Пример #1
0
def event(event_id, resource=None):
    # Fetch event.
    event = Event.match(graph, event_id).first()
    if not event:
        abort(404, description='Resource not found')
    # Fetch the person making the request
    req_user = auth_get_req_user(request)
    owner_req = req_user.__primaryvalue__ == event.owner_id
    guest_req = event_id in list(
        e.__primaryvalue__ for e in req_user.InvitedTo)

    if request.method == 'GET':
        if owner_req or guest_req:  # access is authorized
            if not resource:
                # Request specific event.
                    return jsonify(event.json_repr(graph))
                # Request specific resource associated with the event
            if resource in [CIRCLE, CIRCLES]:
                return jsonify(
                    list(event.circles_of(graph, event_id))[0].json_repr(graph))
            elif resource == PEOPLE:
                return event.json_repr(graph)['People']
            abort(404, description='Invalid resource specified')
        abort(403, description='Unauthorized event update')

    elif request.method == 'PUT':
        if owner_req or guest_req:  # access is authorized
            try:
                req_json = request.get_json()
                e = Event.from_json(req_json, graph, push_updates=False)
                event.update_to(graph, e)
                return SUCCESS_JSON
            except KeyError as e:
                bad_request('Request JSON must include key %s' % e)
            except GraphError as e:
                bad_request(e)
        abort(403, description='Unauthorized event request')

    elif request.method == 'DELETE':
        if owner_req:
            event.delete(graph)
            return SUCCESS_JSON
        abort(403, description='Unauthorized event deletion request')
Пример #2
0
def post_event():
    req_json = request.get_json()
    # Fetch the person making the request
    req_user = auth_get_req_user(request)
    # Fetch the circle that the request is associated with
    circle = Circle.match(graph, req_json.get('Circle')).first()
    if not circle:
        abort(404, description='Invalid Circle Specified')
    owner_req = req_user.__primaryvalue__ == circle.owner_id
    member_req = circle.__primaryvalue__ in list(
        c.__primaryvalue__ for c in req_user.IsMember)
    member_valid_ping = owner_req or (member_req and circle.members_can_ping)
    if owner_req or member_valid_ping:
        try:
            e = Event.from_json(req_json, graph, push_updates=True)
            notif_manager.send_event_notif(
                graph, circle, e, req_user.__primaryvalue__)
            return SUCCESS_JSON
        except KeyError as e:
            bad_request('Request JSON must include key %s' % e)
        except GraphError as e:
            bad_request(e)
    abort(403, description='Insufficient Permissions')