def do(data, resource):
body = {}
params = data['params']
user = data.get('user', None)
if user:
user_id = user.get('id', None)
else:
user_id = None
partition = params.get('partition', None)
item = params.get('item', {})
if 'owner' not in item:
item['owner'] = user_id
item = {
key: value
for key, value in item.items() if value or value is False
}
# Check partition has been existed
if resource.db_get_item(partition):
if match_policy_after_get_policy_code(resource, 'create', partition,
user, item):
resource.db_put_item(partition, item)
body['item_id'] = item.get('id', None)
return body
else:
body['error'] = error.PERMISSION_DENIED
return body
body['error'] = error.NO_SUCH_PARTITION
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
user_id = user.get('id', None)
partition = params.get('partition', None)
item = params.get('item', {})
read_groups = params.get('read_groups', [])
write_groups = params.get('write_groups', [])
read_groups = list(set(read_groups))
write_groups = list(set(write_groups))
if 'read_groups' not in read_groups:
item['read_groups'] = read_groups
if 'write_groups' not in item:
item['write_groups'] = write_groups
if 'owner' not in item:
item['owner'] = user_id
# Check partition has been existed
if resource.db_get_item(partition):
if match_policy_after_get_policy_code(resource, 'create', partition,
user, item):
resource.db_put_item(partition, item)
body['item_id'] = item.get('id', None)
return Response(body)
else:
body['error'] = error.PERMISSION_DENIED
return Response(body)
body['error'] = error.NO_SUCH_PARTITION
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
item = resource.db_get_item(item_id)
if item is None:
body['error'] = error.NO_SUCH_ITEM
return body
# 시스템 파티션 제한
if database_can_not_access_to_item(item['partition']):
body['error'] = error.PERMISSION_DENIED
return body
# 등록된 파티션이 아닌경우
if not resource.db_has_partition(item['partition']):
body['item'] = None
body['error'] = error.UNREGISTERED_PARTITION
return body
if match_policy_after_get_policy_code(resource, 'delete', item['partition'], user, item):
success = resource.db_delete_item(item_id)
body['success'] = success
else:
body['message'] = error.PERMISSION_DENIED
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
field_name = params.get('field_name', None)
field_value = params.get('field_value', None)
item = resource.db_get_item(item_id)
# 시스템 파티션 접근 제한
if database_can_not_access_to_item(item['partition']):
body['error'] = error.PERMISSION_DENIED
return body
if not resource.db_has_partition(item['partition']):
body['error'] = error.NO_SUCH_PARTITION
return body
new_item = {
'id': item_id,
field_name: field_value,
'partition': item['partition'],
'creation_date': item.get('creation_date', 0)
}
if match_policy_after_get_policy_code(resource,
'update',
item['partition'],
user,
item,
new_item=new_item):
index_keys = util.get_index_keys_to_index(resource, user,
item['partition'], 'w')
