def del_project_user(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Fetch form data
projectDetails = request.get_json()
user = projectDetails.get('user')
if user is None:
return jsonify({"error": "Projectuser id not specified"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Retrieve projectrole of user
userRole = function.getProjectUserRole(get_jwt_identity(), id)
# Retrieve projectrole of target
targetRole = function.getProjectUserRole(user, id)
# Check if both users are part of the same project
if userRole is None:
return jsonify({"error":
"Must be a project member to delete users"}), 403
elif targetRole is None:
return jsonify(
{"error": "Target user is not a member of specified project"}), 403
# User is trying to delete somebody else
if not (str(get_jwt_identity()) == str(user)):
if userRole not in ['ADMIN', 'OWNER']:
return jsonify({
"error":
"Cannot delete project users without ADMIN or OWNER status"
}), 403
elif targetRole == 'OWNER':
return jsonify({"error":
"Cannot delete the owner of a project"}), 403
elif targetRole == 'ADMIN':
if userRole != 'OWNER':
return jsonify({
"error":
"Cannot delete a project admin without OWNER permission"
}), 403
# User is trying to deleting himself, check that he is not the owner of the project
else:
if userRole == 'OWNER':
return jsonify(
{"error": "Cannot delete yourself from your own project"}), 403
# Delete project user
if database.deleteProjectUser(id, user):
return jsonify({"Info": "Projectuser deleted successfully"}), 200
else:
return jsonify(
{"erorr": "Something went wrong deleting the projectuser"}), 500
def add_post(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Fetch form data
projectDetails = request.get_json()
title = projectDetails.get('title')
content = projectDetails.get('content')
owner = get_jwt_identity()
# Check if all data is supplied
if title is None:
return jsonify({"error": "Post title not specified"}), 400
if content is None:
return jsonify({"error": "Post content not specified"}), 400
if owner is None:
return jsonify({"error": "Project owner not specified"}), 400
if not function.isInt(owner):
return jsonify({"error": "ownerID should be string"})
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check if you have permission to post on this project
userRole = function.getProjectUserRole(get_jwt_identity(), id)
if not function.isProjectMember(userRole):
return jsonify({"error": "Must be a project member to add post"}), 403
# Add post to the database
post = database.addProjectPost(title, content, owner, id)
return jsonify(post), 201
def get_project_post(id):
limit = request.args.get('limit')
offset = request.args.get('offset')
if limit is not None and not function.isInt(limit):
return jsonify({"error": "limit is not an integer"}), 400
if offset is not None and not function.isInt(offset):
return jsonify({"error": "offset is not an integer"}), 400
dataCount = database.getProjectPostsCount(id)
data = database.getProjectPosts(id, limit, offset)
if data is None:
return jsonify({"error": "No results found"}), 404
else:
project = database.getProjectByID(id)
if (project['projectVisibility'] == 'PRIVATE'):
userRole = function.getProjectUserRole(get_jwt_identity(), id)
if not function.isProjectMember(userRole):
return jsonify(
{"error":
"Must be project member to view project posts"}), 403
for projectpost in data:
user = database.getUserInfo(str(projectpost['postUser']))
projectpost['user'] = user
dataCount['data'] = data
return jsonify(dataCount), 200
def delete_comment(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Check if comment actually exists
comment = database.getCommentByID(id)
if comment is None:
return jsonify({"error": "Specified comment does not exist"})
# Check if the user trying to delete the post is the post owner
post = database.getPostByID(str(comment['commentPost']))
userRole = function.getProjectUserRole(get_jwt_identity(),
post['postProject'])
if not function.isProjectAdmin(userRole):
if comment['commentUser'] != get_jwt_identity():
return jsonify(
{"error":
"Must be admin to delete comment of other user"}), 400
# Delete comment
commentDeleted = database.deleteComment(id)
if commentDeleted is True:
return jsonify({"Info": "Comment deleted successfully"}), 200
else:
return jsonify({"error":
"Something went wrong deleting the comment"}), 500
def put_project_user(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Fetch form data
projectDetails = request.get_json()
user = projectDetails.get('user')
role = projectDetails.get('role')
# Check if all data is supplied
if user is None:
return jsonify({"error": "Projectuser id not specified"}), 400
if role is None:
return jsonify({"error": "Projectuser role not specified"}), 400
if role not in allowed_projectUser_states:
return jsonify({"error": "Projectuser role not a legal value"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check that you are not trying to change project owner
if role == 'OWNER':
return jsonify({"error":
"Cannot set or tranfer project ownership"}), 403
# Retrieve projectrole of user
userRole = function.getProjectUserRole(get_jwt_identity(), id)
# If user issuing the request is not changing his own data, check if user is admin
if not (str(get_jwt_identity()) == user):
if not function.isProjectAdmin(userRole):
return jsonify(
{"error": "Must be a project admin to update user roles"}), 403
# If user issuing the request is changing own data, he can only change himself from invited to user
elif userRole == 'INVITED':
if role != 'USER':
return jsonify({
"error":
"May only change your own role from pending to user"
}), 403
else:
return jsonify(
{"error":
"May only change your own role from pending to user"}), 403
data = database.updateProjectUser(id, user, role)
if data is not None:
return jsonify(data), 200
else:
return jsonify({"error": "No results found"}), 404
def get_project_id(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
data = database.getProjectByID(id)
if data is None:
return jsonify({"error": "No results found"}), 404
else:
if (data['projectVisibility'] == 'PRIVATE'):
userRole = function.getProjectUserRole(get_jwt_identity(), id)
if not function.isProjectMember(userRole):
return jsonify(
{"error": "Must be project member to view project"}), 403
user = database.getUserInfo(str(data['projectOwner']))
data['owner'] = user
return jsonify(data), 200
def del_project(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check if you are the owner of the project you are trying to delete
userRole = function.getProjectUserRole(get_jwt_identity(), id)
if not function.isProjectOwner(userRole):
return jsonify({"error":
"Must be project owner to delete a project"}), 403
# Delete project
if database.deleteProject(id):
return jsonify({"Info": "Project deleted successfully"}), 200
else:
return jsonify({"erorr":
"Something went wrong deleting the project"}), 500
def add_comment(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Fetch form data
postDetails = request.get_json()
content = postDetails.get('content')
parent = postDetails.get('parent')
# Swap userID for JWT id
userID = get_jwt_identity()
if content is None:
return jsonify({"error": "Comment content not specified"}), 400
if userID is None:
return jsonify({"error": "Comment user id not specified"}), 400
# Check if post actually exists
post = database.getPostByID(id)
if post is None:
return jsonify({"error": "Specified post does not exist"}), 400
# Check if you have permission to comment on this post
userRole = function.getProjectUserRole(get_jwt_identity(), post['postProject'])
if not function.isProjectMember(userRole):
return jsonify({"error": "Must be a project member to comment on this post"}), 403
# Check if parent actually exists
if parent is not None:
comment = database.getCommentByID(str(parent))
if comment is None:
return jsonify({"error": "Parent comment does not exist"}), 400
# Add comment
comment = database.addPostComment(content, parent, userID, id)
user = database.getUserByID(str(comment['commentUser']))
comment['user'] = user
return jsonify(comment), 201
def put_project(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Fetch form data
projectDetails = request.get_json()
title = projectDetails.get('title')
content = projectDetails.get('content')
visibility = projectDetails.get('visibility')
# Check if all data is supplied
if title is None:
return jsonify({"error": "Project title not specified"}), 400
if content is None:
return jsonify({"error": "Project content not specified"}), 400
if visibility is None:
return jsonify({"error": "Project visibility not specified"}), 400
if visibility not in allowed_project_visibilities:
return jsonify({"error": "Project visibility not a legal value"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check if you have permission to update the project
userRole = function.getProjectUserRole(get_jwt_identity(), id)
if not function.isProjectAdmin(userRole):
return jsonify(
{"error": "Must be a project admin to update the project"}), 403
data = database.updateProject(id, title, content, visibility)
if data is not None:
return jsonify(data), 200
else:
return jsonify({"error": "No results found"}), 404
def add_project_user(id):
# Fetch form data
projectDetails = request.get_json()
user = projectDetails.get('user')
role = projectDetails.get('role')
# Check if all data is supplied
if user is None:
return jsonify({"error": "Project user not specified"}), 400
if role is None:
return jsonify({"error": "Project user role not specified"}), 400
if role not in allowed_projectUser_states:
return jsonify({"error": "Project user role not a legal value"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check if you have permission to add a user to this project
projectVisibility = project['projectVisibility']
userRole = function.getProjectUserRole(get_jwt_identity(), id)
validTarget = function.getProjectUserRole(role, id)
print(type(user))
print(type(str(get_jwt_identity())))
print(user)
print(get_jwt_identity())
if validTarget is None:
if projectVisibility == 'PUBLIC':
if role not in ['INVITED', 'USER']:
return jsonify(
{"error": "May only invite or add user on public project"})
elif projectVisibility == 'RESTRICTED':
if role == 'INVITED':
if not function.isProjectAdmin(userRole):
return jsonify({
"error":
"Only admins can invite users on restricted projects"
})
elif role == 'PENDING':
if user != str(get_jwt_identity()):
return jsonify({
"error":
"Only a user can request membership for himself"
})
else:
return jsonify({
"error":
"May only invite or request user on restricted project"
})
elif projectVisibility == 'PRIVATE':
if role == 'INVITED':
if not function.isProjectAdmin(userRole):
return jsonify({
"error":
"Only admins can invite users on private projects"
})
else:
return jsonify({
"error":
"You may only invite users for private projects"
})
else:
return jsonify({"error": "User already has a project role"})
projectUser = database.addProjectUser(user, id, role)
return jsonify(projectUser), 201
