def post(self):
errors = []
output = ""
user = users.get_current_user()
authz = Authz(user)
self.response.headers["Content-type"] = "application/json"
# check for authorization to create new trips & verify this is in fact
# a request to create a new trip
try:
# user allowed to create trips?
authz.createTrip()
except PermissionError as e:
# this permission error could have come from authz or locally
errors.append({"message": e.args})
# bail if we hit authz errors
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
return
# user is allowed, so go ahead and try to create this thing
#logging.debug(self.request.body)
data = TripUnpacker().unpack_post(self.request)
#logging.debug(data)
if data['name'] == "" or data['password'] == "":
errors.append({"message": "Trip name and password are required."})
else:
try:
trip = Trip(name=data['name'],
password=data['password'],
owner=user)
# get traveler names
raw_travelers = data['travelers']
if len(raw_travelers) > Config.limits.travelers_per_trip:
logging.warning('Attempt to add too many travelers: %s',
user.nickname)
raw_travelers = raw_travelers[:Config.limits.
travelers_per_trip]
travelers = []
for traveler in raw_travelers:
if traveler.strip() != "":
travelers.append(traveler.strip())
trip.travelers = travelers
# get dates
# TODO: validation that these dates are sane and properly ordered
start_date = dateparse(data['start_date'])
end_date = dateparse(data['end_date'])
trip.start_date = start_date.date()
#logging.debug("start date = " + str(start_date.date()))
trip.end_date = end_date.date()
#logging.debug("end date = " + str(end_date.date()))
trip.put()
output = GqlEncoder().encode({
"id": "%s" % trip.key(),
'modify_date': trip.modify_date,
'start_date': trip.start_date,
'end_date': trip.end_date,
})
except Exception as e:
logging.exception(e)
errors.append({"message": "Unexpected error creating trip"})
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
def post(self, trip_key):
errors = []
output = ""
user = users.get_current_user()
authz = Authz(user)
self.response.headers["Content-type"] = "application/json"
# check for authorization to create expenses for this trip & verify this
# is in fact a request to create a new expense
try:
# get the trip
trip = Trip.get(trip_key)
# verify the user is authorized to create an expense on this trip
authz.createExpense(trip)
except PermissionError as e:
# this permission error could have come from authz or locally
errors.append({"message": e.args})
except db.BadKeyError:
errors.append({"message": "Invalid trip key"})
except Exception as e:
logging.exception(e)
errors.append({"message": "Unexpected error loading trip"})
# bail if we hit authz errors
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
return
# having passed authz, let's try creating the expense
data = ExpenseUnpacker().unpack_post(self.request)
if data['description'] == "" or data['value'] == "" or data[
'payer'] == "":
errors.append(
{"message": "Description, value, and payer are required."})
elif len(data['travelers']) == 0:
errors.append({
"message":
"At least one person must be specified as a traveler."
})
else:
try:
expense = Expense(
parent=trip.key(),
creator=user,
description=data['description'],
value=int(data['value']),
currency="USD",
)
# get the expense date
expense_date = dateparse(data['expense_date'])
expense.expense_date = expense_date.date()
# TODO: make sure these travelers are actually on the trip
expense.travelers = data['travelers']
# TODO: ensure the payer is actually a traveler
expense.payer = data['payer']
expense.put()
output = GqlEncoder().encode({
"id": "%s" % expense.key(),
'modify_date': expense.modify_date,
'expense_date': expense.expense_date,
'value': expense.value,
})
except Exception as e:
logging.exception(e)
errors.append({"message": "Unexpected error creating expense"})
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
def _scrub(self, property, val):
# TODO: scrub data according to the property name
if property in ["start_date", "end_date"]:
return dateparse(val).date()
return val
def post(self):
errors = []
output = ""
user = users.get_current_user()
authz = Authz(user)
self.response.headers["Content-type"] = "application/json"
# check for authorization to create new trips & verify this is in fact
# a request to create a new trip
try:
# user allowed to create trips?
authz.createTrip()
except PermissionError as e:
# this permission error could have come from authz or locally
errors.append({"message": e.args})
# bail if we hit authz errors
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
return
# user is allowed, so go ahead and try to create this thing
# logging.debug(self.request.body)
data = TripUnpacker().unpack_post(self.request)
# logging.debug(data)
if data["name"] == "" or data["password"] == "":
errors.append({"message": "Trip name and password are required."})
else:
try:
trip = Trip(name=data["name"], password=data["password"], owner=user)
# get traveler names
raw_travelers = data["travelers"]
if len(raw_travelers) > Config.limits.travelers_per_trip:
logging.warning("Attempt to add too many travelers: %s", user.nickname)
raw_travelers = raw_travelers[: Config.limits.travelers_per_trip]
travelers = []
for traveler in raw_travelers:
if traveler.strip() != "":
travelers.append(traveler.strip())
trip.travelers = travelers
# get dates
# TODO: validation that these dates are sane and properly ordered
start_date = dateparse(data["start_date"])
end_date = dateparse(data["end_date"])
trip.start_date = start_date.date()
# logging.debug("start date = " + str(start_date.date()))
trip.end_date = end_date.date()
# logging.debug("end date = " + str(end_date.date()))
trip.put()
output = GqlEncoder().encode(
{
"id": "%s" % trip.key(),
"modify_date": trip.modify_date,
"start_date": trip.start_date,
"end_date": trip.end_date,
}
)
except Exception as e:
logging.exception(e)
errors.append({"message": "Unexpected error creating trip"})
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
def post(self, trip_key):
errors = []
output = ""
user = users.get_current_user()
authz = Authz(user)
self.response.headers["Content-type"] = "application/json"
# check for authorization to create expenses for this trip & verify this
# is in fact a request to create a new expense
try:
# get the trip
trip = Trip.get(trip_key)
# verify the user is authorized to create an expense on this trip
authz.createExpense(trip)
except PermissionError as e:
# this permission error could have come from authz or locally
errors.append({"message": e.args})
except db.BadKeyError:
errors.append({"message": "Invalid trip key"})
except Exception as e:
logging.exception(e)
errors.append({"message": "Unexpected error loading trip"})
# bail if we hit authz errors
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
return
# having passed authz, let's try creating the expense
data = ExpenseUnpacker().unpack_post(self.request)
if data["description"] == "" or data["value"] == "" or data["payer"] == "":
errors.append({"message": "Description, value, and payer are required."})
elif len(data["travelers"]) == 0:
errors.append({"message": "At least one person must be specified as a traveler."})
else:
try:
expense = Expense(
parent=trip.key(),
creator=user,
description=data["description"],
value=int(data["value"]),
currency="USD",
)
# get the expense date
expense_date = dateparse(data["expense_date"])
expense.expense_date = expense_date.date()
# TODO: make sure these travelers are actually on the trip
expense.travelers = data["travelers"]
# TODO: ensure the payer is actually a traveler
expense.payer = data["payer"]
expense.put()
output = GqlEncoder().encode(
{
"id": "%s" % expense.key(),
"modify_date": expense.modify_date,
"expense_date": expense.expense_date,
"value": expense.value,
}
)
except Exception as e:
logging.exception(e)
errors.append({"message": "Unexpected error creating expense"})
if len(errors) > 0:
self.response.set_status(400)
output = json.dumps({"error": errors})
self.response.out.write(output)
def _scrub(self, property, val):
# TODO: scrub data according to the property name
if property in ["start_date", "end_date"]:
return dateparse(val).date()
return val
