abort(403) permission.groups.remove(group) else: abort(403) db.session.add(permission) try: db.session.commit() except IntegrityError: db.session.rollback() abort(403) return permission.to_json(), 200 @permission_required('permission_delete') def delete(self, permission_id): permission = \ models.Permission.query.filter_by(id=permission_id).first() if permission is None: abort(404) db.session.delete(permission) try: db.session.commit() except IntegrityError: db.session.rollback() abort(403) api.add_resource(Permissions, '/permissions') api.add_resource(Permission, '/permission/<int:permission_id>')
abort(403) group.users.remove(user) else: abort(403) db.session.add(group) try: db.session.commit() except IntegrityError: db.session.rollback() abort(403) return group.to_json(), 200 @permission_required('group_delete') def delete(self, group_id): group = models.Group.query.filter_by(id=group_id).first() if group is None: abort(404) db.session.delete(group) try: db.session.add(group) except IntegrityError: db.session.rollback() abort(403) api.add_resource(Groups, '/groups') api.add_resource(Group, '/group/<int:group_id>')
if key == "password": user.set_password(value) else: setattr(user, key, value) db.session.add(user) try: db.session.commit() except IntegrityError: db.session.rollback() abort(403) return user.to_json() @permission_required("user_delete") def delete(self, user_id): user = models.User.query.filter_by(id=user_id).first() if user is None: abort(404) db.session.delete(user) try: db.session.commit() except IntegrityError: db.session.rollback() abort(403) api.add_resource(Users, "/users") api.add_resource(User, "/user/<int:user_id>")
db.session.commit() return {'message': '%s revoked' % token.id}, 200 class Validator(Resource): def post(self): payload = request.get_json() try: token_id = payload['id'] except KeyError: abort(400) token = Token.query.filter_by(id=token_id).first() data = { 'id': token_id, 'valid': 'false' } if token is None: return data if token.is_valid(): data['valid'] = 'true' return data api.add_resource(Tokens, '/tokens') api.add_resource(Revoker, '/token/revoke') api.add_resource(Validator, '/token/validate')