def read(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName, UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
canReadFull = loggedInUser.canReadFull(theUser)
return data(theUser.toDict((loggedInUser and canReadFull)))
def groups(self, userName, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(otherUser.groups(start=start, end=end, limit=limit))
else:
return error("You don't have permission to view this user's groups.", PermissionError)
def unreadCount(self, userName):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(theUser.unreadCount())
else:
return error("You do not have permission to view this user's unread count.", PermissionError)
def unfollow(self, userName):
theUser = SSUser.read(helper.getLoggedInUser())
followed = SSUser.readByName(userName)
if theUser.id == followed.id:
return error("You cannot unfollow yourself.", FollowError)
else:
theUser.unfollow(followed)
return data(followed)
def unfollow(self, userName):
theUser = SSUser.read(helper.getLoggedInUser())
followed = SSUser.readByName(userName)
if theUser.id == followed.id:
return error("You cannot unfollow yourself.", FollowError)
else:
theUser.unfollow(followed)
return data(followed)
def read(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName,
UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
canReadFull = loggedInUser.canReadFull(theUser)
return data(theUser.toDict((loggedInUser and canReadFull)))
def update(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName, UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
theData = json.loads(helper.getRequestBody())
return data(theUser.update(theData))
else:
return error("Operation not permitted. You don't have permission to update this account.")
def groups(self, userName, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(otherUser.groups(start=start, end=end, limit=limit))
else:
return error(
"You don't have permission to view this user's groups.",
PermissionError)
def unreadCount(self, userName):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(theUser.unreadCount())
else:
return error(
"You do not have permission to view this user's unread count.",
PermissionError)
def delete(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName, UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
if theUser.id == loggedInUser.id:
helper.setLoggedInUser(None)
theUser.delete()
return ack
else:
return error("Operation not permitted. You don't have permission to delete this account.")
def update(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName,
UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
theData = json.loads(helper.getRequestBody())
return data(theUser.update(theData))
else:
return error(
"Operation not permitted. You don't have permission to update this account."
)
def shifts(self, userName, start=None, end=None, limit=25, filter=False, query=None):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if query != None:
query = json.loads(query)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(otherUser.shifts(start=start,
end=end,
limit=limit,
filter=filter,
query=query))
else:
return error("You don't have permission to view this user's shifts.", PermissionError)
def login(self, userName, password):
loggedInUser = helper.getLoggedInUser()
if not loggedInUser:
theUser = SSUser.readByName(userName)
if not theUser:
return error("Invalid user name.", InvalidUserNameError)
if theUser and (theUser.password == md5hash(password)):
helper.setLoggedInUser(theUser.id)
# TODO: perhaps don't update yet, might want to use for unread counts - David
theUser.updateLastSeen()
return data(theUser)
else:
return error("Incorrect password.", IncorrectPasswordError)
else:
return error("Already logged in.", AlreadyLoggedInError)
def login(self, userName, password):
loggedInUser = helper.getLoggedInUser()
if not loggedInUser:
theUser = SSUser.readByName(userName)
if not theUser:
return error("Invalid user name.", InvalidUserNameError)
if theUser and (theUser.password == md5hash(password)):
helper.setLoggedInUser(theUser.id)
# TODO: perhaps don't update yet, might want to use for unread counts - David
theUser.updateLastSeen()
return data(theUser)
else:
return error("Incorrect password.", IncorrectPasswordError)
else:
return error("Already logged in.", AlreadyLoggedInError)
def delete(self, userName):
theUser = SSUser.readByName(userName)
if not theUser:
return error("User %s does not exist" % userName,
UserDoesNotExistError)
loggedInUser = SSUser.read(helper.getLoggedInUser())
if loggedInUser and loggedInUser.canModify(theUser):
if theUser.id == loggedInUser.id:
helper.setLoggedInUser(None)
theUser.delete()
return ack
else:
return error(
"Operation not permitted. You don't have permission to delete this account."
)
def shifts(self,
userName,
start=None,
end=None,
limit=25,
filter=False,
query=None):
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
otherUser = SSUser.readByName(userName)
if query != None:
query = json.loads(query)
if loggedInUser == otherUser.id or theUser.isAdmin():
return data(
otherUser.shifts(start=start,
end=end,
limit=limit,
filter=filter,
query=query))
else:
return error(
"You don't have permission to view this user's shifts.",
PermissionError)
def info(self, userName):
theUser = SSUser.readByName(userName)
return data(theUser.info())
def info(self, userName):
theUser = SSUser.readByName(userName)
return data(theUser.info())
def resolveResource(self, userName):
theUser = SSUser.readByName(userName)
return (theUser and theUser.id)
def resolveResource(self, userName):
theUser = SSUser.readByName(userName)
return (theUser and theUser.id)
