def post(version, ordernum=None):
user = flask.g.user
message = None
order = request.get_json(force=True, silent=True)
if order is None:
return BadRequestResponse()
if order:
order = lowercase_all(order)
try:
order = espa.place_order(order, user)
except ValidationException as e:
message = MessagesResponse(errors=[e.response],
code=400)
except InventoryException as e:
message = MessagesResponse(errors=[e.response],
code=400)
except InventoryConnectionException as e:
message = MessagesResponse(warnings=['Could not connect to data source'],
code=400)
except OpenSceneLimitException as e:
message = MessagesResponse(errors=[e.response],
code=400)
else:
message = OrderResponse(**order.as_dict())
message.limit = ('orderid', 'status')
message.code = 201
return message()
else:
message = MessagesResponse(errors=['Must supply order JSON'],
code=400)
return message()
def put(version, ordernum=None):
user = flask.g.user
remote_addr = user_ip_address()
body = request.get_json(force=True)
if body is None or (isinstance(body, dict) and body.get('orderid') is None):
message = MessagesResponse(errors=['No orderid supplied'],
code=400)
return message()
elif isinstance(body, dict) and body.get('status') != 'cancelled':
message = MessagesResponse(errors=['Invalid status supplied'],
code=400)
return message()
else:
orderid, status = body.get('orderid'), body.get('status')
orders = espa.fetch_order(orderid)
if orders[0].user_id != user.id and not user.is_staff():
msg = ('User {} is not allowed to cancel order {}'
.format(user.username, orderid))
logger.critical(msg + '\nOrigin: {}'.format(remote_addr))
message = MessagesResponse(errors=[msg], code=403)
return message()
if orders[0].status != 'ordered':
msg = ('Order {} is already in a "{}" state'
.format(orderid, orders[0].status))
message = MessagesResponse(errors=[msg], code=400)
return message()
order = espa.cancel_order(orders[0].id, remote_addr)
message = OrderResponse(**order.as_dict())
message.limit = ('orderid', 'status')
message.code = 202
return message()
def get(version, email=None):
filters = request.get_json(force=True, silent=True)
search = dict(username=auth.username(), filters=filters)
if email: # Allow user collaboration
for usearch in ('email', 'username'):
user = User.where({usearch: email})
if len(user):
break
if not len(user):
response = MessagesResponse(warnings=["Username/email {} not found"
.format(email)],
code=200)
return response()
else:
search = {'filters': filters, usearch: email}
response = OrdersResponse(espa.fetch_user_orders(**search))
response.limit = ('orderid',)
response.code = 200
return response()
