diff options
| author | Rafi Zadanly <zadanlyr@gmail.com> | 2023-01-12 17:10:48 +0700 |
|---|---|---|
| committer | Rafi Zadanly <zadanlyr@gmail.com> | 2023-01-12 17:10:48 +0700 |
| commit | 866a0b9ea34d6222b4c4936d3de32addaa2c8e30 (patch) | |
| tree | a1bebb7e90f37d71842aeb5225232a2418a73f45 | |
| parent | fcff03f98816bc0c8501206de3e4dfac979622b1 (diff) | |
create request validation and api create partner
| -rw-r--r-- | indoteknik_api/controllers/api_v1/__init__.py | 1 | ||||
| -rw-r--r-- | indoteknik_api/controllers/api_v1/partner.py | 41 | ||||
| -rw-r--r-- | indoteknik_api/controllers/api_v1/user.py | 7 | ||||
| -rw-r--r-- | indoteknik_api/controllers/controller.py | 56 |
4 files changed, 89 insertions, 16 deletions
diff --git a/indoteknik_api/controllers/api_v1/__init__.py b/indoteknik_api/controllers/api_v1/__init__.py index 03737d9d..e09b8f7b 100644 --- a/indoteknik_api/controllers/api_v1/__init__.py +++ b/indoteknik_api/controllers/api_v1/__init__.py @@ -6,6 +6,7 @@ from . import city from . import district from . import flash_sale from . import manufacture +from . import partner from . import product_variant from . import product from . import promotion diff --git a/indoteknik_api/controllers/api_v1/partner.py b/indoteknik_api/controllers/api_v1/partner.py new file mode 100644 index 00000000..2d7d04e8 --- /dev/null +++ b/indoteknik_api/controllers/api_v1/partner.py @@ -0,0 +1,41 @@ +from .. import controller +from odoo import http +from odoo.http import request + + +class Partner(controller.Controller): + prefix = '/api/v1/' + + @http.route(prefix + 'partner', auth='public', methods=['POST', 'OPTIONS'], csrf=False) + def create_partner(self, **kw): + if not self.authenticate(): + return self.response(code=401, description='Unauthorized') + + validate_request = self.get_request_params(kw, { + 'user_id': ['required', 'number'], + 'partner_id': ['required', 'number', 'alias:parent_id'], + 'type': ['default:other'], + 'name': ['required'], + 'email': ['required'], + 'mobile': ['required'], + 'street': ['required'], + 'city_id': ['required', 'number', 'alias:kota_id'], + 'district_id': ['number', 'alias:kecamatan_id'], + 'sub_district_id': ['number', 'alias:kelurahan_id'], + 'zip': ['required'], + }) + + is_verified = self.verify_user_token(validate_request['query']['user_id']) + if not is_verified: + return self.response(code=401, description='Unauthorized') + + if not validate_request['valid']: + return self.response(code=400, description=validate_request) + + del validate_request['value']['user_id'] + partner = request.env['res.partner'].create([ validate_request['value'] ]) + + return self.response({ + 'id': partner.id, + }) + diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py index bf1814da..d71c30ea 100644 --- a/indoteknik_api/controllers/api_v1/user.py +++ b/indoteknik_api/controllers/api_v1/user.py @@ -131,15 +131,14 @@ class User(controller.Controller): return self.response(code=401, description='Unauthorized') id = kw.get('id') + is_verify = self.verify_user_token(id) + if not is_verify: + return self.response(code=401, description='Unauthorized') user = request.env['res.users'].search([('id', '=', id)], limit=1) if not user: return self.response(code=404, description='User not found') - is_verify = self.verify_user_token(id) - if not is_verify: - return self.response(code=401, description='Unauthorized') - partners = [user.partner_id] + [x for x in user.child_ids] address = [request.env['res.users'].api_address_response(x) for x in partners] diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py index 73c8829d..6cc26cbc 100644 --- a/indoteknik_api/controllers/controller.py +++ b/indoteknik_api/controllers/controller.py @@ -34,19 +34,51 @@ class Controller(http.Controller): request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378') return True return False - - def validate_request(self, rules: dict, kw: dict): - validation = { - 'status': True, - 'reason': [] + + def get_request_params(self, kw, queries): + result = { + 'valid': True, + 'reason': [], + 'value': {}, + 'query': {} } - for key in rules: - values = rules[key] - for value in values: - if value == 'required' and not kw.get(key): - validation['status'] = False - validation['reason'].append(key + ' is ' + value) - return validation + for key in queries: + rules = queries[key] + is_number = len([r for r in rules if r == 'number']) > 0 + + has_alias = [r for r in rules if r.startswith('alias:')] + alias = key + if len(has_alias) > 0: + alias = has_alias[0].replace('alias:', '') + + has_default = [r for r in rules if r.startswith('default:')] + default = None + if len(has_default) > 0: + default = has_default[0].replace('default:', '') + + value = kw.get(key, '') + if value in ['null', 'undefined']: + value = '' + for rule in rules: + if rule == 'required' and not value: + result['reason'].append(key + ' is ' + rule) + elif rule == 'number' and value and not value.isdigit(): + result['reason'].append(key + ' must be ' + rule) + + if not value and default: + value = default + if is_number and value.isdigit(): + value = int(value) + if not value: + value = None + result['value'][alias] = value + result['query'][key] = value + + if len(result['reason']) > 0: + result['valid'] = False + if not result['valid']: + del result['value'] + return result def time_to_str(self, object, format): time = '' |