def update_user(current_user, id, user_id):
group = group_repository.get_or_404(current_user, id)
user = user_repository.get_or_404(user_id)
before_group_user_role = group.get_user_role(user)
if current_user == user and before_group_user_role == GroupUserRole.OWNER:
raise BusinessException("Você é o dono e não pode ser alterado.")
json_data = request.get_json()
utils.validate_params(json_data, ["role"])
data = utils.parse_params(json_data, ["role"])
group_user_role = GroupUserRole(data["role"])
if group_user_role in [GroupUserRole.USER, GroupUserRole.ADMIN]:
utils.check_permission(current_user, group, [GroupUserRole.OWNER])
if group_user_role == GroupUserRole.OWNER:
raise BusinessException("O grupo só pode ter um dono.")
data["group_id"] = group.id
data["user_id"] = user.id
group_user_repository.update(group, user, data)
return jsonify(group.json())
def add_user(current_user, id, user_id):
group = group_repository.get_or_404(current_user, id)
user = user_repository.get_or_404(user_id)
group_users = [
user_repository.get(group_user.user_id) for group_user in group.users
]
if user in group_users:
raise BusinessException("O usuário já encontra-se no grupo.")
json_data = request.get_json()
utils.validate_params(json_data, ["role"])
data = utils.parse_params(json_data, ["role"])
group_user_role = GroupUserRole(data["role"])
if group_user_role == GroupUserRole.USER:
utils.check_permission(current_user, group,
[GroupUserRole.OWNER, GroupUserRole.ADMIN])
if group_user_role == GroupUserRole.ADMIN:
utils.check_permission(current_user, group, [GroupUserRole.OWNER])
if group_user_role == GroupUserRole.OWNER:
raise BusinessException("O grupo só pode ter um dono.")
data["group_id"] = group.id
data["user_id"] = user.id
group_user_repository.save(data)
return jsonify(group.json())
def update(current_user, id, group_id):
group = group_repository.get_or_404(current_user, group_id)
utils.check_permission(current_user, group,
[GroupUserRole.OWNER, GroupUserRole.ADMIN])
expense = expense_repository.get_or_404(group, id)
json_data = request.get_json()
data = utils.parse_params(
json_data, ["name", "category_id", "value", "description", "items"])
data_items = []
if "items" in data:
utils.validate_params(data, ["user_id", "value"], "items")
data_items = data.pop("items")
if data["value"] != sum(data_item["value"]
for data_item in data_items):
raise BusinessException(
"A soma dos valores dos não equivale ao total da despesa.")
expense = expense_repository.update(group, id, data)
update_items(expense, data_items, group)
return jsonify(expense.json())
def delete(current_user, id):
group = group_repository.get_or_404(current_user, id)
utils.check_permission(current_user, group, [GroupUserRole.OWNER])
for group_user in group.users:
group_user_repository.delete(group, group_user.user)
group_repository.delete(id)
return jsonify({"success": True})
def delete(current_user, id, group_id):
group = group_repository.get_or_404(current_user, group_id)
utils.check_permission(current_user, group,
[GroupUserRole.OWNER, GroupUserRole.ADMIN])
expense = expense_repository.get_or_404(group, id)
delete_items(expense)
expense_repository.delete(group, id)
return jsonify({"success": True})
def update(current_user, id):
group = group_repository.get_or_404(current_user, id)
utils.check_permission(current_user, group,
[GroupUserRole.OWNER, GroupUserRole.ADMIN])
json_data = request.get_json()
utils.validate_params(json_data, ["name"])
data = utils.parse_params(json_data, ["name"])
group = group_repository.update(current_user, id, data)
return jsonify(group.json())
def remove_user(current_user, id, user_id):
group = group_repository.get_or_404(current_user, id)
user = user_repository.get_or_404(user_id)
group_user_role = group.get_user_role(user)
if current_user == user and group_user_role == GroupUserRole.OWNER:
raise BusinessException("Você é o dono e não pode ser removido.")
if group_user_role == GroupUserRole.USER:
utils.check_permission(current_user, group,
[GroupUserRole.OWNER, GroupUserRole.ADMIN])
if group_user_role == GroupUserRole.ADMIN:
utils.check_permission(current_user, group, [GroupUserRole.OWNER])
if group_user_role == GroupUserRole.OWNER:
raise BusinessException("O grupo só pode ter um dono.")
group_user_repository.delete(group, user)
return jsonify(group.json())