def delete_resource(request):
resource = ar.get_resource_matchdict_checked(request)
service_push = asbool(
ar.get_multiformat_body(request, "service_push", default=False))
res_content = {"resource": format_resource(resource, basic_info=True)}
ax.evaluate_call(
lambda: models.RESOURCE_TREE_SERVICE.delete_branch(
resource_id=resource.resource_id, db_session=request.db),
fallback=lambda: request.db.rollback(),
http_error=HTTPForbidden,
msg_on_fail="Delete resource branch from tree service failed.",
content=res_content)
def remove_service_magpie_and_phoenix(res, svc_push, db):
if res.resource_type != "service":
svc_push = False
db.delete(res)
if svc_push:
sync_services_phoenix(db.query(models.Service))
ax.evaluate_call(
lambda: remove_service_magpie_and_phoenix(resource, service_push,
request.db),
fallback=lambda: request.db.rollback(),
http_error=HTTPForbidden,
msg_on_fail=s.Resource_DELETE_ForbiddenResponseSchema.description,
content=res_content)
return ax.valid_http(http_success=HTTPOk,
detail=s.Resource_DELETE_OkResponseSchema.description)
def delete_user_resource_permission_name_view(request):
"""
Delete a permission by name from a resource for a user (not including his groups permissions).
"""
user = ar.get_user_matchdict_checked_or_logged(request)
resource = ar.get_resource_matchdict_checked(request)
permission = ar.get_permission_matchdict_checked(request, resource)
return uu.delete_user_resource_permission_response(user, resource,
permission, request.db)
def get_group_resource_permissions_view(request):
"""
List all permissions a group has on a specific resource.
"""
group = ar.get_group_matchdict_checked(request)
resource = ar.get_resource_matchdict_checked(request)
return gu.get_group_resource_permissions_response(group,
resource,
db_session=request.db)
def create_user_resource_permission_view(request):
"""
Create a permission on specific resource for a user.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
resource = ar.get_resource_matchdict_checked(request)
permission = ar.get_permission_multiformat_post_checked(request, resource)
return uu.create_user_resource_permission_response(user, resource,
permission, request.db)
def get_resource_view(request):
"""
Get resource information.
"""
resource = ar.get_resource_matchdict_checked(request)
res_json = ax.evaluate_call(lambda: rf.format_resource_with_children(resource, db_session=request.db),
fallback=lambda: request.db.rollback(), httpError=HTTPInternalServerError,
msgOnFail=s.Resource_GET_InternalServerErrorResponseSchema.description,
content={u"resource": rf.format_resource(resource, basic_info=True)})
return ax.valid_http(httpSuccess=HTTPOk, content={"resource": res_json},
detail=s.Resource_GET_OkResponseSchema.description)
def get_resource_permissions_view(request):
"""
List all applicable permissions for a resource.
"""
resource = ar.get_resource_matchdict_checked(request, "resource_id")
res_perm = ax.evaluate_call(lambda: ru.get_resource_permissions(resource, db_session=request.db),
fallback=lambda: request.db.rollback(), httpError=HTTPBadRequest,
msgOnFail=s.ResourcePermissions_GET_BadRequestResponseSchema.description,
content={u"resource": rf.format_resource(resource, basic_info=True)})
return ax.valid_http(httpSuccess=HTTPOk, detail=s.ResourcePermissions_GET_OkResponseSchema.description,
content={u"permission_names": format_permissions(res_perm)})
def delete_group_resource_permission_name_view(request):
"""
Delete a permission by name from a specific resource for a group.
"""
group = ar.get_group_matchdict_checked(request)
resource = ar.get_resource_matchdict_checked(request)
permission = ar.get_permission_matchdict_checked(request, resource)
return gu.delete_group_resource_permission_response(group,
resource,
permission,
db_session=request.db)
def create_group_resource_permissions_view(request):
"""
Create a permission on a specific resource for a group.
"""
group = ar.get_group_matchdict_checked(request)
resource = ar.get_resource_matchdict_checked(request)
permission = ar.get_permission_multiformat_body_checked(request, resource)
return gu.create_group_resource_permission_response(group,
resource,
permission,
db_session=request.db)
def replace_user_resource_permissions_view(request):
"""
Create or modify an existing permission on a resource for a user.
Can be used to adjust permission modifiers.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
resource = ar.get_resource_matchdict_checked(request)
permission = ar.get_permission_multiformat_body_checked(request, resource)
return uu.create_user_resource_permission_response(user,
resource,
permission,
request.db,
overwrite=True)
def replace_group_resource_permissions_view(request):
"""
Create or modify an existing permission on a resource for a group.
Can be used to adjust permission modifiers.
"""
group = ar.get_group_matchdict_checked(request)
resource = ar.get_resource_matchdict_checked(request)
permission = ar.get_permission_multiformat_body_checked(request, resource)
return gu.create_group_resource_permission_response(group,
resource,
permission,
request.db,
overwrite=True)
def get_user_resource_permissions_view(request):
"""
List all permissions a user has on a specific resource.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
resource = ar.get_resource_matchdict_checked(request, "resource_id")
inherit_groups_perms = asbool(ar.get_query_param(request, "inherit"))
effective_perms = asbool(ar.get_query_param(request, "effective"))
return uu.get_user_resource_permissions_response(
user,
resource,
request,
inherit_groups_permissions=inherit_groups_perms,
effective_permissions=effective_perms)
def update_resource(request):
"""
Update a resource information.
"""
resource = ar.get_resource_matchdict_checked(request, "resource_id")
service_push = asbool(ar.get_multiformat_post(request, "service_push"))
res_old_name = resource.resource_name
res_new_name = ar.get_value_multiformat_post_checked(request, "resource_name")
def rename_service_magpie_and_phoenix(res, new_name, svc_push, db):
if res.resource_type != "service":
svc_push = False
res.resource_name = new_name
if svc_push:
sync_services_phoenix(db.query(models.Service))
ax.evaluate_call(lambda: rename_service_magpie_and_phoenix(resource, res_new_name, service_push, request.db),
fallback=lambda: request.db.rollback(), httpError=HTTPForbidden,
msgOnFail=s.Resource_PUT_ForbiddenResponseSchema.description,
content={u"resource_id": resource.resource_id, u"resource_name": resource.resource_name,
u"old_resource_name": res_old_name, u"new_resource_name": res_new_name})
return ax.valid_http(httpSuccess=HTTPOk, detail=s.Resource_PUT_OkResponseSchema.description,
content={u"resource_id": resource.resource_id, u"resource_name": resource.resource_name,
u"old_resource_name": res_old_name, u"new_resource_name": res_new_name})
def update_resource(request):
"""
Update a resource information.
"""
resource = ar.get_resource_matchdict_checked(request, "resource_id")
service_push = asbool(
ar.get_multiformat_body(request, "service_push", default=False))
res_old_name = resource.resource_name
res_new_name = ar.get_value_multiformat_body_checked(
request, "resource_name")
ax.verify_param(
res_new_name,
not_equal=True,
param_compare=res_old_name,
param_name="resource_name",
http_error=HTTPBadRequest,
msg_on_fail=s.Resource_PATCH_BadRequestResponseSchema.description)
db_session = request.db
# check for conflicting name, either with services or children resources
err_msg = s.Resource_PATCH_ConflictResponseSchema.description
is_res_svc = resource.resource_type == models.Service.resource_type_name
if is_res_svc:
all_services = db_session.query(models.Service)
all_svc_names = [svc.resource_name for svc in all_services]
ax.verify_param(res_new_name,
not_in=True,
param_compare=all_svc_names,
with_param=False,
http_error=HTTPConflict,
content={"resource_name": str(res_new_name)},
msg_on_fail=err_msg)
else:
ru.check_unique_child_resource_name(res_new_name,
resource.parent_id,
err_msg,
db_session=db_session)
def rename_service_magpie_and_phoenix():
resource.resource_name = res_new_name
if is_res_svc and service_push:
sync_services_phoenix(all_services)
ax.evaluate_call(
lambda: rename_service_magpie_and_phoenix(),
fallback=lambda: db_session.rollback(),
http_error=HTTPForbidden,
msg_on_fail=s.Resource_PATCH_ForbiddenResponseSchema.description,
content={
"resource_id": resource.resource_id,
"resource_name": resource.resource_name,
"old_resource_name": res_old_name,
"new_resource_name": res_new_name
})
return ax.valid_http(http_success=HTTPOk,
detail=s.Resource_PATCH_OkResponseSchema.description,
content={
"resource_id": resource.resource_id,
"resource_name": resource.resource_name,
"old_resource_name": res_old_name,
"new_resource_name": res_new_name
})