def edit_event(): mongo = PyMongo(app) req_args = [ "key_api", "id", "title", "venue", "datetime", "imageURL", "description" ] data = json.loads(request.data) caller_data = helper.return_owner_key_data(mongo, data["key_api"]) if helper.args_checker(req_args, data) and caller_data["role"] == "admin": mongo.db.events.update_one( {"_id": ObjectId(data["id"])}, { "$set": { "title": data["title"], "description": data["description"], "venue": data["venue"], "imageURL": data["imageURL"], "datetime": pytz.timezone("Asia_Kuala_Lumpur").localize( parser.parse(data["datetime"])), } }, ) return { "status": "success", "message": "Successfully edited the event!" } return { "status": "fail", "message": "Not enough args or not an admin." }, 400
def register(): mongo = PyMongo(app) req_args = ["key_api", "username", "password", "role"] data = json.loads(request.data) if (helper.args_checker(req_args, data) and helper.return_owner_key_data( mongo, data["key_api"])["role"] == "admin"): register_data = {} data["username"] = data["username"].lower().strip() if mongo.db.user.find_one({"username": data["username"]}, {}): # username already exist return { "status": "fail", "message": "Username already exist!" }, 409 register_data["username"] = data["username"] register_data["password"] = sha256_crypt.hash(data["password"]) register_data["role"] = data["role"] register_data["my_attendance"] = [] mongo.db.user.insert_one(register_data) return { "status": "success", "message": "Registered %s as %s" % (register_data["username"], register_data["role"]), } else: return {"status": "fail", "message": "Unauthorized Access"}, 400
def get_events(): mongo = PyMongo(app) # req_args = ['key_api'] key_api = request.args.get("key_api", "") if key_api and helper.return_owner_key_data(mongo, key_api): the_cursor = mongo.db.events.find({}, { "attendees": 0 }).sort('datetime', pymongo.DESCENDING) the_events = list(the_cursor) for event in the_events: event["datetime"] = [ pytz.utc.localize(event["datetime"]).astimezone( pytz.timezone("Asia/Kuala_Lumpur")).strftime("%I:%M %p"), pytz.utc.localize(event["datetime"]).astimezone( pytz.timezone("Asia/Kuala_Lumpur")).strftime("%b %d, %Y"), ] return_data = dumps( { "status": "success", "results": the_events }, json_options=RELAXED_JSON_OPTIONS) # event mesti tak banyak hehe return return_data else: return {"status": "fail"}, 401
def create_event(): mongo = PyMongo(app) req_args = [ "key_api", "event_title", "venue", "datetime", "imageURL", "description" ] data = json.loads(request.data) if helper.args_checker(req_args, data): caller_data = helper.return_owner_key_data(mongo, data["key_api"], verbose=True) if caller_data and caller_data["role"] == "admin": event = mongo.db.events.insert_one({ "owner": caller_data["username"], "title": data["event_title"], "description": data["description"], "venue": data["venue"], "imageURL": data["imageURL"], "datetime": pytz.timezone("Asia/Kuala_Lumpur").localize( parser.parse(data["datetime"])), "attendees": [], }) return {"status": "success", "id": str(event.inserted_id)} else: return {"status": "fail", "message": "unauthorized"}, 401 else: return {"status": "fail", "message": "args not enough"}, 400
def manage_user(): mongo = PyMongo(app) if request.method == "GET": key_api = request.args.get("key_api", "") user_id = request.args.get("user_id", "") if key_api and helper.return_owner_key_data( mongo, key_api)["role"] == "admin": target_user = mongo.db.user.find_one({"_id": ObjectId(user_id)}) if target_user: return dumps({ "status": "success", "target_user": target_user }, json_options=RELAXED_JSON_OPTIONS) else: return { "status": "fail", "message": "Target user does not exist." }, 404 else: return {"status": "fail", "message": "Unauthorized Access"}, 400 elif request.method == "POST": req_args = ["key_api", "new_userdata"] data = loads(request.data) data["new_userdata"] = loads(data["new_userdata"]) if helper.args_checker(req_args, data) and helper.return_owner_key_data( mongo, data["key_api"])["role"] == "admin": result = mongo.db.user.update_one({"_id": data["_id"]}, {"$set": data["new_userdata"]}) if result.modified_count != 0: return { "status": "success", "message": "User data was updated!" } else: return { "status": "fail", "message": "You are updating a user that does not exist or you are not updating anything" }, 404 else: return {"status": "fail", "message": "Unauthorized access!"}, 400
