def verify_import_access(user: UserModel, _type: TypeModel, _manager: TypeManager): """Validate if a user has access to objects of this type.""" location = 'acl.groups.includes.' + str(user.group_id) query = {'$and': [{'$or': [ {'$or': [ {'acl': {'$exists': False}}, {'acl.activated': False}] }, {'$and': [ {'acl.activated': True}, {'$and': [ {location: {'$exists': True}}, {location: {'$all': [ AccessControlPermission.READ.value, AccessControlPermission.CREATE.value, AccessControlPermission.UPDATE.value] } } ] } ] }] }, {'public_id': _type.public_id}]} types_ = _manager.iterate(filter=query, limit=1, skip=0, sort='public_id', order=1) if len([TypeModel.to_json(_) for _ in types_.results]) == 0: raise AccessDeniedError(f'The objects of the type `{_type.name}` are protected by ACL permission!')
def get_types(params: CollectionParameters): """ HTTP `GET`/`HEAD` route for getting a iterable collection of resources. Args: params (CollectionParameters): Passed parameters over the http query string Returns: GetMultiResponse: Which includes a IterationResult of the TypeModel. Example: You can pass any parameter based on the CollectionParameters. Optional parameters are passed over the function declaration. Raises: FrameworkIterationError: If the collection could not be iterated. ManagerGetError: If the collection could not be found. """ type_manager = TypeManager(database_manager=current_app.database_manager) body = request.method == 'HEAD' try: iteration_result: IterationResult[TypeModel] = type_manager.iterate( filter=params.filter, limit=params.limit, skip=params.skip, sort=params.sort, order=params.order) types = [TypeModel.to_json(type) for type in iteration_result.results] api_response = GetMultiResponse(types, total=iteration_result.total, params=params, url=request.url, model=TypeModel.MODEL, body=body) except FrameworkIterationError as err: return abort(400, err.message) except ManagerGetError as err: return abort(404, err.message) return api_response.make_response()