fix #46 - added delete user from project, course, campus
This commit is contained in:
parent
1574b7e19e
commit
93078f4f18
1 changed files with 142 additions and 79 deletions
|
@ -17,6 +17,7 @@ from flask.ext.autodoc import Autodoc
|
||||||
# DB Models
|
# DB Models
|
||||||
from models.User import User
|
from models.User import User
|
||||||
from models.Course import Course
|
from models.Course import Course
|
||||||
|
from models.Project import Project
|
||||||
|
|
||||||
#Validation Utils Libs
|
#Validation Utils Libs
|
||||||
from SE_API.Validation_Utils import *
|
from SE_API.Validation_Utils import *
|
||||||
|
@ -277,14 +278,15 @@ def getUserByToken(token):
|
||||||
# DELETE
|
# DELETE
|
||||||
#----------------------------------------------------------
|
#----------------------------------------------------------
|
||||||
|
|
||||||
@user_routes.route('/api/users/removeUserFromCampus/<string:token>/<string:campusId>', methods=["PUT"])
|
@user_routes.route('/api/users/removeUserFromCampus/<string:token>/<string:userId>/<string:campusId>', methods=["PUT"])
|
||||||
@auto.doc()
|
@auto.doc()
|
||||||
def removeUserFromCampus(token, campusId):
|
def removeUserFromCampus(token, userId, campusId):
|
||||||
"""
|
"""
|
||||||
<span class="card-title">>This Call will remove a Campus from a user Campus list</span>
|
<span class="card-title">>This Call will remove a user from a campus</span>
|
||||||
<br>
|
<br>
|
||||||
<b>Route Parameters</b><br>
|
<b>Route Parameters</b><br>
|
||||||
- seToken: 'seToken'
|
- seToken: 'seToken'<br>
|
||||||
|
- userId: 0987654321,<br>
|
||||||
- 'campusId': 1234567890<br>
|
- 'campusId': 1234567890<br>
|
||||||
<br>
|
<br>
|
||||||
<br>
|
<br>
|
||||||
|
@ -300,18 +302,13 @@ def removeUserFromCampus(token, campusId):
|
||||||
400 - Bad Request
|
400 - Bad Request
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if not request.data:
|
requestingUser = get_user_by_token(token)
|
||||||
return bad_request()
|
if requestingUser is None:
|
||||||
|
return bad_request("Bad User Token")
|
||||||
|
|
||||||
try:
|
userToRemove = User.get_by_id(int(userId))
|
||||||
payload = json.loads(request.data)
|
if userToRemove is None:
|
||||||
except Exception as e:
|
return bad_request("No such user to remove")
|
||||||
return bad_request()
|
|
||||||
|
|
||||||
if not is_lecturer(token): #todo: change to lecturer id
|
|
||||||
return forbidden("Invalid token or not a lecturer!")
|
|
||||||
|
|
||||||
user = get_user_by_token(token)
|
|
||||||
|
|
||||||
#check Campus Exists
|
#check Campus Exists
|
||||||
campus = Campus.get_by_id(int(campusId))
|
campus = Campus.get_by_id(int(campusId))
|
||||||
|
@ -319,18 +316,20 @@ def removeUserFromCampus(token, campusId):
|
||||||
return bad_request("No such Campus!")
|
return bad_request("No such Campus!")
|
||||||
|
|
||||||
#check if user is owner of Campus
|
#check if user is owner of Campus
|
||||||
if user.key().id() != campus.master_user_id:
|
if requestingUser.key().id() != campus.master_user_id:
|
||||||
return forbidden("Lecturer is not owner of course")
|
# check if user want to delete itself
|
||||||
|
if requestingUser.key().id() != userToRemove.key().id():
|
||||||
|
return forbidden("No permission to delete user")
|
||||||
|
|
||||||
try:
|
try:
|
||||||
user.campuses_id_list.remove(campusId)
|
userToRemove.campuses_id_list.remove(campusId)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
print e
|
|
||||||
return bad_request("user is not listed to this campus")
|
return bad_request("user is not listed to this campus")
|
||||||
|
|
||||||
db.put(user)
|
|
||||||
|
db.put(userToRemove)
|
||||||
db.save
|
db.save
|
||||||
return Response(response=user.to_JSON(),
|
return Response(response=userToRemove.to_JSON(),
|
||||||
status=200,
|
status=200,
|
||||||
mimetype="application/json") # Real response!
|
mimetype="application/json") # Real response!
