def post(self):
title = request.form.get('title', None)
latitude = request.form.get('latitude', None)
longitude = request.form.get('longitude', None)
friends = request.form.getlist('friends[]')
content = request.form.get('content', None)
school_id = request.form.get('school_id', None)
# Create capsule data
capsule = CapsuleModel(
user_id=token_load_with_auth(request.headers['Authorization'])['user_id'],
latitude=latitude,
longitude=longitude,
title=title,
content=content,
school_id=school_id,
)
# Add Capsule data
db.session.add(capsule)
db.session.commit()
_capsule = CapsuleModel.query.order_by(CapsuleModel.id.desc()).first()
_capsule_id = _capsule.id
for friend in friends:
print(friend)
user_capsule = UserCapsuleModel(
capsule_id=_capsule_id,
user_id=get_user_with_email(friend).id
)
db.session.add(user_capsule)
db.session.commit()
user_info = get_user_with_id(token_load_with_auth(request.headers['Authorization'])['user_id'], )
# Save to UserActivities table
print('_capsule.title: ', _capsule.title[2:])
user_activities = UserActivitiesModel(
user_id=user_info.id,
content='%(user_name)s이 새로운 타임캡슐인 %(capsule_name)s을 만들었습니다!'% {
'user_name': user_info.name,
'capsule_name': _capsule.title[2:]
}
)
db.session.add(user_activities)
db.session.commit()
return serialize_capsule(_capsule), status.HTTP_201_CREATED
def delete(self, prefix):
try:
if prefix == 'me':
user_id = token_load_with_auth(
request.headers['Authorization'])['user_id']
else:
user_id = int(prefix)
user_query = UserModel.query \
.filter(UserModel.id == user_id)
if token_is_auth(request.headers['Authorization'], user_id):
if user_query.count():
token_delete_all(user_id)
user = user_query.first()
db.session.delete(user)
db.session.commit()
return None, status.HTTP_200_OK
else:
return "The user does not exist.", status.HTTP_404_NOT_FOUND
else:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
except ValueError:
return "Prefix can only be me or a number.", status.HTTP_400_BAD_REQUEST
def get(self, prefix):
page = request.args.get('page', 0, type=int)
limit = request.args.get('limit', 10, type=int)
order = request.args.get('order', 'desc')
try:
if prefix == 'me':
user_id = token_load_with_auth(request.headers['Authorization'])['user_id']
else:
user_id = int(prefix)
if token_is_auth(request.headers['Authorization'], user_id):
_return = {
'paging': {
'previous': '%s%s?page=%d&limit=%d&order=%s' % (
DEFAULT_URL, request.path, page if page < 1 else page - 1, limit, order
),
'next': '%s%s?page=%d&limit=%d&order=%s' % (
DEFAULT_URL, request.path, page + 1, limit, order
)
},
'data': []
}
histories = get_login_histories(user_id, order, page, limit)
for history in histories:
_return['data'].append(serialize_login_history(history))
return _return, status.HTTP_200_OK
else:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
except ValueError:
return "Prefix can only be me or a number.", status.HTTP_400_BAD_REQUEST
def post(self):
title = request.form.get('title', None)
content = request.form.get('content', None)
latitude = request.form.get('latitude', None)
longitude = request.form.get('longitude', None)
print('longitude :', longitude)
user_id = token_load_with_auth(request.headers['Authorization'])['user_id']
form = timelineValidate.PostForm(request.form)
if form.validate():
post = TimelineModel(
user_id=user_id,
title=title,
content=content,
latitude=latitude,
longitude=longitude
)
db.session.add(post)
db.session.commit()
return None, status.HTTP_201_CREATED
for field, errors in form.errors.items():
for error in errors:
_return = {
'message': error,
'field': getattr(form, field).label.text
}
print(_return)
return _return, status.HTTP_400_BAD_REQUEST
def delete(self, prefix):
try:
if prefix == 'me':
user_id = token_load_with_auth(request.headers['Authorization'])['user_id']
else:
user_id = int(prefix)
user_query = UserModel.query \
.filter(UserModel.id == user_id)
if token_is_auth(request.headers['Authorization'], user_id):
if user_query.count():
token_delete_all(user_id)
user = user_query.first()
db.session.delete(user)
db.session.commit()
return None, status.HTTP_200_OK
else:
return "The user does not exist.", status.HTTP_404_NOT_FOUND
else:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
except ValueError:
return "Prefix can only be me or a number.", status.HTTP_400_BAD_REQUEST
def get(self, prefix):
try:
if prefix == 'me':
user_id = token_load_with_auth(request.headers['Authorization'])['user_id']
else:
user_id = int(prefix)
if token_is_auth(request.headers['Authorization'], user_id):
user = get_user(user_id)
return serialize_user(user), status.HTTP_200_OK
else:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
except ValueError:
return "Prefix can only be me or a number.", status.HTTP_400_BAD_REQUEST
def get(self, prefix):
try:
if prefix == 'me':
user_id = token_load_with_auth(request.headers['Authorization'])['user_id']
else:
user_id = int(prefix)
if token_is_auth(request.headers['Authorization'], user_id):
user = get_user(user_id)
return serialize_user(user), status.HTTP_200_OK
else:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
except ValueError:
return "Prefix can only be me or a number.", status.HTTP_400_BAD_REQUEST
def post(self, prefix):
try:
school_id = int(prefix)
user_id = token_load_with_auth(request.headers['Authorization'])['user_id']
school = get_school(school_id)
if school is not None:
admission_year = request.form.get('admission_year', None)
graduation_year = request.form.get('graduation_year', None)
form = schoolValidate.AddSchoolForm(request.form)
if form.validate():
user_schools = get_user_school(user_id)
for user_school in user_schools:
if user_school.school_id == school_id:
return "The school you have already entered.", status.HTTP_400_BAD_REQUEST
user_school = UserSchoolModel(
user_id=user_id,
school_id=school_id,
admission_year=admission_year,
graduation_year=graduation_year
)
db.session.add(user_school)
db.session.commit()
return None, status.HTTP_200_OK
for field, errors in form.errors.items():
for error in errors:
_return = {
'message': error,
'field': getattr(form, field).label.text
}
return _return, status.HTTP_400_BAD_REQUEST
return "It does not exist.", status.HTTP_404_NOT_FOUND
except ValueError:
return "Prefix can only be number.", status.HTTP_400_BAD_REQUEST
def put(self, prefix):
try:
if prefix == 'me':
user_id = token_load_with_auth(
request.headers['Authorization'])['user_id']
else:
user_id = int(prefix)
user_query = UserModel.query \
.filter(UserModel.id == user_id)
if token_is_auth(request.headers['Authorization'], user_id):
user_permission = token_load_with_auth(
request.headers['Authorization'])['permission']
if user_permission != 'ADMIN' and request.form.get(
'permission') is not None:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
form = userValidate.modificationForm(request.form)
if form.validate():
if user_query.count():
user = user_query.first()
try:
for key, value in request.form.items():
if value is not None and value != '':
if key == 'password':
value = generate_password_hash(value)
token_expire_all(user.id)
setattr(user, key, value)
user.updated_at = datetime.datetime.now()
db.session.commit()
except IntegrityError as e:
field, value = get_exists_error(e)
_return = {
'message':
"'" + value + "' is already exists.",
'field': {
'label': getattr(form, field).label.text,
'name': field
}
}
return _return, status.HTTP_400_BAD_REQUEST
return None, status.HTTP_200_OK
else:
return "The user does not exist.", status.HTTP_404_NOT_FOUND
for field, errors in form.errors.items():
for error in errors:
_return = {
'message': error,
'field': getattr(form, field).label.text
}
return _return, status.HTTP_400_BAD_REQUEST
else:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
except ValueError:
return "Prefix can only be me or a number.", status.HTTP_400_BAD_REQUEST
def put(self, prefix):
try:
if prefix == 'me':
user_id = token_load_with_auth(request.headers['Authorization'])['user_id']
else:
user_id = int(prefix)
user_query = UserModel.query \
.filter(UserModel.id == user_id)
if token_is_auth(request.headers['Authorization'], user_id):
user_permission = token_load_with_auth(request.headers['Authorization'])['permission']
if user_permission != 'ADMIN' and request.form.get('permission') is not None:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
form = userValidate.modificationForm(request.form)
if form.validate():
if user_query.count():
user = user_query.first()
try:
for key, value in request.form.items():
if value is not None and value != '':
if key == 'password':
value = generate_password_hash(value)
token_expire_all(user.id)
setattr(user, key, value)
user.updated_at = datetime.datetime.now()
db.session.commit()
except IntegrityError as e:
field, value = get_exists_error(e)
_return = {
'message': "'" + value + "' is already exists.",
'field': {
'label': getattr(form, field).label.text,
'name': field
}
}
return _return, status.HTTP_400_BAD_REQUEST
return None, status.HTTP_200_OK
else:
return "The user does not exist.", status.HTTP_404_NOT_FOUND
for field, errors in form.errors.items():
for error in errors:
_return = {
'message': error,
'field': getattr(form, field).label.text
}
return _return, status.HTTP_400_BAD_REQUEST
else:
return "You don't have permission.", status.HTTP_401_UNAUTHORIZED
except ValueError:
return "Prefix can only be me or a number.", status.HTTP_400_BAD_REQUEST
