def get(self, id): book = Book.query.filter_by(id=id).first() if (book): # Book found book_loans = Book_loan.query.filter_by(book_id=book.id).all() if (book_loans): # If there's any book loan for loan in book_loans: # Sweep all loans book_return = Book_return.query.filter_by( book_loan_id=loan.id).first() if (book_return): if (not book_return.user_confirmation or not book_return.owner_confirmation): return { 'data': { 'status': 'Unavailable' } }, log__(200, g.user) else: # Book not returned yet return { 'data': { 'status': 'Unavailable' } }, log__(200, g.user) return { 'data': { 'status': 'Available' } }, log__(200, g.user) # All loans returned else: # Book not loaned yet return {'data': {'status': 'Available'}}, log__(200, g.user) else: # Book not found return {'data': {'message': 'Book not found'}}, log__(404, g.user)
def post(self): # Required arguments self.reqparse.add_argument("title", type=str, required=True, location='json') args = self.reqparse.parse_args() user = g.user if not user: # User not found return {'message': 'User not found'}, log__(404, g.user) try: isbn = isbn_from_words(args['title']) title = meta(isbn)['Title'] wish = Wishlist.query.filter_by(isbn=isbn, user_id=user.id).first() if wish: # Book already in the wishlist return {'data': wish.serialize}, log__(200, g.user) else: # If book not in the wishlist new_wish = Wishlist(isbn=isbn, title=title, user_id=user.id) db.session.add(new_wish) db.session.commit() return {'data': new_wish.serialize}, log__(201, g.user) except Exception as error: print(error) return {'message': 'Unexpected Error'}, log__(500, g.user)
def put(self, id): try: user = User.query.get_or_404(id) args = self.reqparse.parse_args() # when we have an update to do, we can't simply update all information # using the arguments from reqparse, because some may be empty # then we have to keep the information if g.user.admin == 2: administrator = True else: administrator = False for key, value in args.items(): if key == 'admin' and value is not None and not administrator: return {'message': 'You are not authorized to access this area.'},log__(401,g.user) # this will filter only valid values elif key == 'password' and value is not None: # we will ALWAYS encrypt a new password user.hash_password(value) elif value is not None: if user.admin and not administrator and not user is g.user: return {'message': 'You are not authorized to access this area.'},log__(401,g.user) else: setattr(user, key, value) user.check_register() db.session.commit() return {'data': user.serialize}, log__(200,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) return { 'message': 'Unexpected Error' }, log__(500,g.user)
def post(self): args = self.reqparse.parse_args() # Checks if book_loan already exists try: l = Book_loan.query.filter_by(book_id=args['book_id'], user_id=g.user.id, loan_status='requested').first() if l == None: loan = Book_loan(book_id=args['book_id'], user_id=g.user.id) loan.loan_status = 'requested' loan.scored = False book = Book.query.get_or_404(loan.book_id) # Get the book's owner whether it's an organization or a user if book.is_organization: owner = Organization.query.get_or_404(book.organization_id) else: owner = User.query.get_or_404(book.user_id) Thread(target=notification.send([owner], "loanrequest.html", "Loan Request", book)).start() db.session.add(loan) db.session.commit() return {'data': loan.serialize}, log__(201, g.user) return {'message': 'Request already made'}, log__(500, g.user) except Exception as error: if str(error) == "404: Not Found": return { 'message': 'The object you are looking for was not found' }, log__(404, g.user) else: return {'message': 'Unexpected Error'}, log__(500, g.user)
def get(self, id): book = Book.query.get_or_404(id) book_topsearches = Topsearches.query.filter_by( isbn10=book.isbn10).first() book_topsearches += Topsearches.query.filter_by( isbn13=book.isbn13).first() try: if book_topsearches is not None: book_topsearches.times += 1 db.session.commit() else: book_topsearches = Topsearches(isbn10=book.isbn10, isbn13=book.isbn13, title=book.title, times=1) db.session.add(book_topsearches) db.session.commit() return {'data': book.serialize}, log__(200, g.user) except Exception as error: if str(error) == "404: Not Found": return { 'message': 'The object you are looking for was not found' }, log__(404, g.user) else: return {'message': 'Unexpected error'}, log__(500, g.user)
def get(self, id): try: user = User.query.get_or_404(id) return {'data': user.serialize}, log__(200,g.user) except Exception as error: print("ERROR: " + str(error)) if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) return { 'message': 'Unexpected Error' }, log__(500,g.user)
def get(self, id): try: feedback = Feedback.query.get_or_404(id) return { 'data': feedback.serialize }, log__(200,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return { 'message': 'Unexpected Error' }, log__(500,g.user)
