def get(self):
"""
List all organisations
---
tags:
- organisations
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
type: string
default: Token sessionTokenHere==
- name: manager_user_id
in: query
description: Filter projects on managers with this user_id
required: false
type: integer
- in: query
name: omitManagerList
type: boolean
description: Set it to true if you don't want the managers list on the response.
default: False
responses:
200:
description: Organisations found
400:
description: Client Error - Invalid Request
401:
description: Unauthorized - Invalid credentials
403:
description: Unauthorized - Not allowed
404:
description: Organisations not found
500:
description: Internal Server Error
"""
# Restrict some of the parameters to some permissions
authenticated_user_id = token_auth.current_user()
try:
manager_user_id = int(request.args.get("manager_user_id"))
except Exception:
manager_user_id = None
if manager_user_id is not None and not authenticated_user_id:
return (
{
"Error":
"Unauthorized - Filter by manager_user_id is not allowed to unauthenticated requests"
},
403,
)
# Validate abbreviated.
omit_managers = strtobool(request.args.get("omitManagerList", "false"))
# Obtain organisations
try:
results_dto = OrganisationService.get_organisations_as_dto(
manager_user_id, authenticated_user_id, omit_managers)
return results_dto.to_primitive(), 200
except NotFound:
return {"Error": "No organisations found"}, 404
except Exception as e:
error_msg = f"Organisations GET - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
def get(self):
"""
List all organisations
---
tags:
- organisations
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
type: string
default: Token sessionTokenHere==
- name: manager_user_id
in: query
description: Filter projects on managers with this user_id
required: false
type: integer
responses:
200:
description: Organisations found
400:
description: Client Error - Invalid Request
401:
description: Unauthorized - Invalid credentials
403:
description: Unauthorized - Not allowed
404:
description: Organisations not found
500:
description: Internal Server Error
"""
# Restrict some of the parameters to some permissions
try:
manager_user_id = int(request.args.get("manager_user_id"))
except Exception:
manager_user_id = None
if manager_user_id is not None:
try:
# Verify login
verify_token(
request.environ.get("HTTP_AUTHORIZATION").split(None,
1)[1])
# Check whether user is admin (can do any query) or user is checking for own projects
if (not UserService.is_user_an_admin(tm.authenticated_user_id)
and tm.authenticated_user_id != manager_user_id):
raise ValueError
except Exception:
return {"Error": "Unauthorized - Not allowed"}, 403
# Obtain organisations
try:
results_dto = OrganisationService.get_organisations_as_dto(
manager_user_id, tm.authenticated_user_id)
return results_dto.to_primitive(), 200
except NotFound:
return {"Error": "No projects found"}, 404
except Exception as e:
error_msg = f"Organisations GET - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": error_msg}, 500
