def update_scheduleitem(event_id, index):
index = int(index)
user_id = auth.check_token( request.headers.get('session') )
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id( user_id )
if not user:
return "Unauthorized request: User doesn't have permission", 401
event = Event.find_event( event_id )
if not event:
return "Event not found", 404
if not (0 <= index < len(event.schedule)):
return "Schedule Item not found", 404
schedule = event.schedule[index]
for key, value in request.get_json().items():
if not key.startswith('_'): # Some security
setattr(schedule, key, value)
event.schedule[index] = schedule;
return event.to_json()
def create_post(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return "Unauthorized request: Bad session token", 401
organizer = Organizer.find_id(user_id)
if not organizer:
return "Unauthorized request: User doesn't have permission", 401
event = Event.find_event(event_id)
if not event:
return "Event not found", 404
body = request.get_json()
post = Post()
post.event = event
post.author = organizer
post.time = datetime.utcnow()
post.image = body.get('image')
post.title = body.get('title')
post.body = body.get('body')
post.notif = body.get('notif')
post.save()
if not post.id:
return "Error creating post", 500
# If post.notif, send text message to all attendees
return post.to_json()
def create_scheduleitem(event_id):
user_id = auth.check_token( request.headers.get('session') )
if not user_id:
return "Unauthorized request: Bad session token", 401
organizer = Organizer.find_id( user_id )
if not organizer:
return "Unauthorized request: User doesn't have permission", 401
event = Event.find_event( event_id )
if not event:
return "Event not found", 404
body = request.get_json()
schedule = ScheduleItem(
title=body.get('title'),
location=body.get('location'),
time = dateParser.parse( body.get('time') )
)
event.schedule.append(schedule)
event.save()
event.reload()
return event.to_json()
def update_discount(event_id, discount_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
user = Organizer.find_id(user_id)
if not user or user.type != "organizer":
return send_error("Unauthorized request: User doesn't have permission",
401)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
discount = Discount.find_id(discount_id)
if not discount:
return send_error("Discount not found", 404)
for key, value in request.get_json().items():
if not key.startswith('_'): # Some security
setattr(discount, key, value)
discount.save()
return discount.to_json()
def get_attendees(event_id, attendee_type):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id(user_id)
if not user:
return "Unauthorized request: User doesn't have permission", 401
if not event_id:
return "Event ID required", 400
event = Event.find_event(event_id)
if not event:
return "Event not found", 404
attendee_type = attendee_type.lower()
if attendee_type not in ['attendees', 'students', 'mentors', 'organizers']:
return "Invalid Attendee Type", 404
attendees = None
if attendee_type == 'attendees':
attendees = {
'students': [],
'mentors': [],
'organizers': [],
'checkins': []
}
for usr in User.objects(events=event.id):
if usr.type in ['student', 'mentor', 'organizer']:
attendees[usr.type + 's'].append(usr.to_dict())
else:
if not attendees['other']:
attendees['other'] = []
attendees['other'].append(usr.to_dict())
for usr in User.objects(checkins=event.id):
attendees['checkins'].append(usr.to_dict())
else:
attendees = []
attendee_cls = None
if attendee_type == 'students':
attendee_cls = Student
elif attendee_type == 'mentors':
attendee_cls = Mentor
elif attendee_type == 'organizers':
attendee_cls = Organizer
else:
attendee_cls = User
for usr in attendee_cls.objects(events=event.id):
attendees.append(usr.to_dict())
return json.dumps(attendees), 200, jsonType
def get_all():
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id(user_id)
if not user:
return "Unauthorized request: User doesn't have permission", 401
users = []
for usr in User.objects:
users.append(usr.to_dict())
return json.dumps(users), 200, jsonType
def remove_event(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id(user_id)
if not user:
return "Unauthorized request: User doesn't have permission", 401
event = Event.find_event(event_id)
if not event:
return "Event not found", 404
event.delete()
return 'Event deleted'
def all_discounts(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
user = Organizer.find_id(user_id)
if not user or user.type != "organizer":
return send_error("Unauthorized request: User doesn't have permission",