def get(self): if g.user.admin!=0: # Table.query makes a search (select) in the database user = User.query.all() # we should return serialized objects because they are ready to # be converted to JSON # an HTTP status code is also important return {'data': [u.serialize for u in user]},log__(200,g.user) else: return {'message': 'You are not authorized to access this area.'},log__(401,g.user)
def put(self, id): try: book = Book.query.get_or_404(id) if book.is_organization: org = Organization.query.get(book.organization_id) if g.user not in org.managers and g.user.admin == 0: return { 'message': 'You are not authorized to access this area.' }, log__(401, g.user) else: if g.user.id != book.user_id and g.user.admin == 0: return { 'message': 'You are not authorized to access this area.' }, log__(401, g.user) args = self.reqparse.parse_args() for key, value in args.items(): if value is not None: if key is 'authors': for b in book.authors: book.authors.remove(b) for a in args['authors']: authors = Author.query.filter_by(name=a).first() if authors is None: authors = Author(name=a) db.session.add(authors) db.session.commit() book.authors.append(authors) elif key is 'categories': for b in book.categories: book.categories.remove(b) for c in args['categories']: categories = Category.query.filter_by( name=c).first() if categories is None: categories = Category(name=c) db.session.add(categories) db.session.commit() book.categories.append(categories) else: setattr(book, key, value) db.session.commit() return {'data': book.serialize}, log__(200, g.user) except Exception as error: if str(error) == "404: Not Found": return { 'message': 'The object you are looking for was not found' }, log__(404, g.user) else: return {'message': 'Unexpected Error'}, log__(500, g.user)
def delete(self, id): try: org = Organization.query.get_or_404(id) db.session.delete(org) db.session.commit() return {}, log__(204,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return { 'message': 'Unexpected Error' }, log__(500,g.user)
def delete(self, id): try: user = User.query.get_or_404(id) if user.admin == 2 and not g.user.admin == 2: return {'message': 'You are not authorized to access this area.'},log__(401,g.user) db.session.delete(user) #db.session.commit() return log__(204,g.user) except Exception as error: print("ERROR: " + str(error)) if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) return { 'message': 'Unexpected Error' }, log__(500,g.user)
def get(self,id): try: loan = Book_loan.query.get_or_404(id) book = Book.query.get_or_404(loan.book_id) # Verify user logged in if g.user.id != book.user_id and g.user.id!=loan.user_id: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) loan = Book_loan.query.get_or_404(id) return { 'data': loan.serialize }, log__(200,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return {'message': 'Unexpected Error'}, log__(500,g.user)
def get(self): top_searches = [t.serialize for t in Topsearches.query.all()] # Sorting first by the times, after by the alfabetic order of the title return { 'data': sorted(top_searches, key=lambda t: (-t['times'], t['title'])) }, log__(200)
def post(self): try: args = self.reqparse.parse_args() loan_record = Book_loan.query.filter_by(id=args['loan_id']).first() if not loan_record.loan_status == 'accepted': return { 'message': 'Bad Request' }, log__(400,g.user) return_record = Book_return.query.filter_by(book_loan_id = loan_record.id).first() book = Book.query.get_or_404(loan_record.book_id) if not (return_record): return_record = Book_return(book_loan_id = loan_record.id, returned_date = date.today()) if not book.is_organization: return_record.user_owner = book.user_id else: return_record.org_owner = book.organization_id return_record.user_id = loan_record.user_id if loan_record.user_id==g.user.id: return_record.user_confirmation=True db.session.add(return_record) elif book.is_organization: org = Organization.query.get(book.organization_id) if g.user in org.managers: return_record.owner_confirmation=True db.session.add(return_record) elif not book.is_organization and g.user.id == book.user_id: return_record.owner_confirmation=True db.session.add(return_record) else: return { 'data': { 'message': 'Bad Request' } }, log__(400,g.user) if return_record.owner_confirmation and return_record.user_confirmation: loan_record.loan_status = 'done' book.available = True book.loan_user = None else: loan_record.loan_status = 'accepted' db.session.commit() return { 'data': return_record.serialize }, log__(201,g.user) except Exception as error: print(error) if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return {'message': 'Unexpected Error'}, log__(500,g.user)
