def edit_one(g_id): if user_id == -1: return jsonify({'status': '200', 'message': 'Not logged in'}) if access_level != 'admin': return jsonify({'status': '403', 'message': 'Forbidden'}) current = database_action(None, None, None, str(g_id)) if current: current = Event(current[0]) current_args = current.to_write() for x in request.args: if x not in current_args: return jsonify({'status': '400', 'message': 'No such parameter'}) if x == 'id': return jsonify({'status': '400', 'message': 'You cannot edit ID'}) if x == 'user_id': return jsonify({'status': '400', 'message': 'You cannot edit user id'}) result_dict = current.edit_entire_event(request.args) if result_dict['status'] == '200': to_do = [] for x in request.args: to_do.append(str(x + " = \'" + str(request.args[x]) + "\'")) cursor.execute("UPDATE events SET " + (', '.join(to_do)) + " WHERE id = " + g_id + ";") db.commit() return jsonify(result_dict) else: return jsonify({'status': '404', 'message': 'No such ID'})