def read(self, userName): theUser = SSUser.readByName(userName) if not theUser: return error("User %s does not exist" % userName, UserDoesNotExistError) loggedInUser = SSUser.read(helper.getLoggedInUser()) canReadFull = loggedInUser.canReadFull(theUser) return data(theUser.toDict((loggedInUser and canReadFull)))
def groups(self, userName, start=None, end=None, limit=25): loggedInUser = helper.getLoggedInUser() theUser = SSUser.read(loggedInUser) otherUser = SSUser.readByName(userName) if loggedInUser == otherUser.id or theUser.isAdmin(): return data(otherUser.groups(start=start, end=end, limit=limit)) else: return error("You don't have permission to view this user's groups.", PermissionError)
def unreadCount(self, userName): loggedInUser = helper.getLoggedInUser() theUser = SSUser.read(loggedInUser) otherUser = SSUser.readByName(userName) if loggedInUser == otherUser.id or theUser.isAdmin(): return data(theUser.unreadCount()) else: return error("You do not have permission to view this user's unread count.", PermissionError)
def unfollow(self, userName): theUser = SSUser.read(helper.getLoggedInUser()) followed = SSUser.readByName(userName) if theUser.id == followed.id: return error("You cannot unfollow yourself.", FollowError) else: theUser.unfollow(followed) return data(followed)
def unfollow(self, userName): theUser = SSUser.read(helper.getLoggedInUser()) followed = SSUser.readByName(userName) if theUser.id == followed.id: return error("You cannot unfollow yourself.", FollowError) else: theUser.unfollow(followed) return data(followed)
def read(self, userName): theUser = SSUser.readByName(userName) if not theUser: return error("User %s does not exist" % userName, UserDoesNotExistError) loggedInUser = SSUser.read(helper.getLoggedInUser()) canReadFull = loggedInUser.canReadFull(theUser) return data(theUser.toDict((loggedInUser and canReadFull)))
def update(self, userName): theUser = SSUser.readByName(userName) if not theUser: return error("User %s does not exist" % userName, UserDoesNotExistError) loggedInUser = SSUser.read(helper.getLoggedInUser()) if loggedInUser and loggedInUser.canModify(theUser): theData = json.loads(helper.getRequestBody()) return data(theUser.update(theData)) else: return error("Operation not permitted. You don't have permission to update this account.")
def groups(self, userName, start=None, end=None, limit=25): loggedInUser = helper.getLoggedInUser() theUser = SSUser.read(loggedInUser) otherUser = SSUser.readByName(userName) if loggedInUser == otherUser.id or theUser.isAdmin(): return data(otherUser.groups(start=start, end=end, limit=limit)) else: return error( "You don't have permission to view this user's groups.", PermissionError)
def unreadCount(self, userName): loggedInUser = helper.getLoggedInUser() theUser = SSUser.read(loggedInUser) otherUser = SSUser.readByName(userName) if loggedInUser == otherUser.id or theUser.isAdmin(): return data(theUser.unreadCount()) else: return error( "You do not have permission to view this user's unread count.", PermissionError)
def delete(self, userName): theUser = SSUser.readByName(userName) if not theUser: return error("User %s does not exist" % userName, UserDoesNotExistError) loggedInUser = SSUser.read(helper.getLoggedInUser()) if loggedInUser and loggedInUser.canModify(theUser): if theUser.id == loggedInUser.id: helper.setLoggedInUser(None) theUser.delete() return ack else: return error("Operation not permitted. You don't have permission to delete this account.")
def update(self, userName): theUser = SSUser.readByName(userName) if not theUser: return error("User %s does not exist" % userName, UserDoesNotExistError) loggedInUser = SSUser.read(helper.getLoggedInUser()) if loggedInUser and loggedInUser.canModify(theUser): theData = json.loads(helper.getRequestBody()) return data(theUser.update(theData)) else: return error( "Operation not permitted. You don't have permission to update this account." )
def shifts(self, userName, start=None, end=None, limit=25, filter=False, query=None): loggedInUser = helper.getLoggedInUser() theUser = SSUser.read(loggedInUser) otherUser = SSUser.readByName(userName) if query != None: query = json.loads(query) if loggedInUser == otherUser.id or theUser.isAdmin(): return data(otherUser.shifts(start=start, end=end, limit=limit, filter=filter, query=query)) else: return error("You don't have permission to view this user's shifts.", PermissionError)
def login(self, userName, password): loggedInUser = helper.getLoggedInUser() if not loggedInUser: theUser = SSUser.readByName(userName) if not theUser: return error("Invalid user name.", InvalidUserNameError) if theUser and (theUser.password == md5hash(password)): helper.setLoggedInUser(theUser.id) # TODO: perhaps don't update yet, might want to use for unread counts - David theUser.updateLastSeen() return data(theUser) else: return error("Incorrect password.", IncorrectPasswordError) else: return error("Already logged in.", AlreadyLoggedInError)
def login(self, userName, password): loggedInUser = helper.getLoggedInUser() if not loggedInUser: theUser = SSUser.readByName(userName) if not theUser: return error("Invalid user name.", InvalidUserNameError) if theUser and (theUser.password == md5hash(password)): helper.setLoggedInUser(theUser.id) # TODO: perhaps don't update yet, might want to use for unread counts - David theUser.updateLastSeen() return data(theUser) else: return error("Incorrect password.", IncorrectPasswordError) else: return error("Already logged in.", AlreadyLoggedInError)
def delete(self, userName): theUser = SSUser.readByName(userName) if not theUser: return error("User %s does not exist" % userName, UserDoesNotExistError) loggedInUser = SSUser.read(helper.getLoggedInUser()) if loggedInUser and loggedInUser.canModify(theUser): if theUser.id == loggedInUser.id: helper.setLoggedInUser(None) theUser.delete() return ack else: return error( "Operation not permitted. You don't have permission to delete this account." )
def shifts(self, userName, start=None, end=None, limit=25, filter=False, query=None): loggedInUser = helper.getLoggedInUser() theUser = SSUser.read(loggedInUser) otherUser = SSUser.readByName(userName) if query != None: query = json.loads(query) if loggedInUser == otherUser.id or theUser.isAdmin(): return data( otherUser.shifts(start=start, end=end, limit=limit, filter=filter, query=query)) else: return error( "You don't have permission to view this user's shifts.", PermissionError)
def info(self, userName): theUser = SSUser.readByName(userName) return data(theUser.info())
def info(self, userName): theUser = SSUser.readByName(userName) return data(theUser.info())
def resolveResource(self, userName): theUser = SSUser.readByName(userName) return (theUser and theUser.id)
def resolveResource(self, userName): theUser = SSUser.readByName(userName) return (theUser and theUser.id)