def delete_resource(request): resource = ar.get_resource_matchdict_checked(request) service_push = asbool( ar.get_multiformat_body(request, "service_push", default=False)) res_content = {"resource": format_resource(resource, basic_info=True)} ax.evaluate_call( lambda: models.RESOURCE_TREE_SERVICE.delete_branch( resource_id=resource.resource_id, db_session=request.db), fallback=lambda: request.db.rollback(), http_error=HTTPForbidden, msg_on_fail="Delete resource branch from tree service failed.", content=res_content) def remove_service_magpie_and_phoenix(res, svc_push, db): if res.resource_type != "service": svc_push = False db.delete(res) if svc_push: sync_services_phoenix(db.query(models.Service)) ax.evaluate_call( lambda: remove_service_magpie_and_phoenix(resource, service_push, request.db), fallback=lambda: request.db.rollback(), http_error=HTTPForbidden, msg_on_fail=s.Resource_DELETE_ForbiddenResponseSchema.description, content=res_content) return ax.valid_http(http_success=HTTPOk, detail=s.Resource_DELETE_OkResponseSchema.description)
def delete_user_resource_permission_name_view(request): """ Delete a permission by name from a resource for a user (not including his groups permissions). """ user = ar.get_user_matchdict_checked_or_logged(request) resource = ar.get_resource_matchdict_checked(request) permission = ar.get_permission_matchdict_checked(request, resource) return uu.delete_user_resource_permission_response(user, resource, permission, request.db)
def get_group_resource_permissions_view(request): """ List all permissions a group has on a specific resource. """ group = ar.get_group_matchdict_checked(request) resource = ar.get_resource_matchdict_checked(request) return gu.get_group_resource_permissions_response(group, resource, db_session=request.db)
def create_user_resource_permission_view(request): """ Create a permission on specific resource for a user. """ user = ar.get_user_matchdict_checked_or_logged(request) resource = ar.get_resource_matchdict_checked(request) permission = ar.get_permission_multiformat_post_checked(request, resource) return uu.create_user_resource_permission_response(user, resource, permission, request.db)
def get_resource_view(request): """ Get resource information. """ resource = ar.get_resource_matchdict_checked(request) res_json = ax.evaluate_call(lambda: rf.format_resource_with_children(resource, db_session=request.db), fallback=lambda: request.db.rollback(), httpError=HTTPInternalServerError, msgOnFail=s.Resource_GET_InternalServerErrorResponseSchema.description, content={u"resource": rf.format_resource(resource, basic_info=True)}) return ax.valid_http(httpSuccess=HTTPOk, content={"resource": res_json}, detail=s.Resource_GET_OkResponseSchema.description)
def get_resource_permissions_view(request): """ List all applicable permissions for a resource. """ resource = ar.get_resource_matchdict_checked(request, "resource_id") res_perm = ax.evaluate_call(lambda: ru.get_resource_permissions(resource, db_session=request.db), fallback=lambda: request.db.rollback(), httpError=HTTPBadRequest, msgOnFail=s.ResourcePermissions_GET_BadRequestResponseSchema.description, content={u"resource": rf.format_resource(resource, basic_info=True)}) return ax.valid_http(httpSuccess=HTTPOk, detail=s.ResourcePermissions_GET_OkResponseSchema.description, content={u"permission_names": format_permissions(res_perm)})
def delete_group_resource_permission_name_view(request): """ Delete a permission by name from a specific resource for a group. """ group = ar.get_group_matchdict_checked(request) resource = ar.get_resource_matchdict_checked(request) permission = ar.get_permission_matchdict_checked(request, resource) return gu.delete_group_resource_permission_response(group, resource, permission, db_session=request.db)
def create_group_resource_permissions_view(request): """ Create a permission on a specific resource for a group. """ group = ar.get_group_matchdict_checked(request) resource = ar.get_resource_matchdict_checked(request) permission = ar.get_permission_multiformat_body_checked(request, resource) return gu.create_group_resource_permission_response(group, resource, permission, db_session=request.db)
