat_type == "standard" else (NUM_CONSOLE_SEATS if seat_type == "console" else abort( 400, "Invalid seat_type") # only two types of seat )) if int(seat) < 1 or int(seat) > seat_max: abort(400, f"Seat must be in range 1 - {seat_max}") # Check if this seat is already booked by querying the database if (Booking.query.get(int(seat)) if seat_type == "standard" else (ConsoleBooking.query.get(int(seat)) if seat_type == "console" else abort(400, "Invalid seat_type"))): abort(400, "Seat already booked.") # Check if this user already has a booking if (len(( Booking.query.filter_by(email=session["google_email"]).all() if seat_type == "standard" else (ConsoleBooking.query.filter_by(email=session["google_email"]).all() if seat_type == "console" else abort(400, "Invalid seat_type") # bad seat_type would have triggered abort earlier but good practice to always handle bad data ) )) != 0 # realized this is whole if-statement is quite unreadable but it is very compact ): abort( 400, "You have already booked a seat. Contact administrator for help with cancellation or seat movement.", ) # Retrieve current user object user = User.query.filter_by(email=session["google_email"]).one() # Create new booking object booking = (Booking( seat=int(seat), name=session["google_name"], email=session["google_email"], school_class=user.school_class, paid=False, ) if seat_type == "standard" else (ConsoleBooking( seat=int(seat), name=session["google_name"], email=session["google_email"], school_class=user.school_class, paid=False, ) if seat_type == "console" else abort(400, "Invalid seat_type"))) # Add to database db.session.add(booking) db.session.commit() return base_req()
def error_501(e): return base_req(status=False, http_code=501, message=e.description)
def error_429(e): return base_req(status=False, http_code=429, message=e.description)