Esempio n. 1
0
 def get(self, folio_id, export_id=None):
     # Get the portfolio
     folio = data_engine.get_portfolio(folio_id)
     if folio is None:
         raise DoesNotExistError(str(folio_id))
     # Check permissions
     permissions_engine.ensure_portfolio_permitted(
         folio, FolioPermission.ACCESS_VIEW, get_session_user())
     if export_id is None:
         # List portfolio exports
         exports_list = [
             _prep_folioexport_object(folio, fe) for fe in folio.downloads
         ]
         return make_api_success_response(
             object_to_dict_list(exports_list, _omit_fields))
     else:
         # Get a single portfolio-export
         folio_export = data_engine.get_object(FolioExport, export_id)
         if folio_export is None:
             raise DoesNotExistError(str(export_id))
         if folio_export.folio_id != folio_id:
             raise ParameterError(
                 'export ID %d does not belong to portfolio ID %d' %
                 (export_id, folio_id))
         return make_api_success_response(
             object_to_dict(_prep_folioexport_object(folio, folio_export),
                            _omit_fields))
Esempio n. 2
0
 def get(self, folio_id, image_id=None):
     if image_id is None:
         # List images in the portfolio
         folio = data_engine.get_portfolio(folio_id, load_images=True)
         if folio is None:
             raise DoesNotExistError(str(folio_id))
         # Check permissions
         permissions_engine.ensure_portfolio_permitted(
             folio, FolioPermission.ACCESS_VIEW, get_session_user())
         image_list = [_prep_folioimage_object(fi) for fi in folio.images]
         return make_api_success_response(
             object_to_dict_list(image_list, _omit_fields))
     else:
         # Get a single portfolio-image
         db_session = data_engine.db_get_session()
         try:
             folio_image = data_engine.get_portfolio_image(
                 AttrObject(id=folio_id),
                 AttrObject(id=image_id),
                 _db_session=db_session)
             if folio_image is None:
                 raise DoesNotExistError(
                     str(folio_id) + '/' + str(image_id))
             # Check permissions
             permissions_engine.ensure_portfolio_permitted(
                 folio_image.portfolio, FolioPermission.ACCESS_VIEW,
                 get_session_user())
             return make_api_success_response(
                 object_to_dict(_prep_folioimage_object(folio_image),
                                _omit_fields + ['portfolio']))
         finally:
             db_session.close()
Esempio n. 3
0
 def get(self, permission_id=None):
     if permission_id is None:
         # List all permissions
         fp_list = data_engine.list_objects(FolderPermission)
         return make_api_success_response(object_to_dict_list(fp_list))
     else:
         # Get permission entry
         fp = data_engine.get_object(FolderPermission, permission_id)
         if fp is None:
             raise DoesNotExistError(str(permission_id))
         return make_api_success_response(object_to_dict(fp))
Esempio n. 4
0
 def get(self, permission_id=None):
     if permission_id is None:
         # List all permissions
         fp_list = data_engine.list_objects(FolderPermission)
         return make_api_success_response(object_to_dict_list(fp_list))
     else:
         # Get permission entry
         fp = data_engine.get_object(FolderPermission, permission_id)
         if fp is None:
             raise DoesNotExistError(str(permission_id))
         return make_api_success_response(object_to_dict(fp))
Esempio n. 5
0
 def get(self, group_id=None):
     if group_id is None:
         # List groups
         return make_api_success_response(
             object_to_dict_list(data_engine.list_objects(
                 Group, Group.name)))
     else:
         # Get single group
         group = data_engine.get_group(group_id=group_id, load_users=True)
         if group is None:
             raise DoesNotExistError(str(group_id))
         return make_api_success_response(object_to_dict(group))
Esempio n. 6
0
 def get(self, user_id=None):
     if user_id is None:
         # List users
         status_filter = self._get_validated_status_arg(request)
         ulist = data_engine.list_users(status=status_filter,
                                        order_field=User.username)
         return make_api_success_response(object_to_dict_list(ulist))
     else:
         # Get single user
         user = data_engine.get_user(user_id)
         if user is None:
             raise DoesNotExistError(str(user_id))
         return make_api_success_response(object_to_dict(user))
Esempio n. 7
0
 def get(self, template_id=None):
     if template_id is None:
         # List templates
