def get_by_group(group_id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) group = validate_group(group_id, db_session) if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions) if not (press_permit and user_is_in_group(user.id, group_id, db_session)): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_GET': username}) raise Http_error(403, Message.ACCESS_DENIED) result = db_session.query(GroupUser).filter( GroupUser.group_id == group_id).all() final_res = [] for item in result: final_res.append(group_user_to_dict(item)) logger.info(LogMsg.END) return final_res
def get_all(data, db_session, username, **kwargs): logger.info(LogMsg.START, username) if data.get('sort') is None: data['sort'] = ['creation_date-'] permissions, presses = get_user_permissions(username, db_session) has_permission_or_not([Permissions.COMMENT_GET_PREMIUM], permissions) logger.debug(LogMsg.PERMISSION_VERIFIED, username) try: res = Comment.mongoquery( db_session.query(Comment)).query(**data).end().all() result = [] for item in res: comment = comment_to_dict(db_session, item, username) book = get_book(item.book_id, db_session) comment['book'] = book result.append(comment) except: logger.exception(LogMsg.GET_FAILED, exc_info=True) raise Http_error(404, Message.NOT_FOUND) logger.info(LogMsg.END) return result
def delete(id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) logger.info(LogMsg.DELETE_REQUEST, {'group_user_id': id}) model_instance = db_session.query(GroupUser).filter( GroupUser.id == id).first() if model_instance is None: logger.error(LogMsg.NOT_FOUND, {'group_user_id': id}) raise Http_error(404, Message.NOT_FOUND) permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions) if not (press_permit and (model_instance.group.person_id == user.person_id)): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_DELETE': username}) raise Http_error(403, Message.ACCESS_DENIED) try: db_session.delete(model_instance) except: logger.exception(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(500, LogMsg.DELETE_FAILED) logger.info(LogMsg.END) return Http_response(204, True)
def get(id, db_session, username=None): logger.info(LogMsg.START, username) model_instance = db_session.query(GroupUser).filter( GroupUser.id == id).first() if model_instance is None: logger.debug(LogMsg.MODEL_GETTING_FAILED) raise Http_error(404, Message.NOT_FOUND) if username is not None: permissions, presses = get_user_permissions(username, db_session) user = check_user(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions) if not (press_permit and (user_is_in_group( user.id, model_instance.group_id, db_session))): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_GET': username}) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.MODEL_GETTING) logger.info(LogMsg.END) return group_user_to_dict(model_instance)
def add(data, db_session, username): logger.info(LogMsg.START, username) schema_validate(data, GROUP_ADD_SCHEMA_PATH) logger.debug(LogMsg.SCHEMA_CHECKED) person_id = data.get('person_id', None) if person_id is not None: owner_person = validate_person(person_id, db_session) if owner_person is not None and not owner_person.is_legal: logger.error(LogMsg.PERSON_IS_NOT_LEGAL, username) raise Http_error(400, Message.PERSON_IS_NOT_LEGAL) owner_user = get_by_person(person_id, db_session) if owner_user is None: logger.error(LogMsg.PERSON_MUST_HAVE_USER, person_id) raise Http_error(404, Message.PERSON_MUST_HAVE_USER) user = check_user(username, db_session) if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_ADD_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_ADD_PRESS], permissions) if not (press_permit and (person_id == user.person_id)): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_ADD': username}) raise Http_error(403, Message.ACCESS_DENIED) if check_group_title_exists(data.get('title', None), db_session): logger.error(LogMsg.GROUP_EXISTS) raise Http_error(409, Message.ALREADY_EXISTS) model_instance = Group() populate_basic_data(model_instance, username, data.get('tags')) logger.debug(LogMsg.POPULATING_BASIC_DATA) model_instance.title = data.get('title') model_instance.person_id = data.get('person_id') db_session.add(model_instance) # db_session.flush() add_owner_to_group_users(model_instance.id, owner_user.id, db_session, username) logger.info(LogMsg.END) return model_instance
