def put(self): token = request.headers.get('Authorization') if not token: abort(403, error="Unauthorized Access (no token)") privilege_handler = PrivilegeHandler(token) if not privilege_handler.league_privileges( ): # I'm using this as a placeholder for a general admin privilege abort(403, error="Unauthorized Access (invalid permissions)") parser = reqparse.RequestParser() parser.add_argument('leagueID', type=int, required=True) parser.add_argument('managerID', type=int) parser.add_argument('leagueName', type=str) parser.add_argument('season', type=str) parser.add_argument('pointScheme', type=str) args = parser.parse_args() query = "UPDATE leagues SET coordinatorID = %d, leagueName = '%s', season = '%s', pointScheme = '%s' WHERE leagueID = %d" \ % (args['managerID'], args['leagueName'], args['season'], args['pointScheme'], args['leagueID']) db = DatabaseConnector() db.cursor.execute(query) db.conn.commit() return 200
def delete(self, game_id): token = request.headers.get('Authorization') if not token: abort(403, error="Unauthorized Access (no token)") privilege_handler = PrivilegeHandler(token) if not privilege_handler.league_privileges(): abort(403, error="Unauthorized Access (invalid permissions)") player_id = request.args.get("player_id") # creating new league in the database db_connector = DatabaseConnector() try: db_connector.cursor.callproc('delete_game_member', [int(game_id), player_id]) except Exception as e: abort(400, error=str(e)) db_connector.conn.commit() db_connector.cursor.close() return 'gameMember (' + str(game_id) + ", " + str( player_id) + ") has been deleted", 200
def post(self): """ Adds a new league to the database. .. todo:: Privileges associated with token .. code-block:: python token = request.headers.get('Authorization') if not token: abort(403, error="Unauthorized Access (no token)") :Input: JSON object representing the league .. code-block:: javascript { 'leagueName': String, 'season': String } :return: The league object that was created .. code-block:: javascript { 'leagueName': String, 'season': String } Success gives status code 201 """ token = request.headers.get('Authorization') if not token: abort(403, error="Unauthorized Access (no token)") privilege_handler = PrivilegeHandler(token) if not privilege_handler.league_privileges(): abort(403, error="Unauthorized Access (invalid permissions)") parser = reqparse.RequestParser() parser.add_argument('leagueName', type=str) parser.add_argument('season', type=str) parser.add_argument('pointScheme', type=str) args = parser.parse_args() league_name = args['leagueName'] season = args['season'] point_scheme = args['pointScheme'] # creating new league in the database db_connector = DatabaseConnector() db_connector.cursor.callproc('create_league', [league_name, season, point_scheme]) db_connector.conn.commit() db_connector.cursor.close() league_data = { 'leagueName': league_name, 'season': season, 'pointScheme': point_scheme } return {'league': league_data}, 201