def post(self, json): # User set by AuthenticatedApiEndpoint group_id = json["group_id"] group = Group.query.get(group_id) if self.user in group.owners: name = json["name"] description = json["description"] start_time = time.parse_time(json["start_time"]).replace(tzinfo=None) end_time = time.parse_time(json["end_time"]).replace(tzinfo=None) if json["event_id"] == 0: print "ADD EVENT" event = Event(group, name, description, start_time, end_time) db.session.add(event) db.session.commit() else: event = Event.query.get(int(json["event_id"])) event.name = name event.description = description event.start_time = start_time event.end_time = end_time event.group_id = group_id event.group = group db.session.commit() return api.json_ok({ "event_id": event.id, }) else: return api.json_error( "REQUEST_DENIED", "User not member of group" )
def get(self, group_id=None): group = Group.query.get(group_id) if group and self.user in group.owners: return api.json_ok({ "card_uids": group.get_member_card_uids(), }) return api.json_error( "RESOURCE_ERROR", "Group does not exist" )
def get(self, group_id=None): group = Group.query.get(group_id) if group and self.user in group.owners: return api.json_ok({ "group": group.to_json(), }) return api.json_error( "RESOURCE_ERROR", "Group does not exist" )
def post(self, json): if self.user.is_admin: group = Group(json['name'], self.user, description=json['description']) try: db.session.add(group) db.session.commit() except db.IntegrityError: return api.json_error( "REQUEST_DENIED", "A group with that name already exists" ) return api.json_ok({ "group": group.to_json() }) return api.json_error( "UNAUTHORISED", "You are not admin" )
def get(self, event_id=None): event = Event.query.get(event_id) if event is not None: group = Group.query.get(event.group_id) if group and self.user in group.owners: return api.json_ok({ "event": event.to_json() }) return api.json_error( "RESOURCE_ERROR", "The requested event could not be found" )
def delete(self, event_id=None): event = Event.query.get(event_id) if event: group = Group.query.get(event.group_id) if self.user in group.owners: db.session.delete(event) db.session.commit() return api.json_ok() return api.json_error( "RESOURCE_ERROR", "The requested event could not be found" )
def test_json_error(self): response = api.json_error('UNAUTHORISED', 'Invalid auth token') self.assertEquals(response['status'], 'UNAUTHORISED') self.assertEquals(response['error_detail'], 'Invalid auth token')