def admin():
if request.method == "GET":
return base_req(
response=[asdict(admin) for admin in Admin.query.all()])
if request.method == "POST":
if "email" not in request.json:
abort(400, "Missing key email")
admin = Admin(email=request.json["email"])
db.session.add(admin)
db.session.commit()
return base_req()
if request.method == "DELETE":
if "email" not in request.json:
abort(400, "Missing key email")
search = Admin.query.filter_by(email=request.json["email"]).all()
if not search:
abort(404, "Admin with specified email does not exist")
db.session.delete(
Admin.query.filter_by(email=request.json["email"]).one())
db.session.commit()
return base_req()
def validate():
user = User.query.filter_by(email=session["google_email"]).one()
# Update Google picture URL in database
user.google_picture_url = session["google_picture_url"]
db.session.add(user)
db.session.commit()
return base_req(
message="User valid.",
response={
"google": True,
"registered": True,
"email": session["google_email"],
"name": session["google_name"],
"avatar": session["google_picture_url"],
"school_class": user.school_class,
"is_admin": session["is_admin"],
"event": {
"event_date": EVENT_DATE,
"swish_phone": SWISH_PHONE,
"swish_name": SWISH_NAME,
},
},
)
def register():
user = User.query.filter_by(email=session["google_email"]).all()
if len(user) > 0:
abort(400, "User already registered.")
password = request.json["password"]
school_class = request.json["school_class"].upper()
if password != REGISTER_PASSWORD:
abort(401, "Invalid password")
if input_validation(school_class) and length_validation(
school_class, 4, 6, vanity="School class"):
user = User(email=session["google_email"], school_class=school_class)
db.session.add(user)
db.session.commit()
return base_req(
message="user registered",
response={
"email": session["google_email"],
"name": session["google_name"],
"avatar": session["google_picture_url"],
"school_class": school_class,
"is_admin": session["is_admin"],
},
)
abort(500)
def modify(id):
json = request.json
seat_type = json["seat_type"] if "seat_type" in json else None
if request.method == "DELETE":
booking = None
booking = (Booking.query.get(id) if seat_type == "standard" else
(ConsoleBooking.query.get(id) if seat_type == "console" else
abort(400, "Invalid seat_type")))
if not booking:
abort(404, "Booking does not exist")
db.session.delete(booking)
db.session.commit()
return base_req()
if request.method == "PUT":
paid = json["paid"] if "paid" in json else None
seat = json["seat"] if "seat" in json else None
name = json["name"] if "name" in json else None
email = json["email"] if "email" in json else None
school_class = json["school_class"].upper(
) if "school_class" in json else None
booking = None
booking = (Booking.query.get(id) if seat_type == "standard" else
(ConsoleBooking.query.get(id) if seat_type == "console" else
abort(400, "Invalid seat_type")))
if not booking:
abort(404, "Booking does not exist")
booking.seat = seat if seat is not None else booking.seat
booking.paid = paid if paid is not None else booking.paid
booking.name = name if name is not None else booking.name
booking.email = email if email is not None else booking.email
booking.school_class = (school_class if school_class is not None else
booking.school_class)
db.session.commit()
return base_req()
def bookings():
bookings = Booking.query.all()
console_bookings = ConsoleBooking.query.all()
return base_req(
response={
"bookings": [{
"seat":
booking.seat,
"name":
booking.name,
"school_class":
booking.school_class,
"email":
None if len(
Admin.query.filter_by(email=session["google_email"]).all()
) < 1 else booking.email,
"paid":
booking.paid,
"picture_url":
User.query.filter_by(
email=booking.email).first().google_picture_url
if len(User.query.filter_by(
email=booking.email).all()) != 0 else "",
"time_created":
str(booking.time_created),
"time_updated":
str(booking.time_updated),
} for booking in bookings],
"console_bookings": [{
"seat":
booking.seat,
"name":
booking.name,
"school_class":
booking.school_class,
"email":
None if len(
Admin.query.filter_by(email=session["google_email"]).all()
) < 1 else booking.email,
"paid":
booking.paid,
"picture_url":
User.query.filter_by(
