def put(self, id, **kwargs):
parsed_args = promotion_parser.parse_args()
user = dbs.query(User).filter(User.id == id).first()
if not user:
abort(404, message="(Code 037) User {} doesn't exist".format(id))
if parsed_args['promoteToAdmin']:
if user.administrator:
abort(404, message="(Code 040) User is already an administrator!")
else:
if kwargs['user'].administrator:
user.administrator = True
user.moderator = True
else:
abort(401, message="(Code 038) Unauthorized!")
if parsed_args['promoteToMod']:
if user.administrator:
abort(404, message="(Code 041) User is already an administrator!")
elif user.moderator:
abort(404, message="(Code 042) User is already a moderator!")
else:
if kwargs['user'].moderator or kwargs['user'].administrator:
user.moderator = True
else:
abort(401, message="(Code 039) Unauthorized!")
dbs.add(user)
dbs.commit()
return user, 201
def put(self, id, **kwargs):
parsed_args = boulder_parser.parse_args()
boulder = dbs.query(Boulder).filter(Boulder.id == id).first()
if not boulder:
abort(404, message="(Code 071) Boulder {} doesn't exist".format(id))
if parsed_args['confirmed'] and not (kwargs['user'].administrator or kwargs['user'].moderator):
abort(401, message="(Code 054) Unauthorized!")
elif parsed_args['confirmed']:
boulder.confirmed = True
if not (parsed_args['grade'] == "leicht" or parsed_args['grade'] == "mittel" or parsed_args[
'grade'] == "schwer"):
parsed_args['grade'] = parsed_args['grade'].upper()
if parsed_args['grade'] not in grades:
abort(400, message="(Code 060) Field 'grade' has to be a valid Vermin, Fontainebleau or "
"NB scale (leicht, mittel, schwer) grade!")
boulder.name = parsed_args['name']
boulder.block_id = parsed_args['block_id']
boulder.grade = parsed_args['grade']
boulder.rock_type = parsed_args['rock_type']
boulder.rock_texture = parsed_args['rock_texture']
boulder.height = parsed_args['height']
boulder.beta = parsed_args['beta']
boulder.landing_area = parsed_args['landing_area']
boulder.first_ascent_athlete = parsed_args['first_ascent_athlete']
boulder.first_ascent_date = parsed_args['first_ascent_date']
dbs.add(boulder)
dbs.commit()
return boulder, 201
def post(self, **kwargs):
parsed_args = boulder_parser.parse_args()
if parsed_args['confirmed'] and not (kwargs['user'].administrator or kwargs['user'].moderator):
abort(401, message="(Code 058) Unauthorized!")
if not (parsed_args['grade'] == "leicht" or parsed_args['grade'] == "mittel" or parsed_args[
'grade'] == "schwer"):
parsed_args['grade'] = parsed_args['grade'].upper()
if parsed_args['grade'] not in grades:
abort(400, message="(Code 059) Field 'grade' has to be a valid Vermin, Fontainebleau or "
"NB scale (leicht, mittel, schwer) grade!")
boulder = Boulder(name=parsed_args['name'],
grade=parsed_args['grade'],
block_id=parsed_args['block_id'],
rock_type=parsed_args['rock_type'],
rock_texture=parsed_args['rock_texture'],
height=parsed_args['height'],
beta=parsed_args['beta'],
landing_area=parsed_args['landing_area'],
first_ascent_date=parsed_args['first_ascent_date'],
first_ascent_athlete=parsed_args['first_ascent_athlete'],
original_author_id=kwargs['user'].id,
confirmed=parsed_args['confirmed'])
dbs.add(boulder)
dbs.commit()
return boulder, 201
def post(self, **kwargs):
parsed_args = entity_photo_parser.parse_args()
entityphoto = request.files.get('entityphoto')
if not entityphoto:
abort(400, message="(Code XXX) No picture provided!")
else:
try:
filename = entityphotos.save(entityphoto)
except UploadNotAllowed:
abort(400, message="(Code XXX) The upload was not allowed!")
else:
try:
image_set = create_image_set(entityphotos.path(filename))
except resizeimage.ImageSizeError as e:
abort(400, message="(Code XXX) %s" % e.message)
finally:
os.remove(entityphotos.path(filename))
basename = os.path.split(image_set['original'])[1]
entityphotoset = EntityPhotoSet(
text=parsed_args['text'],
uploader_id=kwargs['user'].id,
entity_id=parsed_args['entity_id'],
basename=basename
)
dbs.add(entityphotoset)
dbs.commit()
return entityphotoset, 201
def put(self, id, **kwargs):
parsed_args = parser.parse_args()
comment = dbs.query(Comment).filter(Comment.id == id).first()
if not comment:
abort(404, message="(Code 068) Comment {} doesn't exist".format(id))
if not (comment.author_id == kwargs["user"].id):
abort(401, message="(Code 069) Unauthorized".format(id))
comment.text = parsed_args["text"]
dbs.add(comment)
dbs.commit()
return comment, 201
def post(self, **kwargs):
parsed_args = area_parser.parse_args()
if parsed_args["confirmed"] and not (kwargs["user"].administrator or kwargs["user"].moderator):
abort(401, message="(Code 055) Unauthorized!")
