def put(self, invoice_id):
""" User pays an invoice """
parser = reqparse.RequestParser()
parser.add_argument('ccId', type=str, required=True, location='args')
args = parser.parse_args()
invoice = get_invoice_by_id_or_abort(invoice_id)
if invoice.paid:
raise InvoiceAlreadyPaid
card = balanced.Card.fetch('/cards/%s' % args.ccId)
debit = card.debit(
appears_on_statement_as=app.config['STATEMENT_MSG'],
amount=int(invoice.amount*100),
description="Invoice for invoice #%s" % (invoice.id),
meta={
'invoice_id': invoice.id,
'bid_id': invoice.bid.id,
'auction_id': invoice.bid.auction.id,
'payer': invoice.payer.id,
'payee': invoice.payee.id
}
)
invoice.provider = "balanced"
invoice.provider_details = debit.id
invoice.paid = True
crud.save()
return marshal(invoice, invoice_fields), 200
def put(self, user_id):
""" Update a user """
parser = reqparse.RequestParser()
parser.add_argument('email', type=str)
parser.add_argument('display_name', type=str)
args = parser.parse_args()
user = get_user_by_id_or_abort(user_id)
if user != g.user:
abort(403, message="Not authorized to update user")
user.email = args.email
user.display_name = args.display_name
crud.save()
ret_fields = {
'id': fields.Integer,
'email': fields.String,
'display_name': fields.String
}
return marshal(user, ret_fields), 200
def put(self, auction_id):
""" Update an auction """
session = db.session
auction = session.query(Auction_model).get(auction_id)
if auction.creator != g.user:
abort(403, message="Not authorized to update auction")
parser = reqparse.RequestParser()
parser.add_argument('title', type=str)
parser.add_argument('description', type=str)
parser.add_argument('reserve', type=Decimal)
parser.add_argument('start_time', type=int) # Must be a UNIX timestamp
parser.add_argument('end_time', type=int) # Must be a UNIX timestamp
parser.add_argument('start_price', type=Decimal)
args = parser.parse_args()
if not args.start_time:
start_time = auction.start_time
else:
start_time = datetime.utcfromtimestamp(args.start_time)
if not args.end_time:
end_time = auction.end_time
else:
end_time = datetime.utcfromtimestamp(args.end_time)
if args.title is None:
args.title = auction.title
if args.description is None:
args.description = auction.description
if args.reserve is None:
args.reserve = auction.reserve
if args.start_price is None:
args.start_price = auction.start_price
if not end_time > start_time:
abort(400, message="End time cannot before the start time")
if args.start_price is None:
args.start_price = 0
if args.reserve is None:
args.reserve = 0
if args.reserve < 0:
abort(400, message="Reserve price must be positive")
if args.start_price < 0:
abort(400, message="Start price must be positive")
# Auction has started
if datetime.utcnow() >= auction.start_time:
if args.reserve > auction.reserve:
abort(400, message="Reserve cannot be increased once the auction has started")
if args.start_price != auction.start_price:
abort(400, message="Starting price cannot be changed once the auction has started")
if start_time != auction.start_time:
abort(400, message="Start time cannot be changed once the auction has started")
if end_time != auction.end_time:
abort(400, message="End time cannot be changed once the auction has started")
else:
if not start_time >= datetime.utcnow()-timedelta(seconds=30):
abort(400, message="Start time cannot be in the past")
auction.title = args.title
auction.description = args.description
auction.start_time = start_time
auction.end_time = end_time
auction.reserve = args.reserve
auction.start_price = args.start_price
crud.save()
return marshal(auction, auction_fields), 200