def status(): return jsonify({ 'logged_in': authz.logged_in(), 'api_key': current_user.api_key if authz.logged_in() else None, 'user': current_user if authz.logged_in() else None, 'permissions': { READ: authz.system_read(), EDIT: authz.system_edit(), MANAGE: authz.system_manage() }, 'logout': url_for('.logout') })
def update(id): user = obj_or_404(User.by_id(id)) authz.require(user.id == current_user.id or authz.system_manage()) user.update(request_data()) db.session.commit() return jsonify(user)
def index(): authz.require(authz.system_manage()) users = list(User.all()) return jsonify({'results': users, 'total': len(users)})