def get(id, db_session, username): logger.info(LogMsg.START, username) content = db_session.query(BookContent).filter( BookContent.id == id).first() if content is None: logger.error(LogMsg.NOT_FOUND, {'book_content_id': id}) raise Http_error(404, Message.NOT_FOUND) book = get_book(content.book_id, db_session) if book is None: logger.error(LogMsg.NOT_FOUND, {'book_id': content.book_id}) raise Http_error(404, Message.NOT_FOUND) permission_data = {} if content.creator == username: permission_data = {Permissions.IS_OWNER.value: True} permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.BOOK_CONTENT_GET_PREMIUM], permissions, None, permission_data) if not has_permit: if book.press in presses: has_permission([Permissions.BOOK_CONTENT_GET_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) return content_to_dict(content, db_session)
def get_all(db_session, username, data=None): logger.info(LogMsg.START, username) if data.get('sort') is None: data['sort'] = ['creation_date-'] permission_data = {} permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([ Permissions.BOOK_ADD_PREMIUM, Permissions.BOOK_CONTENT_GET_PREMIUM, Permissions.BOOK_CONTENT_GET_PRESS ], permissions, None, permission_data) logger.debug(LogMsg.PERMISSION_VERIFIED, username) if data is None: result = db_session.query(BookContent).all() else: result = BookContent.mongoquery( db_session.query(BookContent)).query(**data).end().all() final_res = [] for content in result: if has_permit or content.book_press in presses or content.creator == username: final_res.append(content_to_dict(content, db_session)) return final_res
def delete(id, db_session, username): logger.info(LogMsg.START, username) content = get_internal(id, db_session) if content is None: logger.error(LogMsg.NOT_FOUND, {'content_id': id}) raise Http_error(404, Message.NOT_FOUND) logger.debug(LogMsg.PERMISSION_CHECK, username) permission_data = {} if content.creator == username: permission_data = {Permissions.IS_OWNER.value: True} permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.BOOK_DELETE_PREMIUM], permissions, None, permission_data) if not has_permit: if content.book_press in presses: has_permission([Permissions.BOOK_DELETE_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) try: db_session.delete(content) except: logger.exception(LogMsg.EDIT_FAILED, exc_info=True) raise Http_error(409, Message.DELETE_FAILED) logger.debug(LogMsg.DELETE_SUCCESS, {'book_content_id': id}) logger.info(LogMsg.END) return Http_response(204, True)
def delete(id, db_session, username=None): logger.info(LogMsg.START, username) price = get_by_id(id, db_session) if price is None: logger.error(LogMsg.NOT_FOUND, {'book_price_id': id}) raise Http_error(404, Message.NOT_FOUND) book = get_book(price.book_id, db_session) if username is not None: per_data = {} permissions, presses = get_user_permissions(username, db_session) if book.creator == username: per_data.update({Permissions.IS_OWNER.value: True}) has_permit = has_permission_or_not([Permissions.PRICE_DELETE_PREMIUM], permissions, None, per_data) if not has_permit: if book.press in presses: has_permission([Permissions.PRICE_DELETE_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED, username) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED) try: db_session.delete(price) logger.debug(LogMsg.DELETE_SUCCESS, {'book_price_id': id}) except: logger.exception(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(404, Message.DELETE_FAILED) logger.info(LogMsg.END) return Http_response(204, True)
def delete_comments(book_id, db_session, username, **kwargs): logger.info(LogMsg.START, username) logger.debug(LogMsg.COMMENT_DELETING_BOOK_COMMENTS, book_id) book = get_book(book_id, db_session) press = book.get('press', None) permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.COMMENT_DELETE_PREMIUM], permissions) if not has_permit: if press in presses: has_permission([Permissions.COMMENT_DELETE_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED, username) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) delete_book_comments(book_id, db_session) logger.info(LogMsg.END) return Http_response(204, True)
