def post(self, campaign_id, session_id, note_id):
data = json.loads(self.request.body)
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
nk = ndb.Key(
"Campaign", int(campaign_id),
"Session", int(session_id),
"Note", int(note_id))
note = nk.get()
if campaign == None or note == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
if not account.key == note.account:
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to modify this object"},
indent=2))
return
if data.has_key("name"):
note.name = data["name"]
if data.has_key("public"):
note.public = data["public"]
if data.has_key("note"):
note.note = data["note"]
note.put()
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(note.to_json(), indent=2))
def post(self, campaign_id, player_id):
data = json.loads(self.request.body)
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
pk = ndb.Key("Campaign", int(campaign_id), "Player", int(player_id))
player = pk.get()
if campaign == None or player == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
if player.account != account.key:
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{
"error":
"You don't have permission to modify this object"
},
indent=2))
return
player.character_name = data["character_name"]
player.put()
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(player.to_json(), indent=2))
def get(self, campaign_id, session_id, note_id):
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
nk = ndb.Key(
"Campaign", int(campaign_id),
"Session", int(session_id),
"Note", int(note_id))
note = nk.get()
if campaign == None or note == None:
self.response.status = 404
return
if not campaign.access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to see this object"},
indent=2))
return
if not campaign.admin_access_allowed(account):
if not note.public:
if not account.key == note.account:
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to see this object"},
indent=2))
return
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(note.to_json(), indent=2))
def post(self):
data = json.loads(self.request.body)
account = Account.get_account(users.get_current_user())
account.name = data["name"]
account.put()
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(account.to_json(), indent=2))
def delete(self, campaign_id, encounter_id):
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
ek = ndb.Key("Campaign", int(campaign_id), "Encounter",
int(encounter_id))
encounter = ek.get()
if campaign == None or encounter == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to delete this object"},
indent=2))
return
if encounter.applied:
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "Can't delete an encounter that is already applied"},
indent=2))
return
#TODO: block from deleting a encounter if it's in use.
encounter.key.delete()
self.response.status = 204
def post(self):
data = json.loads(self.request.body)
account = Account.get_account(users.get_current_user())
q = Campaign.query(
Campaign.token == data["token"])
r = q.fetch(1)
if len(r) > 0:
campaign = r[0]
if campaign.owner == account.key:
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "Can't join a campaign you are the GM of"}, indent=2))
return
r = Player.query(ancestor=campaign.key).fetch()
for player in r:
if player.account == account.key:
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "Already a member of campaign"}, indent=2))
return
new_player = Player(
account=account.key,
character_name=data.get("character_name"),
parent=campaign.key)
new_player.put()
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(campaign.to_json(), indent=2))
return
else:
self.response.status = 404
def delete(self, campaign_id, session_id):
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
sk = ndb.Key("Campaign", int(campaign_id), "Session", int(session_id))
session = sk.get()
if campaign == None or session == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to delete this object"},
indent=2))
return
if campaign.current_session() != session:
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "Only current session can be deleted"}, indent=2))
return
#TODO: block from deleting a session if it's in use.
session.key.delete()
self.response.status = 204
def get(self):
account = Account.get_account(users.get_current_user())
q = Campaign.query(Campaign.owner == account.key)
r = q.fetch()
campaigns = []
for c in r:
campaigns.append(c.to_json())
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(campaigns, indent=2))
def post(self):
data = json.loads(self.request.body)
account = Account.get_account(users.get_current_user())
new_campaign = Campaign(name=data["name"],
owner=account.key,
token=str(uuid.uuid4()))
new_campaign.put()
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" %
json.dumps(new_campaign.to_json(), indent=2))
def delete(self, campaign_id):
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
if campaign == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to delete this object"},
indent=2))
return
campaign.key.delete()
self.response.status = 204
def post(self, campaign_id):
account = Account.get_account(users.get_current_user())
data = json.loads(self.request.body)
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
if campaign == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to modify this object"},
indent=2))
return
campaign.name = data["name"]
campaign.put()
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(campaign.to_json(), indent=2))
def get(self, campaign_id, encounter_id):
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
ek = ndb.Key("Campaign", int(campaign_id), "Encounter",
int(encounter_id))
encounter = ek.get()
if campaign == None or encounter == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to see this object"},
indent=2))
return
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(encounter.to_json(), indent=2))
def get(self, campaign_id):
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
if campaign == None:
self.response.status = 404
return
if not campaign.access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to see this object"},
indent=2))
return
players = []
r = Player.query(ancestor=campaign.key).fetch()
for player in r:
players.append(player.to_json())
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(players, indent=2))
def post(self, campaign_id):
data = json.loads(self.request.body)
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
if campaign == None:
self.response.status = 404
return
if not campaign.admin_access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to modify this object"},
indent=2))
return
r = Session.query(ancestor=campaign.key).fetch()
name = data.get("name", "Session %s" % (len(r) + 1))
new_session = Session(name=name, parent=campaign.key)
new_session.put()
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" %
json.dumps(new_session.to_json(), indent=2))
return
def get(self, campaign_id, session_id):
account = Account.get_account(users.get_current_user())
key = ndb.Key("Campaign", int(campaign_id))
campaign = key.get()
if campaign == None:
self.response.status = 404
return
if not campaign.access_allowed(account):
self.response.status = 403
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(
{"error": "You don't have permission to see this object"},
indent=2))
return
notes = []
sk = ndb.Key("Campaign", int(campaign_id), "Session", int(session_id))
r = Note.query(ancestor=sk).order(Session.created_at).fetch()
for note in r:
if campaign.admin_access_allowed(account) or note.public:
notes.append(note.to_json())
elif account.key == note.account:
notes.append(note.to_json())
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(notes, indent=2))
def get(self):
account = Account.get_account(users.get_current_user())
self.response.headers["Content-Type"] = "application/json"
self.response.write("%s\n" % json.dumps(account.to_json(), indent=2))