Exemplo n.º 1
0
def get_specific_gvar(key):
    get_user_info()  # endpoint requires auth
    gvar = current_app.mdb.gvars.find_one({"key": key})
    if gvar is None:
        return "Gvar not found", 404

    return jsonify(gvar)
Exemplo n.º 2
0
def gvar_list():
    user = get_user_info()
    data = {
        "owned": list(mdb.gvars.find({"owner": user.id})),
        "editable": list(mdb.gvars.find({"editors": user.id}))
    }
    return jsonify(data)
Exemplo n.º 3
0
def user_tomes():
    user = get_user_info()
    data = list(mdb.tomes.find({"$or": [{"owner.id": user.id}, {"editors.id": user.id}]}))
    for tome in data:
        tome['numSpells'] = len(tome['spells'])
        del tome['spells']
    return jsonify(data)
Exemplo n.º 4
0
def put_tome(tome):
    user = get_user_info()
    reqdata = request.json
    data = mdb.tomes.find_one({"_id": ObjectId(tome)}, ['owner', 'editors'])
    if data is None:
        return "Tome not found", 404
    if user.id != data['owner']['id'] and user.id not in [e['id'] for e in data['editors']]:
        return "You do not have permission to edit this tome", 403

    for field in IGNORED_FIELDS:
        if field in reqdata:
            reqdata.pop(field)

    if not all(k in TOME_FIELDS for k in reqdata):
        return "Invalid field", 400
    if "spells" in reqdata:
        for spell in reqdata['spells']:
            if not all(k in SPELL_FIELDS for k in spell):
                return f"Invalid spell field in {spell}", 400
            try:
                validate(spell)
            except ValidationError as e:
                return str(e), 400

