def delete(request, index1):
statusCode = 200
result = "bad"
content_type = None
if "Authorization" in request.headers:
auth = universal.decode_token(request.headers["Authorization"])
if auth[0] == False:
result = "Unauthorized"
return HttpResponse(result, content_type, 401)
else:
result = "No token"
return HttpResponse(result, content_type, 401)
scope = request.headers["scope"]
scope = int(scope)
if scope != 2:
return HttpResponse("Not admin" + scope, content_type, 403)
with connection.cursor() as cursor:
cursor.execute("SELECT * FROM public.review WHERE game_id = %s",
[index1])
row = universal.dictfetchall(cursor)
if len(row) >= 1:
return HttpResponse("Sis zaidimas turi apzvalgu.", status=409)
cursor.execute("SELECT * FROM public.game WHERE id = %s", [index1])
row = universal.dictfetchall(cursor)
if len(row) == 0:
return HttpResponse("Sis zaidimas neegzistuoja.", status=410)
cursor.execute("DELETE FROM public.game WHERE id = %s", [index1])
return HttpResponse(status=statusCode)
def create(request, index1):
statusCode = 200
result = "bad"
content_type = None
if "Authorization" in request.headers:
auth = universal.decode_token(request.headers["Authorization"])
if auth[0] == False:
return HttpResponse(result, content_type, 401)
else:
return HttpResponse(result, content_type, 401)
input = universal.getText(request.body)
body = input[1]
if input[0] == False:
return HttpResponse("ErrorA", status=400)
if "content" not in body:
return HttpResponse("ErrorB", status=400)
statusCode = 201
with connection.cursor() as cursor:
cursor.execute(
"INSERT INTO public.review(game_id,user_id,content) VALUES (%s,%s,%s) RETURNING id, content",
[index1, body["user_id"], body["content"]])
returnedId = universal.dictfetchall(cursor)
result = universal.dumpJson(returnedId)
return HttpResponse(result,
status=statusCode,
content_type="application/json")
def create(request):
statusCode = 200
result = "bad"
content_type = None
if "Authorization" in request.headers:
auth = universal.decode_token(request.headers["Authorization"])
if auth[0] == False:
return HttpResponse (result, content_type, 401)
else:
return HttpResponse (result, content_type, 401)
input = universal.getText(request.body)
body = input[1]
if input[0] == False:
return HttpResponse ("ErrorA", status = 400)
if "name" not in body:
return HttpResponse ("ErrorB", status = 400)
scope = request.headers["scope"]
scope = int(scope)
if scope != 2:
return HttpResponse("Not admin", content_type, 403)
statusCode = 201
with connection.cursor() as cursor:
cursor.execute("INSERT INTO public.category(name) VALUES (%s) RETURNING id, name", [body["name"]])
returnedId = universal.dictfetchall(cursor)
result = universal.dumpJson(returnedId)
return HttpResponse (result, status = statusCode, content_type = "application/json")
def getToken(request):
result = ""
content_type = None
statusCode = 200 #401
if "client-id" in request.headers and "redirect-uri" in request.headers and "scope" in request.headers:
if isinstance(request.headers["client-id"], str) and isinstance(
request.headers["redirect-uri"], str) and isinstance(
request.headers["scope"], str):
client_id = request.headers["client-id"]
redirect_uri = request.headers["redirect-uri"]
scope = request.headers["scope"].split(" ")
else:
result = "First"
return HttpResponse(result, content_type, 400)
else:
result = "Second"
return HttpResponse(result, content_type, 400)
if redirect_uri != universal.getRedirect_uri():
result = "Third"
return HttpResponse(result, content_type, 401)
with connection.cursor() as cursor:
cursor.execute(
"SELECT username, role FROM public.user WHERE username = %s",
[client_id])
row = universal.dictfetchall(cursor)
if len(row) == 1:
if row[0]["username"] != client_id:
result = "Fourth"
return HttpResponse(result, content_type, 401)
else:
result = "Fifth"
return HttpResponse(result, content_type, 401)
role = row[0]["role"]
user_id = row[0]["username"]
if role == 2:
eglibible_scopes = universal.get_admin_scopes()
else:
eglibible_scopes = universal.get_user_scopes()
for s in scope:
if s not in eglibible_scopes:
return HttpResponse(result, content_type, 403)
content_type = "application/json"
token = jwt.encode(
{
'exp': datetime.utcnow() + timedelta(minutes=60),
'id': user_id,
'scope': " ".join(scope)
},
settings.SECRET_KEY,
algorithm='HS256')
result = json.dumps({
'access_token': token,
'token_type': "bearer",
'expires_in': 3600
})
return HttpResponse(result, content_type, statusCode)
def getList(request):
statusCode = 200
result = "bad"
content_type = None
if "Authorization" in request.headers:
auth = universal.decode_token(request.headers["Authorization"])
if auth[0] == False:
return HttpResponse (result, content_type, 401)
else:
return HttpResponse (result, content_type, 401)
with connection.cursor() as cursor:
cursor.execute("SELECT * FROM public.category")
row = universal.dictfetchall(cursor)
result = universal.dumpJson(row)
return HttpResponse (result, status = statusCode, content_type = "application/json")
def delete(request, index1, index2):
statusCode = 200
result = "bad"
content_type = None
if "Authorization" in request.headers:
auth = universal.decode_token(request.headers["Authorization"])
if auth[0] == False:
result = "Unauthorized"
return HttpResponse(result, content_type, 401)
else:
result = "No token"
return HttpResponse(result, content_type, 401)
with connection.cursor() as cursor:
cursor.execute("SELECT * FROM public.game WHERE id = %s", [index1])
row = universal.dictfetchall(cursor)
if len(row) == 0:
return HttpResponse("Si apzvalga neegzistuoja.", status=410)
cursor.execute("DELETE FROM public.review WHERE id = %s", [index2])
return HttpResponse(status=statusCode)