def get(self): args = self.reqparse.parse_args() try: loan_delay = Delayed_return.query.filter_by( book_loan_id=args['loan_id']).first() if loan_delay is None: return { 'message': 'The object you are looking for was not found.' }, log__(404, g.user) loan = Book_loan.query.get_or_404(args['loan_id']) book = Book.query.get_or_404(loan.book_id) if book.is_organization: org = Organization.query.get_or_404(book.organization_id) if book.is_organization and g.user in org.managers: return {'data': [loan_delay.serialize]}, log__(201, g.user) elif g.user.id == book.user_id or g.user.admin != 0: return {'data': [loan_delay.serialize]}, log__(201, g.user) elif g.user.id == loan.user_id or g.user.admin != 0: return {'data': [loan_delay.serialize]}, log__(201, g.user) return { 'message': 'You are not authorized to access this area' }, log__(401, g.user) except Exception as error: if str(error) == "404: Not Found": return { 'message': 'The object you are looking for was not found' }, log__(404, g.user) else: return {'message': 'Unexpected Error'}, log__(500, g.user)
def get(self): try: args = {} args['user_id'] = request.args.get("user_id") args['book_id'] = request.args.get("book_id") args['open'] = request.args.get("open") args['user_type'] = request.args.get("user_type") args['is_org'] = request.args.get("is_org") if args['user_id'] and args['book_id']: return {'message': 'Choose only one argument'}, log__(400,g.user) elif args['user_id'] and args['open']: if args['user_type'].lower() == 'owner': if args['is_org']: loans = Book_loan.query.filter_by(organization_id=args['user_id'], loan_status='requested').all() else: loans = Book_loan.query.filter_by(owner_id=args['user_id'], loan_status='requested').all() return {'data': [l.serialize for l in loans]}, log__(200,g.user) elif args['user_type'].lower() == "user": loans = Book_loan.query.filter_by(user_id=args['user_id'], loan_status='requested').all() return {'data': [l.serialize for l in loans]}, log__(200,g.user) return {'message': 'Bad Request'}, log__(400,g.user) elif args['user_id']: if args['user_type'].lower() == 'owner': if args['is_org']: loans = Book_loan.query.filter_by(organization_id=args['user_id']).all() else: loans = Book_loan.query.filter_by(owner_id=args['user_id']).all() return {'data': [l.serialize for l in loans]}, log__(200,g.user) elif args['user_type'].lower() == "user": loans = Book_loan.query.filter_by(user_id=args['user_id'],).all() return {'data': [l.serialize for l in loans]}, log__(200,g.user) return {'message': 'Bad Request'}, log__(400,g.user) elif args['book_id']: loans = Book_loan.query.filter_by(book_id=args['book_id']).all() return {'data': [l.serialize for l in loans]}, log__(200,g.user) else: return {'message': 'Bad Request'}, log__(400,g.user) except Exception as error: print(error) return {'message': 'Unexpected Error'}, log__(500,g.user)
def delete(self, id): try: book = Book.query.get_or_404(id) if book.is_organization: user = User.query.get_or_404(book.organization_id) else: user = User.query.get_or_404(book.user_id) user.points_update(-10) db.session.delete(book) db.session.commit() return log__(204, g.user) except Exception as error: if str(error) == "404: Not Found": return { 'message': 'The object you are looking for was not found' }, log__(404, g.user) else: return {'message': 'Unexpected Error'}, log__(500, g.user)
def delete(self, id): try: feedback = Feedback.query.get_or_404(id) # Gamefication if feedback.user == "owner": book_return = Book_return.query.get_or_404(feedback.transaction_id) loan = Book_loan.query.get_or_404(book_return.book_loan_id) book = Book.query.get_or_404(loan.book_id) user = User.query.get_or_404(book.user_id) user.points_update(-feedback.scored) db.session.delete(feedback) db.session.commit() return {}, log__(204,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return { 'message': 'Unexpected Error' }, log__(500,g.user)
def post(self): args = self.reqparse.parse_args() feedback = Feedback(**args) try: book_return = Book_return.query.get_or_404(feedback.transaction_id) loan = Book_loan.query.get_or_404(book_return.book_loan_id) book = Book.query.get_or_404(loan.book_id) # Feedback from user to owner if g.user.id == loan.user_id: user = g.user db.session.add(feedback) feedback.user = "******" # Feedback from owner to user elif book.is_organization: # Must be user-to-user return { 'message' : 'Organizations cannot be evaluated' }, log__(400,g.user) elif book.user_id == g.user.id: user = g.user db.session.add(feedback) feedback.user = "******" else: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) # Update user evaluation if user.evaluation == 0: user.evaluation = feedback.user_evaluation else: user.evaluation = ceil((user.evaluation + feedback.user_evaluation) / 2) # Gamefication if feedback.book_evaluation == 5: user.points_update(8) feedback.scored += 8 if feedback.time_evaluation == 5: user.points_update(8) feedback.scored += 8 db.session.commit() return { 'data': feedback.serialize }, log__(200,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return { 'message': 'Unexpected Error' }, log__(500,g.user)
