Some Api2-Handler fixes done with sping

This commit is contained in:
seba 2011-10-10 21:14:07 +02:00
parent 22d0bf50b9
commit 4f6ae55ba4
3 changed files with 38 additions and 34 deletions

View File

@ -17,6 +17,8 @@ class BuyableItemHandler(BaseHandler):
#fields = ('id', 'description')
model = Buyable
exclude = ('_*',)
BUY_ITEM, BUY_DEPOSIT, BUY_ITEM_AND_DEPOSIT = range(3)
def read(self, request, itemId=None):
"""Get one or multiple items.
@ -55,8 +57,8 @@ class BuyableItemHandler(BaseHandler):
def create(self, request, itemId=None):
"""Buy a :class:`Buyable <buyable.models.Buyable>` item.
- deposit Set to > 0 if you want to buy the item with deposit (default 0)
- amount amount of items to buy (default 1)
- deposit: Set to 0 for no deposit, 1 for item+deposit and 2 for deposit only (default 0)
- amount: amount of items to buy (default 1)
"""
if not request.content_type:
@ -70,20 +72,22 @@ class BuyableItemHandler(BaseHandler):
return rc.NOT_FOUND
# parse post data
deposit = getInt(request.data, 'deposit', 0)
deposit = getInt(request.data, 'deposit', self.BUY_ITEM)
amount = getInt(request.data, 'amount', 1)
if amount < 1:
return rc.BAD_REQUEST
if not item.hasDeposit() and deposit > 0:
return rc.BAD_REQUEST # this is just the user being plain stupid
if (not item.hasDeposit() and deposit != self.BUY_ITEM) or \
deposit not in (self.BUY_ITEM, self.BUY_DEPOSIT, self.BUY_ITEM_AND_DEPOSIT):
return rc.BAD_REQUEST
order = Order()
order.create(request.user)
order.save()
for i in range(amount):
p = Purchase.create(order, item, isDeposit=False)
p.save()
if deposit > 0:
if deposit == self.BUY_ITEM or deposit == self.BUY_ITEM_AND_DEPOSIT:
p = Purchase.create(order, item, isDeposit=False)
p.save()
if deposit == self.BUY_DEPOSIT or deposit == self.BUY_ITEM_AND_DEPOSIT:
p = Purchase.create(order, item, isDeposit=True)
p.save()
order.updatePrice(commit=True)
@ -102,13 +106,13 @@ class BuyableTypeHandler(BaseHandler):
model = BuyableType
class HistoryHandler(BaseHandler):
"""Handler providing access to the users history """
"""Handler providing access to the user's history """
allowed_methods = ('GET',)
fields = ('id', 'price', 'dateTime', ('purchase_set', (('buyable', ('id', )), 'price', 'name')))
@manglePluginPerms
def read(self, request):
"""Get the users history
"""Get the user's history
- num: Number of entries to return
"""
@ -122,8 +126,8 @@ class HistoryHandler(BaseHandler):
class TransactionTransactHandler(BaseHandler):
"""Handler for transaction.
This hanlder takes care of adding money to accounts and returning
previous moneytransfers
This handler takes care of adding money to accounts and returning
previous money transfers
"""
allowed_methods = ('GET', 'POST')
@ -132,7 +136,7 @@ class TransactionTransactHandler(BaseHandler):
@manglePluginPerms
def read(self, request):
"""Return the users last transactions
"""Return the user's last transactions
- num: Number of entries to return
"""
@ -149,8 +153,8 @@ class TransactionTransactHandler(BaseHandler):
def create(self, request):
"""Transact money to an account
- amount: [req] Amount to add to the users account
- type: [req]Type of transaction (id)
- amount: [req] Amount to add to the user's account
- type: [req] Type of transaction (id)
"""
amount = getDecimal(request.POST, 'amount', Decimal(0))
tTypeId = getInt(request.POST, 'type', -1)
@ -184,21 +188,21 @@ class TransactionTypeHandler(BaseHandler):
model = TransactionType
class AccountBalanceHandler(BaseHandler):
"""Handler for the users account balance"""
"""Handler for the user's account balance"""
allowed_methods = ('GET',)
@manglePluginPerms
def read(self, request):
"""Returns the users current account balance"""
"""Returns the user's current account balance"""
balance = request.user.get_profile().balance
return {'balance': balance}
class AuthBlobHandler(BaseHandler):
"""Handler to read and write an users authblob
"""Handler to read and write a user's authblob
Currently these functions are only available for a plugin user.
Other users will get a rc.FORBIDDEN. Keep in mind that, to use
these functions a plugin needs the permissions to do this in its
Other users will get a rc.FORBIDDEN. Keep in mind that to use
these functions, a plugin needs the permissions to do this in its
configuration.
"""
allowed_methods = ('GET', 'POST')
@ -206,21 +210,21 @@ class AuthBlobHandler(BaseHandler):
@requirePlugin
@manglePluginPerms
def read(self, request):
"""Read the users authblob
"""Read the user's authblob
To use this function the plugin needs
:attr:`main.models.Plugin.pluginCanReadAuthblob` to be true.
"""
if not request.plugin.pluginCanReadAuthblob:
ret = rc.FORBIDDEN
ret.write("\nThis plugin is not allowed to read the users authblob\n")
ret.write("\nThis plugin is not allowed to read the user's authblob\n")
return ret
return request.pluginperms.authblob
return {'authblob': request.pluginperms.authblob}
@requirePlugin
@manglePluginPerms
def create(self, request):
"""Write the users authblob.
"""Write the user's authblob.
To use this function the plugin needs
:attr:`main.models.Plugin.pluginCanWriteAuthblob` to be true.
@ -232,11 +236,11 @@ class AuthBlobHandler(BaseHandler):
"""
if not request.plugin.pluginCanWriteAuthblob:
ret = rc.FORBIDDEN
ret.write("\nThis plugin is not allowed to write the users authblob\n")
ret.write("\nThis plugin is not allowed to write the user's authblob\n")
return ret
if not request.data.has_key('authblob'):
ret = rc.BAD_REQUEST
ret.write("\nTo change the users auth blob you actually need to provide one\n")
ret.write("\nTo change the user's auth blob you actually need to provide one\n")
request.pluginperms.authblob = request.data['authblob']
request.pluginperms.authblob.save()
@ -248,20 +252,20 @@ class AuthUserHandler(BaseHandler):
This handler is only available to plugins and only if
:attr:`unique authblob <main.models.Plugin.uniqueAuthblob>`
is set for this plugin. Then it will provide a mapping from
an authblob to a specifig user.
an authblob to a specific user.
"""
allowed_methods = ('GET')
fields = ('id', 'username')
@requirePlugin
def read(self, request):
"""Returns an user if one can be found, else rc.GONE
"""Returns an user if one can be found, else rc.NOT_FOUND
- authblob: [required] Authblob to search
"""
if not request.plugin.uniqueAuthblob:
ret = rc.BAD_REQUEST
ret.write("\nThis plugin does not support unique auth blobs, therefore we can't identify an user uniquely by its authblob\n")
ret.write("\nThis plugin does not support unique auth blobs, therefore we can't identify a user uniquely by their authblob\n")
return ret
if not request.GET.has_key('authblob'):

