def create_or_update(collection=None, source=None):
if collection is not None:
authz.require(authz.collection(authz.WRITE, collection))
if source is not None:
authz.require(authz.source(authz.WRITE, source))
resource_type = Permission.COLLECTION if collection else Permission.SOURCE
resource_id = collection or source
data = request_data()
validate(data, permissions_schema)
# check that the role exists.
rq = session.query(Role).filter(Role.id == data['role'])
if rq.first() is None:
raise BadRequest()
q = session.query(Permission)
q = q.filter(Permission.role_id == data['role'])
q = q.filter(Permission.resource_type == resource_type)
q = q.filter(Permission.resource_id == resource_id)
permission = q.first()
if permission is None:
permission = Permission()
permission.role_id = data['role']
permission.resource_type = resource_type
permission.resource_id = resource_id
permission.read = data['read']
permission.write = data['write']
session.add(permission)
session.commit()
return jsonify({
'status': 'ok',
'updated': permission
})
def update(id):
source = session.query(Source).filter(Source.id == id).first()
source = obj_or_404(source)
authz.require(authz.source(authz.WRITE, source.id))
data = request_data()
validate(data, sources_schema)
source.title = data.get('title')
source.url = data.get('url')
session.add(source)
session.commit()
return jsonify({'status': 'ok', 'data': source})
def index(collection=None, source=None):
q = session.query(Permission)
if collection is not None:
authz.require(authz.collection(authz.WRITE, collection))
q = q.filter(Permission.resource_type == Permission.COLLECTION)
q = q.filter(Permission.resource_id == collection)
elif source is not None:
authz.require(authz.source(authz.WRITE, source))
q = q.filter(Permission.resource_type == Permission.SOURCE)
q = q.filter(Permission.resource_id == source)
return jsonify({
'total': q.count(),
'results': q
})
def create():
authz.require(authz.logged_in())
data = request_data()
validate(data, collections_schema)
collection = Collection()
collection.title = data.get('title')
session.add(collection)
update_subjects(collection, data)
session.flush()
permission = Permission()
permission.resource_id = collection.id
permission.resource_type = Permission.COLLECTION
permission.read = True
permission.write = True
permission.role_id = request.auth_user
session.add(permission)
session.commit()
return jsonify({'status': 'ok', 'data': collection}, status=201)
def get_collection(id, right):
collection = session.query(Collection).filter(Collection.id == id).first()
collection = obj_or_404(collection)
authz.require(authz.collection(right, collection.id))
return collection
def view(id):
source = session.query(Source).filter(Source.id == id).first()
source = obj_or_404(source)
authz.require(authz.source(authz.READ, source.id))
return jsonify({'status': 'ok', 'data': source})
def reset():
authz.require(authz.logged_in())
session.clear()
return redirect(url_for('base.index'))