def post(self): args = self.reqparse.parse_args() user = User(**args) # we will ALWAYS encrypt a new password user.hash_password(args['password']) db.session.add(user) try: db.session.commit() # Gamefication user.check_register() db.session.commit() return {'data': user.serialize}, log__(201) except Exception as error: print(error) if "duplicate key value in error": return { 'message': 'User already exists' }, log__(409) else: return { 'message': 'Could\'nt complete the request' }, log__(503)
def verify_password(email_or_token, password): """ This function verify if the user has the correct credentials. If it has, we can confirm the login and every login_required decorator will pass. """ # tries to get the user by token if email_or_token is not None: user = User.verify_auth_token(email_or_token) if not user: # tries to get the user by email and password user = User.query.filter_by(email=email_or_token).first() if not user or not user.verify_password(password): log__(401) return False # saves the user in the global object 'user' g.user = user return True else: log__(401) return False
def get(self): # Required arguments #self.reqparse.add_argument("user_id", type=int, required=True, location='json') #args = self.reqparse.parse_args() args = {} args['user_id'] = request.args.get("user_id") user = User.query.filter_by(id=args['user_id']).first() if(not user): return {'data': {'message': 'User not found'}}, log__(404,g.user) try: wishlist = Wishlist.query.filter_by(user_id=args['user_id']).all() if wishlist: return {'data': [wish.serialize for wish in wishlist]}, log__(200,g.user) else: # Wishlist is empty return {'data': []}, log__(200,g.user) except Exception: return {'message': 'Unexpected Error'}, log__(500,g.user)
def put(self, id): try: args = self.reqparse.parse_args() org = Organization.query.get_or_404(id) #for key, value in args.items(): if args['name'] is not None: setattr(org, 'name', args['name']) if args['description'] is not None: setattr(org, 'description', args['description']) if args['managers'] is not None: for u in org.managers: u.organization_id = None for m in User.query.filter(User.id.in_(args['managers'])).all(): m.organization_id = org.id db.session.commit() return {'data': org.serialize}, log__(200,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return { 'message': 'Unexpected Error' }, log__(500,g.user)
def post(self): try: args = self.reqparse.parse_args() category = args['categories'] author = args['authors'] del args['categories'] del args['authors'] book = Book(**args) if author: for a in author: authors = Author.query.filter_by(name=a).first() if authors is None: authors = Author(name=a) db.session.add(authors) db.session.commit() book.authors.append(authors) if category: for c in category: categories = Category.query.filter_by(name=c).first() if categories is None: categories = Category(name=c) db.session.add(categories) db.session.commit() book.categories.append(categories) if (args['user_id'] and args['organization_id']) or ( (not args['user_id'] and not args['organization_id'])): return {'message': 'Bad Request'}, log__(400, g.user) if args['user_id'] and (not User.query.get(args['user_id'])): return {'message': 'User not found'}, log__(404, g.user) if args['organization_id']: org = Organization.query.get(args['organization_id']) if args['organization_id'] and ( (org is None) or (g.user not in org.managers and g.user.admin == 0)): if org is None: return { 'message': 'Organization not found' }, log__(404, g.user) if g.user not in org.managers and g.user.admin == 0: return { 'message': 'You are not authorized to access this area.' }, log__(401, g.user) elif args['user_id']: book.is_organization = False user = User.query.get_or_404(args['user_id']) user.points_update(10) else: book.is_organization = True db.session.add(book) db.session.commit() return {'data': book.serialize}, log__(201, g.user) except Exception as error: print(error) return {'message': 'Bad Request'}, log__(400, g.user)
