def get(self, folio_id, export_id=None):
# Get the portfolio
folio = data_engine.get_portfolio(folio_id)
if folio is None:
raise DoesNotExistError(str(folio_id))
# Check permissions
permissions_engine.ensure_portfolio_permitted(
folio, FolioPermission.ACCESS_VIEW, get_session_user())
if export_id is None:
# List portfolio exports
exports_list = [
_prep_folioexport_object(folio, fe) for fe in folio.downloads
]
return make_api_success_response(
object_to_dict_list(exports_list, _omit_fields))
else:
# Get a single portfolio-export
folio_export = data_engine.get_object(FolioExport, export_id)
if folio_export is None:
raise DoesNotExistError(str(export_id))
if folio_export.folio_id != folio_id:
raise ParameterError(
'export ID %d does not belong to portfolio ID %d' %
(export_id, folio_id))
return make_api_success_response(
object_to_dict(_prep_folioexport_object(folio, folio_export),
_omit_fields))
def get(self, folio_id, image_id=None):
if image_id is None:
# List images in the portfolio
folio = data_engine.get_portfolio(folio_id, load_images=True)
if folio is None:
raise DoesNotExistError(str(folio_id))
# Check permissions
permissions_engine.ensure_portfolio_permitted(
folio, FolioPermission.ACCESS_VIEW, get_session_user())
image_list = [_prep_folioimage_object(fi) for fi in folio.images]
return make_api_success_response(
object_to_dict_list(image_list, _omit_fields))
else:
# Get a single portfolio-image
db_session = data_engine.db_get_session()
try:
folio_image = data_engine.get_portfolio_image(
AttrObject(id=folio_id),
AttrObject(id=image_id),
_db_session=db_session)
if folio_image is None:
raise DoesNotExistError(
str(folio_id) + '/' + str(image_id))
# Check permissions
permissions_engine.ensure_portfolio_permitted(
folio_image.portfolio, FolioPermission.ACCESS_VIEW,
get_session_user())
return make_api_success_response(
object_to_dict(_prep_folioimage_object(folio_image),
_omit_fields + ['portfolio']))
finally:
db_session.close()
def get(self, permission_id=None):
if permission_id is None:
# List all permissions
fp_list = data_engine.list_objects(FolderPermission)
return make_api_success_response(object_to_dict_list(fp_list))
else:
# Get permission entry
fp = data_engine.get_object(FolderPermission, permission_id)
if fp is None:
raise DoesNotExistError(str(permission_id))
return make_api_success_response(object_to_dict(fp))
def get(self, permission_id=None):
if permission_id is None:
# List all permissions
fp_list = data_engine.list_objects(FolderPermission)
return make_api_success_response(object_to_dict_list(fp_list))
else:
# Get permission entry
fp = data_engine.get_object(FolderPermission, permission_id)
if fp is None:
raise DoesNotExistError(str(permission_id))
return make_api_success_response(object_to_dict(fp))
def get(self, group_id=None):
if group_id is None:
# List groups
return make_api_success_response(
object_to_dict_list(data_engine.list_objects(
Group, Group.name)))
else:
# Get single group
group = data_engine.get_group(group_id=group_id, load_users=True)
if group is None:
raise DoesNotExistError(str(group_id))
return make_api_success_response(object_to_dict(group))
def get(self, user_id=None):
if user_id is None:
# List users
status_filter = self._get_validated_status_arg(request)
ulist = data_engine.list_users(status=status_filter,
order_field=User.username)
return make_api_success_response(object_to_dict_list(ulist))
else:
# Get single user
user = data_engine.get_user(user_id)
if user is None:
raise DoesNotExistError(str(user_id))
return make_api_success_response(object_to_dict(user))
def get(self, template_id=None):
if template_id is None:
# List templates
tlist = data_engine.list_objects(ImageTemplate, ImageTemplate.name)
tdictlist = object_to_dict_list(tlist)
for tdict in tdictlist:
self._del_keys(tdict['template'], TemplateAPI.HIDE_FIELDS)
return make_api_success_response(tdictlist)
else:
# Get single template
template_info = data_engine.get_image_template(template_id)
if template_info is None:
raise DoesNotExistError(str(template_id))
tdict = object_to_dict(template_info)
self._del_keys(tdict['template'], TemplateAPI.HIDE_FIELDS)
return make_api_success_response(tdict)
def get(self, group_id=None):
if group_id is None:
# List groups
return make_api_success_response(
object_to_dict_list(data_engine.list_objects(Group, Group.name))
)
else:
# Get single group
group = data_engine.get_group(group_id=group_id, load_users=True)
if group is None:
raise DoesNotExistError(str(group_id))
# Do not give out anything password related
gdict = object_to_dict(group)
for udict in gdict['users']:
del udict['password']
return make_api_success_response(gdict)
def get(self, user_id=None):
if user_id is None:
# List users
ulist = data_engine.list_users(order_field=User.username)
# Do not give out anything password related
udictlist = object_to_dict_list(ulist)
for user in udictlist:
del user['password']
return make_api_success_response(udictlist)
else:
# Get single user
user = data_engine.get_user(user_id)
if user is None:
raise DoesNotExistError(str(user_id))
# Do not give out anything password related
udict = object_to_dict(user)
del udict['password']
return make_api_success_response(udict)
def get(self, folio_id=None):
# v4.1 Added support for /api/portfolios/?human_id=<human id>
human_id = request.args.get('human_id', '')
if not folio_id and not human_id:
# List portfolios that the user can view
folio_list = data_engine.list_portfolios(
get_session_user(), FolioPermission.ACCESS_VIEW)
folio_list = [_prep_folio_object(f) for f in folio_list]
return make_api_success_response(
object_to_dict_list(folio_list, _omit_fields))
else:
# Get single portfolio by either ID or v4.1 by human ID
folio = data_engine.get_portfolio(folio_id,
human_id,
load_images=True,
load_history=True)
if folio is None:
raise DoesNotExistError(human_id or str(folio_id))
# Check permissions
permissions_engine.ensure_portfolio_permitted(
folio, FolioPermission.ACCESS_VIEW, get_session_user())
folio = _prep_folio_object(folio)
return make_api_success_response(
object_to_dict(folio, _omit_fields))
def put(self, folio_id, image_id):
db_session = data_engine.db_get_session()
try:
# Get data
folio_image = data_engine.get_portfolio_image(
AttrObject(id=folio_id),
AttrObject(id=image_id),
_db_session=db_session)
if folio_image is None:
raise DoesNotExistError(str(folio_id) + '/' + str(image_id))
# Check permissions
permissions_engine.ensure_portfolio_permitted(
folio_image.portfolio, FolioPermission.ACCESS_EDIT,
get_session_user())
# Update the portfolio
params = self._get_validated_object_parameters(request.form)
chd_folio_image = data_engine.reorder_portfolio(
folio_image, params['index'])
data_engine.add_portfolio_history(
folio_image.portfolio,
get_session_user(),
FolioHistory.ACTION_IMAGE_CHANGE,
'%s moved to position %d' %
(folio_image.image.src, chd_folio_image.order_num + 1),
_db_session=db_session,
_commit=True)
# Return the updated image list
db_session.expire(folio_image)
folio = data_engine.get_portfolio(folio_id,
load_images=True,
_db_session=db_session)
image_list = [_prep_folioimage_object(fi) for fi in folio.images]
return make_api_success_response(
object_to_dict_list(image_list, _omit_fields + ['portfolio']))
finally:
db_session.close()