def post(self): errors = [] output = "" user = users.get_current_user() authz = Authz(user) self.response.headers["Content-type"] = "application/json" # check for authorization to create new trips & verify this is in fact # a request to create a new trip try: # user allowed to create trips? authz.createTrip() except PermissionError as e: # this permission error could have come from authz or locally errors.append({"message": e.args}) # bail if we hit authz errors if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output) return # user is allowed, so go ahead and try to create this thing #logging.debug(self.request.body) data = TripUnpacker().unpack_post(self.request) #logging.debug(data) if data['name'] == "" or data['password'] == "": errors.append({"message": "Trip name and password are required."}) else: try: trip = Trip(name=data['name'], password=data['password'], owner=user) # get traveler names raw_travelers = data['travelers'] if len(raw_travelers) > Config.limits.travelers_per_trip: logging.warning('Attempt to add too many travelers: %s', user.nickname) raw_travelers = raw_travelers[:Config.limits. travelers_per_trip] travelers = [] for traveler in raw_travelers: if traveler.strip() != "": travelers.append(traveler.strip()) trip.travelers = travelers # get dates # TODO: validation that these dates are sane and properly ordered start_date = dateparse(data['start_date']) end_date = dateparse(data['end_date']) trip.start_date = start_date.date() #logging.debug("start date = " + str(start_date.date())) trip.end_date = end_date.date() #logging.debug("end date = " + str(end_date.date())) trip.put() output = GqlEncoder().encode({ "id": "%s" % trip.key(), 'modify_date': trip.modify_date, 'start_date': trip.start_date, 'end_date': trip.end_date, }) except Exception as e: logging.exception(e) errors.append({"message": "Unexpected error creating trip"}) if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output)
def post(self, trip_key): errors = [] output = "" user = users.get_current_user() authz = Authz(user) self.response.headers["Content-type"] = "application/json" # check for authorization to create expenses for this trip & verify this # is in fact a request to create a new expense try: # get the trip trip = Trip.get(trip_key) # verify the user is authorized to create an expense on this trip authz.createExpense(trip) except PermissionError as e: # this permission error could have come from authz or locally errors.append({"message": e.args}) except db.BadKeyError: errors.append({"message": "Invalid trip key"}) except Exception as e: logging.exception(e) errors.append({"message": "Unexpected error loading trip"}) # bail if we hit authz errors if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output) return # having passed authz, let's try creating the expense data = ExpenseUnpacker().unpack_post(self.request) if data['description'] == "" or data['value'] == "" or data[ 'payer'] == "": errors.append( {"message": "Description, value, and payer are required."}) elif len(data['travelers']) == 0: errors.append({ "message": "At least one person must be specified as a traveler." }) else: try: expense = Expense( parent=trip.key(), creator=user, description=data['description'], value=int(data['value']), currency="USD", ) # get the expense date expense_date = dateparse(data['expense_date']) expense.expense_date = expense_date.date() # TODO: make sure these travelers are actually on the trip expense.travelers = data['travelers'] # TODO: ensure the payer is actually a traveler expense.payer = data['payer'] expense.put() output = GqlEncoder().encode({ "id": "%s" % expense.key(), 'modify_date': expense.modify_date, 'expense_date': expense.expense_date, 'value': expense.value, }) except Exception as e: logging.exception(e) errors.append({"message": "Unexpected error creating expense"}) if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output)
def _scrub(self, property, val): # TODO: scrub data according to the property name if property in ["start_date", "end_date"]: return dateparse(val).date() return val
def post(self): errors = [] output = "" user = users.get_current_user() authz = Authz(user) self.response.headers["Content-type"] = "application/json" # check for authorization to create new trips & verify this is in fact # a request to create a new trip try: # user allowed to create trips? authz.createTrip() except PermissionError as e: # this permission error could have come from authz or locally errors.append({"message": e.args}) # bail if we hit authz errors if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output) return # user is allowed, so go ahead and try to create this thing # logging.debug(self.request.body) data = TripUnpacker().unpack_post(self.request) # logging.debug(data) if data["name"] == "" or data["password"] == "": errors.append({"message": "Trip name and password are required."}) else: try: trip = Trip(name=data["name"], password=data["password"], owner=user) # get traveler names raw_travelers = data["travelers"] if len(raw_travelers) > Config.limits.travelers_per_trip: logging.warning("Attempt to add too many travelers: %s", user.nickname) raw_travelers = raw_travelers[: Config.limits.travelers_per_trip] travelers = [] for traveler in raw_travelers: if traveler.strip() != "": travelers.append(traveler.strip()) trip.travelers = travelers # get dates # TODO: validation that these dates are sane and properly ordered start_date = dateparse(data["start_date"]) end_date = dateparse(data["end_date"]) trip.start_date = start_date.date() # logging.debug("start date = " + str(start_date.date())) trip.end_date = end_date.date() # logging.debug("end date = " + str(end_date.date())) trip.put() output = GqlEncoder().encode( { "id": "%s" % trip.key(), "modify_date": trip.modify_date, "start_date": trip.start_date, "end_date": trip.end_date, } ) except Exception as e: logging.exception(e) errors.append({"message": "Unexpected error creating trip"}) if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output)
def post(self, trip_key): errors = [] output = "" user = users.get_current_user() authz = Authz(user) self.response.headers["Content-type"] = "application/json" # check for authorization to create expenses for this trip & verify this # is in fact a request to create a new expense try: # get the trip trip = Trip.get(trip_key) # verify the user is authorized to create an expense on this trip authz.createExpense(trip) except PermissionError as e: # this permission error could have come from authz or locally errors.append({"message": e.args}) except db.BadKeyError: errors.append({"message": "Invalid trip key"}) except Exception as e: logging.exception(e) errors.append({"message": "Unexpected error loading trip"}) # bail if we hit authz errors if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output) return # having passed authz, let's try creating the expense data = ExpenseUnpacker().unpack_post(self.request) if data["description"] == "" or data["value"] == "" or data["payer"] == "": errors.append({"message": "Description, value, and payer are required."}) elif len(data["travelers"]) == 0: errors.append({"message": "At least one person must be specified as a traveler."}) else: try: expense = Expense( parent=trip.key(), creator=user, description=data["description"], value=int(data["value"]), currency="USD", ) # get the expense date expense_date = dateparse(data["expense_date"]) expense.expense_date = expense_date.date() # TODO: make sure these travelers are actually on the trip expense.travelers = data["travelers"] # TODO: ensure the payer is actually a traveler expense.payer = data["payer"] expense.put() output = GqlEncoder().encode( { "id": "%s" % expense.key(), "modify_date": expense.modify_date, "expense_date": expense.expense_date, "value": expense.value, } ) except Exception as e: logging.exception(e) errors.append({"message": "Unexpected error creating expense"}) if len(errors) > 0: self.response.set_status(400) output = json.dumps({"error": errors}) self.response.out.write(output)