def UpdatePin(id=0):
pin = Pin.query.get_or_404(id)
user = get_jwt_identity()
if (User.Role(user['role']) not in [User.Role.ADMIN, User.Role.VERIFIED]) and (user['id'] != pin.edits[0].user_id):
return Response('only the creator or an admin can edit a pin', status=403)
try:
json = request.json
details = ''
PROPERTY_LIST = ['position_x', 'position_y', 'symbol', 'resource', 'rank', 'name',
'amount', 'respawn', 'notes', 'x_cord', 'y_cord']
for prop in PROPERTY_LIST:
old_value = getattr(pin, prop)
enum = False
if hasattr(old_value, 'value'):
old_value = old_value.value
enum = True
if old_value != json[prop]:
details += f'{prop} changed from {old_value} to {json[prop]}\n'
if enum is True:
if json[prop] in [item.value for item in Pin.Symbol]:
setattr(pin, prop, Pin.Symbol(json[prop]))
elif json[prop] in [item.value for item in Pin.Resource]:
setattr(pin, prop, Pin.Resource(json[prop]))
else:
setattr(pin, prop, json[prop])
db.session.commit()
newEdit = Edit(details, pin.id, get_jwt_identity()['id'])
db.session.add(newEdit)
db.session.commit()
return jsonify(pin.to_dict())
except IntegrityError as error:
return Response(error.args[0], status=400)
def DeletePin(id=0):
pin = Pin.query.get_or_404(id)
creator_id = pin.edits[0].user_id
user = get_jwt_identity()
if User.Role(user['role']) == User.Role.ADMIN or user['id'] == creator_id:
db.session.delete(pin)
db.session.commit()
return Response('pin deleted', status=200)
return Response('only the creator or an admin can delete a pin', status=403)
def Revoke_user_Access(discord_id=0):
user = User.query.filter_by(discord=discord_id).first_or_404()
json = request.json
try:
if 'is_active' in json:
user.is_active = json['is_active']
if 'role' in json:
user.role = User.Role(json['role'])
db.session.commit()
return jsonify(user.to_dict()), 200
except IntegrityError:
return jsonify('could not complete the requested action'), 400
def AdminUpdateUser(id=0):
user = User.query.get_or_404(id)
if get_jwt_identity()['id'] == int(id):
return Response('cannot update your own account', status=403)
admin = User.query.get_or_404(get_jwt_identity()['id'])
try:
if admin.role not in [User.Role.ADMIN]:
if admin.guild != user.guild:
return Response(
'must be in the guild you are atempting to edit',
status=403)
json = request.json
if ('password' in json.keys()):
user.password = sha256_crypt.encrypt(json['password'])
if user.guild_id != json['guild_id']:
user.guild_id = json['guild_id']
data = {
'user':
user.discord,
'guildTag':
Guild.query.filter_by(
id=json['guild_id']).first_or_404().nickname
}
log.warning(data)
requests.post(BOT_URL + '/updateUser',
json=data,
verify=VERIFY_SSL)
user.is_active = json['is_active']
if User.Role(json['role']) == User.Role.ADMIN:
if admin.role in [User.Role.ADMIN]:
user.role = User.Role(json['role'])
else:
user.role = User.Role(json['role']) or None
db.session.commit()
return jsonify(user.to_dict())
except IntegrityError as error:
return Response(error.args[0], status=400)
def ConfirmDiscord():
json = request.json
user = User.query.filter_by(username=json['username']).first_or_404()
token = json['token']
if user.discord_confirmed is True:
return Response('user has already confirmed their discord', status=400)
username = confirm_token(token)
if username == user.username:
try:
user.discord_confirmed = True
user.discord = json['discord']
if json['member']:
user.role = User.Role('verified')
db.session.commit()
except IntegrityError as error:
return Response(error.args[0], status=400)
return jsonify(user.to_dict())
return Response('invalid user/token', status=400)
