def create_model(self, request, instance=None, data=None, session=None):
user = ensure_authenticated(request)
instance = self.instance(instance)
instance.obj.active = True
obj = super().create_model(request, instance, data, session=session)
self.add_member(request, obj, user, role=MemberRole.owner,
session=session)
return obj
def get_create_own_model(self, request):
app = request.app
target = get_owned_model(request, request.urlargs["model"])
if request.method == "OPTIONS":
request.app.fire("on_preflight", request, methods=("GET", "HEAD", "POST"))
return request.response
odm = app.odm()
model = self.get_model(request)
with model.session(request) as session:
owner = self.get_instance(request, session=session).obj
request.cache.owner = owner
if request.method in GET_HEAD:
cfg = app.config
query = target.query(session, owner)
params = dict(request.url_data)
params["limit"] = params.pop(cfg["API_LIMIT_KEY"], None)
params["offset"] = params.pop(cfg["API_OFFSET_KEY"], None)
params["search"] = params.pop(cfg["API_SEARCH_KEY"], None)
params["session"] = session
params["query"] = query
data = target.model.query_data(request, **params)
return self.json_response(request, data)
if owner.type == "organisation":
user = ensure_authenticated(request)
auth = request.cache.auth_backend
membership = get_membership(session, user, owner)
if not membership or membership.role == MemberRole.collaborator:
raise PermissionDenied
if membership.role == MemberRole.member:
auth.has_permission(request)
data, files = request.data_and_files()
data["owner"] = owner
form = target.form(request, data=data, files=files, model=target.model)
if form.is_valid():
try:
object = target.model.create_model(request, data=form.cleaned_data, session=session)
except Exception:
msg = "Could not create %s" % target.name
request.logger.exception(msg)
form.add_error_message(msg)
data = form.tojson()
else:
ownership = odm.entityownership(
entity_id=owner.id, object_id=object.id, type=target.model.name, private=data.get("private", True)
)
session.add(ownership)
data = target.model.tojson(request, object)
request.response.status_code = 201
else:
data = form.tojson()
return self.json_response(request, data)
def create_model(self, request, instance=None, data=None, session=None):
user = ensure_authenticated(request)
instance = self.instance(instance)
instance.obj.active = True
obj = super().create_model(request, instance, data, session=session)
self.add_member(request,
obj,
user,
role=MemberRole.owner,
session=session)
return obj
def create_model(self, request, instance, data, session=None):
user = ensure_authenticated(request)
auth = request.cache.auth_backend
data['session'] = False
return auth.create_token(request, user, **data)
def create_model(self, request, instance, data, session=None):
user = ensure_authenticated(request)
auth = request.cache.auth_backend
data['session'] = False
return auth.create_token(request, user, **data)
def get_create_own_model(self, request):
app = request.app
target = get_owned_model(request, request.urlargs['model'])
if request.method == 'OPTIONS':
request.app.fire('on_preflight',
request,
methods=('GET', 'HEAD', 'POST'))
return request.response
odm = app.odm()
model = self.get_model(request)
with model.session(request) as session:
owner = self.get_instance(request, session=session).obj
request.cache.owner = owner
if request.method in GET_HEAD:
cfg = app.config
query = target.query(session, owner)
params = dict(request.url_data)
params['limit'] = params.pop(cfg['API_LIMIT_KEY'], None)
params['offset'] = params.pop(cfg['API_OFFSET_KEY'], None)
params['search'] = params.pop(cfg['API_SEARCH_KEY'], None)
params['session'] = session
params['query'] = query
data = target.model.query_data(request, **params)
return self.json_response(request, data)
if owner.type == 'organisation':
user = ensure_authenticated(request)
auth = request.cache.auth_backend
membership = get_membership(session, user, owner)
if not membership or membership.role == MemberRole.collaborator:
raise PermissionDenied
if membership.role == MemberRole.member:
auth.has_permission(request)
data, files = request.data_and_files()
data['owner'] = owner
form = target.form(request, data=data, files=files, model=target.model)
if form.is_valid():
try:
object = target.model.create_model(request,
data=form.cleaned_data,
session=session)
except Exception:
msg = 'Could not create %s' % target.name
request.logger.exception(msg)
form.add_error_message(msg)
data = form.tojson()
else:
ownership = odm.entityownership(entity_id=owner.id,
object_id=object.id,
type=target.model.name,
private=data.get(
'private', True))
session.add(ownership)
data = target.model.tojson(request, object)
request.response.status_code = 201
else:
data = form.tojson()
return self.json_response(request, data)
