def update_discount(event_id, discount_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
user = Organizer.find_id(user_id)
if not user or user.type != "organizer":
return send_error("Unauthorized request: User doesn't have permission",
401)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
discount = Discount.find_id(discount_id)
if not discount:
return send_error("Discount not found", 404)
for key, value in request.get_json().items():
if not key.startswith('_'): # Some security
setattr(discount, key, value)
discount.save()
return discount.to_json()
def get_discount(event_id, discount_code):
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
discount = Discount.find_id(discount_code)
if not discount:
discount = Discount.objects(code=discount_code.lower(), event=event)
if not discount:
return send_error("Discount not found", 404)
return discount[0].to_json()
def all_discounts(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
user = Organizer.find_id(user_id)
if not user or user.type != "organizer":
return send_error("Unauthorized request: User doesn't have permission",
404)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
discounts = []
for d in Discount.objects(event=event):
discounts.append(d.to_dict())
return json.dumps(discounts), 200, jsonType
def delete_discount(event_id, discount_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
user = Organizer.find_id(user_id)
if not user:
return send_error("Unauthorized request: User doesn't have permission",
401)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
discount = Discount.find_id(discount_id)
if not discount:
return send_error("Discount not found", 404)
discount.delete()
return 'Discount deleted'
def create_discount(event_id):
user_id = auth.check_token(request.headers.get('session'))
if not user_id:
return send_error("Unauthorized request: Bad session token", 401)
organizer = Organizer.find_id(user_id)
if not organizer:
return send_error("Unauthorized request: User doesn't have permission",
401)
event = Event.find_id(event_id)
if not event:
return send_error("Event not found", 404)
body = request.get_json()
if Discount.objects(code=body.get('code').lower(), event=event):
return send_error("Code already exists", 400)
discount = Discount()
discount.event = event
discount.title = body.get('title')
discount.amount = body.get('amount')
discount.code = body.get('code').lower()
if body.get('limit'):
discount.limit = body.get('limit')
discount.save()
if not discount.id:
return send_error("Error creating discount", 500)
return discount.to_json()