404)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
discounts = []
for d in Discount.objects(event=event):
discounts.append(d.to_dict())
return json.dumps(discounts), 200, jsonType
def delete_scheduleitem(event_id, index):
index = int(index)
user_id = auth.check_token( request.headers.get('session') )
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id( user_id )
if not user:
return "Unauthorized request: User doesn't have permission", 401
event = Event.find_event( event_id )
if not event:
return "Event not found", 404
if not (0 <= index < len(event.schedule)):
return "Schedule item not found", 404
event.schedule.pop(index)
return 'Schedule item deleted'
def update_event(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id(user_id)
if not user:
return "Unauthorized request: User doesn't have permission", 401
event = Event.find_event(event_id)
if not event:
return "Event not found", 404
for key, value in request.get_json().items():
if not key.startswith('_'): # Some security
setattr(event, key, value)
event.save()
return event.to_json()
def signup():
form_name = request.json['name']
form_email = request.json['email']
form_password = request.json['password']
form_type = request.json['type'] # student or mentor
if len(form_password) < 8:
return 'Password must be 8 characters or longer', 400
if User.objects(email=form_email).first():
return 'Email already exists', 400
user = User()
if form_type == 'student':
user = Student()
elif form_type == 'mentor':
user = Mentor()
elif form_type == 'organizer':
if app.config['PRODUCTION']:
return "Error: User doesn't have permission", 401
user = Organizer()
for key, value in request.get_json().items():
if key == "password":
setattr(user, key,
bcrypt.hashpw(value.encode('utf-8'), bcrypt.gensalt()))
elif not key.startswith(
'_'
) and not key == "id" and not key == "type" and value != "": # Some security
setattr(user, key, value)
user.save()
if not user.id:
return 'Error creating account', 500
return json.dumps({
'session': auth.create_token(user.id),
'user': user.to_dict()
}), 200, jsonType
def delete_discount(event_id, discount_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
user = Organizer.find_id(user_id)
if not user:
return send_error("Unauthorized request: User doesn't have permission",
401)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
discount = Discount.find_id(discount_id)
if not discount:
return send_error("Discount not found", 404)
discount.delete()
return 'Discount deleted'
def checkout(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id(user_id)
if not user:
return "Unauthorized request: User doesn't have permission", 401
event = Event.find_event(event_id)
if not event:
return "Event not found", 404
attendee = User.find_id(request.json['attendee_id'])
if not attendee:
return "Attendee not found", 404
if event in attendee.checkins:
attendee.checkins.remove(event)
attendee.save()
return json.dumps({"status": "removed"}), 200, jsonType
def create_event():
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return "Unauthorized request: Bad session token", 401
user = Organizer.find_id(user_id)
if not user:
return "Unauthorized request: User doesn't have permission", 401
body = request.get_json()
event = Event()
event.name = body.get('name')
event.start_date = dateParser.parse(body.get('start_date'))
event.end_date = dateParser.parse(body.get('end_date'))
event.registration_end = dateParser.parse(body.get('registration_end'))
event.location = body.get('location')
event.address = body.get('address')
event.image = body.get('image')
event.city = body.get('city')
event.slug = body.get('slug')
if body.get('price'):
event.price = int(body.get('price'))
event.save()
user.events.append(event)
user.save()
if not event.id:
return "Error creating event", 500
return event.to_json()
def create_discount(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
organizer = Organizer.find_id(user_id)
if not organizer:
return send_error("Unauthorized request: User doesn't have permission",
401)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
body = request.get_json()
if Discount.objects(code=body.get('code').lower(), event=event):
return send_error("Code already exists", 400)
discount = Discount()
discount.event = event
discount.title = body.get('title')
discount.amount = body.get('amount')
discount.code = body.get('code').lower()
if body.get('limit'):
discount.limit = body.get('limit')
discount.save()
if not discount.id:
return send_error("Error creating discount", 500)
return discount.to_json()