|
||||||
|
|
||||||
|
@ -338,64 +337,128 @@ def removeUserFromCampus(token, campusId):
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# @user_routes.route('/api/users/removeUserFromCourse/<string:token>/<string:courseId>', methods=["PUT"])
|
|
||||||
# @auto.doc()
|
@user_routes.route('/api/users/removeUserFromCourse/<string:token>/<string:userId>/<string:courseId>', methods=["PUT"])
|
||||||
# def removeUserFromCourse(token, courseId):
|
@auto.doc()
|
||||||
# """
|
def removeUserFromCourse(token, userId, courseId):
|
||||||
# <span class="card-title">>This Call will remove a Course from a user Campus list</span>
|
"""
|
||||||
# <br>
|
<span class="card-title">>This Call will remove a user from a course</span>
|
||||||
# <b>Route Parameters</b><br>
|
<br>
|
||||||
# - seToken: 'seToken'
|
<b>Route Parameters</b><br>
|
||||||
# - 'courseId': 1234567890<br>
|
- seToken: 'seToken'<br>
|
||||||
# <br>
|
- userId: 0987654321,<br>
|
||||||
# <br>
|
- 'courseId': 1234567890<br>
|
||||||
# <b>Payload</b><br>
|
<br>
|
||||||
# - NONE
|
<br>
|
||||||
# {<br>
|
<b>Payload</b><br>
|
||||||
# }<br>
|
- NONE
|
||||||
# <br>
|
{<br>
|
||||||
# <b>Response</b>
|
}<br>
|
||||||
# <br>
|
<br>
|
||||||
# 200 - User updated
|
<b>Response</b>
|
||||||
# <br>
|
<br>
|
||||||
# 400 - Bad Request
|
200 - User updated
|
||||||
# """
|
<br>
|
||||||
#
|
400 - Bad Request
|
||||||
# if not request.data:
|
"""
|
||||||
# return bad_request()
|
|
||||||
#
|
requestingUser = get_user_by_token(token)
|
||||||
# try:
|
if requestingUser is None:
|
||||||
# payload = json.loads(request.data)
|
return bad_request("Bad User Token")
|
||||||
# except Exception as e:
|
|
||||||
# return bad_request()
|
userToRemove = User.get_by_id(int(userId))
|
||||||
#
|
if userToRemove is None:
|
||||||
# user = get_user_by_token(token)
|
return bad_request("No such user to remove")
|
||||||
# if user is None:
|
|
||||||
# return bad_request("No such user!")
|
#check Course Exists
|
||||||
#
|
course = Course.get_by_id(int(courseId))
|
||||||
#
|
if course is None:
|
||||||
# #check Course Exists
|
return bad_request("No such Course!")
|
||||||
# course = Course.get_by_id(int(courseId))
|
|
||||||
# if course is None:
|
#check if user is owner of Course
|
||||||
# return bad_request("No such Course!")
|
if requestingUser.key().id() != course.master_id:
|
||||||
#
|
# check if user want to delete itself
|
||||||
# #check if user is owner of Campus
|
if requestingUser.key().id() != userToRemove.key().id():
|
||||||
# if user.key().id() != course.master_id:
|
return forbidden("No permission to delete user")
|
||||||
# return forbidden("Lecturer is not owner of course")
|
|
||||||
#
|
try:
|
||||||
# try:
|
userToRemove.courses_id_list.remove(courseId)
|
||||||
# user.campuses_id_list.remove(campusId)
|
course.membersId.remove(userToRemove.key().id())
|
||||||
# except Exception as e:
|
except Exception as e:
|
||||||
# print e
|
return bad_request("user is not listed to this course")
|
||||||
# return bad_request("user is not listed to this campus")
|
|
||||||
#
|
|
||||||
# db.put(user)
|
|
||||||
# db.save
|
db.put(userToRemove)
|
||||||
# return Response(response=user.to_JSON(),
|
db.put(course)
|
||||||
# status=200,
|
db.save
|
||||||
# mimetype="application/json") # Real response!
|
return Response(response=userToRemove.to_JSON(),
|
||||||
#
|
status=200,
|
||||||
#
|
mimetype="application/json") # Real response!
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@user_routes.route('/api/users/removeUserFromProject/<string:token>/<string:userId>/<string:projectId>', methods=["PUT"])
|
||||||
|
@auto.doc()
|
||||||
|
def removeUserFromCourse(token, userId, projectId):
|
||||||
|
"""
|
||||||
|
<span class="card-title">>This Call will remove a user from a project</span>
|
||||||
|
<br>
|
||||||
|
<b>Route Parameters</b><br>
|
||||||
|
- seToken: 'seToken'<br>
|
||||||
|
- userId: 0987654321,<br>
|
||||||
|
- 'projectId': 1234567890<br>
|
||||||
|
<br>
|
||||||
|
<br>
|
||||||
|
<b>Payload</b><br>
|
||||||
|
- NONE
|
||||||
|
{<br>
|
||||||
|
}<br>
|
||||||
|
<br>
|
||||||
|
<b>Response</b>
|
||||||
|
<br>
|
||||||
|
200 - User updated
|
||||||
|
<br>
|
||||||
|
400 - Bad Request
|
||||||
|
"""
|
||||||
|
|
||||||
|
requestingUser = get_user_by_token(token)
|
||||||
|
if requestingUser is None:
|
||||||
|
return bad_request("Bad User Token")
|
||||||
|
|
||||||
|
userToRemove = User.get_by_id(int(userId))
|
||||||
|
if userToRemove is None:
|
||||||
|
return bad_request("No such user to remove")
|
||||||
|
|
||||||
|
#check project Exists
|
||||||
|
project = Project.get_by_id(int(projectId))
|
||||||
|
if project is None:
|
||||||
|
return bad_request("No such Project!")
|
||||||
|
|
||||||
|
#check if user is owner of project
|
||||||
|
if requestingUser.key().id() != project.master_id:
|
||||||
|
# check if user want to delete itself
|
||||||
|
if requestingUser.key().id() != userToRemove.key().id():
|
||||||
|
return forbidden("No permission to delete user")
|
||||||
|
|
||||||
|
try:
|
||||||
|
userToRemove.projects_id_list.remove(projectId)
|
||||||
|
project.membersId.remove(userToRemove.key().id())
|
||||||
|
except Exception as e:
|
||||||
|
return bad_request("user is not listed to this project")
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
db.put(userToRemove)
|
||||||
|
db.put(project)
|
||||||
|
db.save
|
||||||
|
return Response(response=userToRemove.to_JSON(),
|
||||||
|
status=200,
|
||||||
|
mimetype="application/json") # Real response!
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue