def post(self, user_id):
'''
Create a new user.
'''
if user_id:
raise errors.MethodError("Can't use POST for existing users.")
try:
user_input_schema(self.request_son)
except voluptuous.error.Invalid as e:
raise errors.ModelError.from_voluptuous(e)
with model.session_scope() as session:
user_session = self.get_user_session(session)
org = (
session.query(model.Organisation)
.get(self.request_son['organisation']['id']))
if not org:
raise errors.ModelError("No such organisation")
user = model.AppUser(organisation=org)
try:
assign_surveygroups(user_session, user, self.request_son)
except ValueError as e:
raise errors.ModelError(str(e))
policy = user_session.policy.derive({
'org': user.organisation,
'user': user,
'target': self.request_son,
'surveygroups': user.surveygroups,
})
policy.verify('surveygroup_interact')
policy.verify('user_add')
policy.verify('user_change_role')
self.check_password(self.request_son.password)
self._update(user, self.request_son, session)
session.add(user)
# Need to flush so object has an ID to record action against.
session.flush()
act = Activities(session)
act.record(user_session.user, user, ['create'])
act.ensure_subscription(
user_session.user, user, user.organisation, self.reason)
act.subscribe(user, user.organisation)
self.reason("New user subscribed to organisation")
user_id = user.id
self.get(user_id)
def post(self, ob_type, object_ids):
object_ids = object_ids.split(',')
if not ob_type:
raise errors.ModelError(
"Object type required when creating a subscription")
with model.session_scope() as session:
user_session = self.get_user_session(session)
ob = get_ob(session, ob_type, object_ids)
if not ob:
raise errors.MissingDocError("No such object")
act = Activities(session)
subscription = act.subscribe(user_session.user, ob)
subscription.subscribed = self.request_son.get('subscribed', False)
policy = user_session.policy.derive({
'user':
subscription.user,
'survey':
self.get_survey(ob),
'submission':
self.get_submission(ob),
})
policy.verify('subscription_add')
session.flush()
subscription_id = str(subscription.id)
self.get('', subscription_id)
def put(self, user_id):
'''
Update an existing user.
'''
if not user_id:
raise errors.MethodError("Can't use PUT for new users (no ID).")
try:
user_input_schema(self.request_son)
except voluptuous.error.Invalid as e:
raise errors.ModelError.from_voluptuous(e)
with model.session_scope() as session:
user_session = self.get_user_session(session)
user = session.query(model.AppUser).get(user_id)
if not user:
raise errors.MissingDocError("No such user")
try:
groups_changed = assign_surveygroups(
user_session, user, self.request_son)
except ValueError as e:
raise errors.ModelError(str(e))
policy = user_session.policy.derive({
'org': user.organisation,
'user': user,
'target': self.request_son,
'surveygroups': user.surveygroups,
})
policy.verify('user_edit')
# Check that user shares a common surveygroup with the requesting
# user.
# Allow admins to edit users outside their surveygroups though.
if not policy.check('admin'):
policy.verify('surveygroup_interact')
if self.request_son.role and self.request_son.role != user.role:
policy.verify('user_change_role')
if ('deleted' in self.request_son and
self.request_son['deleted'] != user.deleted):
policy.verify('user_enable')
if self.request_son.get('password'):
self.check_password(self.request_son.password)
verbs = []
oid = self.request_son.organisation.id
if oid != str(user.organisation_id):
policy.verify('user_change_org')
verbs.append('relation')
self._update(user, self.request_son, session)
act = Activities(session)
if session.is_modified(user) or groups_changed:
verbs.append('update')
if user.deleted:
user.deleted = False
verbs.append('undelete')
session.flush()
if len(verbs) > 0:
act.record(user_session.user, user, verbs)
act.ensure_subscription(
user_session.user, user, user.organisation, self.reason)
if not act.has_subscription(user, user):
act.subscribe(user, user.organisation)
self.reason("User subscribed to organisation")
self.get(user_id)
