def delete_comment(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Check if comment actually exists
comment = database.getCommentByID(id)
if comment is None:
return jsonify({"error": "Specified comment does not exist"})
# Check if the user trying to delete the post is the post owner
post = database.getPostByID(str(comment['commentPost']))
userRole = function.getProjectUserRole(get_jwt_identity(),
post['postProject'])
if not function.isProjectAdmin(userRole):
if comment['commentUser'] != get_jwt_identity():
return jsonify(
{"error":
"Must be admin to delete comment of other user"}), 400
# Delete comment
commentDeleted = database.deleteComment(id)
if commentDeleted is True:
return jsonify({"Info": "Comment deleted successfully"}), 200
else:
return jsonify({"error":
"Something went wrong deleting the comment"}), 500
def put_project_user(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Fetch form data
projectDetails = request.get_json()
user = projectDetails.get('user')
role = projectDetails.get('role')
# Check if all data is supplied
if user is None:
return jsonify({"error": "Projectuser id not specified"}), 400
if role is None:
return jsonify({"error": "Projectuser role not specified"}), 400
if role not in allowed_projectUser_states:
return jsonify({"error": "Projectuser role not a legal value"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check that you are not trying to change project owner
if role == 'OWNER':
return jsonify({"error":
"Cannot set or tranfer project ownership"}), 403
# Retrieve projectrole of user
userRole = function.getProjectUserRole(get_jwt_identity(), id)
# If user issuing the request is not changing his own data, check if user is admin
if not (str(get_jwt_identity()) == user):
if not function.isProjectAdmin(userRole):
return jsonify(
{"error": "Must be a project admin to update user roles"}), 403
# If user issuing the request is changing own data, he can only change himself from invited to user
elif userRole == 'INVITED':
if role != 'USER':
return jsonify({
"error":
"May only change your own role from pending to user"
}), 403
else:
return jsonify(
{"error":
"May only change your own role from pending to user"}), 403
data = database.updateProjectUser(id, user, role)
if data is not None:
return jsonify(data), 200
else:
return jsonify({"error": "No results found"}), 404
def put_project(id):
# Check if specified ID is an integer
if not function.isInt(id):
return jsonify({"error": "id is not an integer"}), 400
# Fetch form data
projectDetails = request.get_json()
title = projectDetails.get('title')
content = projectDetails.get('content')
visibility = projectDetails.get('visibility')
# Check if all data is supplied
if title is None:
return jsonify({"error": "Project title not specified"}), 400
if content is None:
return jsonify({"error": "Project content not specified"}), 400
if visibility is None:
return jsonify({"error": "Project visibility not specified"}), 400
if visibility not in allowed_project_visibilities:
return jsonify({"error": "Project visibility not a legal value"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check if you have permission to update the project
userRole = function.getProjectUserRole(get_jwt_identity(), id)
if not function.isProjectAdmin(userRole):
return jsonify(
{"error": "Must be a project admin to update the project"}), 403
data = database.updateProject(id, title, content, visibility)
if data is not None:
return jsonify(data), 200
else:
return jsonify({"error": "No results found"}), 404
def add_project_user(id):
# Fetch form data
projectDetails = request.get_json()
user = projectDetails.get('user')
role = projectDetails.get('role')
# Check if all data is supplied
if user is None:
return jsonify({"error": "Project user not specified"}), 400
if role is None:
return jsonify({"error": "Project user role not specified"}), 400
if role not in allowed_projectUser_states:
return jsonify({"error": "Project user role not a legal value"}), 400
# Check if project actually exists
project = database.getProjectByID(id)
if project is None:
return jsonify({"error": "Specified project does not exist"})
# Check if you have permission to add a user to this project
projectVisibility = project['projectVisibility']
userRole = function.getProjectUserRole(get_jwt_identity(), id)
validTarget = function.getProjectUserRole(role, id)
print(type(user))
print(type(str(get_jwt_identity())))
print(user)
print(get_jwt_identity())
if validTarget is None:
if projectVisibility == 'PUBLIC':
if role not in ['INVITED', 'USER']:
return jsonify(
{"error": "May only invite or add user on public project"})
elif projectVisibility == 'RESTRICTED':
if role == 'INVITED':
if not function.isProjectAdmin(userRole):
return jsonify({
"error":
"Only admins can invite users on restricted projects"
})
elif role == 'PENDING':
if user != str(get_jwt_identity()):
return jsonify({
"error":
"Only a user can request membership for himself"
})
else:
return jsonify({
"error":
"May only invite or request user on restricted project"
})
elif projectVisibility == 'PRIVATE':
if role == 'INVITED':
if not function.isProjectAdmin(userRole):
return jsonify({
"error":
"Only admins can invite users on private projects"
})
else:
return jsonify({
"error":
"You may only invite users for private projects"
})
else:
return jsonify({"error": "User already has a project role"})
projectUser = database.addProjectUser(user, id, role)
return jsonify(projectUser), 201