def post(version, ordernum=None): user = flask.g.user message = None order = request.get_json(force=True, silent=True) if order is None: return BadRequestResponse() if order: order = lowercase_all(order) try: order = espa.place_order(order, user) except ValidationException as e: message = MessagesResponse(errors=[e.response], code=400) except InventoryException as e: message = MessagesResponse(errors=[e.response], code=400) except InventoryConnectionException as e: message = MessagesResponse(warnings=['Could not connect to data source'], code=400) except OpenSceneLimitException as e: message = MessagesResponse(errors=[e.response], code=400) else: message = OrderResponse(**order.as_dict()) message.limit = ('orderid', 'status') message.code = 201 return message() else: message = MessagesResponse(errors=['Must supply order JSON'], code=400) return message()
def put(version, ordernum=None): user = flask.g.user remote_addr = user_ip_address() body = request.get_json(force=True) if body is None or (isinstance(body, dict) and body.get('orderid') is None): message = MessagesResponse(errors=['No orderid supplied'], code=400) return message() elif isinstance(body, dict) and body.get('status') != 'cancelled': message = MessagesResponse(errors=['Invalid status supplied'], code=400) return message() else: orderid, status = body.get('orderid'), body.get('status') orders = espa.fetch_order(orderid) if orders[0].user_id != user.id and not user.is_staff(): msg = ('User {} is not allowed to cancel order {}' .format(user.username, orderid)) logger.critical(msg + '\nOrigin: {}'.format(remote_addr)) message = MessagesResponse(errors=[msg], code=403) return message() if orders[0].status != 'ordered': msg = ('Order {} is already in a "{}" state' .format(orderid, orders[0].status)) message = MessagesResponse(errors=[msg], code=400) return message() order = espa.cancel_order(orders[0].id, remote_addr) message = OrderResponse(**order.as_dict()) message.limit = ('orderid', 'status') message.code = 202 return message()
def get(version, email=None): filters = request.get_json(force=True, silent=True) search = dict(username=auth.username(), filters=filters) if email: # Allow user collaboration for usearch in ('email', 'username'): user = User.where({usearch: email}) if len(user): break if not len(user): response = MessagesResponse(warnings=["Username/email {} not found" .format(email)], code=200) return response() else: search = {'filters': filters, usearch: email} response = OrdersResponse(espa.fetch_user_orders(**search)) response.limit = ('orderid',) response.code = 200 return response()