def update_perm(perm_id):
if not request.json:
raise ApiError('nothing to change', 400)
for s in request.json.get('scopes', []):
if s not in Scope.find_all():
raise ApiError("'{}' is not a valid Scope".format(s), 400)
perm = Permission.find_by_id(perm_id)
if not perm:
raise ApiError('not found', 404)
admin_audit_trail.send(current_app._get_current_object(),
event='permission-updated',
message='',
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=perm.id,
type='permission',
request=request)
updated = perm.update(**request.json)
if updated:
return jsonify(status='ok', permission=updated.serialize)
else:
raise ApiError('failed to update permission', 500)
def list_scopes():
scopes = Scope.find_all()
return jsonify(status='ok', scopes=scopes, total=len(scopes))