def add_users_to_groups(data, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) schema_validate(data, USER_ADD_SCHEMA_PATH) logger.debug(LogMsg.SCHEMA_CHECKED) users = set(data.get('users')) groups = set(data.get('groups')) validate_users(users, db_session) group_entities = validate_groups(groups, db_session) if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions) if not (press_permit and is_user_group_owner(user.person_id, group_entities)): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_ADD': username}) raise Http_error(403, Message.ACCESS_DENIED) final_res = {} for group_id in groups: result = [] for user_id in users: if user_is_in_group(user_id, group_id, db_session): logger.error(LogMsg.GROUP_USER_IS_IN_GROUP, { 'user_id': user_id, 'group_id': group_id }) raise Http_error(409, Message.ALREADY_EXISTS) result.append( model_to_dict(add(user_id, group_id, db_session, username))) final_res.update({group_id: result}) logger.info(LogMsg.END) return final_res
def delete_users_from_groups(data, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) schema_validate(data, USER_ADD_SCHEMA_PATH) logger.debug(LogMsg.SCHEMA_CHECKED) users = set(data.get('users')) groups = set(data.get('groups')) validate_users(users, db_session) group_entities = validate_groups(groups, db_session) if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions) if not (press_permit and is_user_group_owner(user.person_id, group_entities)): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_ADD': username}) raise Http_error(403, Message.ACCESS_DENIED) for group_id in groups: for user_id in users: if not user_is_in_group(user_id, group_id, db_session): logger.error(LogMsg.GROUP_USER_NOT_IN_GROUP, { 'user_id': user_id, 'group_id': group_id }) raise Http_error(404, Message.NOT_IN_GROUP) delete_user_group(user_id, group_id, db_session) logger.info(LogMsg.END) return {'result': 'successful'}
def add_group_users(data, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) schema_validate(data, USER_GROUP_SCHEMA_PATH) group_id = data.get('group_id') users = data.get('users') group = validate_group(group_id, db_session) if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions) if not (press_permit and is_user_group_owner(user.person_id, [group])): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_ADD': username}) raise Http_error(403, Message.ACCESS_DENIED) result = [] for user_id in users: if user_is_in_group(user_id, group_id, db_session): logger.error(LogMsg.GROUP_USER_IS_IN_GROUP, { 'user_id': user_id, 'group_id': group_id }) raise Http_error(409, Message.ALREADY_EXISTS) result.append(add(user_id, group_id, db_session, username)) final_res = [] for item in result: final_res.append(group_user_to_dict(item)) logger.info(LogMsg.END) return final_res
def edit(id, db_session, data, username): logger.info(LogMsg.START, username) schema_validate(data, USER_EDIT_SCHEMA_PATH) logger.debug(LogMsg.SCHEMA_CHECKED) old_pass = data.get('old_password', None) if old_pass is not None: user = check_user(username, db_session) if user.password != old_pass: logger.error(LogMsg.INVALID_USER, {'old_password': '******'}) raise Http_error(403, Message.INVALID_PASSWORD) logger.debug(LogMsg.EDIT_REQUST, {'user_id': id, 'data': data}) model_instance = check_by_id(id, db_session) if model_instance: logger.debug(LogMsg.MODEL_GETTING, {'user_id': id}) else: logger.debug(LogMsg.NOT_FOUND, {'user_id': id}) raise Http_error(404, Message.NOT_FOUND) per_data = {} permissions, presses = get_user_permissions(username, db_session) if model_instance.username == username: password = data.get('old_password') if model_instance.password != password: logger.error(LogMsg.INVALID_USER, {'password': '******'}) raise Http_error(403, Message.INVALID_PASSWORD) per_data.update({Permissions.IS_OWNER.value: True}) has_permission([Permissions.USER_EDIT_PREMIUM], permissions, None, per_data) logger.debug(LogMsg.PERMISSION_VERIFIED) if not has_permission_or_not([Permissions.USER_EDIT_PREMIUM], permissions): if "person_id" in data: del data["person_id"] # if "person_id" in data: # user_by_person = db_session.query(User).filter( # User.person_id == data.get('person_id')).first() # if user_by_person is not None and user_by_person.id != model_instance.id: # raise Http_error(409,Message.USER_ALREADY_EXISTS) for key, value in data.items(): # TODO if key is valid attribute of class setattr(model_instance, key, value) edit_basic_data(model_instance, username, data.get('tags')) user_dict = user_to_dict(model_instance) logger.debug(LogMsg.EDIT_SUCCESS, user_dict) logger.info(LogMsg.END) return user_dict
def add(db_session, data, username): logger.info(LogMsg.START, username) check_schema(['book_id', 'type', 'content'], data.keys()) logger.debug(LogMsg.SCHEMA_CHECKED) book_id = data.get('book_id') type = data.get('type') logger.debug(LogMsg.ENUM_CHECK, {'BOOK_CONTENT_TYpe': type}) check_enum(type, BookContentType) book = get_book(book_id, db_session) if not book: logger.error(LogMsg.NOT_FOUND, {'book_id': book_id}) raise Http_error(404, Message.NOT_FOUND) logger.debug(LogMsg.CHECK_UNIQUE_EXISTANCE, data) content = get_be_data(book_id, type, db_session) if content is not None: logger.error(LogMsg.CONTENT_EXIST, data) raise Http_error(409, Message.ALREADY_EXISTS) logger.debug(LogMsg.PERMISSION_CHECK, username) permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.BOOK_ADD_PREMIUM], permissions) if not has_permit: if book.press in presses: has_permission([Permissions.BOOK_ADD_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) model_instance = BookContent() logger.debug(LogMsg.POPULATING_BASIC_DATA) populate_basic_data(model_instance, username, data.get('tags')) model_instance.content = data.get('content') model_instance.book_id = book_id model_instance.type = type model_instance.book_press = book.press db_session.add(model_instance) logger.info(LogMsg.END) return model_instance
def get_user_groups(user_id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) limited_groups = False if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) per_data = {} if user_id == user.id: per_data.update({Permissions.IS_OWNER.value: True}) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions, None, per_data) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions) if not (press_permit): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_GET': username}) raise Http_error(403, Message.ACCESS_DENIED) limited_groups = True result = db_session.query(GroupUser).filter( GroupUser.user_id == user_id).all() if limited_groups: group_ids = [] for item in result: group_ids.append(item.group_id) legal_groups = limit_groups_by_person(group_ids, user.person_id, db_session) result = [item for item in result if item.group_id in legal_groups] final_res = [] for item in result: final_res.append(group_user_to_dict(item)) logger.info(LogMsg.END) return final_res
def edit(id, data, db_session, username): logger.info(LogMsg.START, username) content = get_internal(id, db_session) if content is None: logger.error(LogMsg.NOT_FOUND, {'content_id': id}) raise Http_error(404, Message.NOT_FOUND) book = get_book(content.book_id, db_session) if 'book_id' in data.keys(): book = get_book(data.get('book_id'), db_session) if book is None: logger.error(LogMsg.NOT_FOUND, {'book_id': data.get('book_id')}) raise Http_error(404, Message.NOT_FOUND) logger.debug(LogMsg.PERMISSION_CHECK, username) permission_data = {} if content.creator == username: permission_data = {Permissions.IS_OWNER.value: True} permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.BOOK_EDIT_PREMIUM], permissions, None, permission_data) if not has_permit: if book.get('press') in presses: has_permission([Permissions.BOOK_EDIT_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) try: for key, value in data.items(): # TODO if key is valid attribute of class setattr(content, key, value) new_content = get_be_data(content.book_id, content.type, db_session) if new_content is not None and new_content.id != content.id: logger.error(LogMsg.BOOK_CONTENT_ALREADY_EXISTS, content_to_dict(new_content, db_session)) raise Http_error(409, Message.ALREADY_EXISTS) edit_basic_data(content, username, data.get('tags')) content.book_press = book.press except: logger.exception(LogMsg.EDIT_FAILED, exc_info=True) raise Http_error(409, Message.ALREADY_EXISTS) logger.debug(LogMsg.EDIT_SUCCESS, model_to_dict(content)) logger.info(LogMsg.END) return content_to_dict(content, db_session)
def add_group_by_users(data, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) users = set(data.get('users')) group_title = data.get('title') person_id = data.get('person_id', None) if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions) if not (press_permit and (person_id is None or person_id != user.person_id)): logger.error(LogMsg.PERMISSION_DENIED, {'ADD_GROUP_USER_PERMISSION': username}) raise Http_error(403, Message.ACCESS_DENIED) validate_users(users, db_session) if check_group_title_exists(group_title, db_session): logger.error(LogMsg.GROUP_EXISTS, {'group_title': group_title}) raise Http_error(409, Message.ALREADY_EXISTS) group = add_group({ 'title': group_title, 'person_id': person_id }, db_session, username) del data['title'] data['group_id'] = group.id result = add_group_users(data, db_session, username) return result