         tlist = data_engine.list_objects(ImageTemplate, ImageTemplate.name)
         tdictlist = object_to_dict_list(tlist)
         for tdict in tdictlist:
             self._del_keys(tdict['template'], TemplateAPI.HIDE_FIELDS)
         return make_api_success_response(tdictlist)
     else:
         # Get single template
         template_info = data_engine.get_image_template(template_id)
         if template_info is None:
             raise DoesNotExistError(str(template_id))
         tdict = object_to_dict(template_info)
         self._del_keys(tdict['template'], TemplateAPI.HIDE_FIELDS)
         return make_api_success_response(tdict)
Esempio n. 8
0
 def get(self, group_id=None):
     if group_id is None:
         # List groups
         return make_api_success_response(
             object_to_dict_list(data_engine.list_objects(Group, Group.name))
         )
     else:
         # Get single group
         group = data_engine.get_group(group_id=group_id, load_users=True)
         if group is None:
             raise DoesNotExistError(str(group_id))
         # Do not give out anything password related
         gdict = object_to_dict(group)
         for udict in gdict['users']:
             del udict['password']
         return make_api_success_response(gdict)
Esempio n. 9
0
 def get(self, user_id=None):
     if user_id is None:
         # List users
         ulist = data_engine.list_users(order_field=User.username)
         # Do not give out anything password related
         udictlist = object_to_dict_list(ulist)
         for user in udictlist:
             del user['password']
         return make_api_success_response(udictlist)
     else:
         # Get single user
         user = data_engine.get_user(user_id)
         if user is None:
             raise DoesNotExistError(str(user_id))
         # Do not give out anything password related
         udict = object_to_dict(user)
         del udict['password']
         return make_api_success_response(udict)
Esempio n. 10
0
 def get(self, folio_id=None):
     # v4.1 Added support for /api/portfolios/?human_id=<human id>
     human_id = request.args.get('human_id', '')
     if not folio_id and not human_id:
         # List portfolios that the user can view
         folio_list = data_engine.list_portfolios(
             get_session_user(), FolioPermission.ACCESS_VIEW)
         folio_list = [_prep_folio_object(f) for f in folio_list]
         return make_api_success_response(
             object_to_dict_list(folio_list, _omit_fields))
     else:
         # Get single portfolio by either ID or v4.1 by human ID
         folio = data_engine.get_portfolio(folio_id,
                                           human_id,
                                           load_images=True,
                                           load_history=True)
         if folio is None:
             raise DoesNotExistError(human_id or str(folio_id))
         # Check permissions
         permissions_engine.ensure_portfolio_permitted(
             folio, FolioPermission.ACCESS_VIEW, get_session_user())
         folio = _prep_folio_object(folio)
         return make_api_success_response(
             object_to_dict(folio, _omit_fields))
Esempio n. 11
0
 def put(self, folio_id, image_id):
     db_session = data_engine.db_get_session()
     try:
         # Get data
         folio_image = data_engine.get_portfolio_image(
             AttrObject(id=folio_id),
             AttrObject(id=image_id),
             _db_session=db_session)
         if folio_image is None:
             raise DoesNotExistError(str(folio_id) + '/' + str(image_id))
         # Check permissions
         permissions_engine.ensure_portfolio_permitted(
             folio_image.portfolio, FolioPermission.ACCESS_EDIT,
             get_session_user())
         # Update the portfolio
         params = self._get_validated_object_parameters(request.form)
         chd_folio_image = data_engine.reorder_portfolio(
             folio_image, params['index'])
         data_engine.add_portfolio_history(
             folio_image.portfolio,
             get_session_user(),
             FolioHistory.ACTION_IMAGE_CHANGE,
             '%s moved to position %d' %
             (folio_image.image.src, chd_folio_image.order_num + 1),
             _db_session=db_session,
             _commit=True)
         # Return the updated image list
         db_session.expire(folio_image)
         folio = data_engine.get_portfolio(folio_id,
                                           load_images=True,
                                           _db_session=db_session)
         image_list = [_prep_folioimage_object(fi) for fi in folio.images]
         return make_api_success_response(
             object_to_dict_list(image_list, _omit_fields + ['portfolio']))
     finally:
         db_session.close()