def grant_credential_to_user(self, credential_id, user_id):
user = UserResource.find_by_id(user_id)
credential = self.find_by_id(credential_id)
user.credentials.append(credential)
current_app.db_session.add(user)
current_app.db_session.commit()
current_app.db_session.refresh(user)
return credential
def revoke_credential_from_user(self, credential_id, user_id):
# do not allow to revoke oneself!
auth_token = request.cookies.get('auth_token', None)
if auth_token is None:
abort(400, __error__=["Missing parameters or body."])
current_user_id = unsign_auth_token(auth_token)
if current_user_id == user_id:
abort(403, __error__=["Cannot revoke credentials for oneself."])
user = UserResource.find_by_id(user_id)
credential = self.find_by_id(credential_id)
user.credentials.remove(credential)
current_app.db_session.commit()
return credential
