def create(context, request):
try:
email = request.params['email']
password = request.params['password']
name = request.params['name']
surname = request.params['surname']
company = request.params.get('company')
web = request.params.get('web')
twitter = request.params.get('twitter')
request_groups = [g for g in request.params.getall('groups') if g]
groups = Group.search(request.db_session,
filters=(Group.name.in_(request_groups),)
)
organization_name = request.params.get('organization')
if organization_name:
try:
organization = Group.get(request.db_session,
organization_name)
except NoResultFound:
raise HTTPPreconditionFailed(headers={
'X-Request-Error': 'Invalid group {}'\
.format(organization_name)
})
else:
organization = None
if request_groups and len(groups) != len(request_groups):
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Invalid groups "{}"'\
.format(', '.join(request_groups))})
u = User(email=email, password=password, name=name,
surname=surname, company=company,
web=web, twitter=twitter, groups=groups,
organization=organization)
request.db_session.add(u)
request.db_session.flush()
except KeyError as e:
raise ParamsError(e)
except IntegrityError as e:
error = 'User with email {} already exists'\
.format(request.params['email'])
request.db_session.rollback()
raise HTTPConflict(headers={'X-Request-Error': error})
else:
request.db_session.commit()
raise HTTPCreated()
def set_instance_groups(context, request):
domain = request.matchdict['domain']
request_groups = set(request.params.getall('groups'))
if domain not in request_groups:
request_groups.add(domain)
instance = Instance.get_by_domain(request.db_session, domain)
groups = Group.search(
request.db_session,
filters=(Group.name.in_(request_groups), )
)
if len(groups) != len(request_groups):
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Invalid groups {}'\
.format(','.join(request_groups))})
instance.groups = groups
request.db_session.commit()
raise HTTPNoContent()
def update(context, request):
email = urllib.unquote(request.matchdict['email'])
user = User.get(request.db_session, email)
principals = effective_principals(request)
# an "normal" user can update only itself
if not set(('admin', email)) & set(principals):
return generate_empty_response(HTTPForbidden(), request, 403)
params = {}
for attr in ('email', 'password', 'name', 'surname', 'company',
'web', 'twitter'):
value = request.params.get(attr)
if value:
params[attr] = value
# only admins can change users groups
if 'admin' in principals and 'groups' in request.params:
groups = [g for g in request.params.getall('groups') if g]
if not groups:
params['groups'] = []
else:
params['groups'] = Group.search(
request.db_session,
filters=(Group.name.in_(groups), )
)
if len(groups) != len(params['groups']):
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Invalid groups {}'\
.format(','.join(groups))})
if not 'admin' and 'organization' in request.params:
return generate_empty_response(HTTPForbidden(), request, 403)
elif 'organization' in request.params:
organization_name = request.params['organization']
if not organization_name:
params['organization'] = None
else:
try:
params['organization'] = Group.get(request.db_session,
organization_name)
except NoResultFound:
raise HTTPPreconditionFailed(headers={
'X-Request-Error': 'Invalid group {}'\
.format(organization_name)
})
if not params:
raise ParamsError('Missing update fields')
try:
for param in params:
setattr(user, param, params[param])
request.db_session.flush()
except IntegrityError:
error = 'An user with email {} already exists'.format(params['email'])
raise HTTPPreconditionFailed(headers={'X-Request-Error': error})
else:
request.db_session.commit()
return user.to_dict()