def add(data, db_session, username): logger.info(LogMsg.START, username) schema_validate(data,ADD_SCHEMA_PATH) logger.debug(LogMsg.SCHEMA_CHECKED) book_id = data.get('book_id') book = get_book(book_id, db_session) if username is not None: per_data = {} permissions, presses = get_user_permissions(username, db_session) if book.creator == username: per_data.update({Permissions.IS_OWNER.value:True}) has_permit = has_permission_or_not([Permissions.PRICE_ADD_PREMIUM], permissions,None,per_data) if not has_permit: if book.press in presses: has_permission([Permissions.PRICE_ADD_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED,username) raise Http_error(403,Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED) logger.debug(LogMsg.CHECK_BOOK_PRICE_EXISTANCE, book_id) model_instance = get_by_book(book_id, db_session, username) if model_instance: logger.debug(LogMsg.BOOK_PRICE_EXISTS, book_id) logger.debug(LogMsg.EDIT_PRICE, book_id) model_instance.price = data.get('price') else: logger.debug(LogMsg.ADD_NEW_BOOK_PRICE, book_id) model_instance = Price() populate_basic_data(model_instance, username) model_instance.book_id = book_id model_instance.price = data.get('price') db_session.add(model_instance) logger.info(LogMsg.END) return model_instance
def edit(id, db_session, data, username): logger.info(LogMsg.START, username) if "id" in data.keys(): del data["id"] if 'username' in data.keys(): logger.error(LogMsg.NOT_EDITABLE, 'username') raise Http_error(400, Message.NOT_EDITABLE) logger.debug(LogMsg.EDIT_REQUST, {'user_id': id, 'data': data}) model_instance = check_by_id(id, db_session) if model_instance: logger.debug(LogMsg.MODEL_GETTING, {'user_id': id}) else: logger.debug(LogMsg.NOT_FOUND, {'user_id': id}) raise Http_error(404, Message.NOT_FOUND) per_data = {} permissions, presses = get_user_permissions(username, db_session) if model_instance.username == username: per_data.update({Permissions.IS_OWNER.value: True}) has_permission([Permissions.USER_EDIT_PREMIUM], permissions, None, per_data) logger.debug(LogMsg.PERMISSION_VERIFIED) if not has_permission_or_not([Permissions.USER_EDIT_PREMIUM], permissions): if "person_id" in data: del data["person_id"] # if "person_id" in data: # user_by_person = db_session.query(User).filter( # User.person_id == data.get('person_id')).first() # if user_by_person is not None and user_by_person.id != model_instance.id: # raise Http_error(409,Message.USER_ALREADY_EXISTS) for key, value in data.items(): # TODO if key is valid attribute of class setattr(model_instance, key, value) edit_basic_data(model_instance, username, data.get('tags')) user_dict = user_to_dict(model_instance) logger.debug(LogMsg.EDIT_SUCCESS, user_dict) logger.info(LogMsg.END) return user_dict
def delete_book(id, db_session, username): logger.info(LogMsg.START, username) logger.info(LogMsg.DELETE_REQUEST, {'book_id': id}) model_instance = db_session.query(Book).filter(Book.id == id).first() logger.debug(LogMsg.PERMISSION_CHECK, username) permission_data = {} if model_instance.creator == username: permission_data = {Permissions.IS_OWNER.value: True} permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.BOOK_DELETE_PREMIUM], permissions, None, permission_data) if not has_permit: if model_instance.press in presses: has_permission([Permissions.BOOK_DELETE_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) logger.debug(LogMsg.DELETING_BOOK_ROLES, id) delete_book_roles(id, db_session) logger.debug(LogMsg.DELETING_BOOK_CONTENT, id) delete_book_contents(id, db_session) logger.debug(LogMsg.DELETING_BOOK_COMMENTS, id) delete_book_comments(id, db_session) logger.debug(LogMsg.DELETING_BOOK_PRICE, id) delete_book_price(id, db_session) delete(id, db_session, username) logger.debug(LogMsg.ELASTIC_INDEX_DELETE, id) delete_book_index(id) logger.debug(LogMsg.ENTITY_DELETED, id) logger.info(LogMsg.END) return Http_response(204, True)
def edit(id, data, db_session, username=None): logger.info(LogMsg.START, username) schema_validate(data,EDIT_SCHEMA_PATH) logger.debug(LogMsg.SCHEMA_CHECKED) model_instance = get_by_id(id, db_session) if model_instance is None: logger.error(LogMsg.NOT_FOUND, {'book_price_id': id}) raise Http_error(404, Message.NOT_FOUND) book = get_book(model_instance.book_id, db_session) if username is not None: per_data = {} permissions, presses = get_user_permissions(username, db_session) if book.creator == username: per_data.update({Permissions.IS_OWNER.value: True}) has_permit = has_permission_or_not([Permissions.PRICE_EDIT_PREMIUM], permissions, None, per_data) if not has_permit: if book.press in presses: has_permission([Permissions.PRICE_EDIT_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED, username) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED) try: model_instance.price = data.get('price') logger.debug(LogMsg.EDIT_SUCCESS, model_to_dict(model_instance)) except: logger.exception(LogMsg.EDIT_FAILED, exc_info=True) raise Http_error(404, Message.EDIT_FAILED) logger.info(LogMsg.END) return model_instance
