def removeUserFromCourse(token, userId, courseId):
"""
<span class="card-title">>This Call will remove a user from a course</span>
<br>
<b>Route Parameters</b><br>
- seToken: 'seToken'<br>
- userId: 0987654321,<br>
- 'courseId': 1234567890<br>
<br>
<br>
<b>Payload</b><br>
- NONE
{<br>
}<br>
<br>
<b>Response</b>
<br>
200 - User updated
<br>
400 - Bad Request
"""
requestingUser = get_user_by_token(token)
if requestingUser is None:
return bad_request("Bad User Token")
try:
userToRemove = User.get_by_id(int(userId))
except Exception as e:
return bad_request("Bad id format")
if userToRemove is None:
return bad_request("No such user to remove")
#check Course Exists
course = Course.get_by_id(int(courseId))
if course is None:
return bad_request("No such Course!")
#check if user is owner of Course
if requestingUser.key().id() != course.master_id:
# check if user want to delete itself
if requestingUser.key().id() != userToRemove.key().id():
return forbidden("No permission to delete user")
try:
userToRemove.courses_id_list.remove(courseId)
course.membersId.remove(userToRemove.key().id())
except Exception as e:
return bad_request("user is not listed to this course")
#remove user from all projects in course
projects = Project.all().filter("courseId =", course.key().id())
for p in projects:
if p.key().id() in userToRemove.projects_id_list:
userToRemove.projects_id_list.remove(p.key().id())
p.membersId.remove(userToRemove.key().id())
db.put(p)
db.put(userToRemove)
db.put(course)
db.save
return Response(response=userToRemove.to_JSON(),
status=200,
mimetype="application/json") # Real response!
