def modify_item():
j = request.get_json()
c = DatabaseConnection()
auth = check_auth(j, c)
if auth:
return auth
itemid = j.get("itemid", 0)
if not itemid:
return {"err": "itemid must not be empty"}, 400
user = c.get_user(username=j["username"])
item = c.get_item(itemid)
if not item:
return {"err": "item does not exist"}, 400
l = c.get_list(item["listid"])
if l["userid"] != user["id"]:
return {"err": "item does not belong to user"}, 409
# deleting item
if request.path == "/api/deleteitem":
c.delete_item(itemid)
return {"msg": "successfully deleted item"}, 200
# updating item
elif request.path == "/api/updateitem":
if not c.update_item(itemid, j):
return {"err": "attempted to give item duplicate name"}, 409
return {"msg": "successfully updated item"}, 200
return {"err": "invalid method used"}, 405
def modify_list():
j = request.get_json()
c = DatabaseConnection()
auth = check_auth(j, c)
if auth:
return auth
listid = j.get("listid", None)
if not listid:
return {"err": "listid must not be empty"}, 400
l = c.get_list(listid)
if not l:
return {"err": "list does not exist"}, 409
u = c.get_user(j["username"])
if l["userid"] != u["id"]:
return {"err": "list does not belong to user"}, 400
if request.path == "/api/deletelist":
print("deleting list")
c.delete_list(listid)
return {"msg": "successfully deleted list"}, 200
elif request.path == "/api/updatelist":
label = j.get("label", "")
if not label:
return {"err": "label must not be empty"}, 400
if not c.update_list(listid, label):
return {"err": "attempted to give list duplicate name"}, 409
return {"msg": "successfully updated list"}, 200
return {"err": "invalid method used"}, 405
def add_item():
j = request.get_json()
c = DatabaseConnection()
auth = check_auth(j, c)
if auth:
return auth
vs = [None, None, None, None, None, None]
varnames = ["listid", "label", "descr", "img", "url", "price"]
for i in range(len(varnames)):
vs[i] = j.get(varnames[i], None)
if not vs[i]:
return {"err": varnames[i] + " must not be empty"}, 400
user = c.get_user(username=j["username"])
l = c.get_list(vs[0])
if not l:
return {"err": "list does not exist"}, 409
if user["id"] != l["userid"]:
return {"err": "list does not belong to user"}, 400
if not c.add_item(vs[0], vs[1], vs[2], vs[3], vs[4], vs[5]):
return {
"err": "attempting to add item with duplicate label to list"
}, 409
return {"msg": "successfully added item to list"}, 201
def get_lists():
c = DatabaseConnection()
listid = request.args.get("listid", 0)
if listid:
l = c.get_list(listid)
if not l:
return {"err": "list does not exist"}, 409
return {"list": l}, 200
username = request.args.get("username", "")
if not username:
return {"lists": c.get_lists()}, 200
user = c.get_user(username=username)
if not user:
return {"err": "user does not exist"}, 409
return {"lists": c.get_lists(userid=user["id"])}, 200
