def add_product():
resp = helpers.get_response(request)
allowed_fields = ['title', 'description', 'dateStart', 'dateLength', 'startPrice', 'buyoutPrice', 'reservePrice', 'imgUrl']
mandatory_fields = ['title', 'description', 'dateStart', 'dateLength', 'startPrice']
user = helpers.get_by(glob.users, resp['user_id'])
association_field = [{'association_name': 'user_id', 'association_value': user['id']}]
product = helpers.new_object(glob.products, resp, products_path, allowed_fields, mandatory_fields, associations=association_field)
return show(product['id'])
def destroy(product_id):
resp = helpers.get_response(request)
product = helpers.get_by(glob.products, product_id)
if product is None:
return 'No such product', 400
users.has_right_abort(resp, product['user_id'])
helpers.delete_object(glob.products, product_id, products_path)
return 'Delete ok', 200
def update(product_id):
resp = helpers.get_response(request)
product = helpers.get_by(glob.products, product_id)
users.has_right_abort(resp, product['user_id'])
resp = helpers.get_response(request)
exclude_field = ['reservePrice', 'startPrice', 'id', 'user_id', 'user']
null_fields = ['title', 'description', 'buyoutPrice', 'dateLength', 'dateStart']
product = helpers.update_object(glob.products, product_id, resp, glob.products_path, null_fields=null_fields, exclude_fields=exclude_field)
return show(product_id)
def show(product_id):
product = helpers.get_by(glob.products, product_id)
if product is None :
return 'No such product', 400
p = copy.deepcopy(product)
iduser = p['user_id']
user = users.get_user_by_id(int(iduser))
p['user'] = user
return jsonify( { 'product' : p } )
def has_right(resp, user_id):
if not resp or not 'user_id' in resp or not 'token' in resp:
return 0
token = resp['token']
user = helpers.get_by(glob.users, user_id)
if int(resp['user_id']) != int(user_id) or resp['token'] != user['token']:
return False
else:
return True
def get_user_by_id(user_id, token=None):
user = helpers.get_by(glob.users, user_id)
if user is None:
abort(make_response("User not found",400))
u = copy.deepcopy(user)
del u['password']
if user_id != u['id'] or 'token' is None or u['token'] != token: # Public profil
del u['address1']
del u['address2']
del u['email']
del u['firstname']
del u['lastname']
del u['token']
return u
def show(user_id):
resp = helpers.get_response(request)
user = helpers.get_by(glob.users, user_id)
if user is None:
abort(make_response("User not found",400))
u = copy.deepcopy(user)
del u['password']
if not 'user_id' in resp or int(resp['user_id']) != user_id or not 'token' in resp or u['token'] != resp['token']: # Public profil
del u['address1']
del u['address2']
del u['email']
del u['firstname']
del u['lastname']
del u['token']
if (len(u) != 0):
return jsonify({'user': u})
return 'User Not found', 401
def logout():
resp = helpers.get_response(request)
has_right_abort(resp, resp['user_id'])
user = helpers.get_by(glob.users, resp['user_id'])
destroy_token(user)
return 'Logout successful', 201
def generate_token(user):
user = helpers.get_by(glob.users, user['id'])
user['token'] = base64.b64encode(str(user['id']) + str(os.urandom(5)) + str(glob.secret_key))
myjson.save_json(glob.users, users_path)