def _api_check(request, *args, **kwargs): # require api_account_id if 'api_account_id' not in request.REQUEST \ or request.REQUEST['api_account_id'] == '': return api_response_invalid(missing_field='api_account_id') # require api_access_key if 'api_access_key' not in request.REQUEST or \ request.REQUEST['api_access_key'] == '': return api_response_invalid(missing_field='api_access_key') # look for target company with matching access key api_account_id = request.REQUEST['api_account_id'] api_access_key = request.REQUEST['api_access_key'] try: company = Company.objects.get( api_account_id = api_account_id, api_access_key = api_access_key ) except ObjectDoesNotExist: return HttpResponse('Permission Denied', status=403) # save info on request for view function request.api_info = dict( api_account_id=api_account_id, api_access_key=api_access_key, company=company ) # continue to regular view function return view_func(request, *args, **kwargs)
def _api_check(request, *args, **kwargs): # require api_account_id if 'api_account_id' not in request.REQUEST \ or request.REQUEST['api_account_id'] == '': return api_response_invalid(missing_field='api_account_id') # require api_access_key if 'api_access_key' not in request.REQUEST or \ request.REQUEST['api_access_key'] == '': return api_response_invalid(missing_field='api_access_key') # look for target company with matching access key api_account_id = request.REQUEST['api_account_id'] api_access_key = request.REQUEST['api_access_key'] try: company = Company.objects.get(api_account_id=api_account_id, api_access_key=api_access_key) except ObjectDoesNotExist: return HttpResponse('Permission Denied', status=403) # save info on request for view function request.api_info = dict(api_account_id=api_account_id, api_access_key=api_access_key, company=company) # continue to regular view function return view_func(request, *args, **kwargs)
def get_recent_matches_for_player(request): company = request.api_info['company'] # require player_id if 'player_id' not in request.REQUEST or \ request.REQUEST['player_id'] == '': return api_response_invalid(missing_field='player_id') # validate player id try: player_id = int(request.REQUEST['player_id']) except TypeError: return api_response_invalid(invalid_field='player_id') except ValueError: return api_response_invalid(invalid_field='player_id') # find player try: player = Player.objects.get(pk=player_id) except ObjectDoesNotExist: return api_response(success=False, error='player not found', error_code='player_not_found') # confirm player is in company if not player.company.id == company.id: return api_response(success=False, error='permission denied', error_code='permission denied') # return matches matches = [serialize_match(m) for m in player.get_recent_matches()] return api_response(success=True, matches=matches)
def add_player(request): company = request.api_info['company'] # require name if 'name' not in request.REQUEST or \ request.REQUEST['name'] == '': return api_response_invalid(missing_field='name') name = request.REQUEST['name'] # check for duplicates existing_count = Player.objects.filter(name=name, company=company).count() if existing_count > 0: return api_response(success=False, error='duplicate player name', error_code='player_already_exists') # create a new player player = company.player_set.create( name=name, rank=company.player_set.count() + 1, rating=500, # todo: company can specify the starting rating ) # save company to update the last changed time company.save() return api_response(success=True, player_id=player.id)
def add_player(request): company = request.api_info['company'] # require name if 'name' not in request.REQUEST or \ request.REQUEST['name'] == '': return api_response_invalid(missing_field='name') name = request.REQUEST['name'] # check for duplicates existing_count = Player.objects.filter( name=name, company=company ).count() if existing_count > 0: return api_response( success=False, error='duplicate player name', error_code='player_already_exists' ) # create a new player player = company.player_set.create( name = name, rank = company.player_set.count() + 1, rating = 500, # todo: company can specify the starting rating ) # save company to update the last changed time company.save() return api_response(success=True, player_id=player.id)
