def user_login():
if request.method == 'POST':
try:
description = request.values.get('description')
creater_user_id = request.values.get('user_id')
if not description:
return json.dumps({'error':'discription_IS_MANDOTRY','status':0})
if not creater_user_id:
return json.dumps({'error':'PLS_GIVE_CURRENT_USER_ID','status':0})
q = Notes(description=description,creater_user_id=creater_user_id)
db.session.add(q)
db.session.commit()
js={'status':1,'message':'notes created successfully!!'}
return json.dumps(js)
except Exception as e:
print "==SOMETHING WENT WRONG!!",str(e)
return json.dumps({'error':'SOMETHING_WENT_WRONG_IN_POSTING_NOTES','status':0})
elif request.method == 'GET':
# get all the notes
result_set_data=[]
q = db.session.query(Notes.description,User.user_firstname,User.id.label('Creator_user_id'))
q = q.join(User,Notes.creater_user_id == User.id)
q = q.filter(User.status == 'A').all()
if q:
result_set_data = [u._asdict() for u in q]
return json.dumps({'status':1,'data':result_set_data})
elif request.method == 'PUT':
#get user id and notes id of the person editing the notes
user_id = request.values.get('user_id')
notes_id = request.values.get('notes_id')
print "==notes_id",notes_id
if not user_id:
return json.dumps({'error':'user_id_IS_MANDOTRY_FOR_UPDATING RECORDS','status':0})
elif not notes_id:
return json.dumps({'error':'notes_id_IS_MANDOTRY_FOR_UPDATING RECORDS','status':0})
# check whether the user has right to change the note
if validate_access_for_notes(user_id=user_id,notes_id=notes_id,action='UPDATE'):
description = request.values.get('description')
if not description:
return json.dumps({'error':'discription_IS_MANDOTRY','status':0})
q = db.session.query(Notes).filter(Notes.id == notes_id).update({
'description':description
})
db.session.commit()
return json.dumps({'status':1,'message':'notes updated successfully!!'})
else:
return json.dumps({'status':0,'error':'ACCESS_DENIED'})
else:
return json.dumps({'error':'UNAUTHORISED_METHOD_FOR_ACCESS','status':0})