area = Area(
name=parsed_args["name"],
description=parsed_args["description"],
original_author_id=kwargs["user"].id,
confirmed=parsed_args["confirmed"],
)
dbs.add(area)
dbs.commit()
return area, 201
def post(self, **kwargs):
parsed_args = crag_parser.parse_args()
if parsed_args['confirmed'] and not (kwargs['user'].administrator or kwargs['user'].moderator):
abort(401, message="(Code 056) Unauthorized!")
crag = Crag(name=parsed_args['name'],
area_id=parsed_args['area_id'],
description=parsed_args['description'],
longitude=parsed_args['longitude'],
latitude=parsed_args['latitude'],
original_author_id=kwargs['user'].id,
confirmed=parsed_args['confirmed'])
dbs.add(crag)
dbs.commit()
return crag, 201
def post(self, **kwargs):
parsed_args = block_parser.parse_args()
if parsed_args['confirmed'] and not (kwargs['user'].administrator or kwargs['user'].moderator):
abort(401, message="(Code 057) Unauthorized!")
block = Block(name=parsed_args['name'],
crag_id=parsed_args['crag_id'],
description=parsed_args['description'],
longitude=parsed_args['longitude'],
latitude=parsed_args['latitude'],
original_author_id=kwargs['user'].id,
confirmed=parsed_args['confirmed'])
dbs.add(block)
dbs.commit()
return block, 201
def put(self, id, **kwargs):
parsed_args = area_parser.parse_args()
area = dbs.query(Area).filter(Area.id == id).first()
if not area:
abort(404, message="(Code 079) Area {} doesn't exist".format(id))
if parsed_args["confirmed"] and not (kwargs["user"].administrator or kwargs["user"].moderator):
abort(401, message="(Code 045) Unauthorized!")
elif parsed_args["confirmed"]:
area.confirmed = True
area.name = parsed_args["name"]
area.description = parsed_args["description"]
dbs.add(area)
dbs.commit()
return area, 201
def put(self, id, **kwargs):
parsed_args = parser.parse_args()
if not (parsed_args['nickname'] or (parsed_args['firstname'] and parsed_args['lastname'])):
abort(400, message="(Code 003) Either a nickname or a firstname and lastname need to be given!")
if not re.match(r"[^@]+@[^@]+\.[^@]+", parsed_args['email']):
abort(400, message="(Code 004) Email field is invalid!")
if not parsed_args['sex'] in sexes:
abort(400, message="(Code 027) Invalid sex!")
user = dbs.query(User).filter(User.id == id).first()
if not user:
abort(404, message="(Code 080) User {} doesn't exist".format(id))
if kwargs['user'].email != user.email:
abort(401, message="(Code 005) Unauthorized!")
user.firstname = parsed_args['firstname']
user.lastname = parsed_args['lastname']
user.nickname = parsed_args['nickname']
user.size = parsed_args['size']
user.sex = parsed_args['sex']
user.birthday = datetime.strptime(parsed_args['birthday'], '%Y-%m-%d') if parsed_args[
'birthday'] else None
if user.email != parsed_args['email']: # Changing the email address needs special permissions
if kwargs['protected_action_permission'] != 'put':
abort(401, message='(Code 006) Unauthorized!')
else:
user.email = parsed_args['email']
generate_refreshed_jwt = True
else:
generate_refreshed_jwt = False
if parsed_args['password']: # So does changing the password
if kwargs['protected_action_permission'] != 'put':
abort(401, message='(Code 007) Unauthorized!')
else:
user.password = parsed_args['password']
dbs.add(user)
dbs.commit()
if user.birthday:
user.birthday = datetime.combine(user.birthday, datetime.min.time()) # Can't marshall date, only datetime
marshalled_response = marshal(user, user_fields, envelope='data')
# When email changed, the login JWT is now invalid and a new one has to be sent
if generate_refreshed_jwt:
marshalled_response['refreshedJWT'] = get_login_jwt(user.email)
return marshalled_response, 201
def put(self, id, **kwargs):
parsed_args = crag_parser.parse_args()
crag = dbs.query(Crag).filter(Crag.id == id).first()
if not crag:
abort(404, message="(Code 070) Crag {} doesn't exist".format(id))
if parsed_args['confirmed'] and not (kwargs['user'].administrator or kwargs['user'].moderator):
abort(401, message="(Code 048) Unauthorized!")