def edit_book(id, db_session, data, username): logger.info(LogMsg.START, username) logger.info(LogMsg.EDITING_BOOK, id) model_instance = db_session.query(Book).filter(Book.id == id).first() if model_instance is None: logger.error(LogMsg.NOT_FOUND, {'book_id': id}) raise Http_error(404, Message.NOT_FOUND) logger.debug(LogMsg.PERMISSION_CHECK, username) permission_data = {} if model_instance.creator == username: permission_data = {Permissions.IS_OWNER.value: True} permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.BOOK_EDIT_PREMIUM], permissions, None, permission_data) if not has_permit: if model_instance.press in presses: has_permission([Permissions.BOOK_EDIT_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) logger.debug(LogMsg.GET_SUCCESS, id) if "id" in data.keys(): del data["id"] logger.debug(LogMsg.EDIT_REQUST, {'book_id': id}) roles = [] elastic_data = {} if 'roles' in data.keys(): roles = data.get('roles') del data['roles'] for key, value in data.items(): # TODO if key is valid attribute of class setattr(model_instance, key, value) edit_basic_data(model_instance, username, data.get('tags')) price = data.get('price', None) if price is not None: edit_price(model_instance.id, price, db_session) if len(roles) > 0: logger.debug(LogMsg.DELETING_BOOK_ROLES, id) delete_book_roles(model_instance.id, db_session) logger.debug(LogMsg.ADDING_ROLES_TO_BOOK, id) nroles, elastic_data = add_book_roles(model_instance.id, roles, db_session, username) new_roles = [] for role in nroles: logger.debug(LogMsg.ATTACHING_ROLES_TO_BOOKS) new_roles.append(book_role_to_dict(role)) else: elastic_data = persons_of_book(model_instance.id, db_session) indexing_data = book_to_dict(db_session, model_instance) indexing_data['book_id'] = model_instance.id indexing_data.update(elastic_data) del indexing_data['roles'] print(('indexing_data : {}').format(indexing_data)) logger.debug(LogMsg.ELASTIC_INDEX_DELETE, id) delete_book_index(model_instance.id) logger.debug(LogMsg.INDEXING_IN_ELASTIC, indexing_data) index_book(indexing_data, db_session) edited_book = book_to_dict(db_session, model_instance) logger.debug(LogMsg.MODEL_ALTERED) logger.info(LogMsg.END) return edited_book
def add_multiple_type_books(db_session, data, username): logger.info(LogMsg.START, username) logger.debug(LogMsg.BOOK_CHECKING_IF_EXISTS, data) types = data.get('types') logger.debug(LogMsg.ENUM_CHECK, {'book_types': types}) check_enums(types, legal_types) roles_data = data.get('roles') book_data = {k: v for k, v in data.items() if k not in ['roles', 'types']} logger.debug(LogMsg.PERMISSION_CHECK, username) permissions, presses = get_user_permissions(username, db_session) has_permit = has_permission_or_not([Permissions.BOOK_ADD_PREMIUM], permissions) press = None for item in roles_data: if 'Press' in item.values(): person = item.get('person', None) if person is not None: press = person.get('id', None) if press is None: logger.error(LogMsg.DATA_MISSING, {'press': None}) raise Http_error(400, Message.MISSING_REQUIERED_FIELD) if not has_permit: if press in presses: has_permission([Permissions.BOOK_ADD_PRESS], permissions) else: logger.error(LogMsg.PERMISSION_DENIED) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.PERMISSION_VERIFIED, username) result = [] logger.debug(LogMsg.ADDING_MULTIPLE_BOOKS, data) for type in types: data['type'] = type data['press'] = press data['roles'] = roles_data unique_code = add_uniquecode(data, db_session) book_data.update({ 'type': type, 'press': press, 'unique_code': unique_code.UniqueCode }) logger.debug(LogMsg.ADD_BOOK, book_data) book = add(db_session, book_data, username) logger.debug(LogMsg.ADDING_ROLES_TO_BOOK, roles_data) roles, elastic_data = add_book_roles(book.id, roles_data, db_session, username) result.append(book_to_dict(db_session, book)) index_data = data index_data['type'] = type index_data['book_id'] = book.id index_data['tags'] = book.tags if 'roles' in index_data: del index_data['roles'] index_data.update(elastic_data) logger.debug(LogMsg.INDEXING_IN_ELASTIC, index_data) index_book(index_data, db_session) logger.info(LogMsg.END) return result