    mdb.tomes.update_one({"_id": ObjectId(tome)}, {"$set": reqdata})
    return "Tome updated."
Exemplo n.º 5
0
def user_packs():
    user = get_user_info()
    data = list(mdb.packs.find({"$or": [{"owner.id": user.id}, {"editors.id": user.id}]}))
    for pack in data:
        pack['numItems'] = len(pack['items'])
        del pack['items']
    return jsonify(data)
Exemplo n.º 6
0
def user_packs():
    user = get_user_info()
    data = list(_editable(user))
    for pack in data:
        pack['numItems'] = len(pack['items'])
        pack['owner'] = str(pack['owner'])
        del pack['items']
    return jsonify(data)
Exemplo n.º 7
0
def meta():
    user = get_user_info()
    data = list(
        current_app.mdb.characters.find({"owner": user.id}, [
            "upstream", "active", "name", "description", "image", "levels",
            "import_version"
        ]))
    return jsonify(data)
Exemplo n.º 8
0
def delete_pack(pack):
    user = get_user_info()
    if not _is_owner(user, ObjectId(pack)):
        return "You do not have permission to delete this pack", 403
    current_app.mdb.packs.delete_one({"_id": ObjectId(pack)})
    current_app.mdb.pack_subscriptions.delete_many(
        {"object_id": ObjectId(pack)})
    return "Pack deleted."
Exemplo n.º 9
0
def user_tomes():
    user = get_user_info()
    data = list(_editable(user))
    for tome in data:
        tome['numSpells'] = len(tome['spells'])
        tome['owner'] = str(tome['owner'])
        del tome['spells']
    return jsonify(data)
Exemplo n.º 10
0
def delete_tome(tome):
    user = get_user_info()
    if not _is_owner(user, ObjectId(tome)):
        return "You do not have permission to delete this tome", 403
    current_app.mdb.tomes.delete_one({"_id": ObjectId(tome)})
    current_app.mdb.tome_subscriptions.delete_many(
        {"object_id": ObjectId(tome)})
    return "Tome deleted."
Exemplo n.º 11
0
def customization_list():
    user = get_user_info()
    data = {
        "aliases": list(mdb.aliases.find({"owner": user.id})),
        "snippets": list(mdb.snippets.find({"owner": user.id})),
        "uvars": list(mdb.uvars.find({"owner": user.id}))
    }
    return jsonify(data)
Exemplo n.º 12
0
def user(the_user):
    info = get_user_info(discord_token_for(the_user.id))
    data = {
        "username": info.username,
        "discriminator": info.discriminator,
        "id": info.id,
        "avatarUrl": info.get_avatar_url()
    }
    return jsonify(data)
Exemplo n.º 13
0
def delete_pack(pack):
    user = get_user_info()
    data = mdb.packs.find_one({"_id": ObjectId(pack)}, ['owner', 'editors'])
    if data is None:
        return "Pack not found", 404
    if user.id != data['owner']['id']:
        return "You do not have permission to delete this pack", 403
    mdb.packs.delete_one({"_id": ObjectId(pack)})
    return "Pack deleted."
Exemplo n.º 14
0
def alias_delete(name):
    user = get_user_info()
    result = current_app.mdb.aliases.delete_one({
        "owner": user.id,
        "name": name
    })
    if not result.deleted_count:
        return "Alias not found.", 404
    return "Alias deleted."
Exemplo n.º 15
0
def snippet_delete(name):
    user = get_user_info()
    result = current_app.mdb.snippets.delete_one({
        "owner": user.id,
        "name": name
    })
    if not result.deleted_count:
        return "Snippet not found.", 404
    return "Snippet deleted."
Exemplo n.º 16
0
def user():
    info = get_user_info()
    data = {
        "username": info.username,
        "discriminator": info.discriminator,
        "id": info.id,
        "avatarUrl": info.get_avatar_url()
    }
    return jsonify(data)
Exemplo n.º 17
0
def attacks(upstream):
    """Returns a character's overriden attacks."""
    user = get_user_info()
    data = current_app.mdb.characters.find_one(
        {
            "owner": user.id,
            "upstream": upstream
        }, ["overrides"])
    return jsonify(data['overrides']['attacks'])
Exemplo n.º 18
0
def delete_tome(tome):
    user = get_user_info()
    data = mdb.tomes.find_one({"_id": ObjectId(tome)}, ['owner', 'editors'])
    if data is None:
        return "Tome not found", 404
    if user.id != data['owner']['id']:
        return "You do not have permission to delete this tome", 403
    mdb.tomes.delete_one({"_id": ObjectId(tome)})
    return "Tome deleted."
Exemplo n.º 19
0
def gvar_delete(key):
    user = get_user_info()
    gvar = mdb.gvars.find_one({"key": key}, ['owner'])
    if gvar is None:
        return "Gvar not found", 404
    if gvar['owner'] != user.id:
        return "You do not have permission to delete this gvar", 403
    mdb.gvars.delete_one({"key": key})
    return "Gvar deleted."
Exemplo n.º 20
0
def user_stats():
    info = get_user_info()
    data = {
        "numCharacters":
        mdb.characters.count_documents({"owner": info.id}),
        "numCustomizations":
        sum((mdb.aliases.count_documents({"owner": info.id}),
             mdb.snippets.count_documents({"owner": info.id})))
    }
    return jsonify(data)
Exemplo n.º 21
0
def get_tome(tome):
    user_id = None
    if 'Authorization' in request.headers:
        user_id = get_user_info().id
    data = mdb.tomes.find_one({"_id": ObjectId(tome)})
    if data is None:
        return "Tome not found", 404
    if not data['public'] and data['owner']['id'] != user_id and user_id not in [e['id'] for e in data['editors']]:
        return "You do not have permission to view this tome", 403
    return jsonify(data)
Exemplo n.º 22
0
def get_pack(pack):
    user = None
    if 'Authorization' in request.headers:
        user = get_user_info()
    data = current_app.mdb.packs.find_one({"_id": ObjectId(pack)})
    if data is None:
        return "Pack not found", 404
    if not _can_view(user, ObjectId(pack)):
        return "You do not have permission to view this pack", 403
    data['owner'] = str(data['owner'])
    return jsonify(data)
Exemplo n.º 23
0
def get_pack_editors(pack):
    user = get_user_info()
    if not _can_view(user, ObjectId(pack)):
        return "You do not have permission to view this pack", 403

    data = [
        str(sd['subscriber_id']) for sd in
        current_app.mdb.pack_subscriptions.find({
            "type": "editor",
            "object_id": ObjectId(pack)
        })
    ]

