def get(self, id): # get the user user = g.user item = Item.get(id) if not item: abort(403) if not item.user == user: abort(403) return marshal(item, Item.fields())
def delete(self, id): user = g.user item = Item.get(id) if not item: abort(403) if not item.user == user: abort(403) db.session.delete(item) db.session.commit() return 200
def create(item_id): auth_header = request.headers.get('Authorization') if auth_header: token = auth_header.split(" ")[1] else: return jsonify([{ 'status': 'failed', 'message': 'Not authorization header.' }]) decoded = decode_auth_token(token) user = User.get(User.id == decoded) if user: item = Item.get(Item.id == item_id) if item: if request.method == "POST": req_data = request.get_json() title = req_data['title'] date = req_data['date'] reflection = req_data['reflection'] journal = Journal(title=title, date=date, reflection=reflection, item=item) if journal.save(): return jsonify([{ 'status': 'success', 'message': 'Successfully created a new item in your Bucket List', 'journal': { 'id': journal.id, 'title': journal.title, 'date': journal.date, 'reflection': journal.reflection, } }]) else: return jsonify([{ 'status': 'failed', 'message': 'Unable to create this journal' }]) elif request.method == "GET": journals = Journal.select().where(Journal.item_id == item.id) return jsonify({ 'journal': [{'id': journal.id, 'title': journal.title, 'date': journal.date, 'reflection': journal.reflection, 'item': journal.item_id} for journal in journals]})
def put(self, id): # get the user user = g.user item = Item.get(id) if not item: abort(403) if not item.user == user: abort(403) # load data # r = json.loads(request.data) r = request.get_json() title = r['item']['title'] completed = r['item']['completed'] # modify it item.title = title item.completed = completed db.session.add(item) db.session.commit() return marshal(item, Item.fields())