def _get_model_to_insert(self, resource, participant_id=None): # Children of participants accept a participant_id parameter to from_client_json; others don't. if participant_id is not None: return self.dao.from_client_json(resource, participant_id=participant_id, client_id=api_util.get_oauth_id()) else: return self.dao.from_client_json(resource, client_id=api_util.get_oauth_id())
def check_config_admin(): """Raises Unauthorized unless the caller is a config admin.""" user_email = api_util.get_oauth_id() if is_config_admin(user_email): logging.info('User %r ALLOWED for config endpoint' % user_email) return logging.info('User %r NOT ALLOWED for config endpoint' % user_email) raise Forbidden()
def _get_model_to_update(self, resource, id_, expected_version, participant_id=None): # Children of participants accept a participant_id parameter to from_client_json; others don't. if participant_id is not None: return self.dao.from_client_json(resource, participant_id=participant_id, id_=id_, expected_version=expected_version, client_id=api_util.get_oauth_id()) else: return self.dao.from_client_json(resource, id_=id_, expected_version=expected_version, client_id=api_util.get_oauth_id())
def wrapped(*args, **kwargs): if not is_config_admin(api_util.get_oauth_id()): _, user_info = get_validated_user_info() if not HEALTHPRO in user_info.get('roles', []): logging.info( 'User has roles {}, but HEALTHPRO or admin is required'. format(user_info.get('roles'))) raise Forbidden() return func(*args, **kwargs)
def post(self, a_id=None): """Handles a POST request. Args: a_id: The ancestor id. """ resource = request.get_json(force=True) m = self.dao.from_json(resource, a_id, self.dao.allocate_id()) self.validate_object(m, a_id) self.dao.insert(m, date=_consider_fake_date(), client_id=api_util.get_oauth_id()) return self.make_response_for_resource(self.dao.to_json(m))
def put(self, id_, a_id=None): """Handles a PUT (replace) request. Args: id_: The id of the object to replace. a_id: The ancestor id. """ m = self.dao.from_json(request.get_json(force=True), a_id, id_) self.validate_object(m, a_id) self.dao.replace(m, date=_consider_fake_date(), client_id=api_util.get_oauth_id()) return self.make_response_for_resource(self.dao.to_json(m))