def PUT(request):
"""Change a user's authorization level over a simulation."""
# Make sure required parameters are there
try:
request.check_required_parameters(
path={
'simulationId': 'int',
'userId': 'int'
},
body={'authorization': {
'authorizationLevel': 'string'
}})
except exceptions.ParameterError as e:
return Response(400, e.message)
# Instantiate and Authorization
authorization = Authorization.from_JSON({
'userId':
request.params_path['userId'],
'simulationId':
request.params_path['simulationId'],
'authorizationLevel':
request.params_body['authorization']['authorizationLevel']
})
# Make sure this Authorization exists
if not authorization.exists():
return Response(404, '{} not found.'.format(authorization))
# Make sure this User is allowed to edit this Authorization
if not authorization.google_id_has_at_least(request.google_id, 'OWN'):
return Response(403,
'Forbidden from updating {}.'.format(authorization))
# Try to update this Authorization
try:
authorization.update()
except exceptions.ForeignKeyError as e:
return Response(400, 'Invalid authorization level.')
# Return this Authorization
return Response(200, 'Successfully updated {}.'.format(authorization),
authorization.to_JSON())
def POST(request):
"""Add an authorization for a user's access to a simulation."""
# Make sure required parameters are there
try:
request.check_required_parameters(
path={
'userId': 'int',
'simulationId': 'int'
},
body={'authorization': {
'authorizationLevel': 'string'
}})
except exceptions.ParameterError as e:
return Response(400, e.message)
# Instantiate an Authorization
authorization = Authorization.from_JSON({
'userId':
request.params_path['userId'],
'simulationId':
request.params_path['simulationId'],
'authorizationLevel':
request.params_body['authorization']['authorizationLevel']
})
# Make sure the Simulation and User exist
user = User.from_primary_key((authorization.user_id, ))
if not user.exists():
return Response(404, '{} not found.'.format(user))
simulation = Simulation.from_primary_key((authorization.simulation_id, ))
if not simulation.exists():
return Response(404, '{} not found.'.format(simulation))
# Make sure this User is allowed to add this Authorization
if not simulation.google_id_has_at_least(request.google_id, 'OWN'):
return Response(403,
'Forbidden from creating {}.'.format(authorization))
# Make sure this Authorization does not already exist
if authorization.exists():
return Response(409, '{} already exists.'.format(authorization))
# Try to insert this Authorization into the database
try:
authorization.insert()
except exceptions.ForeignKeyError:
return Response(400, 'Invalid authorizationLevel')
# Return this Authorization
return Response(200, 'Successfully added {}'.format(authorization),
authorization.to_JSON())