    return jsonify(data)
Exemplo n.º 24
0
def gvar_update(key):
    user = get_user_info()
    data = request.json
    gvar = mdb.gvars.find_one({"key": key}, ['owner', 'editors'])
    if data is None:
        return "No data found", 400
    if 'value' not in data:
        return "Missing value field", 400
    if gvar is None:
        return "Gvar not found", 404
    if gvar['owner'] != user.id and user.id not in gvar.get('editors', []):
        return "You do not have permission to edit this gvar", 403
    if len(data['value']) > 100000:
        return "Gvars must be less than 100KB", 400
    mdb.gvars.update_one({"key": key}, {"$set": {"value": data['value']}})
    return "Gvar updated."
Exemplo n.º 25
0
def new_pack():
    user = get_user_info()
    reqdata = request.json
    if reqdata is None:
        return "No data found", 400
    if 'name' not in reqdata:
        return "Missing name field", 400
    pack = {
        'name': reqdata['name'],
        'public': bool(reqdata.get('public', False)),
        'desc': reqdata.get('desc', ''),
        'image': reqdata.get('image', ''),
        'owner': int(user.id),
        'items': []
    }
    result = current_app.mdb.packs.insert_one(pack)
    data = {"success": True, "packId": str(result.inserted_id)}
    return jsonify(data)
Exemplo n.º 26
0
def gvar_new():
    user = get_user_info()
    data = request.json
    if data is None:
        return "No data found", 400
    if 'value' not in data:
        return "Missing value field", 400
    if len(data['value']) > 100000:
        return "Gvars must be less than 100KB", 400
    key = str(uuid.uuid4())
    gvar = {
        "owner": user.id,
        "key": key,
        "owner_name": f"{user.username}#{user.discriminator}",
        "value": data['value'],
        "editors": []
    }
    mdb.gvars.insert_one(gvar)
    return f"Gvar {key} created."
Exemplo n.º 27
0
def put_pack(pack):
    user = get_user_info()
    reqdata = request.json
    if not _can_edit(user=user, obj_id=ObjectId(pack)):
        return "You do not have permission to edit this pack", 403

    for field in IGNORED_FIELDS:
        if field in reqdata:
            reqdata.pop(field)

    if not all(k in PACK_FIELDS for k in reqdata):
        return "Invalid field", 400
    if "items" in reqdata:
        for item in reqdata['items']:
            if not all(k in ITEM_FIELDS for k in item):
                return f"Invalid item field in {item}", 400

    current_app.mdb.packs.update_one({"_id": ObjectId(pack)},
                                     {"$set": reqdata})
    return "Pack updated."
Exemplo n.º 28
0
def uvar_update(name):
    user = get_user_info()
    data = request.json
    if data is None:
        return "No data found", 400
    if 'value' not in data:
        return "Missing value field", 400
    if not data['value']:
        return "Value cannot be blank", 400
    if len(data['value']) > 4000:
        return "Value must be less than 4KB", 400

    mdb.uvars.update_one({
        "owner": user.id,
        "name": name
    }, {"$set": {
        "value": data['value']
    }},
                         upsert=True)
    return "Uvar updated."
Exemplo n.º 29
0
def new_tome():
    user = get_user_info()
    reqdata = request.json
    if reqdata is None:
        return "No data found", 400
    if 'name' not in reqdata:
        return "Missing name field", 400
    tome = {
        'name': reqdata['name'],
        'public': bool(reqdata.get('public', False)),
        'desc': reqdata.get('desc', ''),
        'image': reqdata.get('image', ''),
        'owner': user.to_dict(),
        'editors': [],
        'subscribers': [],
        'active': [],
        'server_active': [],
        'spells': []
    }
    result = mdb.tomes.insert_one(tome)
    data = {"success": True, "tomeId": str(result.inserted_id)}
    return jsonify(data)
Exemplo n.º 30
0
def put_attacks(upstream):
    """Sets a character's attack overrides. Must PUT a list of attacks."""
    user = get_user_info()
    the_attacks = request.json

    # validation
    try:
        _validate_attacks(the_attacks)
    except ValidationError as e:
        return str(e), 400

    # write
    response = current_app.mdb.characters.update_one(
        {
            "owner": user.id,
            "upstream": upstream
        }, {"$set": {
            "overrides.attacks": the_attacks
        }})

    # respond
    if not response.matched_count:
        return "Character not found", 404
    return "Attacks updated."