def create():
authz.require(authz.logged_in())
data = request_data()
validate(data, collections_schema)
collection = Collection()
collection.title = data.get('title')
session.add(collection)
update_subjects(collection, data)
session.flush()
permission = Permission()
permission.resource_id = collection.id
permission.resource_type = Permission.COLLECTION
permission.read = True
permission.write = True
permission.role_id = request.auth_user
session.add(permission)
session.commit()
return jsonify({'status': 'ok', 'data': collection}, status=201)
def reset():
authz.require(authz.logged_in())
session.clear()
return redirect(url_for('base.index'))
