def update_user(user_id): users = [user for user in User.query.all() if user.id == user_id] if len(users) == 0: return not_found() if not request.json: return bad_request() if "username" in request.json and type( request.json["username"]) is not str: return bad_request() if "password" in request.json and type( request.json["password"]) is not str: return bad_request() if g.user.id != user_id: return unauthorized() user = g.user username = request.json.get("username") if username != "": existing_user = User.query.filter_by(username=username).first() if existing_user and existing_user.id != user.id: bad_request("Username already in use.") else: user.set_username(username) if request.json.get("password"): user.set_password(request.json.get("password")) return jsonify({"user": user.to_json()})
def get_user(user_id): users = [user.to_json() for user in User.query.all() if user.id == user_id] if len(users) == 0: return not_found() if g.user.id != user_id: return unauthorized() return jsonify({"user": g.user.to_json()})
def get_event(event_id): events = [e for e in Event.query.all() if e.id == event_id] if len(events) == 0: return not_found() event = events[0] if g.user.id != event.user_id: return unauthorized() return jsonify(event.to_json())
def delete_event(event_id): event = Event.query.filter_by(id=event_id).first() if not event: return not_found() if g.user.id != event.user_id: return unauthorized() event.delete() return jsonify({"result": True})
def delete_user(user_id): users = [user for user in User.query.all() if user.id == user_id] if len(users) == 0: return not_found() if g.user.id != user_id: return unauthorized() user = g.user user.delete() return jsonify({"result": True})
def update_event(event_id): if not json_argument_check_str(["name"], request): return bad_request() events = [e for e in Event.query.all() if e.id == event_id] if len(events) == 0: return not_found() event = events[0] if g.user.id != event.user_id: return unauthorized() event.set_fields(request.json) return jsonify(event.to_json())
def create_event(): if ( not request.json or not "user_id" in request.json or not isinstance(request.json["user_id"], numbers.Number) or not "name" in request.json or not "data" in request.json ): return bad_request() json = request.json user_id = json["user_id"] users = [user.to_json() for user in User.query.all() if user.id == user_id] if len(users) == 0: return not_found() if g.user.id != user_id: return unauthorized() return ( jsonify( Event.make_event( user_id=json["user_id"], name=json["name"], data=json["data"] ).to_json() ), 201, )