def post(self): try: args = self.reqparse.parse_args() loan_delay = Book_loan.query.get_or_404(args['loan_id']) delay_record= Delayed_return.query.filter_by(book_loan_id = loan_delay.id).first() if loan_delay.loan_status is not "done": book = Book.query.get_or_404(loan_delay.book_id) if g.user.id == loan_delay.user_id: if not delay_record: delay_record = Delayed_return(book_loan_id = loan_delay.id, requested_date = loan_delay.return_date+timedelta(days=7)) db.session.add(delay_record) elif delay_record.status is not "waiting": return {'message': 'Request already answered'}, log__(409,g.user) elif book.is_organization: org = Organization.query.get_or_404(book.organization_id) if g.user in org.managers: if args['status']=="accepted": delay_record.status='accepted' loan_delay.return_date = delay_record.requested_date elif args['status']=="refused": delay_record.status='refused' else: return { 'message': 'Bad Request' }, log__(400,g.user) else: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) elif g.user.id == book.user_id: if args['status']=="accepted": delay_record.status='accepted' loan_delay.return_date = delay_record.requested_date elif args['status']=="refused": delay_record.status='refused' else: return { 'message': 'Bad Request' }, log__(400,g.user) else: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) db.session.commit() users_mail = User.query.filter_by(id=loan_delay.user_id).first() #Thread(target=notification.send([users_mail], "email.html", # delay_record.status, # book,delay_record.requested_date)).start() return { 'data': delay_record.serialize }, log__(201,g.user) else: return {'message': 'Book returned'},log__(409,g.user) except Exception as error: if str(error)=="404: Not Found": return { 'message': 'The object you are looking for was not found'}, log__(404,g.user) else: return { 'message': 'Unexpected Error' }, log__(500,g.user)
def post(self): args = self.reqparse.parse_args() org = Organization(name=args['name'], description=args['description'], email=args['email']) db.session.add(org) # we receive a list of IDs and select all users that have one of them for user in User.query.filter(User.id.in_(args['managers'])).all(): user.organization_id = org.id db.session.commit() return {'data': org.serialize}, log__(201,g.user)
def get(self): args = self.reqparse.parse_args() loan_record_search = Book_loan.query.filter_by( id=args['loan_id']).first() return_record_search = Book_return.query.filter_by( book_loan_id=loan_record_search.id).first() book = Book.query.get(loan_record_search.book_id) if ((g.user.id != return_record_search.user_id) and g.user.admin == 0): return { 'message': 'You are not authorized to access this area' }, log__(401, g.user) if book.is_organization: org = Organization.query.get(book.organization_id) if g.user not in org.managers and g.user.admin == 0: return { 'message': 'You are not authorized to access this area' }, log__(401, g.user) else: if g.user.id != book.user_id and g.user.admin == 0: return { 'message': 'You are not authorized to access this area' }, log__(401, g.user) return {'data': [return_record_search.serialize]}, log__(200, g.user)
def get(self): try: args = {} args['loan_id'] = request.args.get("loan_id") args['user_id'] = request.args.get("user_id") args['owner_id'] = request.args.get("owner_id") if (args['loan_id'] and args['user_id']) or (args['loan_id'] and args['owner_id']) or (args['user_id'] and args['owner_id']): return {'message': 'Choose only one argument'}, log__(400,g.user) elif args['loan_id']: loan_record_search = Book_loan.query.filter_by(id=args['loan_id']).first() if loan_record_search: return_record_search = Book_return.query.filter_by(book_loan_id=loan_record_search.id).first() if return_record_search: book = Book.query.get(loan_record_search.book_id) if ((g.user.id != return_record_search.user_id) and g.user.admin==0): return {'message': 'You are not authorized to access this area'}, log__(401,g.user) if book.is_organization: org = Organization.query.get(book.organization_id) if g.user not in org.managers and g.user.admin == 0: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) else: if g.user.id != book.user_id and g.user.admin == 0: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) return {'data': [return_record_search.serialize]}, log__(200,g.user) elif args['user_id']: if g.user.id == int(args['user_id']) or g.user.admin!=0: return_books = Book_return.query.filter_by(user_id=args['user_id']).all() return {'data': [r.serialize for r in return_books]},log__(200,g.user) else: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) elif args['owner_id']: if g.user.id == int(args['owner_id']) or g.user.admin!=0: return_books = Book_return.query.filter_by(user_owner=args['owner_id']).all() return {'data': [r.serialize for r in return_books]},log__(200,g.user) else: return {'message': 'You are not authorized to access this area'}, log__(401,g.user) return {'message': 'Bad Request'}, log__(400,g.user) except Exception as error: print(error) return {'message': 'Unexpected Error'},log__(500,g.user)
def get(self): users = [u.serialize for u in User.query.all()] # Sorting first by the points, after by the alfabetic order of the names return { 'data' : sorted(users, key=lambda t: (-t['points'], t['name'])) }, log__(200)
def get(self): organizations = Organization.query.all() return {'data': [org.serialize for org in organizations]}, log__(200,g.user)