def put(self): if not self.json_request.get('organization') and \ not Organization.valid_id(self.json_request.get('organization')): raise HttpErrorException.bad_request('invalid organization id') org = Organization.get_by_id(self.json_request.get('organization')) if not org: raise HttpErrorException.bad_request('invalid organization id') name = self.json_request.get('name', None) hidden = self.json_request.get('hidden', False) description = self.json_request.get('description', '') if not name or name == 'super_admin' or name == 'admin': raise HttpErrorException.bad_request('invalid group name') if type(hidden) != bool: raise HttpErrorException.bad_request('invalid hidden type must be boolean') if Group.query(ndb.AND(Group.organization == org.key, Group.name == name)).count() > 0: raise HttpErrorException.bad_request('group name taken') group = Group(key=Group.create_key(), name=name, description=description, organization=org.key, active=True) if hidden: org.hidden_groups.append(group.key) else: org.groups.append(group.key) ndb.put_multi([group, org]) if self.json_request.get('return', '') == 'group_dict': self.write_json_response(group.to_dict())
def post(self, organization): if not organization and not Organization.valid_id(organization): raise HttpErrorException.bad_request('invalid organization id') organization = Organization.get_by_id(organization) if organization is None: raise HttpErrorException.bad_request('invalid organization id') user = user_user.User.get_by_id(self.json_request.get('username')) if user is None: raise HttpErrorException.bad_request('bad username') if not self.user.is_admin: lr = tt_logging.construct_log( msg_short='Non-Admin User Tried Adding Org Admin', msg='A Non-Admin user try setting another user as admin', log_type=tt_logging.SECURITY, request_user=self.user, affected_user=user, request=self.request, artifact=organization ) log.warning(lr['dict_msg']['msg'], extra=lr) raise HttpErrorException.forbidden() is_admin = self.json_request.get('is_admin') if is_admin is None and not type(is_admin) == bool: raise HttpErrorException.bad_request('invalid admin settings') if is_admin: if user.key not in organization.admins: organization.admins.append(user.key) organization.put() lr = tt_logging.construct_log( msg_short='User was made organization admin', log_type=tt_logging.USER, request_user=self.user, affected_user=user, artifact=organization, request=self.request ) log.info(lr['dict_msg']['msg'], extra=lr) else: if user.key in organization.admins: organization.admins.remove(user.key) organization.put() lr = tt_logging.construct_log( msg_short='User was removed as organization admin', log_type=tt_logging.USER, request_user=self.user, affected_user=user, artifact=organization, request=self.request ) log.info(lr['dict_msg']['msg'], extra=lr)