def put(self, id, **kw):
"""Handler for update item. Should return full info with updates."""
product = db.get_product(id)
vendor_id = product['organization_id']
vendor = db.get_organization(vendor_id)
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
pecan.abort(403, 'Forbidden.')
product_info = {'id': id}
if 'name' in kw:
product_info['name'] = kw['name']
if 'description' in kw:
product_info['description'] = kw['description']
if 'product_ref_id' in kw:
product_info['product_ref_id'] = kw['product_ref_id']
if 'public' in kw:
# user can mark product as public only if
# his/her vendor is public(official)
public = api_utils.str_to_bool(kw['public'])
if (vendor['type'] not in (const.OFFICIAL_VENDOR, const.FOUNDATION)
and public):
pecan.abort(403, 'Forbidden.')
product_info['public'] = public
if 'properties' in kw:
product_info['properties'] = json.dumps(kw['properties'])
db.update_product(product_info)
pecan.response.status = 200
product = db.get_product(id)
product['can_manage'] = True
return product
def delete(self, vendor_id, openid):
"""Remove user from vendor group."""
openid = base64.b64decode(openid)
if not (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id)):
pecan.abort(403, 'Forbidden.')
vendor = db.get_organization(vendor_id)
db.remove_user_from_group(openid, vendor['group_id'])
pecan.response.status = 204
def put(self, vendor_id, openid):
"""Add user to vendor group."""
openid = base64.b64decode(openid)
if not (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id)):
pecan.abort(403, 'Forbidden.')
vendor = db.get_organization(vendor_id)
creator = api_utils.get_user_id()
db.add_user_to_group(openid, vendor['group_id'], creator)
pecan.response.status = 204
def get_one(self, vendor_id):
"""Get information about vendor."""
allowed_keys = None
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
allowed_keys = ['id', 'type', 'name', 'description']
vendor = db.get_organization(vendor_id, allowed_keys=allowed_keys)
allowed_types = [const.FOUNDATION, const.OFFICIAL_VENDOR]
if not is_admin and vendor['type'] not in allowed_types:
pecan.abort(403, 'Forbidden.')
vendor['can_manage'] = is_admin
return vendor
def action(self, vendor_id, **kw):
"""Handler for action on Vendor object."""
params = list()
for param in ('register', 'approve', 'deny', 'cancel'):
if param in kw:
params.append(param)
if len(params) != 1:
raise api_exc.ValidationError('Invalid actions in the body: ' +
str(params))
vendor = db.get_organization(vendor_id)
if 'register' in params:
self.register(vendor)
elif 'approve' in params:
self.approve(vendor)
elif 'cancel' in params:
self.cancel(vendor)
else:
self.deny(vendor, kw.get('registration_decline_reason'))
def put(self, vendor_id, **kw):
"""Handler for update item. Should return full info with updates."""
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
pecan.abort(403, 'Forbidden.')
vendor_info = {'id': vendor_id}
if 'name' in kw:
vendor_info['name'] = kw['name']
if 'description' in kw:
vendor_info['description'] = kw['description']
if 'properties' in kw:
vendor_info['properties'] = json.dumps(kw['properties'])
db.update_organization(vendor_info)
pecan.response.status = 200
vendor = db.get_organization(vendor_id)
vendor['can_manage'] = True
return vendor
def put(self, vendor_id, **kw):
"""Handler for update item. Should return full info with updates."""
is_foundation_admin = api_utils.check_user_is_foundation_admin()
is_admin = (is_foundation_admin
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
pecan.abort(403, 'Forbidden.')
vendor_info = {'id': vendor_id}
vendor = db.get_organization(vendor_id)
if 'name' in kw:
if (vendor['type'] == const.OFFICIAL_VENDOR
and not is_foundation_admin):
pecan.abort(
403, 'Name change for an official vendor is not allowed.')
vendor_info['name'] = kw['name']
if 'description' in kw:
vendor_info['description'] = kw['description']
if 'properties' in kw:
vendor_info['properties'] = json.dumps(kw['properties'])
vendor = db.update_organization(vendor_info)
pecan.response.status = 200
vendor['can_manage'] = True
return vendor
def _check_is_not_foundation(vendor_id):
vendor = db.get_organization(vendor_id)
if vendor['type'] == const.FOUNDATION:
pecan.abort(403, 'Forbidden.')