def comment(self, id):
loggedInUser = helper.getLoggedInUser()
jsonData = helper.getRequestBody()
if jsonData != "":
theShift = Shift.read(id, userId=loggedInUser)
if not theShift:
return error("Shift does not exist.",
ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift",
ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
theData = json.loads(jsonData)
if theUser.canRead(theShift):
from server.models.comment import Comment
Comment.create(theUser.id, theShift.id, theData["text"],
theData.get("subscribe") or False)
return data(Shift.read(theShift.id, theUser.id))
else:
return error(
"Operation not permitted. You don't have permission to comment on this shift.",
PermissionError)
else:
return error("No data for comment.", NoDataError)
def publish(self, id):
# NOTE: should maybe take publishData url parameter - David 9/5/2009
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
publishData = json.loads(helper.getRequestBody())
# convert targets to actual database references
if publishData.get("targets"):
from server.models.group import Group
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
targets = publishData["targets"]
# convert short names to group ids
shortNames = [target[1:] for target in targets if target[0] == "&"]
groupIds = Group.shortNamesToIds(shortNames)
# convert user name to user ids
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
# create list of dbs being published to
dbs = [Group.db(groupId) for groupId in groupIds]
# validate groups
writeable = theUser.writeable()
if not set(dbs).issubset(set(writeable)):
return error(
"Operation not permitted. You don't have permission to publish to some of these groups",
PermissionError)
# TODO: validate against blocked users - David 2/15/10
dbs.extend([SSUser.db(userId) for userId in userIds])
publishData["dbs"] = dbs
return data(theShift.publish(publishData))
def publish(self, id):
# NOTE: should maybe take publishData url parameter - David 9/5/2009
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
publishData = json.loads(helper.getRequestBody())
# convert targets to actual database references
if publishData.get("targets"):
from server.models.group import Group
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
targets = publishData["targets"]
# convert short names to group ids
shortNames = [target[1:] for target in targets if target[0] == "&"]
groupIds = Group.shortNamesToIds(shortNames)
# convert user name to user ids
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
# create list of dbs being published to
dbs = [Group.db(groupId) for groupId in groupIds]
dbs.extend([SSUser.db(userId) for userId in userIds])
# validate
writeable = theUser.writeable()
if set(writeable) != set(dbs):
return error("Operation not permitted. You don't have permission to publish to some of these gruops", PermissionError)
publishData["dbs"] = dbs
return data(theShift.publish(publishData))
def unpublish(self, id):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
return data(theShift.unpublish())
def testDelete(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
self.assertNotEqual(newShift, None)
newShift.delete()
theShift = Shift.read(newShift.id, self.fakemary.id)
self.assertEqual(theShift, None)
def unpublish(self, id):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
return data(theShift.unpublish())
def testUpdate(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
newShift.update({"summary":"changed!"})
theShift = Shift.read(newShift.id, self.fakemary.id)
self.assertEqual(theShift.summary, "changed!")
db = core.connect(SSUser.privateDb(self.fakemary.id))
del db[theShift.id]
def testRead(self):
json = shiftJson()
json["createdBy"] = self.fakemary.id
newShift = Shift.create(json)
theShift = Shift.read(newShift.id, self.fakemary.id)
self.assertEqual(theShift.source.server, newShift.source.server)
self.assertEqual(theShift.source.database, newShift.source.database)
self.assertEqual(theShift.createdBy, self.fakemary.id)
db = core.connect(SSUser.privateDb(self.fakemary.id))
del db[theShift.id]
def comment(self, id):
loggedInUser = helper.getLoggedInUser()
jsonData = helper.getRequestBody()
if jsonData != "":
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
theData = json.loads(jsonData)
if theUser.canRead(theShift):
from server.models.comment import Comment
Comment.create(theUser.id, theShift.id, theData["text"], theData.get("subscribe") or False)
return data(Shift.read(theShift.id, theUser.id))
else:
return error("Operation not permitted. You don't have permission to comment on this shift.", PermissionError)
else:
return error("No data for comment.", NoDataError)
def share(self, id, users):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift or theShift.publishData.private:
return error("You don't have permission to view this shift.", PermissionError)
targets = users.split(" ")
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
return ack
def share(self, id, users):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift or theShift.publishData.private:
return error("You don't have permission to view this shift.",
PermissionError)
targets = users.split(" ")
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
return ack
