1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/ihatemoney_ynh.git synced 2024-09-03 19:26:15 +02:00
ihatemoney_ynh/sources/budget/api.py

155 lines
4.3 KiB
Python
Raw Normal View History

# -*- coding: utf-8 -*-
2012-03-06 22:13:47 +01:00
from flask import Blueprint, request
2013-02-18 19:18:49 +01:00
from flask.ext.rest import RESTResource, need_auth
from models import db, Project, Person, Bill
2012-03-06 22:13:47 +01:00
from forms import (ProjectForm, EditProjectForm, MemberForm,
2011-10-08 13:45:05 +02:00
get_billform_for)
api = Blueprint("api", __name__, url_prefix="/api")
def check_project(*args, **kwargs):
"""Check the request for basic authentication for a given project.
Return the project if the authorization is good, False otherwise
"""
auth = request.authorization
# project_id should be contained in kwargs and equal to the username
if auth and "project_id" in kwargs and \
auth.username == kwargs["project_id"]:
project = Project.query.get(auth.username)
2011-09-13 22:58:53 +02:00
if project and project.password == auth.password:
return project
return False
2011-09-11 23:00:32 +02:00
class ProjectHandler(object):
2011-09-11 23:00:32 +02:00
def add(self):
2011-09-13 22:58:53 +02:00
form = ProjectForm(csrf_enabled=False)
if form.validate():
2011-10-08 13:22:18 +02:00
project = form.save()
2011-09-13 22:58:53 +02:00
db.session.add(project)
db.session.commit()
return 201, project.id
return 400, form.errors
2011-09-11 23:00:32 +02:00
@need_auth(check_project, "project")
def get(self, project):
2011-10-08 13:22:18 +02:00
return 200, project
2011-09-11 23:00:32 +02:00
@need_auth(check_project, "project")
def delete(self, project):
2011-09-13 22:58:53 +02:00
db.session.delete(project)
db.session.commit()
return 200, "DELETED"
2011-09-11 23:00:32 +02:00
@need_auth(check_project, "project")
def update(self, project):
2011-10-08 13:22:18 +02:00
form = EditProjectForm(csrf_enabled=False)
2011-09-13 22:58:53 +02:00
if form.validate():
2011-10-08 13:22:18 +02:00
form.update(project)
2011-09-13 22:58:53 +02:00
db.session.commit()
return 200, "UPDATED"
return 400, form.errors
2011-09-11 23:00:32 +02:00
class MemberHandler(object):
def get(self, project, member_id):
2011-10-08 13:22:18 +02:00
member = Person.query.get(member_id, project)
2011-09-13 18:15:07 +02:00
if not member or member.project != project:
2011-09-13 22:58:53 +02:00
return 404, "Not Found"
2011-10-08 13:22:18 +02:00
return 200, member
2011-09-11 23:00:32 +02:00
def list(self, project):
2011-10-08 13:22:18 +02:00
return 200, project.members
2011-09-11 23:00:32 +02:00
def add(self, project):
2011-10-08 13:22:18 +02:00
form = MemberForm(project, csrf_enabled=False)
2011-09-13 22:58:53 +02:00
if form.validate():
member = Person()
form.save(project, member)
db.session.commit()
2011-10-08 13:22:18 +02:00
return 201, member.id
2011-09-13 22:58:53 +02:00
return 400, form.errors
2011-09-11 23:00:32 +02:00
def update(self, project, member_id):
2011-10-08 13:22:18 +02:00
form = MemberForm(project, csrf_enabled=False)
2011-09-13 22:58:53 +02:00
if form.validate():
member = Person.query.get(member_id, project)
form.save(project, member)
db.session.commit()
return 200, member
return 400, form.errors
2011-09-11 23:00:32 +02:00
def delete(self, project, member_id):
2011-09-13 18:15:07 +02:00
if project.remove_member(member_id):
2011-09-13 22:58:53 +02:00
return 200, "OK"
return 404, "Not Found"
2011-09-11 23:00:32 +02:00
class BillHandler(object):
2011-09-13 18:15:07 +02:00
def get(self, project, bill_id):
bill = Bill.query.get(project, bill_id)
if not bill:
2011-09-13 22:58:53 +02:00
return 404, "Not Found"
2011-10-08 13:22:18 +02:00
return 200, bill
2011-09-11 23:00:32 +02:00
def list(self, project):
2011-09-13 18:15:07 +02:00
return project.get_bills().all()
2011-09-11 23:00:32 +02:00
def add(self, project):
2011-10-08 13:22:18 +02:00
form = get_billform_for(project, True, csrf_enabled=False)
2011-09-13 22:58:53 +02:00
if form.validate():
bill = Bill()
2011-10-08 13:22:18 +02:00
form.save(bill, project)
2011-09-13 22:58:53 +02:00
db.session.add(bill)
db.session.commit()
2011-10-08 13:22:18 +02:00
return 201, bill.id
2011-09-13 22:58:53 +02:00
return 400, form.errors
2011-09-11 23:00:32 +02:00
2011-09-13 18:15:07 +02:00
def update(self, project, bill_id):
2011-10-08 13:22:18 +02:00
form = get_billform_for(project, True, csrf_enabled=False)
2011-09-13 22:58:53 +02:00
if form.validate():
2011-10-08 13:22:18 +02:00
bill = Bill.query.get(project, bill_id)
form.save(bill, project)
2011-09-13 22:58:53 +02:00
db.session.commit()
return 200, bill.id
return 400, form.errors
2011-09-11 23:00:32 +02:00
2011-09-13 18:15:07 +02:00
def delete(self, project, bill_id):
bill = Bill.query.delete(project, bill_id)
2011-10-08 13:22:18 +02:00
db.session.commit()
2011-09-13 18:15:07 +02:00
if not bill:
2011-09-13 22:58:53 +02:00
return 404, "Not Found"
2011-10-08 13:22:18 +02:00
return 200, "OK"
2011-09-11 23:00:32 +02:00
project_resource = RESTResource(
name="project",
route="/projects",
app=api,
actions=["add", "update", "delete", "get"],
handler=ProjectHandler())
2011-09-11 23:00:32 +02:00
member_resource = RESTResource(
name="member",
inject_name="project",
2011-10-08 13:22:18 +02:00
route="/projects/<project_id>/members",
2011-09-11 23:00:32 +02:00
app=api,
handler=MemberHandler(),
authentifier=check_project)
bill_resource = RESTResource(
name="bill",
inject_name="project",
2011-10-08 13:22:18 +02:00
route="/projects/<project_id>/bills",
2011-09-11 23:00:32 +02:00
app=api,
handler=BillHandler(),
authentifier=check_project)