from flask import Blueprint, request from .. import impl from ..services.auth_guard import auth_guard, check_jwt from marshmallow import EXCLUDE, ValidationError from ..schemas import model import json import logging from . import verify_if_request_is_json from BreCal.validators.validation_error import create_validation_error_response, create_dynamic_exception_response from BreCal.validators.input_validation import check_if_user_is_bsmd_type from BreCal.validators.input_validation_ship import InputValidationShip bp = Blueprint('ships', __name__) @bp.route('/ships', methods=['get']) @auth_guard() # no restriction by role def GetShips(): try: if 'Authorization' in request.headers: token = request.headers.get('Authorization') return impl.ships.GetShips(token) else: return create_dynamic_exception_response(ex=None, status_code=403, message="not authenticated") except Exception as ex: return create_dynamic_exception_response(ex=ex, status_code=400) @bp.route('/ships', methods=['post']) @auth_guard() # no restriction by role def PostShip(): try: verify_if_request_is_json(request) # read the user data from the JWT token (set when login is performed) user_data = check_jwt() # check, whether the user belongs to a participant, which is of type ParticipantType.BSMD # as ParticipantType is an IntFlag, a user belonging to multiple groups is properly evaluated. is_bsmd = check_if_user_is_bsmd_type(user_data) if not is_bsmd: raise ValidationError({"participant_type":f"current user does not belong to BSMD. Cannot post shipcalls. Found user data: {user_data}"}) content = request.get_json(force=True) loadedModel = model.ShipSchema().load(data=content, many=False, partial=True) # validate the request data & user permissions InputValidationShip.evaluate_post_data(user_data, loadedModel, content) return impl.ships.PostShip(loadedModel) except ValidationError as ex: return create_validation_error_response(ex=ex, status_code=400) except Exception as ex: return create_dynamic_exception_response(ex=ex, status_code=400, message=None) @bp.route('/ships', methods=['put']) @auth_guard() # no restriction by role def PutShip(): try: verify_if_request_is_json(request) # read the user data from the JWT token (set when login is performed) user_data = check_jwt() content = request.get_json(force=True) loadedModel = model.ShipSchema().load(data=content, many=False, partial=True, unknown=EXCLUDE) # validate the request data & user permissions InputValidationShip.evaluate_put_data(user_data, loadedModel, content) return impl.ships.PutShip(loadedModel) except ValidationError as ex: return create_validation_error_response(ex=ex, status_code=400) except Exception as ex: return create_dynamic_exception_response(ex=ex, status_code=400) @bp.route('/ships', methods=['delete']) @auth_guard() # no restriction by role def DeleteShip(): try: verify_if_request_is_json(request) # read the user data from the JWT token (set when login is performed) user_data = check_jwt() if 'id' in request.args: options = {} options["id"] = request.args.get("id") else: return create_dynamic_exception_response(ex=None, status_code=400, message="no id provided") # validate the request data & user permissions ship_id = request.args.get("id") InputValidationShip.evaluate_delete_data(user_data, ship_id) return impl.ships.DeleteShip(options) except ValidationError as ex: return create_validation_error_response(ex=ex, status_code=400) except Exception as ex: return create_dynamic_exception_response(ex=ex, status_code=400)