def read(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
theShift = Shift.read(id, loggedInUser)
if theShift and theUser.canRead(theShift):
return data(theShift)
else:
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
else:
return error("Operation not permitted. You don't have permission to view this shift. %s" % theShift, PermissionError)
def comments(self, id, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theShift.isPublic() or theUser.canRead(theShift):
return data(theShift.comments(start=start, end=end, limit=limit))
else:
return error("Operation not permitted. You don't have permission to view comments on this shift.", PermissionError)
def unfavorite(self, id):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theUser.canRead(theShift):
return data(theUser.unfavorite(theShift))
else:
return error("Operation not permitted. You don't have permission to unfavorite this shift.", PermissionError)
def comments(self, id, start=None, end=None, limit=25):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, userId=loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theShift.isPublic() or theUser.canRead(theShift):
return data(theShift.comments(start=start, end=end, limit=limit))
else:
return error(
"Operation not permitted. You don't have permission to view comments on this shift.",
PermissionError)
def delete(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theUser.canModify(theShift):
theShift.delete()
return ack
else:
return error("Operation not permitted. You don't have permission to delete this shift.", PermissionError)
def read(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theUser = SSUser.read(loggedInUser)
theShift = Shift.read(id, loggedInUser)
if theShift and theUser.canRead(theShift):
return data(theShift)
else:
if not theShift:
return error("Resource does not exist.",
ResourceDoesNotExistError)
else:
return error(
"Operation not permitted. You don't have permission to view this shift. %s"
% theShift, PermissionError)
def unfavorite(self, id):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theUser.canRead(theShift):
return data(theUser.unfavorite(theShift))
else:
return error(
"Operation not permitted. You don't have permission to unfavorite this shift.",
PermissionError)
def unnotify(self, id):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theUser.canRead(theShift):
if theUser.isSubscribed(theShift):
theUser.unsubscribe(theShift)
return ack
else:
return error("You are not getting notification from this comment thread.", NotBeingNotifiedError)
else:
return error("Operation not permitted. You don't have permission to be notified of events on this stream.", PermissionError)
def delete(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theUser.canModify(theShift):
theShift.delete()
return ack
else:
return error(
"Operation not permitted. You don't have permission to delete this shift.",
PermissionError)
def update(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
jsonData = helper.getRequestBody()
if jsonData != "":
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
shiftData = json.loads(jsonData)
theUser = SSUser.read(loggedInUser)
if theUser.canModify(theShift):
return data(theShift.update(shiftData))
else:
return error("Operation not permitted. You don't have permission to update this shift.", PermissionError)
else:
return error("No data for shift.", NoDataError)
def unnotify(self, id):
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
if theUser.canRead(theShift):
if theUser.isSubscribed(theShift):
theUser.unsubscribe(theShift)
return ack
else:
return error(
"You are not getting notification from this comment thread.",
NotBeingNotifiedError)
else:
return error(
"Operation not permitted. You don't have permission to be notified of events on this stream.",
PermissionError)
def update(self, id):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
jsonData = helper.getRequestBody()
if jsonData != "":
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.",
ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift",
ResourceTypeError)
from server.models.ssuser import SSUser
shiftData = json.loads(jsonData)
theUser = SSUser.read(loggedInUser)
if theUser.canModify(theShift):
return data(theShift.update(shiftData))
else:
return error(
"Operation not permitted. You don't have permission to update this shift.",
PermissionError)
else:
return error("No data for shift.", NoDataError)
def favorite(self, aShift):
from server.models.favorite import Favorite
from server.models.shift import Shift
Favorite.create(self.id, aShift.id)
return Shift.joinData(Shift.read(aShift.id), self.id)
def unfavorite(self, aShift):
from server.models.favorite import Favorite
from server.models.shift import Shift
Favorite.readByUserAndShift(self.id, aShift.id).delete()
return Shift.joinData(Shift.read(aShift.id), self.id)
def unfavorite(self, aShift):
from server.models.favorite import Favorite
from server.models.shift import Shift
Favorite.readByUserAndShift(self.id, aShift.id).delete()
return Shift.joinData(Shift.read(aShift.id), self.id)
def favorite(self, aShift):
from server.models.favorite import Favorite
from server.models.shift import Shift
Favorite.create(self.id, aShift.id)
return Shift.joinData(Shift.read(aShift.id), self.id)