API: sports - minor refactor
This commit is contained in:
parent
d912dfc835
commit
be65388dd2
@ -17,6 +17,12 @@ class Sport(db.Model):
|
|||||||
def __init__(self, label):
|
def __init__(self, label):
|
||||||
self.label = label
|
self.label = label
|
||||||
|
|
||||||
|
def serialize(self):
|
||||||
|
return {
|
||||||
|
'id': self.id,
|
||||||
|
'label': self.label
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
class Activity(db.Model):
|
class Activity(db.Model):
|
||||||
__tablename__ = "activities"
|
__tablename__ = "activities"
|
||||||
|
@ -2,7 +2,7 @@ from flask import Blueprint, jsonify, request
|
|||||||
from mpwo_api import appLog, db
|
from mpwo_api import appLog, db
|
||||||
from sqlalchemy import exc
|
from sqlalchemy import exc
|
||||||
|
|
||||||
from ..users.utils import authenticate, is_admin
|
from ..users.utils import authenticate, authenticate_as_admin
|
||||||
from .models import Sport
|
from .models import Sport
|
||||||
|
|
||||||
sports_blueprint = Blueprint('sports', __name__)
|
sports_blueprint = Blueprint('sports', __name__)
|
||||||
@ -15,11 +15,7 @@ def get_sports(auth_user_id):
|
|||||||
sports = Sport.query.order_by(Sport.id).all()
|
sports = Sport.query.order_by(Sport.id).all()
|
||||||
sports_list = []
|
sports_list = []
|
||||||
for sport in sports:
|
for sport in sports:
|
||||||
sport_object = {
|
sports_list.append(sport.serialize())
|
||||||
'id': sport.id,
|
|
||||||
'label': sport.label
|
|
||||||
}
|
|
||||||
sports_list.append(sport_object)
|
|
||||||
response_object = {
|
response_object = {
|
||||||
'status': 'success',
|
'status': 'success',
|
||||||
'data': {
|
'data': {
|
||||||
@ -34,16 +30,11 @@ def get_sports(auth_user_id):
|
|||||||
def get_sport(auth_user_id, sport_id):
|
def get_sport(auth_user_id, sport_id):
|
||||||
"""Get a sport"""
|
"""Get a sport"""
|
||||||
sport = Sport.query.filter_by(id=sport_id).first()
|
sport = Sport.query.filter_by(id=sport_id).first()
|
||||||
sports_list = []
|
|
||||||
if sport:
|
if sport:
|
||||||
sports_list.append({
|
|
||||||
'id': sport.id,
|
|
||||||
'label': sport.label
|
|
||||||
})
|
|
||||||
response_object = {
|
response_object = {
|
||||||
'status': 'success',
|
'status': 'success',
|
||||||
'data': {
|
'data': {
|
||||||
'sports': sports_list
|
'sports': [sport.serialize()]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
code = 200
|
code = 200
|
||||||
@ -51,7 +42,7 @@ def get_sport(auth_user_id, sport_id):
|
|||||||
response_object = {
|
response_object = {
|
||||||
'status': 'not found',
|
'status': 'not found',
|
||||||
'data': {
|
'data': {
|
||||||
'sports': sports_list
|
'sports': []
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
code = 404
|
code = 404
|
||||||
@ -59,16 +50,9 @@ def get_sport(auth_user_id, sport_id):
|
|||||||
|
|
||||||
|
|
||||||
@sports_blueprint.route('/sports', methods=['POST'])
|
@sports_blueprint.route('/sports', methods=['POST'])
|
||||||
@authenticate
|
@authenticate_as_admin
|
||||||
def post_sport(auth_user_id):
|
def post_sport(auth_user_id):
|
||||||
"""Post a sport"""
|
"""Post a sport"""
|
||||||
if not is_admin(auth_user_id):
|
|
||||||
response_object = {
|
|
||||||
'status': 'error',
|
|
||||||
'message': 'You do not have permissions.'
|
|
||||||
}
|
|
||||||
return jsonify(response_object), 401
|
|
||||||
|
|
||||||
sport_data = request.get_json()
|
sport_data = request.get_json()
|
||||||
if not sport_data or sport_data.get('label') is None:
|
if not sport_data or sport_data.get('label') is None:
|
||||||
response_object = {
|
response_object = {
|
||||||
@ -105,16 +89,9 @@ def post_sport(auth_user_id):
|
|||||||
|
|
||||||
|
|
||||||
@sports_blueprint.route('/sports/<int:sport_id>', methods=['PATCH'])
|
@sports_blueprint.route('/sports/<int:sport_id>', methods=['PATCH'])
|
||||||
@authenticate
|
@authenticate_as_admin
|
||||||
def update_sport(auth_user_id, sport_id):
|
def update_sport(auth_user_id, sport_id):
|
||||||
"""Update a sport"""
|
"""Update a sport"""
|
||||||
if not is_admin(auth_user_id):
|
|
||||||
response_object = {
|
|
||||||
'status': 'error',
|
|
||||||
'message': 'You do not have permissions.'
