def post(self, json):
# User set by AuthenticatedApiEndpoint
group_id = json["group_id"]
group = Group.query.get(group_id)
if self.user in group.owners:
name = json["name"]
description = json["description"]
start_time = time.parse_time(json["start_time"]).replace(tzinfo=None)
end_time = time.parse_time(json["end_time"]).replace(tzinfo=None)
if json["event_id"] == 0:
print "ADD EVENT"
event = Event(group, name, description, start_time, end_time)
db.session.add(event)
db.session.commit()
else:
event = Event.query.get(int(json["event_id"]))
event.name = name
event.description = description
event.start_time = start_time
event.end_time = end_time
event.group_id = group_id
event.group = group
db.session.commit()
return api.json_ok({
"event_id": event.id,
})
else:
return api.json_error(
"REQUEST_DENIED",
"User not member of group"
)
def get(self, group_id=None):
group = Group.query.get(group_id)
if group and self.user in group.owners:
return api.json_ok({
"card_uids": group.get_member_card_uids(),
})
return api.json_error(
"RESOURCE_ERROR",
"Group does not exist"
)
def get(self, group_id=None):
group = Group.query.get(group_id)
if group and self.user in group.owners:
return api.json_ok({
"group": group.to_json(),
})
return api.json_error(
"RESOURCE_ERROR",
"Group does not exist"
)
def post(self, json):
if self.user.is_admin:
group = Group(json['name'], self.user, description=json['description'])
try:
db.session.add(group)
db.session.commit()
except db.IntegrityError:
return api.json_error(
"REQUEST_DENIED",
"A group with that name already exists"
)
return api.json_ok({
"group": group.to_json()
})
return api.json_error(
"UNAUTHORISED",
"You are not admin"
)
def get(self, event_id=None):
event = Event.query.get(event_id)
if event is not None:
group = Group.query.get(event.group_id)
if group and self.user in group.owners:
return api.json_ok({
"event": event.to_json()
})
return api.json_error(
"RESOURCE_ERROR",
"The requested event could not be found"
)
def delete(self, event_id=None):
event = Event.query.get(event_id)
if event:
group = Group.query.get(event.group_id)
if self.user in group.owners:
db.session.delete(event)
db.session.commit()
return api.json_ok()
return api.json_error(
"RESOURCE_ERROR",
"The requested event could not be found"
)
def test_json_error(self):
response = api.json_error('UNAUTHORISED', 'Invalid auth token')
self.assertEquals(response['status'], 'UNAUTHORISED')
self.assertEquals(response['error_detail'], 'Invalid auth token')
