From 59d495b91d5dfa6e2644aff2d5292cb3d78ebdd0 Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Sat, 1 Feb 2020 08:55:45 +0000
Subject: [PATCH] Add API route for reporting transactions

---
 apiserver/apiserver/api/views.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/apiserver/apiserver/api/views.py b/apiserver/apiserver/api/views.py
index 376528b..01d6269 100644
--- a/apiserver/apiserver/api/views.py
+++ b/apiserver/apiserver/api/views.py
@@ -230,6 +230,17 @@ class TransactionViewSet(Base, List, Create, Retrieve, Update):
             raise exceptions.PermissionDenied()
         return super().list(request)
 
+    @action(detail=True, methods=['post'])
+    def report(self, request, pk=None):
+        report_memo = request.data.get('report_memo', '').strip()
+        if not report_memo:
+            raise exceptions.ValidationError(dict(report_memo='This field may not be blank.'))
+        transaction = self.get_object()
+        transaction.report_type = 'User Flagged'
+        transaction.report_memo = report_memo
+        transaction.save()
+        return Response(200)
+
 
 class UserView(views.APIView):
     permission_classes = [AllowMetadata | IsAuthenticated]