|
|
||||||
}
|
|
||||||
return jsonify(response_object), 401
|
|
||||||
|
|
||||||
sport_data = request.get_json()
|
sport_data = request.get_json()
|
||||||
if not sport_data or sport_data.get('label') is None:
|
if not sport_data or sport_data.get('label') is None:
|
||||||
response_object = {
|
response_object = {
|
||||||
@ -160,16 +137,9 @@ def update_sport(auth_user_id, sport_id):
|
|||||||
|
|
||||||
|
|
||||||
@sports_blueprint.route('/sports/<int:sport_id>', methods=['DELETE'])
|
@sports_blueprint.route('/sports/<int:sport_id>', methods=['DELETE'])
|
||||||
@authenticate
|
@authenticate_as_admin
|
||||||
def delete_sport(auth_user_id, sport_id):
|
def delete_sport(auth_user_id, sport_id):
|
||||||
"""Delete a sport"""
|
"""Delete a sport"""
|
||||||
if not is_admin(auth_user_id):
|
|
||||||
response_object = {
|
|
||||||
'status': 'error',
|
|
||||||
'message': 'You do not have permissions.'
|
|
||||||
}
|
|
||||||
return jsonify(response_object), 401
|
|
||||||
|
|
||||||
sports_list = []
|
sports_list = []
|
||||||
try:
|
try:
|
||||||
sport = Sport.query.filter_by(id=sport_id).first()
|
sport = Sport.query.filter_by(id=sport_id).first()
|
||||||
|
@ -6,6 +6,16 @@ from flask import current_app, jsonify, request
|
|||||||
from .models import User
|
from .models import User
|
||||||
|
|
||||||
|
|
||||||
|
def is_admin(user_id):
|
||||||
|
user = User.query.filter_by(id=user_id).first()
|
||||||
|
return user.admin
|
||||||
|
|
||||||
|
|
||||||
|
def is_valid_email(email):
|
||||||
|
mail_pattern = r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"
|
||||||
|
return re.match(mail_pattern, email) is not None
|
||||||
|
|
||||||
|
|
||||||
def verify_extension(file_type, req):
|
def verify_extension(file_type, req):
|
||||||
response_object = {'status': 'success'}
|
response_object = {'status': 'success'}
|
||||||
|
|
||||||
@ -61,14 +71,33 @@ def authenticate(f):
|
|||||||
return decorated_function
|
return decorated_function
|
||||||
|
|
||||||
|
|
||||||
def is_admin(user_id):
|
def authenticate_as_admin(f):
|
||||||
user = User.query.filter_by(id=user_id).first()
|
@wraps(f)
|
||||||
return user.admin
|
def decorated_function(*args, **kwargs):
|
||||||
|
response_object = {
|
||||||
|
'status': 'error',
|
||||||
|
'message': 'Something went wrong. Please contact us.'
|
||||||
|
}
|
||||||
|
code = 401
|
||||||
|
auth_header = request.headers.get('Authorization')
|
||||||
|
if not auth_header:
|
||||||
|
response_object['message'] = 'Provide a valid auth token.'
|
||||||
|
code = 403
|
||||||
|
return jsonify(response_object), code
|
||||||
|
auth_token = auth_header.split(" ")[1]
|
||||||
|
resp = User.decode_auth_token(auth_token)
|
||||||
|
if isinstance(resp, str):
|
||||||
|
response_object['message'] = resp
|
||||||
|
return jsonify(response_object), code
|
||||||
|
user = User.query.filter_by(id=resp).first()
|
||||||
|
if not user:
|
||||||
|
return jsonify(response_object), code
|
||||||
|
if not is_admin(resp):
|
||||||
|
response_object['message'] = 'You do not have permissions.'
|
||||||
|
return jsonify(response_object), code
|
||||||
|
return f(resp, *args, **kwargs)
|
||||||
|
|
||||||
|
return decorated_function
|
||||||
def is_valid_email(email):
|
|
||||||
mail_pattern = r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"
|
|
||||||
return re.match(mail_pattern, email) is not None
|
|
||||||
|
|
||||||
|
|
||||||
def register_controls(username, email, password, password_conf):
|
def register_controls(username, email, password, password_conf):
|
||||||
|
Loading…
Reference in New Issue
Block a user