from hodor import app from flask import request, jsonify, abort, make_response from hodor.models.challenges import Challenges from sqlalchemy.exc import IntegrityError ########################### # Add a new challenge to the platform # ########################### @app.route('/challenges/new', methods=['POST']) def add_new_chall(): """ This function is used to add new challenges to the platform :return: Response Code """ newchall=dict() if request.method == "POST": try: newchall['cid'] = request.data.get('cid').strip() newchall['name'] = str(request.data.get('name').strip()) newchall['points'] = request.data.get('points').strip() newchall['description'] = str(request.data.get('description').strip()) newchall['hints'] = str(request.data.get('hints').strip()) except Exception as e: print(e) abort(500) chall = Challenges(**newchall) chall.save() return make_response(jsonify(status=201, msg="Challenge {} successfully added ".format(chall.cid) + "to database"), 201) ########################### # Edit an existing challenge ########################### @app.route('/challenges/edit/<id_slug>', methods=['PUT']) def edit_chall(id_slug): """ This function enables to edit existing challenges :return: Response Code """ check_id = id_slug.strip() get_id = Challenges.query.filter_by(cid=check_id) if(get_id): try: get_id.cid = check_id get_id.name = str(request.data.get('name').strip()) get_id.points = str(request.data.get('points').strip()) get_id.description = str(request.data.get('description').strip()) get_id.hints = str(request.data.get('hints').strip()) except Exception as e: print(e) abort(500) get_id.commit() edited_data = _extract_required_fields(get_id) return make_response(jsonify(status=200, data=edited_data), 200) else: return make_response(jsonify(status=404, msg="No such challenge ID found"), 404) ########################### # Deleting an existing challenge ########################### @app.route('/challenges/<id_slug>', methods=['DELETE']) def del_chall(id_slug): """ This function deletes existing challenge :return: Response Code """ check_id = id_slug.strip() get_id = Challenges.query.filter_by(cid=check_id) if get_id: Challenges.query.filter_by(cid=check_id).delete() return make_response(jsonify(status=200, msg="Record succesfully deleted"), 200) else: return make_response(jsonify(status=404, msg="No such challenge ID found"), 404) ########################### # Extracting required fields ########################### def _extract_required_fields(chall): filter_chall = dict() ''' This can be done by directly dumping the dictionary but there's always a risk of data leak.So, we pick what we need to give out out of the API ''' filter_chall['name'] = chall.name filter_chall['description'] = chall.description filter_chall['points'] = chall.points filter_chall['hints'] = chall.hints filter_chall['cid'] = chall.cid return filter_chall ########################### #Get all challenge IDs ########################### @app.route('/challenges', methods=['GET','POST']) def get_all_challids(): """ Returns all challenge IDs and names :return: Response Code """ response = dict() response['status'] = 200 response['data'] = [] for challenge in Challenges.get_all(): ''' All records for each challenge is retrieved and name, id are only returned ''' response['data'].append(_extract_required_fields(challenge)) return response ################################################ # Handle Integrity Exceptions in API # ################################################ @app.errorhandler(IntegrityError) def handle_sql_assertion_error(err): try: ''' err.orig.args is from the DBAPIError class of SQLAlchemy. It usually contains the original error message. The below is an attempt to clean up the message and only return the relevant part to API ''' try: errmsg = err.orig.args[0].split('\n')[1][9:] except IndexError: errmsg = err.orig.args[0].split('\n') except IndexError: errmsg = err.orig.args[0] return make_response(jsonify(status=400, msg=errmsg), 400)