def edit_item(id): requester = get_requesting_user() if requester is None: response = make_not_authorized_response() elif not is_integer(id): response = make_bad_request_response() else: id = int(id) data = request.json data_id = data.get('id', None) if data_id is not None and int(data_id) != id: response = make_bad_request_response() else: if id is None: item = None else: item = store.session.query(Item).filter_by(id=id).first() if item is None: response = make_not_found_response() else: if item.has_admin_rights(requester): try: item.admin_deserialize_update(data) store.session.add(item) logger.debug('calling on_edit on {0}'.format(item)) item.on_edit(requester, unchanged=not store.session.dirty) store.session.commit() response = make_single_response(requester, item) except ValidationException as e: response = make_bad_request_response(str(e)) else: response = make_forbidden_response() return response
def get_search_results(id, page): page = int(page) requester = get_requesting_user() if requester is None: raise Unauthorized() elif not is_integer(id): raise BadRequest() else: search = store.session.query(Search).filter_by(id=id).first() if search is None: raise NotFound() else: if search.has_admin_rights(requester): matching_searches = search_utils.find_matching_searches(search, page) serialized = [ search.serialize( requester, exclude=[], ) for search in matching_searches ] response = {'data': serialized} else: raise Forbidden() return response
def get_search_results(id, page): page = int(page) requester = get_requesting_user() if requester is None: response = base_routes.make_not_authorized_response() elif not is_integer(id): response = base_routes.make_bad_request_response() else: search = store.session.query(Search).filter_by(id=id).first() if search is None: response = base_routes.make_not_found_response() else: if search.has_admin_rights(requester): matching_searches = search_utils.find_matching_searches( search, page) serialized = [ search.serialize( requester, exclude=[], ) for search in matching_searches ] response_data = {'data': serialized} response = jsonify(response_data) else: response = base_routes.make_forbidden_response() return response
def edit_item(id, store=None): requester = get_requesting_user() if requester is None: raise Unauthorized() elif not is_integer(id): raise BadRequest() else: id = int(id) data = request.json data_id = data.get('id', None) if data_id is not None and int(data_id) != id: raise BadRequest() else: if id is None: item = None else: item = store.session.query(Item).filter_by(id=id).first() if item is None: raise NotFound() else: if item.has_admin_rights(requester): try: item.admin_deserialize_update(data) store.session.add(item) item.on_edit(requester, unchanged=not store.session.dirty) store.session.commit() response = make_single_response(requester, item) except ValidationException as e: raise BadRequest(str(e)) else: raise Forbidden() return response
def get_search_results(id, page): page = int(page) requester = get_requesting_user() if requester is None: response = base_routes.make_not_authorized_response() elif not is_integer(id): response = base_routes.make_bad_request_response() else: search = store.session.query(Search).filter_by(id=id).first() if search is None: response = base_routes.make_not_found_response() else: if search.has_admin_rights(requester): matching_searches = search_utils.find_matching_searches(search, page) serialized = [ search.serialize( requester, exclude=[], ) for search in matching_searches ] response_data = {'data': serialized} response = jsonify(response_data) else: response = base_routes.make_forbidden_response() return response
def get_item(id): requester = get_requesting_user() if requester is None: response = make_not_authorized_response() elif not is_integer(id): response = make_bad_request_user() else: item = store.session.query(Item).filter_by(id=id, active=True).first() if item is None: response = make_not_found_response() else: response = make_single_response(requester, item) return response
def delete_item(id): requester = get_requesting_user() if requester is None: response = make_not_authorized_response() elif not is_integer(id): response = make_bad_request_response() else: id = int(id) item = store.session.query(Item).filter_by(id=id).first() if item is None: response = make_not_found_response() else: if item.has_delete_rights(requester): item.delete(requester) store.session.commit() response = make_single_response(requester, item) else: response = make_forbidden_response() return response
def delete_item(id, store=None): requester = get_requesting_user() if requester is None: raise Unauthorized() elif not is_integer(id): raise BadRequest() else: id = int(id) item = store.session.query(Item).filter_by(id=id).first() if item is None: raise NotFound() else: if item.has_delete_rights(requester): item.delete(requester) store.session.commit() response = make_single_response(requester, item) else: raise Forbidden() return response