email=booking.email).first().google_picture_url
if len(User.query.filter_by(
email=booking.email).all()) != 0 else "",
"time_created":
str(booking.time_created),
"time_updated":
str(booking.time_updated),
} for booking in console_bookings],
"num_seats":
NUM_SEATS,
"num_console_seats":
NUM_CONSOLE_SEATS,
})
def error_401(e):
return base_req(
status=False,
http_code=401,
message=e.description["description"]
if type(e.description) is dict else e.description,
response=e.description["response"]
if type(e.description) is dict else {},
)
def available():
return base_req(
response={
"available_seats":
[i for i in range(1, NUM_SEATS + 1) if not Booking.query.get(i)],
"available_console_seats": [
i for i in range(1, NUM_CONSOLE_SEATS + 1)
if not ConsoleBooking.query.get(i)
],
})
def login():
# Find out what URL to hit for Google login
google_provider_cfg = get_google_provider_cfg()
authorization_endpoint = google_provider_cfg["authorization_endpoint"]
# Use library to construct the request for Google login and provide
# scopes that let you retrieve user's profile from Google
request_uri = client.prepare_request_uri(
authorization_endpoint,
redirect_uri=BACKEND_URL + "/api/auth/login/callback",
scope=["openid", "email", "profile"],
)
return base_req(response={"login_url": request_uri})
def user():
if request.method == "GET":
return base_req(response=[asdict(user) for user in User.query.all()])
if request.method == "POST":
if "email" not in request.json:
abort(400, "Missing key email")
if "school_class" not in request.json:
abort(400, "Missing key school_class")
email = request.json["email"]
school_class = request.json["school_class"].upper()
user = User.query.filter_by(email=email).all()
if len(user) > 0:
abort(400, "User already registered.")
if input_validation(school_class) and length_validation(
school_class, 4, 6, vanity="School class"):
user = User(email=email, school_class=school_class)
db.session.add(user)
db.session.commit()
return base_req(
message="user registered",
response={
"email": email,
"school_class": school_class,
},
)
abort(500)
abort(501, f"{request.method} on this method not yet supported")
def book():
seat = request.json["seat"]
seat_type = request.json["seat_type"]
# Validate user input, must be an integer
if not is_integer(seat):
abort(400, "Seat must be integer")
# Seat integer must be within bookable range
seat_max = (
NUM_SEATS if seat_type == "standard" else
(NUM_CONSOLE_SEATS if seat_type == "console" else abort(
400, "Invalid seat_type") # only two types of seat
))
if int(seat) < 1 or int(seat) > seat_max:
abort(400, f"Seat must be in range 1 - {seat_max}")
# Check if this seat is already booked by querying the database
if (Booking.query.get(int(seat)) if seat_type == "standard" else
(ConsoleBooking.query.get(int(seat))
if seat_type == "console" else abort(400, "Invalid seat_type"))):
abort(400, "Seat already booked.")
# Check if this user already has a booking
if (len((
Booking.query.filter_by(email=session["google_email"]).all()
if seat_type == "standard" else
(ConsoleBooking.query.filter_by(email=session["google_email"]).all()
if seat_type == "console" else abort(400, "Invalid seat_type")
# bad seat_type would have triggered abort earlier but good practice to always handle bad data
)
)) != 0 # realized this is whole if-statement is quite unreadable but it is very compact
):
abort(
400,
"You have already booked a seat. Contact administrator for help with cancellation or seat movement.",
)
# Retrieve current user object
user = User.query.filter_by(email=session["google_email"]).one()
# Create new booking object
booking = (Booking(
seat=int(seat),
name=session["google_name"],
email=session["google_email"],
school_class=user.school_class,
paid=False,
) if seat_type == "standard" else (ConsoleBooking(
seat=int(seat),
name=session["google_name"],
email=session["google_email"],
school_class=user.school_class,
paid=False,
) if seat_type == "console" else abort(400, "Invalid seat_type")))
# Add to database
db.session.add(booking)
db.session.commit()
return base_req()
def error_501(e):
return base_req(status=False, http_code=501, message=e.description)
def error_429(e):
return base_req(status=False, http_code=429, message=e.description)
