def delete(self, req, image_id, id):
"""
Removes a membership from the image.
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({
'user': req.context.user,
'id': image_id
})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Look up an existing membership
try:
session = db_api.get_session()
member_ref = db_api.image_member_find(req.context,
image_id,
id,
session=session)
db_api.image_member_delete(req.context,
member_ref,
session=session)
except exception.NotFound:
pass
# Make an appropriate result
return webob.exc.HTTPNoContent()
def update_all(self, req, image_id, body):
"""
Replaces the members of the image with those specified in the
body. The body is a dict with the following format::
{"memberships": [
{"member_id": <MEMBER_ID>,
["can_share": [True|False]]}, ...
]}
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
session = db_api.get_session()
try:
image = db_api.image_get(req.context, image_id, session=session)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({
'user': req.context.user,
'id': image_id
})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Get the membership list
try:
memb_list = body['memberships']
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
def delete(self, req, image_id, id):
"""
Removes a membership from the image.
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({'user': req.context.user,
'id': image_id})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Look up an existing membership
try:
session = db_api.get_session()
member_ref = db_api.image_member_find(req.context,
image_id,
id,
session=session)
db_api.image_member_delete(req.context,
member_ref,
session=session)
except exception.NotFound:
pass
# Make an appropriate result
return webob.exc.HTTPNoContent()
def update_all(self, req, image_id, body):
"""
Replaces the members of the image with those specified in the
body. The body is a dict with the following format::
{"memberships": [
{"member_id": <MEMBER_ID>,
["can_share": [True|False]]}, ...
]}
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
session = db_api.get_session()
try:
image = db_api.image_get(req.context, image_id, session=session)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({'user': req.context.user,
'id': image_id})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Get the membership list
try:
memb_list = body['memberships']
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Determine the applicable can_share value
can_share = None
if body:
try:
can_share = bool(body['member']['can_share'])
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
# Look up an existing membership...
try:
session = db_api.get_session()
membership = db_api.image_member_find(req.context,
image_id,
id,
session=session)
if can_share is not None:
values = dict(can_share=can_share)
db_api.image_member_update(req.context,
membership,
values,
session=session)
except exception.NotFound:
values = dict(image_id=image['id'],
member=id,
can_share=bool(can_share))
db_api.image_member_create(req.context, values, session=session)
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Determine the applicable can_share value
can_share = None
if body:
try:
can_share = bool(body['member']['can_share'])
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
# Look up an existing membership...
try:
session = db_api.get_session()
membership = db_api.image_member_find(req.context,
image_id, id,
session=session)
if can_share is not None:
values = dict(can_share=can_share)
db_api.image_member_update(req.context, membership, values,
session=session)
except exception.NotFound:
values = dict(image_id=image['id'], member=id,
can_share=bool(can_share))
db_api.image_member_create(req.context, values, session=session)
return webob.exc.HTTPNoContent()
def delete(self, req, image_id, id):