Ejemplo n.º 1
0
 def read(self, userName):
     if not user.read(userName):
         return error("User %s does not exist" % userName, UserDoesNotExistError)
     loggedInUser = helper.getLoggedInUser()
     if loggedInUser and user.canReadFull(user.idForName(userName),
                                          loggedInUser["_id"]):
         return data(user.readFull(userName).copy())
     else:
         return data(user.read(userName).copy())
Ejemplo n.º 2
0
 def update(self, userName):
     if not user.read(userName):
         return error("User %s does not exist" % userName, UserDoesNotExistError)
     loggedInUser = helper.getLoggedInUser()
     if loggedInUser and user.canUpdate(user.idForName(userName),
                                        loggedInUser["_id"]):
         theData = json.loads(helper.getRequestBody())
         theData["_id"] = user.idForName(userName)
         return data(user.update(theData))
     else:
         return error("Operation not permitted. You don't have permission to update this account.")
Ejemplo n.º 3
0
 def delete(self, userName):
     if not user.read(userName):
         return error("User %s does not exist" % userName, UserDoesNotExistError)
     loggedInUser = helper.getLoggedInUser()
     if loggedInUser and user.canDelete(user.idForName(userName),
                                        loggedInUser["_id"]):
         if user.idForName(userName) == loggedInUser["_id"]:
             helper.setLoggedInUser(None)
         user.delete(userName)
         return ack
     else:
         return error("Operation not permitted. You don't have permission to delete this account.")
Ejemplo n.º 4
0
 def resolveResource(self, userName):
     theUser = user.read(userName)
     return (theUser and theUser["_id"])