def index(): validate_sort(request.args, ['first_name', 'last_name', 'id', 'email', 'registered_on']) ## We return an object rather than a list because of this obscure security issue: http://flask.pocoo.org/docs/0.10/security/#json-security return jsonify({"users": [x.to_dict() for x in User.pull(request.args)]}), HTTP_200_OK
def get_goals_by_user(id): """Show all public goals for a given user""" user = User.pull_by_id(id) if (not user): raise NotFoundError() validate_sort(request.args, ["id", "created", "name", "frequency"]) goals = Goal.pull_by_user(id, request.args, True) return jsonify({"goals": [x.to_dict() for x in goals]}), HTTP_200_OK
def get_my_goals(): """Return all goals (public and private) for the current user""" validate_sort(request.args, ["id", "created", "name", "frequency"]) goals = Goal.pull_by_user(current_user.get_id(), request.args, False) return jsonify({"goals": [x.to_dict() for x in goals]}), HTTP_200_OK