def get(self, id, other_id):
try:
if not (id and other_id):
raise NotFoundError()
if 'intersection' not in app.service.supportedCollectionOperations:
raise NotFoundError()
if app.service.enforcesAccess and not (app.acl.get_permission(
app.acl.get_user(), id).r and app.acl.get_permission(
app.acl.get_user(), other_id).r):
raise UnauthorizedError()
if (id == other_id):
intersection = app.db.get_member(id)
else:
set1 = [m.dict() for m in app.db.get_member(id)]
set2 = [m.dict() for m in app.db.get_member(other_id)]
intersection = [MemberItem(**m) for m in set1 if m in set2]
return jsonify(MemberResultSet(intersection)), 200
except (NotFoundError, DBError, UnauthorizedError):
raise
except:
raise ParseError() # 400
def get(self, id):
try:
if not id:
raise NotFoundError()
if 'flatten' not in app.service.supportedCollectionOperations:
raise NotFoundError()
members = self.flatten(
[self.recurse(m, -1) for m in app.db.get_member(id)])
if app.service.enforcesAccess:
if not app.acl.get_permission(app.acl.get_user(), id).r:
raise UnauthorizedError()
else:
members = [
m for m in members if app.acl.get_permission(
app.acl.get_user(), id, m.id).r
]
return jsonify(MemberResultSet(members)), 200
except (NotFoundError, DBError, UnauthorizedError):
raise
except:
raise ParseError() # 400
def post(self, id):
try:
if not id:
raise NotFoundError
if 'findMatch' not in app.service.supportedCollectionOperations:
raise NotFoundError()
if app.service.enforcesAccess and not app.acl.get_permission(
app.acl.get_user(), id).r:
raise UnauthorizedError
posted = json.loads(request.data)
if isinstance(posted, Model):
posted = posted.dict()
if isinstance(posted.get('mappings'), Model):
posted['mappings'] = posted.get('mappings').dict()
members = [
m for m in app.db.get_member(id)
if dict_subset(posted, m.dict())
]
return jsonify(MemberResultSet(members)), 200
except (NotFoundError, DBError, UnauthorizedError):
raise
except:
raise ParseError() # 400