def get(self, folio_id, export_id=None): # Get the portfolio folio = data_engine.get_portfolio(folio_id) if folio is None: raise DoesNotExistError(str(folio_id)) # Check permissions permissions_engine.ensure_portfolio_permitted( folio, FolioPermission.ACCESS_VIEW, get_session_user()) if export_id is None: # List portfolio exports exports_list = [ _prep_folioexport_object(folio, fe) for fe in folio.downloads ] return make_api_success_response( object_to_dict_list(exports_list, _omit_fields)) else: # Get a single portfolio-export folio_export = data_engine.get_object(FolioExport, export_id) if folio_export is None: raise DoesNotExistError(str(export_id)) if folio_export.folio_id != folio_id: raise ParameterError( 'export ID %d does not belong to portfolio ID %d' % (export_id, folio_id)) return make_api_success_response( object_to_dict(_prep_folioexport_object(folio, folio_export), _omit_fields))
def get(self, folio_id, image_id=None): if image_id is None: # List images in the portfolio folio = data_engine.get_portfolio(folio_id, load_images=True) if folio is None: raise DoesNotExistError(str(folio_id)) # Check permissions permissions_engine.ensure_portfolio_permitted( folio, FolioPermission.ACCESS_VIEW, get_session_user()) image_list = [_prep_folioimage_object(fi) for fi in folio.images] return make_api_success_response( object_to_dict_list(image_list, _omit_fields)) else: # Get a single portfolio-image db_session = data_engine.db_get_session() try: folio_image = data_engine.get_portfolio_image( AttrObject(id=folio_id), AttrObject(id=image_id), _db_session=db_session) if folio_image is None: raise DoesNotExistError( str(folio_id) + '/' + str(image_id)) # Check permissions permissions_engine.ensure_portfolio_permitted( folio_image.portfolio, FolioPermission.ACCESS_VIEW, get_session_user()) return make_api_success_response( object_to_dict(_prep_folioimage_object(folio_image), _omit_fields + ['portfolio'])) finally: db_session.close()
def get(self, permission_id=None): if permission_id is None: # List all permissions fp_list = data_engine.list_objects(FolderPermission) return make_api_success_response(object_to_dict_list(fp_list)) else: # Get permission entry fp = data_engine.get_object(FolderPermission, permission_id) if fp is None: raise DoesNotExistError(str(permission_id)) return make_api_success_response(object_to_dict(fp))
def get(self, permission_id=None): if permission_id is None: # List all permissions fp_list = data_engine.list_objects(FolderPermission) return make_api_success_response(object_to_dict_list(fp_list)) else: # Get permission entry fp = data_engine.get_object(FolderPermission, permission_id) if fp is None: raise DoesNotExistError(str(permission_id)) return make_api_success_response(object_to_dict(fp))
def get(self, group_id=None): if group_id is None: # List groups return make_api_success_response( object_to_dict_list(data_engine.list_objects( Group, Group.name))) else: # Get single group group = data_engine.get_group(group_id=group_id, load_users=True) if group is None: raise DoesNotExistError(str(group_id)) return make_api_success_response(object_to_dict(group))
def get(self, user_id=None): if user_id is None: # List users status_filter = self._get_validated_status_arg(request) ulist = data_engine.list_users(status=status_filter, order_field=User.username) return make_api_success_response(object_to_dict_list(ulist)) else: # Get single user user = data_engine.get_user(user_id) if user is None: raise DoesNotExistError(str(user_id)) return make_api_success_response(object_to_dict(user))
def get(self, template_id=None): if template_id is None: # List templates tlist = data_engine.list_objects(ImageTemplate, ImageTemplate.name) tdictlist = object_to_dict_list(tlist) for tdict in tdictlist: self._del_keys(tdict['template'], TemplateAPI.HIDE_FIELDS) return make_api_success_response(tdictlist) else: # Get single template template_info = data_engine.get_image_template(template_id) if template_info is None: raise DoesNotExistError(str(template_id)) tdict = object_to_dict(template_info) self._del_keys(tdict['template'], TemplateAPI.HIDE_FIELDS) return make_api_success_response(tdict)
def get(self, group_id=None): if group_id is None: # List groups return make_api_success_response( object_to_dict_list(data_engine.list_objects(Group, Group.name)) ) else: # Get single group group = data_engine.get_group(group_id=group_id, load_users=True) if group is None: raise DoesNotExistError(str(group_id)) # Do not give out anything password related gdict = object_to_dict(group) for udict in gdict['users']: del udict['password'] return make_api_success_response(gdict)
def get(self, user_id=None): if user_id is None: # List users ulist = data_engine.list_users(order_field=User.username) # Do not give out anything password related udictlist = object_to_dict_list(ulist) for user in udictlist: del user['password'] return make_api_success_response(udictlist) else: # Get single user user = data_engine.get_user(user_id) if user is None: raise DoesNotExistError(str(user_id)) # Do not give out anything password related udict = object_to_dict(user) del udict['password'] return make_api_success_response(udict)
def get(self, folio_id=None): # v4.1 Added support for /api/portfolios/?human_id=<human id> human_id = request.args.get('human_id', '') if not folio_id and not human_id: # List portfolios that the user can view folio_list = data_engine.list_portfolios( get_session_user(), FolioPermission.ACCESS_VIEW) folio_list = [_prep_folio_object(f) for f in folio_list] return make_api_success_response( object_to_dict_list(folio_list, _omit_fields)) else: # Get single portfolio by either ID or v4.1 by human ID folio = data_engine.get_portfolio(folio_id, human_id, load_images=True, load_history=True) if folio is None: raise DoesNotExistError(human_id or str(folio_id)) # Check permissions permissions_engine.ensure_portfolio_permitted( folio, FolioPermission.ACCESS_VIEW, get_session_user()) folio = _prep_folio_object(folio) return make_api_success_response( object_to_dict(folio, _omit_fields))
def put(self, folio_id, image_id): db_session = data_engine.db_get_session() try: # Get data folio_image = data_engine.get_portfolio_image( AttrObject(id=folio_id), AttrObject(id=image_id), _db_session=db_session) if folio_image is None: raise DoesNotExistError(str(folio_id) + '/' + str(image_id)) # Check permissions permissions_engine.ensure_portfolio_permitted( folio_image.portfolio, FolioPermission.ACCESS_EDIT, get_session_user()) # Update the portfolio params = self._get_validated_object_parameters(request.form) chd_folio_image = data_engine.reorder_portfolio( folio_image, params['index']) data_engine.add_portfolio_history( folio_image.portfolio, get_session_user(), FolioHistory.ACTION_IMAGE_CHANGE, '%s moved to position %d' % (folio_image.image.src, chd_folio_image.order_num + 1), _db_session=db_session, _commit=True) # Return the updated image list db_session.expire(folio_image) folio = data_engine.get_portfolio(folio_id, load_images=True, _db_session=db_session) image_list = [_prep_folioimage_object(fi) for fi in folio.images] return make_api_success_response( object_to_dict_list(image_list, _omit_fields + ['portfolio'])) finally: db_session.close()