def publish(foreign_id):
"""Make a collection visible to all users."""
collection = get_collection(foreign_id)
role = Role.by_foreign_id(Role.SYSTEM_GUEST)
editor = Role.load_cli_user()
update_permission(role, collection, True, False, editor_id=editor.id)
update_collection(collection)
def publish(foreign_id):
"""Make a collection visible to all users."""
collection = Collection.by_foreign_id(foreign_id)
if collection is None:
raise ValueError("No such collection: %r" % foreign_id)
role = Role.by_foreign_id(Role.SYSTEM_GUEST)
update_permission(role, collection, True, False)
db.session.commit()
def publish(foreign_id):
"""Make a collection visible to all users."""
collection = Collection.by_foreign_id(foreign_id)
if collection is None:
raise ValueError("No such collection: %r" % foreign_id)
role = Role.by_foreign_id(Role.SYSTEM_GUEST)
editor = Role.load_cli_user()
update_permission(role, collection, True, False, editor_id=editor.id)
update_collection(collection)
def update(collection_id):
"""
---
post:
summary: Update permissions for a collection
description: >
Update permissions for the collection with id `collection_id`
parameters:
- in: path
name: collection_id
required: true
schema:
type: integer
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PermissionUpdateList'
responses:
'200':
description: OK
content:
application/json:
schema:
type: object
allOf:
- $ref: '#/components/schemas/QueryResponse'
properties:
results:
type: array
items:
$ref: '#/components/schemas/Permission'
tags:
- Permission
- Collection
"""
collection = get_db_collection(collection_id, request.authz.WRITE)
for permission in parse_request("PermissionUpdateList"):
role_obj = ensure_dict(permission.get("role"))
role_id = permission.get("role_id", role_obj.get("id"))
role = Role.by_id(role_id)
if not check_visible(role, request.authz):
continue
if role.is_public:
permission["write"] = False
if collection.casefile and role.is_public:
permission["read"] = False
update_permission(
role,
collection,
permission["read"],
permission["write"],
editor_id=request.authz.id,
)
update_collection(collection)
return index(collection_id)
def permissions_update(id):
collection = get_db_collection(id, request.authz.WRITE)
for permission in parse_request(PermissionSchema, many=True):
role_id = permission.get('role', {}).get('id')
role = Role.by_id(role_id).first()
if not check_visible(role, request.authz):
continue
update_permission(role,
collection,
permission['read'],
permission['write'])
update_collection(collection, roles=True)
return permissions_index(id)
def permissions_update(id):
collection = get_db_collection(id, request.authz.WRITE)
for permission in parse_request(PermissionSchema, many=True):
role_id = permission.get('role', {}).get('id')
role = Role.by_id(role_id)
if not check_visible(role, request.authz):
continue
update_permission(role,
collection,
permission['read'],
permission['write'],
editor=request.authz.role)
update_collection(collection)
update_collection_access.apply_async([collection.id], priority=8)
return permissions_index(id)
def update(id):
collection = get_db_collection(id, request.authz.WRITE)
for permission in parse_request(PermissionSchema, many=True):
role = Role.by_id(permission.get('role_id'))
if not check_visible(role, request.authz):
continue
if role.is_public:
permission['write'] = False
if collection.casefile and role.is_public:
permission['read'] = False
update_permission(role,
collection,
permission['read'],
permission['write'],
editor_id=request.authz.id)
update_collection(collection)
return index(id)
def permissions_update(id):
# TODO: consider using a list to bundle permission writes
collection = get_db_collection(id, request.authz.WRITE)
data = parse_request(schema=PermissionSchema)
role = Role.all().filter(Role.id == data['role']['id']).first()
if role is None or not check_visible(role, request.authz):
raise BadRequest()
perm = update_permission(role, collection, data['read'], data['write'])
return jsonify({'status': 'ok', 'updated': PermissionSchema().dump(perm)})
def update(id):
collection = get_db_collection(id, request.authz.WRITE)
for permission in parse_request(PermissionSchema, many=True):
role_id = permission.get('role_id')
role = Role.by_id(role_id)
if not check_visible(role, request.authz):
continue
if role.is_public:
permission['write'] = False
if collection.casefile and role.is_public:
permission['read'] = False
update_permission(role,
collection,
permission['read'],
permission['write'],
editor_id=request.authz.id)
update_collection(collection)
return index(id)
def permissions_update(collection):
request.authz.require(request.authz.collection_write(collection))
data = request_data()
validate(data, 'permission.json#')
role = Role.all().filter(Role.id == data['role_id']).first()
collection = Collection.by_id(collection)
if role is None or collection is None:
raise BadRequest()
request.authz.require(check_visible(role))
perm = update_permission(role, collection, data['read'], data['write'])
log_event(request)
return jsonify({'status': 'ok', 'updated': perm})