Commit 8b8ab285 authored by Zach Perkins's avatar Zach Perkins
Browse files

added some basic argument validation to spice things up

parent 8f3ce9f1
from flask import Flask, redirect, jsonify, abort, request, url_for, make_response from flask import Flask, redirect, jsonify, abort, request, url_for, make_response
from webargs.flaskparser import use_args
from webargs import fields
from where.model import with_session, Point, Category, Field from where.model import with_session, Point, Category, Field
from where.model.field_types import FieldType from where.model.field_types import FieldType
...@@ -7,7 +9,6 @@ from where.validation import PointSchema, CategorySchema, FieldSchema ...@@ -7,7 +9,6 @@ from where.validation import PointSchema, CategorySchema, FieldSchema
app = Flask(__name__) app = Flask(__name__)
# Endpoints: # Endpoints:
...@@ -112,24 +113,25 @@ def get_category(session, id): ...@@ -112,24 +113,25 @@ def get_category(session, id):
@app.route('/category/<id>/children') @app.route('/category/<id>/children')
@with_session @with_session
def get_category_children(session, id): def get_category_children(data, session, id):
data = dict(request.args) data = dict(request.args)
data['parent_id'] = id data['parent_id'] = id
return search_resource(session, Point, data) return search_resource(session, Point, data)
@app.route('/point', methods=['GET']) @app.route('/point', methods=['GET'])
@use_args({'parent_id': fields.Int(), 'category_id': fields.Int(required=True)})
@with_session @with_session
def search_point(session): def search_point(session, args):
return search_resource(session, Point, dict(request.args)) return search_resource(session, Point, args)
@app.route('/point', methods=['POST']) @app.route('/point', methods=['POST'])
def create_point(session): @use_args(PointSchema)
data = request.get_json() @with_session
data['category'] = session.query(Category).get(data.pop('category_id')) def create_point(session, args):
args['category'] = session.query(Category).get(args.pop('category_id'))
return create_resource(session, Point, data, 'get_point') return create_resource(session, Point, args, 'get_point')
@app.route('/point/<id>', methods=['GET']) @app.route('/point/<id>', methods=['GET'])
......
from marshmallow_sqlalchemy import SQLAlchemyAutoSchema from marshmallow_sqlalchemy import SQLAlchemyAutoSchema, auto_field
from .model import Point, Category, Field from .model import Point, Category, Field
class PointSchema(SQLAlchemyAutoSchema): class PointSchema(SQLAlchemyAutoSchema):
class Meta: class Meta:
model = Point model = Point
include_relationships = True include_fk = True
load_instance = True include_relationships = False
load_instance = False
class CategorySchema(SQLAlchemyAutoSchema): class CategorySchema(SQLAlchemyAutoSchema):
class Meta: class Meta:
model = Category model = Category
include_relationships = True include_relationships = False
load_instance = True load_instance = False
class FieldSchema(SQLAlchemyAutoSchema): class FieldSchema(SQLAlchemyAutoSchema):
class Meta: class Meta:
model = Field model = Field
include_relationships = True include_relationships = False
load_instance = True load_instance = False
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment