def status():
return jsonify({
'logged_in': authz.logged_in(),
'api_key': current_user.api_key if authz.logged_in() else None,
'user': current_user if authz.logged_in() else None,
'permissions': {
READ: authz.system_read(),
EDIT: authz.system_edit(),
MANAGE: authz.system_manage()
},
'logout': url_for('.logout')
})
def update(id):
user = obj_or_404(User.by_id(id))
authz.require(user.id == current_user.id or authz.system_manage())
user.update(request_data())
db.session.commit()
return jsonify(user)
def index():
authz.require(authz.system_manage())
users = list(User.all())
return jsonify({'results': users, 'total': len(users)})