elif parsed_args['confirmed']:
crag.confirmed = True
crag.name = parsed_args['name']
crag.area_id = parsed_args['area_id']
crag.description = parsed_args['description']
crag.description = parsed_args['latitude']
crag.description = parsed_args['longitude']
dbs.add(crag)
dbs.commit()
return crag, 201
def put(self, id, **kwargs):
parsed_args = block_parser.parse_args()
block = dbs.query(Block).filter(Block.id == id).first()
if not block:
abort(404, message="(Code 072) Block {} doesn't exist".format(id))
if parsed_args['confirmed'] and not (kwargs['user'].administrator or kwargs['user'].moderator):
abort(401, message="(Code 051) Unauthorized!")
elif parsed_args['confirmed']:
block.confirmed = True
block.name = parsed_args['name']
block.crag_id = parsed_args['crag_id']
block.description = parsed_args['description']
block.latitude = parsed_args['latitude']
block.longitude = parsed_args['longitude']
dbs.add(block)
dbs.commit()
return block, 201
def post(self, **kwargs):
parsed_args = boulder_grading_parser.parse_args()
former_grading = dbs.query(BoulderGrading).filter(BoulderGrading.user_id == kwargs['user'].id,
BoulderGrading.boulder_id == parsed_args[
'boulder_id']).first()
if former_grading:
dbs.delete(former_grading)
boulder = dbs.query(Boulder).filter(Boulder.id == parsed_args['boulder_id']).first()
if not boulder:
abort(404, message="(Code 073) Boulder doesn't exist!")
if not boulder.confirmed:
abort(400, message="(Code 074) Cannot suggest a grade for an unconfirmed boulder!")
if parsed_args['grade'] not in fb_scale + v_scale:
abort(400, message="(Code 075) Field 'grade' has to be a valid Vermin or Fontainebleau grade!")
grading = BoulderGrading(boulder_id=parsed_args['boulder_id'],
grade=parsed_args['grade'],
user_id=kwargs['user'].id)
dbs.add(grading)
dbs.commit()
return None, 201
def post(self, **kwargs):
parsed_args = parser.parse_args()
entity = dbs.query(Entity).filter(Entity.id == parsed_args["entity_id"]).first()
if not entity:
abort(404, message="(Code 061) Entity doesn't exist!")
if not entity.confirmed:
abort(400, message="(Code 062) Cannot comment on an unconfirmed entity!")
if parsed_args["parent_id"]:
parent_comment = dbs.query(Comment).filter(Comment.id == parsed_args["parent_id"]).first()
if not parent_comment:
abort(400, message="(Code 063) Parent comment doesn't exist!")
if parent_comment.parent_id:
abort(400, message="(Code 064) Maximal discussion depth is one!")
comment = Comment(
entity_id=parsed_args["entity_id"],
author_id=kwargs["user"].id,
parent_id=parsed_args["parent_id"],
text=parsed_args["text"],
)
dbs.add(comment)
dbs.commit()
return comment, 201
def post(self):
parsed_args = parser.parse_args()
# If there is not admin in the system yet, an admin can be created this way. This will only work for the first
# admin in the system!
is_admin = False
if parsed_args['installAdmin']:
if not dbs.query(User).filter(User.administrator).all():
is_admin = True
else:
abort(401, message="(Code 036) Falsely attempted to create initial administrator!")
if not (parsed_args['nickname'] or (parsed_args['firstname'] and parsed_args['lastname'])):
abort(400, message="(Code 008) Either a nickname or a firstname and lastname need to be given!")
if not re.match(r"[^@]+@[^@]+\.[^@]+", parsed_args['email']):
abort(400, message="(Code 009) Email field is invalid!")
if not parsed_args['password']:
abort(400, message="(Code 010) Password cannot be blank!")
if not parsed_args['sex'] in sexes:
abort(400, message="(Code 026) Invalid sex!")
birthday = datetime.strptime(parsed_args['birthday'], '%Y-%m-%d') if parsed_args[
'birthday'] else None
user = User(firstname=parsed_args['firstname'],
lastname=parsed_args['lastname'],
nickname=parsed_args['nickname'],
birthday=birthday,
size=parsed_args['size'],
sex=parsed_args['sex'],
email=parsed_args['email'],
password=parsed_args['password'],
administrator=is_admin,
moderator=is_admin)
dbs.add(user)
dbs.commit()
if user.birthday:
user.birthday = datetime.combine(user.birthday, datetime.min.time()) # Can't marshall date, only datetime
return user, 201