def get_recent_matches_between_players(request): company = request.api_info['company'] # require player1_id and player2_id if 'player1_id' not in request.REQUEST or \ request.REQUEST['player1_id'] == '': return api_response_invalid(missing_field='player1_id') elif 'player2_id' not in request.REQUEST or \ request.REQUEST['player2_id'] == '': return api_response_invalid(missing_field='player2_id') # validate player ids try: player1_id = int(request.REQUEST['player1_id']) except TypeError: return api_response_invalid(invalid_field='player1_id') except ValueError: return api_response_invalid(invalid_field='player1_id') try: player2_id = int(request.REQUEST['player2_id']) except TypeError: return api_response_invalid(invalid_field='player2_id') except ValueError: return api_response_invalid(invalid_field='player2_id') # find players try: player1 = Player.objects.get(pk=player1_id) except ObjectDoesNotExist: return api_response( success=False, error='player1 not found', error_code='player_not_found' ) try: player2 = Player.objects.get(pk=player2_id) except ObjectDoesNotExist: return api_response( success=False, error='player2 not found', error_code='player_not_found' ) # confirm players are in company if not player1.company.id == company.id or \ not player2.company.id == company.id: return api_response( success=False, error='permission denied', error_code='permission denied' ) # return matches matches = [ serialize_match(m) for m in player1.get_recent_matches_with_player(player2)] return api_response(success=True, matches=matches)
def add_match(request): company = request.api_info['company'] # require winner_id and loser_id if 'winner_id' not in request.REQUEST or \ request.REQUEST['winner_id'] == '': return api_response_invalid(missing_field='winner_id') elif 'loser_id' not in request.REQUEST or \ request.REQUEST['loser_id'] == '': return api_response_invalid(missing_field='loser_id') # validate player ids try: winner_id = int(request.REQUEST['winner_id']) except TypeError: return api_response_invalid(invalid_field='winner_id') except ValueError: return api_response_invalid(invalid_field='winner_id') try: loser_id = int(request.REQUEST['loser_id']) except TypeError: return api_response_invalid(invalid_field='loser_id') except ValueError: return api_response_invalid(invalid_field='loser_id') # find players try: winner = Player.objects.get(pk=winner_id) except ObjectDoesNotExist: return api_response(success=False, error='winner not found', error_code='player_not_found') try: loser = Player.objects.get(pk=loser_id) except ObjectDoesNotExist: return api_response(success=False, error='loser not found', error_code='player_not_found') # confirm players are in company if not winner.company.id == company.id or \ not loser.company.id == company.id: return api_response(success=False, error='permission denied', error_code='permission denied') # create new match match = company.match_set.create(winner=winner, loser=loser, played_time=datetime.datetime.now()) # save company to update the last changed time company.save() return api_response(success=True, match_id=match.id)
def add_match(request): company = request.api_info['company'] # require winner_id and loser_id if 'winner_id' not in request.REQUEST or \ request.REQUEST['winner_id'] == '': return api_response_invalid(missing_field='winner_id') elif 'loser_id' not in request.REQUEST or \ request.REQUEST['loser_id'] == '': return api_response_invalid(missing_field='loser_id') # validate player ids try: winner_id = int(request.REQUEST['winner_id']) except TypeError: return api_response_invalid(invalid_field='winner_id') except ValueError: return api_response_invalid(invalid_field='winner_id') try: loser_id = int(request.REQUEST['loser_id']) except TypeError: return api_response_invalid(invalid_field='loser_id') except ValueError: return api_response_invalid(invalid_field='loser_id') # find players try: winner = Player.objects.get(pk=winner_id) except ObjectDoesNotExist: return api_response( success=False, error='winner not found', error_code='player_not_found' ) try: loser = Player.objects.get(pk=loser_id) except ObjectDoesNotExist: return api_response( success=False, error='loser not found', error_code='player_not_found' ) # confirm players are in company if not winner.company.id == company.id or \ not loser.company.id == company.id: return api_response( success=False, error='permission denied', error_code='permission denied' ) # create new match match = company.match_set.create( winner = winner, loser = loser, played_time = datetime.datetime.now() ) # save company to update the last changed time company.save() return api_response(success=True, match_id=match.id)