def api_delete_by_params(request, model_type):
"""Process delete requests for /api/{object_type} route match. Iterates
over passed parameters."""
# FIXME: Should we enforce required parameters here?
# Will be used for auditing
au = get_authenticated_user(request)
# FIXME: Should we allow this to be set on the client, or hard code it to true, requiring an # exact match? Might make sense since there is no confirmation, it just deletes.
exact_get = True
c = camel_to_underscore(model_type)
try:
payload = request.json_body
s = ''
q = DBSession.query(globals()[model_type])
for k,v in payload.items():
# FIXME: This is sub-par. Need a better way to distinguish
# meta params from search params without having to
# pre-define everything.
if k == 'exact_get':
continue
s+='{0}={1},'.format(k, v)
if exact_get:
log.debug('Exact filtering on {0}={1}'.format(k, v))
q = q.filter(getattr(globals()[model_type] ,k)==v)
else:
log.debug('Loose filtering on {0}={1}'.format(k, v))
q = q.filter(getattr(globals()[model_type] ,k).like('%{0}%'.format(v)))
log.debug('Searching for {0} with params: {1}'.format(c, s.rstrip(',')))
q = q.one()
# FIXME: Need auditing
log.info('Deleting {0} with params: {1}'.format(c, s.rstrip(',')))
DBSession.delete(q)
DBSession.flush()
return True
except NoResultFound:
return Response(content_type='application/json', status_int=404)
except Exception as e:
log.error('Error deleting {0} with params: {1} exception: {2}'.format(c, s.rstrip(','), e))
return Response(str(e), content_type='application/json', status_int=500)
def api_delete_by_id(request, model_type):
"""Process delete requests for /api/{object_type}/{id} route match."""
# FIXME: Will be used for auditing eventually. Would be nice to use
# request.authenticated_userid, but I think this gets ugly when it's
# an AD user. Need to test.
au = get_authenticated_user(request)
resource_id = request.matchdict['id']
c = camel_to_underscore(model_type)
c_id = c + '_id'
c_name = c + '_name'
try:
log.debug('Checking for {0}={1}'.format(c_id, resource_id))
# FIXME: Something better here than globals?
q = DBSession.query(globals()[model_type])
q = q.filter(getattr(globals()[model_type], c_id) == resource_id)
q = q.one()
object_name = getattr(q, c_name)
# FIXME: Need auditing
# FIXME: What about orphaned assigments? Should we clean them up?
log.info('Deleting {0}={1},{2}={3}'.format(c_name, object_name, c_id, resource_id))
DBSession.delete(q)
DBSession.flush()
return True
except NoResultFound:
return Response(content_type='application/json', status_int=404)
except Exception as e:
log.error('Error deleting {0}={1},exception={2}'.format(c_id, resource_id, e))
return Response(str(e), content_type='application/json', status_int=500)
