[Enhance] API for purchases, items, operations

- Add API endpoints for purchases, items, and operations
- Header checker? :)

latest version/api/__init__.py

@@ -1,10 +1,11 @@
 from flask import Blueprint
 
-from . import users
-from . import songs
-from . import token
+from . import (users, songs, token, system, items, purchases)
 
 bp = Blueprint('api', __name__, url_prefix='/api/v1')
 bp.register_blueprint(users.bp)
 bp.register_blueprint(songs.bp)
 bp.register_blueprint(token.bp)
+bp.register_blueprint(system.bp)
+bp.register_blueprint(items.bp)
+bp.register_blueprint(purchases.bp)

latest version/api/api_auth.py

@@ -1,15 +1,17 @@
-from functools import wraps
-from traceback import format_exc
 from base64 import b64decode
+from functools import wraps
 from json import loads
+from traceback import format_exc
+
+from flask import current_app
 
 from core.api_user import APIUser
 from core.config_manager import Config
-from core.error import ArcError, NoAccess, PostError
+from core.error import ArcError, InputError, NoAccess, PostError
 from core.sql import Connect
-from flask import current_app
 
 from .api_code import error_return
+from .constant import Constant
 
 
 def role_required(request, powers=[]):
@@ -48,7 +50,7 @@ def role_required(request, powers=[]):
     return decorator
 
 
-def request_json_handle(request, required_keys: list = [], optional_keys: list = [], must_change: bool = False):
+def request_json_handle(request, required_keys: list = [], optional_keys: list = [], must_change: bool = False, is_batch: bool = False):
     '''
         提取post参数，返回dict，写成了修饰器\ 
         parameters: \ 
@@ -64,7 +66,7 @@ def request_json_handle(request, required_keys: list = [], optional_keys: list =
 
             data = {}
             if request.data:
-                json_data = request.json
+                json_data = request.get_json()
             else:
                 if request.method == 'GET' and 'query' in request.args:
                     # 处理axios没法GET传data的问题
@@ -78,15 +80,24 @@ def request_json_handle(request, required_keys: list = [], optional_keys: list =
 
             for key in required_keys:
                 if key not in json_data:
-                    return error_return(PostError(f'Missing parameter: {key}', api_error_code=-100))
+                    return error_return(InputError(f'Missing parameter: {key}', api_error_code=-100))
                 data[key] = json_data[key]
 
-            for key in optional_keys:
-                if key in json_data:
-                    data[key] = json_data[key]
+            if is_batch:
+                for key in Constant.PATCH_KEYS:
+                    if key in json_data:
+                        data[key] = json_data[key]
+                        if not isinstance(data[key], list):
+                            return error_return(InputError(f'Parameter {key} must be a list', api_error_code=-100))
+                if not data:
+                    return error_return(InputError('No change', api_error_code=-100))
+            else:
+                for key in optional_keys:
+                    if key in json_data:
+                        data[key] = json_data[key]
 
-            if must_change and not data:
-                return error_return(PostError('No change', api_error_code=-100))
+                if must_change and not data:
+                    return error_return(InputError('No change', api_error_code=-100))
 
             return view(data, *args, **kwargs)
 

latest version/api/api_code.py

@@ -18,6 +18,11 @@ CODE_MSG = {
     -104: 'Invalid sort order parameter',
     -105: 'Invalid URL parameter',
     -110: 'Invalid user_id',
+    -120: 'Invalid item type',
+    -121: 'No such item',
+    -122: 'Item already exists',
+    -123: 'Purchase already has this item',
+    -124: 'Purchase does not have this item',
     -200: 'No permission',  # 2xx用户相关错误
     -201: 'Wrong username or password',
     -202: 'User is banned',

latest version/api/constant.py

@@ -1,2 +1,4 @@
 class Constant:
     QUERY_KEYS = ['limit', 'offset', 'query', 'fuzzy_query', 'sort']
+
+    PATCH_KEYS = ['create', 'update', 'remove']

latest version/api/items.py

@@ -0,0 +1,115 @@
+from flask import Blueprint, request
+
+from core.error import DataExist, InputError, NoData
+from core.item import Item, ItemFactory
+from core.sql import Connect, Query, Sql
+
+from .api_auth import api_try, request_json_handle, role_required
+from .api_code import success_return
+from .constant import Constant
+
+bp = Blueprint('items', __name__, url_prefix='/items')
+
+
+@bp.route('', methods=['GET'])
+@role_required(request, ['select'])
+@request_json_handle(request, optional_keys=Constant.QUERY_KEYS)
+@api_try
+def items_get(data, user):
+    '''查询全物品信息'''
+    with Connect() as c:
+        query = Query(['item_id', 'type'], ['item_id'],
+                      ['item_id']).from_dict(data)
+        x = Sql(c).select('item', query=query)
+        r: 'list[Item]' = []
+        for i in x:
+            r.append(ItemFactory.from_dict({
+                'item_id': i[0],
+                'type': i[1],
+                'is_available': i[2] == 1
+            }))
+
+        if not r:
+            raise NoData(api_error_code=-2)
+
+        return success_return([x.to_dict(has_is_available=True, has_amount=False) for x in r])
+
+
+ALLOW_ITEM_TYPE = ['pack', 'single', 'world_song', 'character']
+
+
+@bp.route('', methods=['POST'])
+@role_required(request, ['change'])
+@request_json_handle(request, required_keys=['item_id', 'type'], optional_keys=['is_available'])
+@api_try
+def items_post(data, user):
+    '''新增物品'''
+    if data['type'] not in ALLOW_ITEM_TYPE:
+        raise InputError(
+            f'Invalid item type: `{data["type"]}`', api_error_code=-120)
+    with Connect() as c:
+        item = ItemFactory.from_dict(data, c=c)
+        if item.select_exists():
+            raise DataExist(
+                f'Item `{item.item_type}`: `{item.item_id}` already exists', api_error_code=-122)
+        item.insert()
+        return success_return(item.to_dict(has_is_available=True, has_amount=False))
+
+
+@bp.route('/<string:item_type>/<string:item_id>', methods=['DELETE'])
+@role_required(request, ['change'])
+@api_try
+def items_item_delete(user, item_type, item_id):
+    '''删除物品'''
+    if item_type not in ALLOW_ITEM_TYPE:
+        raise InputError(
+            f'Invalid item type: `{item_type}`', api_error_code=-120)
+    with Connect() as c:
+        item = ItemFactory.from_dict({
+            'item_id': item_id,
+            'type': item_type
+        }, c=c)
+        if not item.select_exists():
+            raise NoData(
+                f'No such item `{item_type}`: `{item_id}`', api_error_code=-121)
+        item.delete()
+        return success_return()
+
+
+@bp.route('/<string:item_type>/<string:item_id>', methods=['PUT'])
+@role_required(request, ['change'])
+@request_json_handle(request, optional_keys=['is_available'], must_change=True)
+@api_try
+def items_item_put(data, user, item_type, item_id):
+    '''修改物品'''
+    if item_type not in ALLOW_ITEM_TYPE:
+        raise InputError(
+            f'Invalid item type: `{item_type}`', api_error_code=-120)
+    if not isinstance(data['is_available'], bool):
+        raise InputError('`is_available` must be a boolean',
+                         api_error_code=-101)
+    with Connect() as c:
+        item = ItemFactory.from_dict({
+            'item_id': item_id,
+            'type': item_type,
+            'is_available': data['is_available']
+        }, c=c)
+        if not item.select_exists():
+            raise NoData(
+                f'No such item `{item_type}`: `{item_id}`', api_error_code=-121)
+        item.update()
+        return success_return(item.to_dict(has_is_available=True, has_amount=False))
+
+
+@bp.route('/<string:item_type>/<string:item_id>', methods=['GET'])
+@role_required(request, ['select'])
+@api_try
+def items_item_get(user, item_type, item_id):
+    '''查询单个物品信息'''
+    with Connect() as c:
+        item = ItemFactory.from_dict({
+            'item_id': item_id,
+            'type': item_type
+        }, c=c)
+        item.select()
+        return success_return(item.to_dict(has_is_available=True, has_amount=False))

latest version/api/purchases.py

@@ -0,0 +1,164 @@
+from flask import Blueprint, request
+
+from core.error import DataExist, InputError, NoData
+from core.item import ItemFactory
+from core.purchase import Purchase
+from core.sql import Connect, Query, Sql
+
+from .api_auth import api_try, request_json_handle, role_required
+from .api_code import success_return
+from .constant import Constant
+
+bp = Blueprint('purchases', __name__, url_prefix='/purchases')
+
+
+@bp.route('', methods=['GET'])
+@role_required(request, ['select'])
+@request_json_handle(request, optional_keys=Constant.QUERY_KEYS)
+@api_try
+def purchases_get(data, user):
+    '''查询全购买信息'''
+    with Connect() as c:
+        query = Query(['purchase_name', 'discount_reason'], ['purchase_name'], [
+                      'price', 'orig_price', 'discount_from', 'discount_to']).from_dict(data)
+        x = Sql(c).select('purchase', query=query)
+        r = [Purchase().from_list(i) for i in x]
+
+        if not r:
+            raise NoData(api_error_code=-2)
+
+        return success_return([x.to_dict(has_items=False, show_real_price=False) for x in r])
+
+
+@bp.route('', methods=['POST'])
+@role_required(request, ['change'])
+@request_json_handle(request, required_keys=['purchase_name', 'orig_price'], optional_keys=['price', 'discount_from', 'discount_to', 'discount_reason', 'items'])
+@api_try
+def purchases_post(data, user):
+    '''新增购买，注意可以有items，不存在的item会自动创建'''
+    with Connect() as c:
+        purchase = Purchase(c).from_dict(data)
+        if purchase.select_exists():
+            raise DataExist(
+                f'Purchase `{purchase.purchase_name}` already exists')
+        purchase.insert_all()
+        return success_return(purchase.to_dict(has_items='items' in data, show_real_price=False))
+
+
+@bp.route('/<string:purchase_name>', methods=['GET'])
+@role_required(request, ['select'])
+@api_try
+def purchases_purchase_get(user, purchase_name: str):
+    '''查询单个购买信息'''
+    with Connect() as c:
+        return success_return(Purchase(c).select(purchase_name).to_dict(show_real_price=False))
+
+
+@bp.route('/<string:purchase_name>', methods=['DELETE'])
+@role_required(request, ['change'])
+@api_try
+def purchases_purchase_delete(user, purchase_name: str):
+    '''删除单个购买信息，会连带删除purchase_item'''
+    with Connect() as c:
+        purchase = Purchase(c).select(purchase_name)
+        purchase.delete_all()
+        return success_return()
+
+
+@bp.route('/<string:purchase_name>', methods=['PUT'])
+@role_required(request, ['change'])
+@request_json_handle(request, optional_keys=['price', 'orig_price', 'discount_from', 'discount_to', 'discount_reason'], must_change=True)
+@api_try
+def purchases_purchase_put(data, user, purchase_name: str):
+    '''修改单个购买信息，注意不能有items'''
+    with Connect() as c:
+        purchase = Purchase(c).select(purchase_name)
+        t = ['price', 'orig_price', 'discount_from', 'discount_to']
+        for i in t:
+            if i in data:
+                setattr(purchase, i, int(data[i]))
+        if 'discount_reason' in data:
+            purchase.discount_reason = str(data['discount_reason'])
+
+        purchase.update()
+        return success_return(purchase.to_dict(has_items=False, show_real_price=False))
+
+
+@bp.route('/<string:purchase_name>/items', methods=['GET'])
+@role_required(request, ['select'])
+@api_try
+def purchases_purchase_items_get(user, purchase_name: str):
+    '''查询单个购买的所有items'''
+    with Connect() as c:
+        p = Purchase(c)
+        p.purchase_name = purchase_name
+        p.select_items()
+        return success_return([x.to_dict(has_is_available=True) for x in p.items])
+
+
+# @bp.route('/<string:purchase_name>/items', methods=['POST'])
+# @role_required(request, ['change'])
+# @request_json_handle(request, required_keys=['item_id', 'type'], optional_keys=['amount'])
+# @api_try
+# def purchases_purchase_items_post(data, user, purchase_name: str):
+#     '''新增单个购买的批量items'''
+#     with Connect() as c:
+#         p = Purchase(c)
+#         p.purchase_name = purchase_name
+#         p.select_items()
+#         p.add_items([ItemFactory().from_dict(data)])
+#         return success_return([x.to_dict(has_is_available=True) for x in p.items])
+
+
+@bp.route('/<string:purchase_name>/items', methods=['PATCH'])
+@role_required(request, ['change'])
+@request_json_handle(request, is_batch=True)
+@api_try
+def purchases_purchase_items_patch(data, user, purchase_name: str):
+    '''增删改单个购买的批量items'''
+    with Connect() as c:
+        p = Purchase(c)
+        p.purchase_name = purchase_name
+        p.select_items()
+        p.delete_items([ItemFactory.from_dict(x, c=c)
+                        for x in data.get('remove', [])])
+        p.add_items([ItemFactory.from_dict(x, c=c)
+                     for x in data.get('create', [])])
+
+        updates = data.get('update', [])
+        for x in updates:
+            if 'amount' not in x:
+                raise InputError('`amount` is required in `update`')
+            if not isinstance(x['amount'], int) or x['amount'] <= 0:
+                raise InputError(
+                    '`amount` must be a positive integer', api_error_code=-101)
+
+        p.update_items([ItemFactory.from_dict(x, c=c) for x in updates])
+        return success_return([x.to_dict(has_is_available=True) for x in p.items])
+
+
+# @bp.route('/<string:purchase_name>/items/<string:item_type>/<string:item_id>', methods=['DELETE'])
+# @role_required(request, ['change'])
+# @api_try
+# def purchases_purchase_items_item_delete(user, purchase_name: str, item_type: str, item_id: str):
+#     '''删除单个购买的单个item'''
+#     with Connect() as c:
+#         p = Purchase(c)
+#         p.purchase_name = purchase_name
+#         p.select_items()
+#         p.delete_items([ItemFactory().from_dict(
+#             {'item_type': item_type, 'item_id': item_id})])
+#         return success_return()
+
+
+# @bp.route('/<string:purchase_name>/items/<string:item_type>/<string:item_id>', methods=['PUT'])
+# @role_required(request, ['change'])
+# @request_json_handle(request, optional_keys=['amount', 'is_available'], must_change=True)
+# @api_try
+# def purchases_purchase_items_item_put(data, user, purchase_name: str, item_type: str, item_id: str):
+#     '''修改单个购买的单个item'''
+#     with Connect() as c:
+#         p = Purchase(c)
+#         p.purchase_name = purchase_name
+#         pass
+#         return success_return()

latest version/api/system.py

@@ -0,0 +1,32 @@
+from flask import Blueprint, request
+
+from core.error import ArcError
+from core.operation import BaseOperation
+
+from .api_auth import api_try, role_required
+from .api_code import success_return
+
+bp = Blueprint('system', __name__, url_prefix='/system')
+
+
+operation_dict = {i._name: i for i in BaseOperation.__subclasses__()}
+
+
+@bp.route('/operations', methods=['GET'])
+@role_required(request, ['system'])
+@api_try
+def operations_get(user):
+    return success_return(list(operation_dict.keys()))
+
+
+@bp.route('/operations/<string:operation_name>', methods=['POST'])
+@role_required(request, ['system'])
+@api_try
+def operations_operation_post(user, operation_name: str):
+    if operation_name not in operation_dict:
+        raise ArcError(
+            f'No such operation: `{operation_name}`', api_error_code=-1, status=404)
+    x = operation_dict[operation_name]()
+    x.set_params(**request.get_json())
+    x.run()
+    return success_return()

latest version/api/token.py

@@ -1,9 +1,10 @@
 from base64 import b64decode
 
+from flask import Blueprint, request
+
 from core.api_user import APIUser
 from core.error import PostError
 from core.sql import Connect
-from flask import Blueprint, request
 
 from .api_auth import api_try, request_json_handle, role_required
 from .api_code import success_return

latest version/api/users.py

@@ -1,9 +1,10 @@
+from flask import Blueprint, request
+
+from core.api_user import APIUser
 from core.error import InputError, NoAccess, NoData
 from core.score import Potential, UserScoreList
 from core.sql import Connect, Query, Sql
 from core.user import UserChanger, UserInfo, UserRegister
-from core.api_user import APIUser
-from flask import Blueprint, request
 
 from .api_auth import api_try, request_json_handle, role_required
 from .api_code import error_return, success_return