def business_reviews(bid):
"""
Provides logic to write reviews and retrieve a businesses reviews
"""
business_found = Business.get_business_by_id(business_list, bid)
if not business_found:
return not_found('That business was not found in our server please \
check again later')
business = Business(business_found['Name'], business_found['Description'],
business_found['Category'], business_found['Location'],
business_found['Address'], business_found['Owner'])
if request.method == 'POST':
name = str(request.data.get('Email', ''))
comment = str(request.data.get('Comment', ''))
if name and comment:
status = business.write_review(business_list, comment, name)
response = jsonify({
"message":status['message']
})
response.status_code = 200
return response
else:
return bad_request("Invalid data provided")
else:
# get reviews
reviews = business_found['Reviews']
if reviews:
response = jsonify({
"Reviews":business_found['Reviews']
})
response.status_code = 200
return response
else:
return not_found('No reviews for this business')
def confirmation_check():
if g.current_user.is_anonymous:
return bad_request('anonymous account')
response = jsonify({'message': 'success'})
response.status_code = 200
return response
def register_user():
"""Register new user"""
username = str(request.data.get('Username', ''))
email = str(request.data.get('Email', ''))
password = str(request.data.get('Password', ''))
confirm_password = str(request.data.get('Confirm Password', ''))
if username and email and password and confirm_password:
user = User(username, email, password, confirm_password)
user_created = user.register_user(users_list)
if user_created == True:
response = jsonify({
"Message":"{} has successfuly created an account"\
.format(user.name)
})
response.status_code = 201
return response
else:
return bad_request(user_created)
else:
return bad_request("Some data fields are missing")
def new_ticket():
# TODO: in postman use raw request with
# header Content-Type application/json
# message "{\"message\": \"sdadasdasd\", \"subject\": \"asdadad\", \"email\": \"\"}"
try:
ticket = Ticket.from_json(request.get_json())
except ValidationError as e:
return bad_request(str(e))
else:
g.db.add_ticket(ticket)
return jsonify(ticket.get_attrs()), 201, {'Location': url_for('api.get_ticket', id=ticket.id, _external=True)}
def create_business(current_user):
"""
Creates a business
"""
name = str(request.data.get('Name', ''))
description = str(request.data.get('Description', ''))
category = str(request.data.get('Category', ''))
location = str(request.data.get('Location', ''))
address = str(request.data.get('Address', ''))
if name and description and category and location and address:
business = Business(name, description, category, location, address, \
current_user['Username'])
status = business.create_business(business_list)
if status:
response = jsonify(status)
response.status_code = 201
return response
else:
bad_request(status)
else:
return bad_request('Required fields are missing')
def reset_password():
data = request.json['data']
try:
token_data = rsa_cipher.decrypt(data)
except cryptography.exceptions.InvalidKey:
return unauthorized('invalid public key')
password = token_data
user = User.query.filter_by(id=g.current_user.id).first()
is_success = user.reset_password(password)
if is_success:
response = jsonify({'message': 'success'})
response.status_code = 200
return response
else:
return bad_request('db is not corresponding')
def reset_password(current_user):
"""Resets user password"""
if not current_user:
return unauthorized('You are not allowed to perform this action')
username = str(request.data.get('Username', ''))
old_password = str(request.data.get('Previous Password', ''))
new_password = str(request.data.get('New Password', ''))
if username and old_password and new_password:
update_user = User.reset_password(users_list, username, old_password, \
new_password)
if update_user:
response = jsonify({
"Message":"Successfuly changed password"
})
response.status_code = 200
return response
else:
return forbidden(update_user)
else:
return bad_request("Provide all fields")
def login():
"""Log a user into their account"""
username = str(request.data.get('Username', ''))
password = str(request.data.get('Password', ''))
if username and password:
if User.login(users_list, username, password):
# generate token to manage user's session
token = jwt.encode({
'id':username,
'exp': datetime.utcnow() + timedelta(minutes=30)},
current_app.config.get('SECRET_KEY')
)
if token:
response = jsonify({
'token': token.decode('UTF-8'),
"Message":"{} has successfuly logged in"\
.format(username)
})
response.status_code = 200
return response
else:
return forbidden("Invalid username/password combination")
else:
return bad_request("Please provide all the fields")