def update(id): authz.require(authz.list_write(id)) lst = obj_or_404(List.by_id(id)) lst.update(request_data(), current_user) db.session.add(lst) db.session.commit() return view(id)
def delete(id): authz.require(authz.list_write(id)) lst = obj_or_404(List.by_id(id)) selectors = lst.terms lst.delete() db.session.commit() refresh_selectors.delay(list(selectors)) return jsonify({'status': 'ok'})
def view(id): authz.require(authz.list_read(id)) lst = obj_or_404(List.by_id(id)) etag_cache_keygen(lst) data = lst.to_dict() data['can_write'] = authz.list_write(id) if data['can_write']: data['users'] = [u.id for u in lst.users] return jsonify(data)