diff --git a/flaschengeist/plugins/pricelist/__init__.py b/flaschengeist/plugins/pricelist/__init__.py index e5a15ac..b015e85 100644 --- a/flaschengeist/plugins/pricelist/__init__.py +++ b/flaschengeist/plugins/pricelist/__init__.py @@ -5,10 +5,13 @@ from http.client import NO_CONTENT from flaschengeist.plugins import Plugin from flaschengeist.utils.decorators import login_required -from werkzeug.exceptions import BadRequest +from werkzeug.exceptions import BadRequest, Forbidden from . import models from . import pricelist_controller, permissions +from ...controller import userController +from ...models.session import Session +from ...utils.HTTP import no_content pricelist_bp = Blueprint("pricelist", __name__, url_prefix="/pricelist") @@ -220,3 +223,35 @@ def update_extra_ingredient(identifier): def delete_extra_ingredient(identifier): pricelist_controller.delete_extra_ingredient(identifier) return "", NO_CONTENT + + +@pricelist_bp.route("/users//pricecalc_columns", methods=["GET", "PUT"]) +@login_required() +def get_columns(userid, current_session: Session): + """Get pricecalc_columns of an user + + Route: ``/users//pricelist/pricecac_columns`` | Method: ``GET`` or ``PUT`` + POST-data: On ``PUT`` json encoded array of floats + + Args: + userid: Userid identifying the user + current_session: Session sent with Authorization Header + + Returns: + GET: JSON object containing the shortcuts as float array or HTTP error + PUT: HTTP-created or HTTP error + """ + if userid != current_session._user.userid: + raise Forbidden + + user = userController.get_user(userid) + if request.method == "GET": + return jsonify(user.get_attribute("pricecalc_columns", [])) + else: + data = request.get_json() + if not isinstance(data, list) or not all(isinstance(n, str) for n in data): + raise BadRequest + data.sort(reverse=True) + user.set_attribute("pricecalc_columns", data) + userController.persist() + return no_content()