def update_annotation(annotation, fields, userid): """Update the given annotation with the given new fields. :raises RuntimeError: if the fields attempt to change the annotation's permissions and has_admin_permission is False, or if they are attempting to move the annotation between groups. """ # If the user is changing access permissions, check if it's allowed. permissions = annotation.get('permissions', {}) changing_permissions = ( 'permissions' in fields and fields['permissions'] != permissions ) if changing_permissions and userid not in permissions.get('admin', []): raise RuntimeError( _('Not authorized to change annotation permissions.'), 401) if 'group' in fields and 'group' in annotation: if fields['group'] != annotation.get('group'): raise RuntimeError( _("You can't move annotations between groups."), 401) # Update the annotation with the new data annotation.update(fields) # Save the annotation in the database, overwriting the old version. search_lib.prepare(annotation) annotation.save()
def create_annotation(fields): """Create and store an annotation.""" annotation = Annotation(fields) search_lib.prepare(annotation) annotation.save() return annotation
def create_annotation(fields, userid): """Create and store an annotation.""" # Create Annotation instance annotation = Annotation(fields) annotation['user'] = userid # Save it in the database search_lib.prepare(annotation) annotation.save() log.debug('Created annotation; user: %s', annotation['user']) return annotation
def create_annotation(fields, userid): """Create and store an annotation.""" # Some fields are not to be set by the user, ignore them for field in PROTECTED_FIELDS: fields.pop(field, None) # Create Annotation instance annotation = Annotation(fields) annotation['user'] = userid # Save it in the database search_lib.prepare(annotation) annotation.save() log.debug('Created annotation; user: %s', annotation['user']) return annotation
def create_annotation(fields, user): """Create and store an annotation.""" # Some fields are not to be set by the user, ignore them for field in PROTECTED_FIELDS: fields.pop(field, None) # Create Annotation instance annotation = Annotation(fields) annotation['user'] = user.id annotation['consumer'] = user.consumer.key if nipsa.has_nipsa(user.id): annotation["nipsa"] = True # Save it in the database search_lib.prepare(annotation) annotation.save() log.debug('Created annotation; user: %s, consumer key: %s', annotation['user'], annotation['consumer']) return annotation
def update_annotation(annotation, fields, userid): """Update the given annotation with the given new fields. :raises RuntimeError: if the fields attempt to change the annotation's permissions and has_admin_permission is False, or if they are attempting to move the annotation between groups. """ # Some fields are not to be set by the user, ignore them for field in PROTECTED_FIELDS: fields.pop(field, None) # If the user is changing access permissions, check if it's allowed. permissions = annotation.get('permissions', {}) changing_permissions = ( 'permissions' in fields and fields['permissions'] != permissions ) if changing_permissions and userid not in permissions.get('admin', []): raise RuntimeError( _('Not authorized to change annotation permissions.'), 401) if 'group' in fields and 'group' in annotation: if fields['group'] != annotation.get('group'): raise RuntimeError( _("You can't move annotations between groups."), 401) # Update the annotation with the new data annotation.update(fields) # If the annotation is flagged as deleted, remove mentions of the user if annotation.get('deleted', False): _anonymize_deletes(annotation) # Save the annotation in the database, overwriting the old version. search_lib.prepare(annotation) annotation.save()
def update_annotation(annotation, fields, has_admin_permission): # Some fields are not to be set by the user, ignore them for field in PROTECTED_FIELDS: fields.pop(field, None) # If the user is changing access permissions, check if it's allowed. changing_permissions = ( 'permissions' in fields and fields['permissions'] != annotation.get('permissions', {}) ) if changing_permissions and not has_admin_permission: raise RuntimeError("Not authorized to change annotation permissions.", 401) # Unauthorized # Update the annotation with the new data annotation.update(fields) # If the annotation is flagged as deleted, remove mentions of the user if annotation.get('deleted', False): _anonymize_deletes(annotation) # Save the annotation in the database, overwriting the old version. search_lib.prepare(annotation) annotation.save()
def update_annotation(annotation, fields): """Update the given annotation with the given new fields.""" annotation.update(fields) search_lib.prepare(annotation) annotation.save()