# 소트키는 무조건 업데이트시 포함해야함.
sort_keys = util.get_sort_keys(resource)
for sort_key in sort_keys:
s_key = sort_key.get('sort_key', None)
if s_key and s_key not in new_item and item.get(s_key,
None) is not None:
new_item[s_key] = item.get(s_key, None)
success = resource.db_update_item_v2(item_id,
new_item,
index_keys=index_keys,
sort_keys=sort_keys)
body['success'] = success
else:
body['error'] = error.PERMISSION_DENIED
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
item = resource.db_get_item(item_id)
if match_policy_after_get_policy_code(resource, 'read', item['partition'], user, item):
body['item'] = item
else:
body['error'] = error.PERMISSION_DENIED
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
join = params.get('join', {})
if not item_id:
body['item'] = None
body['error'] = error.INVALID_ITEM_ID
return body
item = resource.db_get_item(item_id)
if item is None:
body['item'] = None
body['error'] = error.NO_SUCH_ITEM
return body
# 등록된 파티션이 아닌경우
if not resource.db_has_partition(item['partition']):
body['item'] = None
body['error'] = error.UNREGISTERED_PARTITION
return body
# Join 유효성 검사
policy_code = get_policy_code(resource, item['partition'], 'join')
if not match_policy(policy_code, user, join):
body['item'] = None
body['error'] = error.JOIN_POLICY_VIOLATION
return body
# 읽기 권한 검사
if match_policy_after_get_policy_code(resource, 'read', item['partition'],
user, item):
if join:
util.join_item(resource, user, item, join)
body['item'] = item
else:
body['error'] = error.PERMISSION_DENIED
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
item = resource.db_get_item(item_id)
if item is None:
body['error'] = error.NO_SUCH_ITEM
return Response(body)
if database_can_not_access_to_item(item):
body['error'] = error.PERMISSION_DENIED
return Response(body)
if match_policy_after_get_policy_code(resource, 'delete',
item['partition'], user, item):
success = resource.db_delete_item(item_id)
body['success'] = success
else:
body['message'] = error.PERMISSION_DENIED
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user = data.get('user', None)
if user:
user_id = user.get('id', None)
else:
user_id = None
partition = params.get('partition', None)
item = params.get('item', {})
item['id'] = uuid()
if 'owner' not in item:
item['owner'] = user_id
item = {key: value for key, value in item.items() if value != '' and value != {} and value != []}
# 시스템 파티션 접근 제한
if database_can_not_access_to_item(partition):
body['error'] = error.PERMISSION_DENIED
return body
# Check partition has been existed
if resource.db_has_partition(partition):
if match_policy_after_get_policy_code(resource, 'create', partition, user, item):
index_keys = util.get_index_keys_to_index(resource, user, partition, 'w')
sort_keys = util.get_sort_keys(resource)
resource.db_put_item(partition, item, item_id=item['id'], index_keys=index_keys, sort_keys=sort_keys)
body['item_id'] = item.get('id', None)
return body
else:
body['error'] = error.PERMISSION_DENIED
return body
body['error'] = error.NO_SUCH_PARTITION
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
field_name = params.get('field_name', None)
field_value = params.get('field_value', None)
item = resource.db_get_item(item_id)
if database_can_not_access_to_item(item):
body['error'] = error.PERMISSION_DENIED
return body
if match_policy_after_get_policy_code(resource, 'update',
item['partition'], user, item):
item[field_name] = field_value
if field_value is None:
item.pop(field_name)
success = resource.db_update_item(item_id, item)
body['success'] = success
else:
body['error'] = error.PERMISSION_DENIED
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
new_item = params.get('item', {})
use_simplify = params.get('use_simplify', True)
item = resource.db_get_item(item_id)
# 아이템 없는 경우
if not item:
body['item'] = None
body['error'] = error.NO_SUCH_ITEM
return body
# 시스템 파티션 접근 제한
if database_can_not_access_to_item(item['partition']):
body['error'] = error.PERMISSION_DENIED
return body
# 등록된 파티션이 아닌경우
if not resource.db_has_partition(item['partition']):
body['item'] = None
body['error'] = error.UNREGISTERED_PARTITION
return body
# Remove null
# for key, value in new_item.copy().items():
# if value is None:
# new_item.pop(key)
# Put the value in the previous item that is not in the new field
new_item = {
key: value
for key, value in new_item.items()
if value != '' and value != {} and value != []
}
if use_simplify:
new_item = util.simplify_item(item, new_item)
new_item['partition'] = item['partition']
new_item['creation_date'] = item['creation_date']
if match_policy_after_get_policy_code(resource,
'update',
item['partition'],
user,
item,
new_item=new_item):
index_keys = util.get_index_keys_to_index(resource, user,
item['partition'], 'w')
# 소트키는 무조건 업데이트시 포함해야함.
sort_keys = util.get_sort_keys(resource)
for sort_key in sort_keys:
s_key = sort_key.get('sort_key', None)
if s_key and s_key not in new_item and item.get(s_key,
None) is not None:
new_item[s_key] = item.get(s_key, None)
success = resource.db_update_item_v2(item_id,
new_item,
index_keys=index_keys,
sort_keys=sort_keys)
body['success'] = success
else:
body['error'] = error.UPDATE_POLICY_VIOLATION
return body