View File

@ -21,7 +21,7 @@ class Buyable(models.Model):
deposit = models.DecimalField(max_digits=8, decimal_places=2)
description = models.TextField()
buyableType = models.ManyToManyField(BuyableType)
barcode = models.CharField(max_length=100, unique=True)
barcode = models.CharField(max_length=100, default='', blank=True)
def hasDeposit(self):

View File

@ -12,7 +12,7 @@ class UserProfile(models.Model):
return "%s (Kontostand: %s)" % (self.user ,self.balance)
def createUserProfile(sender, instance, created, **kwargs):
""" Hook to create a new :class:`UserProfile` if the user is created. """
""" Hook to create a new :class:`UserProfile` when the user is created. """
if created:
profile = UserProfile()
profile.user = instance
@ -24,13 +24,13 @@ class Plugin(models.Model):
""" This Model contains a plugin and its configuration.
A Plugin consists of its own information (name, author, version
and descrption) which is displayed for the user on the plugin
selection page, a configuration what a plugin is allowed to do
and description, which are displayed on the plugin
selection page), a configuration of what a plugin is allowed to do
and what not and an own user for authentication against the
API.
:attr:`uniqueAuthblob` is used if the :class:`Plugin` has to uniquely
identify an user by his/her :attr:`authblob <PluginPermission.authblob>`.
identify a user by his/her :attr:`authblob <PluginPermission.authblob>`.
The other attributes are used for plugin/user read/write access to the
authblob.
"""