1 changed files with 17 additions and 81 deletions
--- a/backend/app.py
+++ b/backend/app.py
@ -74,26 +74,6 @@ async def find_guest(party: str, token: str) -> DBGuest:
    return DBGuest.parse_obj(guest)


-class Party(MongoModel):
-    name: str
-    created: datetime
-    allowed_extra: dict[str, int]
-
-
-async def find_party(name: str) -> Party:
-    party = await meta["parties"].find_one({"name": name})
-    if not party:
-        raise HTTPException(status.HTTP_404_NOT_FOUND)
-    return Party.parse_obj(party)
-
-
-def validate_extra(extra: dict[str, str], party: Party):
-    return all(
-        k in party.allowed_extra and len(v) <= party.allowed_extra[k]
-        for (k, v) in extra.items()
-    )
-
-
 # Guest methods


@ -108,8 +88,7 @@ async def get_self(guest: DBGuest = Depends(find_guest)):


 class GuestUpdate(BaseModel):
-    coming: Coming | None
-    extra: dict[str, str] | None
+    coming: Coming


@app.patch(
@ -121,31 +100,8 @@ class GuestUpdate(BaseModel):
 async def update_self(
    party: str, update: GuestUpdate, guest: DBGuest = Depends(find_guest)
 ):
-    try:
-        party_obj = await find_party(party)
-    except HTTPException:
-        # should not happen since find_guest in Depends already
-        # implies that the party/token combo is correct
-        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
-
    guest_dict = guest.dict(exclude={"id"})
-    update_dict = update.dict(exclude_unset=True)
-
-    if "extra" in update_dict:
-        if not validate_extra(update_dict["extra"], party_obj):
-            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
-
-        # overwrite allowed extra, but keep those that are not allowed/user-modifiable
-        update_dict["extra"].update(
-            {
-                k: v
-                for (k, v) in guest_dict["extra"].items()
-                if k not in party_obj.allowed_extra
-            }
-        )
-
-    guest_dict.update(update_dict)
-
+    guest_dict.update(update.dict())
    await db[party].replace_one({"_id": guest.id}, guest_dict)
    return await db[party].find_one({"_id": guest.id})

@ -179,6 +135,11 @@ async def auth_admin(admin_token: str):
        raise HTTPException(status.HTTP_401_UNAUTHORIZED)


+class Party(MongoModel):
+    name: str
+    created: datetime
+
+
@app.get(
    "/{admin_token}",
    response_model=list[Party],
@ -191,7 +152,6 @@ async def list_parties(_=Depends(auth_admin)):

 class PartyCreate(BaseModel):
    name: str
-    allowed_extra: dict[str, int] = dict()


@app.post(
@ -208,11 +168,12 @@ async def create_party(party: PartyCreate, _=Depends(auth_admin)):
        raise HTTPException(
            status.HTTP_400_BAD_REQUEST, f"Party {party.name!r} already exists"
        )
-
-    party_dict = party.dict()
-    party_dict.update({"created": datetime.now()})
-
-    inserted = await meta["parties"].insert_one(party_dict)
+    inserted = await meta["parties"].insert_one(
+        {
+            "name": party.name,
+            "created": datetime.now(),
+        }
+    )
    return await meta["parties"].find_one({"_id": inserted.inserted_id})


@ -257,7 +218,8 @@ class GuestCreate(BaseModel):
    tags=["admin"],
 )
 async def create_new_guest(party: str, new_guest: GuestCreate, _=Depends(auth_admin)):
-    await find_party(party)
+    if not await meta["parties"].find_one({"name": party}):
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)

    existing = await db[party].find_one({"token": new_guest.token})
    if existing:
@ -270,33 +232,6 @@ async def create_new_guest(party: str, new_guest: GuestCreate, _=Depends(auth_ad
    return inserted


-@app.get(
-    "/{admin_token}/{party}/userAllowedExtra",
-    response_model=dict[str, int],
-    responses=error_responses(401, 404),
-    tags=["admin"],
-)
-async def get_allowed_extra_keys(party: str, _=Depends(auth_admin)):
-    party_obj = await find_party(party)
-    return party_obj.allowed_extra
-
-
-@app.patch(
-    "/{admin_token}/{party}/userAllowedExtra",
-    response_model=Party,
-    responses=error_responses(401, 404),
-    tags=["admin"],
-)
-async def modify_allowed_extra_keys(
-    party: str, keys: dict[str, int], _=Depends(auth_admin)
-):
-    party_obj = await find_party(party)
-    party_dict = party_obj.dict(exclude={"id"})
-    party_dict["allowed_extra"] = keys
-    await meta["parties"].replace_one({"_id": party_obj.id}, party_dict)
-    return await meta["parties"].find_one({"_id": party_obj.id})
-
-
 class GuestModify(BaseModel):
    token: str | None
    name: str | None
@ -314,7 +249,8 @@ class GuestModify(BaseModel):
 async def modify_guest(
    party: str, id: PyObjectId, modified_guest: GuestModify, _=Depends(auth_admin)
 ):
-    await find_party(party)
+    if not await meta["parties"].find_one({"name": party}):
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)

    existing = await db[party].find_one({"_id": id})
    if not existing: