def eventIdAction(id): if request.method == 'DELETE': try: event = Event.get(Event.id == id) event.delete_instance() except DoesNotExist: abort(404) return jsonify(success=1) elif request.method == 'PUT': data = request.json data['source'] = data['source']['id'] data['target'] = data['target']['id'] data.pop('type', None) if data['source'] != current_user.id and current_user.elder == 0: abort(403) target = None try: target = User.get(User.id == data['target']) except DoesNotExist: abort(403) if target.disabled and current_user.elder == 0: abort(403) data['amount'] = max(min(current_user.max_points, data['amount']), 1) event = Event(**data) event.save() return jsonify(success=1) abort(404)
def eventAction(): data = request.json data.pop('id', None) if data['target'] == current_user.id: abort(403) target = User() try: target = User.get(User.id == data['target']) except DoesNotExist: abort(403) if target.disabled: abort(403) data['amount'] = max(min(current_user.max_points, int(data['amount'])), 1) event = Event(**data) event.source = current_user.id event.add() return jsonify(success=1)