def replace_user_resource_permissions_view(request): """ Create or modify an existing permission on a resource for a user. Can be used to adjust permission modifiers. """ user = ar.get_user_matchdict_checked_or_logged(request) resource = ar.get_resource_matchdict_checked(request) permission = ar.get_permission_multiformat_body_checked(request, resource) return uu.create_user_resource_permission_response(user, resource, permission, request.db, overwrite=True)
def replace_group_resource_permissions_view(request): """ Create or modify an existing permission on a resource for a group. Can be used to adjust permission modifiers. """ group = ar.get_group_matchdict_checked(request) resource = ar.get_resource_matchdict_checked(request) permission = ar.get_permission_multiformat_body_checked(request, resource) return gu.create_group_resource_permission_response(group, resource, permission, request.db, overwrite=True)
def get_user_resource_permissions_view(request): """ List all permissions a user has on a specific resource. """ user = ar.get_user_matchdict_checked_or_logged(request) resource = ar.get_resource_matchdict_checked(request, "resource_id") inherit_groups_perms = asbool(ar.get_query_param(request, "inherit")) effective_perms = asbool(ar.get_query_param(request, "effective")) return uu.get_user_resource_permissions_response( user, resource, request, inherit_groups_permissions=inherit_groups_perms, effective_permissions=effective_perms)
def update_resource(request): """ Update a resource information. """ resource = ar.get_resource_matchdict_checked(request, "resource_id") service_push = asbool(ar.get_multiformat_post(request, "service_push")) res_old_name = resource.resource_name res_new_name = ar.get_value_multiformat_post_checked(request, "resource_name") def rename_service_magpie_and_phoenix(res, new_name, svc_push, db): if res.resource_type != "service": svc_push = False res.resource_name = new_name if svc_push: sync_services_phoenix(db.query(models.Service)) ax.evaluate_call(lambda: rename_service_magpie_and_phoenix(resource, res_new_name, service_push, request.db), fallback=lambda: request.db.rollback(), httpError=HTTPForbidden, msgOnFail=s.Resource_PUT_ForbiddenResponseSchema.description, content={u"resource_id": resource.resource_id, u"resource_name": resource.resource_name, u"old_resource_name": res_old_name, u"new_resource_name": res_new_name}) return ax.valid_http(httpSuccess=HTTPOk, detail=s.Resource_PUT_OkResponseSchema.description, content={u"resource_id": resource.resource_id, u"resource_name": resource.resource_name, u"old_resource_name": res_old_name, u"new_resource_name": res_new_name})
def update_resource(request): """ Update a resource information. """ resource = ar.get_resource_matchdict_checked(request, "resource_id") service_push = asbool( ar.get_multiformat_body(request, "service_push", default=False)) res_old_name = resource.resource_name res_new_name = ar.get_value_multiformat_body_checked( request, "resource_name") ax.verify_param( res_new_name, not_equal=True, param_compare=res_old_name, param_name="resource_name", http_error=HTTPBadRequest, msg_on_fail=s.Resource_PATCH_BadRequestResponseSchema.description) db_session = request.db # check for conflicting name, either with services or children resources err_msg = s.Resource_PATCH_ConflictResponseSchema.description is_res_svc = resource.resource_type == models.Service.resource_type_name if is_res_svc: all_services = db_session.query(models.Service) all_svc_names = [svc.resource_name for svc in all_services] ax.verify_param(res_new_name, not_in=True, param_compare=all_svc_names, with_param=False, http_error=HTTPConflict, content={"resource_name": str(res_new_name)}, msg_on_fail=err_msg) else: ru.check_unique_child_resource_name(res_new_name, resource.parent_id, err_msg, db_session=db_session) def rename_service_magpie_and_phoenix(): resource.resource_name = res_new_name if is_res_svc and service_push: sync_services_phoenix(all_services) ax.evaluate_call( lambda: rename_service_magpie_and_phoenix(), fallback=lambda: db_session.rollback(), http_error=HTTPForbidden, msg_on_fail=s.Resource_PATCH_ForbiddenResponseSchema.description, content={ "resource_id": resource.resource_id, "resource_name": resource.resource_name, "old_resource_name": res_old_name, "new_resource_name": res_new_name }) return ax.valid_http(http_success=HTTPOk, detail=s.Resource_PATCH_OkResponseSchema.description, content={ "resource_id": resource.resource_id, "resource_name": resource.resource_name, "old_resource_name": res_old_name, "new_resource_name": res_new_name })