def listToProductRequest(list_id, product_id):
auth_token = token_getter()
if request.method == 'DELETE':
if type(auth_token) is not int:
return jsonify(
{'error':
"you must log in to delete a product from the list"}), 400
try:
list_to_product = ListToProduct.query.filter_by(
list_id=int(list_id), product_id=product_id).first()
list_user_id = List.query.filter_by(
id=int(list_id)).first().user_id
if int(list_user_id) == int(auth_token) and list_to_product:
db.session.delete(list_to_product)
db.session.commit()
return jsonify({
'response':
"Product '{}' was successfully deleted from the List '{}'".
format(product_id, list_id)
}), 200
else:
return jsonify({
"error":
"unauthorized access or list connection does not exist"
})
except Exception as e:
print(e)
return jsonify({'error': "{}".format(e.__cause__)}), 400
def getFollowers():
auth_token = token_getter()
try:
user = User.query.get(auth_token)
followers = user.followers.all()
return jsonify([user.serialize for user in followers]), 200
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
def listToProductsRequest(list_id):
auth_token = token_getter()
if request.method == 'GET':
try:
list = List.query.filter_by(id=int(list_id)).first()
list_user_id = list.user_id
list_privacy = list.private
if list_user_id == auth_token or list_privacy == False:
products_in_list = ListToProduct.query.filter_by(
list_id=list_id)
return jsonify(
[product.serialize for product in products_in_list])
else:
return jsonify({"error": "user has set list to private"})
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
# can only add a product to a list if logged-in and the list is owned by the user
if request.method == 'POST':
if type(auth_token) is not int:
return jsonify(
{'error': "you must log in to add a product to a list"}), 400
else:
try:
list_user_id = List.query.filter_by(
id=int(list_id)).first().user_id
body = request.get_json()
list_to_product = ListToProduct.query.filter_by(
list_id=int(list_id),
product_id=body['product_id']).first()
if int(list_user_id) == int(
auth_token) and not list_to_product:
list_product_connection = ListToProduct(
int(list_id), body['product_id'])
db.session.add(list_product_connection)
db.session.commit()
else:
return jsonify({
"error":
"you are unauthorized to add to the list or product was already added"
})
return jsonify(
{'response':
"item was successfully added to the list"}), 200
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
def getRelation(user_id):
auth_token = token_getter()
try:
loggedin_user = User.query.get(auth_token)
target_user = User.query.get(user_id)
following = (target_user.id in [
user.serialize['id'] for user in loggedin_user.followed.all()
])
follows_back = (loggedin_user.id in [
user.serialize['id'] for user in target_user.followed.all()
])
return jsonify({
"following": following,
"follows_back": follows_back
}), 200
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
def followersReqs(user_id):
auth_token = token_getter()
if type(auth_token) is not int:
return jsonify({"error": "must be signed in to follow users"}), 400
if request.method == 'POST':
if user_id == auth_token:
return jsonify({"error": "you can't follow yourself"}), 400
else:
try:
user = User.query.get(auth_token)
follow_user = User.query.get(user_id)
user.follow(follow_user)
db.session.commit()
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
return jsonify({
'response':
"you've successfully followed user {}".format(user_id)
}), 200
if request.method == 'DELETE':
if user_id == auth_token:
return jsonify({"error": "you can't unfollow yourself"}), 400
else:
try:
user = User.query.get(auth_token)
unfollow_user = User.query.get(user_id)
user.unfollow(unfollow_user)
db.session.commit()
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
return jsonify({
'response':
"you've successfully unfollowed user {}".format(user_id)
}), 200
def listRequests():
list_id = request.args.get('list_id', None)
user_id = request.args.get('user_id', None)
auth_token = token_getter()
if request.method == 'GET':
# checks to see if the client is logged-in, by seeing if an auth_token exists, if not then `auth_token = -1`
if type(auth_token) is not int:
auth_token = -1
# 1|0| Case 1: Where only the list_id is provided
if list_id:
try:
get_list = List.query.filter_by(id=list_id).first()
list_privacy = get_list.private
list_user_id = get_list.user_id
if list_privacy == False or int(list_user_id) == int(auth_token):
return jsonify(get_list.serialize)
else:
return jsonify({"error": "list is set to private"}), 403
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
# 0|1 Case 2: when only user_id is provided
if user_id:
try:
if int(user_id) == int(auth_token):
lists = List.query.filter_by(user_id=user_id)
return jsonify([list.serialize for list in lists]), 200
else:
lists = List.query.filter_by(
user_id=user_id, private=False)
return jsonify([list.serialize for list in lists]), 200
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
# 0|0 Case 3: when none is provided, we look at the auth_token and retrieve the lists
if auth_token != -1:
try:
lists = List.query.filter_by(user_id=auth_token)
return jsonify([list.serialize for list in lists]), 200
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
if request.method == 'POST':
# client must be logged-in in order to create a list, client is only restricted to create list for their own account
if type(auth_token) is not int:
return jsonify({'error': "you must log in to create a list"}), 400
else:
body = json.loads(request.get_data())
list_user_id = int(auth_token)
list_name = body['name']
# checks to see if list already exists
if not List.query.filter_by(user_id=list_user_id, name=list_name).first():
# checks to see if cloudinary works
new_img_url = replace_cloudinary_image(body['img_url'])
try:
list = List(list_user_id, list_name, new_img_url)
db.session.add(list)
db.session.commit()
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
return jsonify({'response': 'list successfully added'}), 200
else:
return jsonify({'error': 'list already exists'}), 400
if request.method == 'PUT':
# client must be logged-in in order to edit a list, client is only restricted to editting their own lists
if type(auth_token) is not int:
return jsonify({'error': "you must log in to edit the list"}), 400
else:
list = List.query.get(int(list_id))
if list.user_id == int(auth_token):
try:
req = request.get_json()
list.name = req.get("name", list.name)
list.private = req.get("private", list.private)
if "img_url" in req:
list.img_url = replace_cloudinary_image(req["img_url"])
db.session.commit()
return jsonify({"response": "List '{}' was updated".format(list_id)}), 200
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
else:
return jsonify({'error': "unauthorized access"}), 401
if request.method == 'DELETE':
# client must be logged-in in order to delete a list, client is only restricted to deleting their own lists
if type(auth_token) is not int:
return jsonify({'error': "you must logged-in, to delete the list"}), 400
else:
list = List.query.get(int(list_id))
if list.user_id == int(auth_token):
try:
list_to_product = ListToProduct.query.filter_by(
list_id=int(list_id)).delete()
db.session.delete(list)
db.session.commit()
return jsonify({'response': "List '{}' was successfully deleted from the database".format(list)}), 200
except Exception as e:
return jsonify({'error': "{}".format(e.__cause__)}), 400
else:
return jsonify({'error': "unauthorized access"}), 401