def _get_extra_instance(self, model, key, user_attr="creation_user"): """Tries to get a instance of model with getp2. The primary key is obtained from the extra key ``key``. @param model {class}: A sqlalchemy model class with a query attribute. @param key {string}: The extra key where to find the pk id. @param user_attr {string}: Check for user attribute (default: "creation_user") match with req.user or do nothing if None. """ try: id_ = p2_to_int(self.extra[key]) except (ValueError, KeyError, TypeError): # Pretend the module does not exist (with these parameters) raise LookupError("No compatible module found for these " "parameters.") instance = model.query.get(id_) if not instance: raise JSONException("Could not find an instance of what you are " "searching for.") if user_attr: attr = getattr(instance, user_attr) if attr != self.request.user: raise PermissionError("You are not authorized to view and/or " "alter this instance.") return instance