def removeUserFromCourse(token, userId, courseId): """ <span class="card-title">>This Call will remove a user from a course</span> <br> <b>Route Parameters</b><br> - seToken: 'seToken'<br> - userId: 0987654321,<br> - 'courseId': 1234567890<br> <br> <br> <b>Payload</b><br> - NONE {<br> }<br> <br> <b>Response</b> <br> 200 - User updated <br> 400 - Bad Request """ requestingUser = get_user_by_token(token) if requestingUser is None: return bad_request("Bad User Token") try: userToRemove = User.get_by_id(int(userId)) except Exception as e: return bad_request("Bad id format") if userToRemove is None: return bad_request("No such user to remove") #check Course Exists course = Course.get_by_id(int(courseId)) if course is None: return bad_request("No such Course!") #check if user is owner of Course if requestingUser.key().id() != course.master_id: # check if user want to delete itself if requestingUser.key().id() != userToRemove.key().id(): return forbidden("No permission to delete user") try: userToRemove.courses_id_list.remove(courseId) course.membersId.remove(userToRemove.key().id()) except Exception as e: return bad_request("user is not listed to this course") #remove user from all projects in course projects = Project.all().filter("courseId =", course.key().id()) for p in projects: if p.key().id() in userToRemove.projects_id_list: userToRemove.projects_id_list.remove(p.key().id()) p.membersId.remove(userToRemove.key().id()) db.put(p) db.put(userToRemove) db.put(course) db.save return Response(response=userToRemove.to_JSON(), status=200, mimetype="application/json") # Real response!