def wall_post(project_key, post_key=None): if request.method == "GET": try: posts = projects.get_all_posts_from_project(project_key) except NotFoundError: return abort(404) return jsonify(status="ok", posts=posts) elif request.method == "POST": try: if session["key"] in projects.get_project_json(project_key)["owners"]: post = projects.add_wall_post(project_key, request.json["content"], session["key"]) return jsonify(projects.wall_post_to_display_json(post)) else: return abort(403) except NotFoundError: return abort(404) elif request.method == "DELETE": try: post = projects.get_wall_post(post_key) except NotFoundError: return abort(404) if post.getRawData("author") == session["key"]: post.delete() return jsonify(status="ok") else: return abort(403)
def view_project(project_key): try: project = projects.get_project_json(project_key) except NotFoundError: return abort(404) project["status"] = "ok" return jsonify(project)
def df(project_key, *args, **kwargs): userkey = session.get("key", False) try: project_json = projects.get_project_json(project_key) except NotFoundError: return abort(404) if userkey in project_json["owners"] or userkey in project_json["participants"]: return f(project_key=project_key, *args, **kwargs) return abort(403)
def df(project_key, *args, **kwargs): userkey = session.get("key", False) if userkey not in projects.get_project_json(project_key)["owners"]: return abort(403) return f(project_key=project_key, *args, **kwargs)
return jsonify(items=projects.get_todo_item_project(project_key)) @blueprint.route("/todo/<project_key>", methods=["POST"]) @participant_required def new_todo_item(project_key): json = request.json if not json or not json["title"]: return abort(400) todo = projects.create_todo_item(project_key, request.json, session["key"]) return jsonify({"key": todo.key}) check_todo_owner = ( lambda project_key, todo_key: session["key"] in projects.get_project_json(project_key)["owners"] or session["key"] == projects.get_todo_json(todo_key)["author"] ) @blueprint.route("/todo/<project_key>/<todo_key>", methods=["PUT"]) @participant_required def edit_todo_item(project_key, todo_key): if not request.json: return abort(400) try: if check_todo_owner(project_key, todo_key): projects.edit_todo_item(todo_key, request.json) return jsonify(status="ok") except NotFoundError: