def method_not_allowed(self, resp: Response) -> None:
"""
Generalized 'method-not-allowed' response.
"""
resp.text = ""
resp.status_code = 405
resp.headers["Allow"] = self.ALLOWED_METHODS
async def on_delete(self, req: Request, resp: Response, *, school_id: int,
user_id: int):
school = await models.School.get_or_none(id=school_id)
if school is None:
resp.status_code = 404
resp.text = "No school found"
return
user = await models.User.get_or_none(id=user_id)
if user is None:
resp.status_code = 404
resp.text = "No user found."
return
await school.teacher.remove(user)
resp.status_code = 200
async def on_get(self, req: Request, resp: Response, user_id: int,
space: str) -> None:
"""
Get a user
:param int user_id: The id of the user.
"""
space_relation = {
"student": "student_schools",
"headmaster": "principal_schools",
"teacher": "teacher_schools",
}
try:
user = None
relation = space_relation.get(space, None)
if relation is None:
resp.status_code = 404
resp.text = "unknown relation type"
else:
user = await models.User.get_or_none(
id=user_id).prefetch_related(relation)
SchoolModel.list_model([
SchoolModel.from_orm(school)
for school in getattr(user, relation, [])
]).send_json(resp)
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_put(self, req: Request, resp: Response, *, school_id: int,
user_id: int):
school = await models.School.get_or_none(id=school_id)
if school is None:
resp.status_code = 404
resp.text = "No school found"
return
user = await models.User.get_or_none(id=user_id, roles__name="teacher")
if user is None:
resp.status_code = 404
resp.text = "No user found. Maybe id was wrong or the account is not a teacher."
return
await school.teacher.add(user)
resp.status_code = 200
async def on_put(self, req: Request, resp: Response, *, role_id: int) -> None:
"""
405 Method not allowed
"""
resp.status_code = 405
resp.headers["Allow"] = self.ALLOWED_METHODS
resp.text = ""
async def on_delete(self, req: Request, resp: Response):
"""
Deletes all schools
"""
try:
resp.status_code = 501 # Not implemented
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_post(self, req: Request, resp: Response, *, user_id: int):
"""
Method not allowed. Returns a list of allowed methods in the ``Allow``
header field.
:param int user_id: The id of the user
"""
resp.headers["Allow"] = self.ALLOWED_METHODS
resp.status_code = 405
async def on_post(self, req: Request, resp: Response, *, course_id: int) -> None:
"""
405 Method not allowed
"""
try:
resp.status_code = 405
resp.headers["Allow"] = "GET, PUT, DELETE"
resp.text = ""
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_put(self, req: Request, resp: Response, *, user_id: int):
"""
405 Method not allowed
"""
try:
resp.status_code = 405
resp.text = ""
resp.headers["Allow"] = self.ALLOWED_METHODS
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_get(self, req: Request, resp: Response) -> None:
what = req.params.get("w", None)
if what == "home_routes":
routes = {}
for role in await Role.all():
routes[role.name] = role.home_route
resp.media = {"home_routes": routes}
else:
resp.status_code = 404 # File not found
resp.text = f"I do not understand {what}"
async def on_get(self, req: Request, resp: Response, *,
user_id: int) -> None:
"""
Get all rights that are associated to this user via roles.
The response contains an array of strings with the distinct
names of the rights.
"""
try:
rights = await Right.filter(roles__users__id=1
).distinct().values("name")
resp.media = [right["name"] for right in rights]
resp.status_code = 200
except Exception as error: # pylint: disable=broad-except
error_response(resp, 500, str(error))
async def on_put(self, req: Request, resp: Response, *, role_id: int,
right_id: int):
"""
Adds a right to this role.
Sets the response status code to :code:`200` if the right was
added to the role successfully.
If :code:`role_id` refers to no existing role, a status code of
:code:`404` will be send back.
If the specified right already is associated to th role, a status
code of ``304 - Not Modified`` is send back. This doesn't fully conform
to the http standard, as is does not need any header fields an is
not sending back any header fields. But it says clearly what happend.
Because the right is already associated to this role, the role
hasn't been modified.
:param int right_id: The database id of the right
:param int role_id: The database id of the role
"""
try:
role = await Role.get(id=role_id).prefetch_related("rights")
right = _find_right(role, right_id)
if right is None:
await role.right.add(right)
resp.status_code = 200
else:
resp.status_code = 304
except DoesNotExist as error:
resp.status_code = 404
resp.text = str(error)
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_delete(self, req: Request, resp: Response, *, role_id: int,
right_id: int):
"""
Removing a right from a role.
"""
try:
role = await Role.get(id=role_id).prefetch_related("rights")
right = _find_right(role, right_id)
if right is not None:
await role.rights.remove(right)
resp.status_code = 200
else:
resp.status_code = 304 # Not Modified
except DoesNotExist as error:
error_response(
resp,
404,
f"Role (id={role_id}) or right (id={right_id}) not found",
error,
)
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_put(self, req: Request, resp: Response, *,
role_id: int) -> None:
"""
Updates the role
"""
data = await req.media()
if not isinstance(data, dict):
resp.status_code = 400 # Bad_Request
resp.text = "Bad formatted body content"
return
try:
role = await models.Role.get(id=role_id)
role.update(data)
await role.save()
# filter_fields = self.get_filter_fields(req)
RoleModel.from_orm(role).send_json(resp)
resp.status_code = 200
except DoesNotExist:
error_response(resp, 404, f"No role with id {role_id} found.")
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_get(self, req: Request, resp: Response, *, unit_id: int):
"""
Get an unit identified by its ID
"""
logger.debug("Requesting unit with id %d", unit_id)
# First check, if this is a valid course which exists
db_unit: models.Unit = await models.Unit.get_or_none(id=unit_id)
# If not, send a 404 response
if db_unit is None:
logger.error("UNit not found.")
resp.status_code = 404
resp.text = f"Unit with id {unit_id} not found."
else:
UnitModel.from_orm(db_unit).send_json(resp)
async def on_get(self, req: Request, resp: Response) -> None:
"""
Get all rights that are associated to this user via roles.
The response contains an array of strings with the distinct
names of the rights.
"""
try:
resp.media = await get_user_rights(self.current_user)
resp.status_code = 200
except Exception as error: # pylint: disable=broad-except
logger.exception(
"Error occurred requesting rights for current user.%s",
self.current_user,
exc_info=error,
stack_info=True,
)
error_response(resp, 500, str(error))
async def on_put(self, req: Request, resp: Response, *, course_id: int) -> None:
"""
Updates the course.
The current course, specified by the ``course_id`` is updated
the the json data of the body.
The fields id, created_at, modified_at are ignored, as they can
not be updated.
"""
data = await req.media()
# That's not the most elegant version. The two
# attributes are write protected, so I pop
# the two values from the data dict (if present).
data.pop("created_at", None)
data.pop("modified_at", None)
# We also pop the id of the provided json data
# as we want to make shure, that the id of the
# url is used.
data.pop("id", None)
if not isinstance(data, dict):
resp.status_code = 400 # Bad_Request
resp.text = "Bad formatted body content"
return
try:
course: models.Course = await models.Course.get(id=course_id)
course.modified_at = datetime.utcnow()
course.update(data)
course.id = int(course_id)
logger.debug(data)
await course.save()
CourseModel.from_orm(course).send_json(resp)
except DoesNotExist:
error_response(resp, 404, f"No course with id {course_id} found.")
except Exception as error: # pylint: disable=W0703
logger.exception("Could not update course.")
error_response(resp, 500, str(error))
async def on_get(self, req: Request, resp: Response, *, course_id: int):
"""
Returns all units for this course
"""
try:
# First check, if the course exists
course = await models.Course.get_or_none(id=course_id)
if course is None:
resp.status_code = 404
resp.text = f"Course with id {course_id} not found."
return
units = await models.Unit.filter(course=course
).order_by("position")
# filter_fields = self.get_filter_fields(req)
UnitModel.list_model([UnitModel.from_orm(unit)
for unit in units]).send_json(resp)
except Exception as error: # pylint: disable=W0703
logger.exception("Cannot get units for course %d", course_id)
error_response(resp, 500, str(error))
async def on_get(self, req: Request, resp: Response, *, user_id: int,
role_id: int):
"""
Get a role, that is associated to a certain user.
The requested user is specified by the id. If no user is found a status of 404 is
send back.
:param int user_id: The id of the user
:param int role_id: the id of the role
"""
try:
role = await Role.get(id=role_id, users__id=user_id)
# filter_fields = self.get_filter_fields(req)
RoleModel.from_orm(role).send_json(resp)
except DoesNotExist:
resp.status_code = 404
except Exception as error: # pylint: disable=W0703
error_response(resp, 500, str(error))
async def on_delete(self, req: Request, resp: Response, *, unit_id: int):
"""
Delete an unit identified by its ID
"""
try:
db_unit: models.Unit = await models.Unit.get_or_none(id=unit_id)
if db_unit is None:
resp.status_code = 404
resp.text = f"Unit with id {unit_id} does not exist."
else:
await db_unit.delete()
# filter_fields = self.get_filter_fields(req)
UnitModel.from_orm(db_unit).send_json(resp)
except DoesNotExist:
error_response(resp, 404,
f"Unit with id {unit_id} does not exist.")
except Exception as error: # pylint: disable=W0703
logger.exception("Could not delete unit with id %d", unit_id)
error_response(resp, 500, str(error))
async def on_put(self, req: Request, resp: Response, *, unit_id: int):
"""
Update an unit identified by its ID
"""
db_unit: models.Unit = await models.Unit.get_or_none(id=unit_id)
if db_unit is None:
resp.status_code = 404
resp.text = f"Unit with id {unit_id} does not exist."
else:
data = await req.media()
# That's not the most elegant version. The two
# attributes are write protected, so I pop
# the two values from the data dict (if present).
data.pop("created_at", None)
data.pop("modified_at", None)
db_unit.update(data)
db_unit.modified_at = datetime.utcnow()
await db_unit.save()
UnitModel.from_orm(db_unit).send_json(resp)