def attend_event(): mongo = PyMongo(app) req_args = ["key_api", "event_id"] data = json.loads(request.data) caller_data = helper.return_owner_key_data(mongo, data["key_api"], verbose=True) if helper.args_checker(req_args, data) and caller_data: # if 'feedback' not in data: # data['feedback'] = '' the_event = mongo.db.events.find_one_or_404( {"_id": ObjectId(data["event_id"])}, { "owner": 0, "venue": 0, "datetime": 0 }) for attendee in the_event["attendees"]: if attendee["username"] == caller_data["username"]: return {"status": "fail", "message": "Already attended."}, 409 now = datetime.now(pytz.utc) if mongo.db.events.find_one_and_update( {"_id": ObjectId(data["event_id"])}, { "$push": { "attendees": { "username": caller_data["username"], "datetime": now # "feedback": data['feedback'] } } }, ): mongo.db.user.update_one( {"_id": caller_data["_id"]}, { "$push": { "my_attendance": { "event_id": the_event["_id"], "event_title": the_event["title"], "attendance_time": now, } } }, ) return { "status": success, "datetime": now.astimezone(pytz.timezone("Asia/Kuala_Lumpur")).strftime( "%I:%M %p %b %d, %Y"), } else: return {"status": "fail", "message": "event not found"}, 404 else: return {"status": "fail", "message": "args not enough"}, 400
def who_am_i(): mongo = PyMongo(app) key_api = request.args.get("key_api", "") if not key_api: return {"message": "Login first!"}, 401 caller_data = helper.return_owner_key_data(mongo, key_api, extra_verbose=True) for the_datetime in caller_data["my_attendance"]: the_datetime["attendance_time"] = (pytz.utc.localize( the_datetime["attendance_time"]).astimezone( pytz.timezone("Asia/Kuala_Lumpur")).strftime( "%I:%M %p %b %d, %Y")) return dumps(caller_data, json_options=RELAXED_JSON_OPTIONS)
def remove_event(): mongo = PyMongo(app) req_args = ["key_api", "event_id"] data = request.args.to_dict() caller_data = helper.return_owner_key_data(mongo, data["key_api"]) if helper.args_checker(req_args, data) and caller_data["role"] == "admin": result = mongo.db.events.remove_one( {"_id": ObjectId(data["event_id"])}) if result.raw_data['n'] == 0: return {"status": "fail", "message": "Event was not found."}, 404 return {"status": "success", "message": "Event deleted."} else: return { "status": "fail", "message": "Missing required arguements." }, 400
def get_users(): mongo = PyMongo(app) key_api = request.args.get("key_api", "") if key_api and helper.return_owner_key_data(mongo, key_api): users = list( mongo.db.user.find({}, { "password": 0, "my_attendance": 0 })) # lmao return dumps( { "status": "success", "users": users } ), 200 # this is expansive my dude, maybe you want to not show all at once? else: return {"status": "fail", "message": "Unauthorized Access"}, 400
def reset_password(): mongo = PyMongo(app) # req_args = ["api_key", "user_id"] key_api = request.args.get("key_api", "") user_id = request.args.get("user_id", "") if key_api and user_id and helper.return_owner_key_data( mongo, key_api)["role"] == 'admin': new_password = "".join( crypto.choices("abcdefghijklmnopqrstuvwxyz0123456789", k=10)) userdata = mongo.db.user.find_one_and_update( {"_id": ObjectId(user_id)}, {"$set": { "password": sha256_crypt.hash(new_password) }}) if userdata: mongo.db.key_api.delete_many({"username": userdata["username"]}) return { "status": "success", "message": "Resetted password for " + userdata["username"], "password": new_password }, 200 else: return {"status": "fail", "message": "Target user not found"}, 404 return {"status": "fail", "message": "Unauthorized Access"}, 400