def delete_group_members(group_spec):
# For now, both routes will delete a member entirely from the group.
user_ids = get_resource_ids(request.json, 'users')
group = get_group_info(group_spec, need_admin=True)
for user_id in user_ids:
local.model.delete_user_in_group(user_id, group['uuid'])
abort(http.client.NO_CONTENT)
def _delete_bundles():
"""
Delete the bundles specified.
Query parameters:
- `force`: 1 to allow deletion of bundles that have descendants or that
appear across multiple worksheets, or 0 to throw an error if any of the
specified bundles have multiple references. Default is 0.
- `recursive`: 1 to remove all bundles downstream too, or 0 otherwise.
Default is 0.
- `data-only`: 1 to only remove contents of the bundle(s) from the bundle
store and leave the bundle metadata intact, or 0 to remove both the
bundle contents and the bundle metadata. Default is 0.
- `dry-run`: 1 to just return list of bundles that would be deleted with
the given parameters without actually deleting them, or 0 to perform
the deletion. Default is 0.
"""
uuids = get_resource_ids(request.json, 'bundles')
force = query_get_bool('force', default=False)
recursive = query_get_bool('recursive', default=False)
data_only = query_get_bool('data-only', default=False)
dry_run = query_get_bool('dry-run', default=False)
deleted_uuids = delete_bundles(uuids,
force=force,
recursive=recursive,
data_only=data_only,
dry_run=dry_run)
# Return list of deleted ids as meta
return json_api_meta({}, {'ids': deleted_uuids})
def delete_group_members(group_spec):
# For now, both routes will delete a member entirely from the group.
user_ids = get_resource_ids(request.json, 'users')
group = get_group_info(group_spec, need_admin=True)
for user_id in user_ids:
local.model.delete_user_in_group(user_id, group['uuid'])
abort(httplib.NO_CONTENT)
def add_group_members_helper(group_spec, is_admin):
user_ids = get_resource_ids(request.json, 'users')
group_uuid = get_group_info(group_spec, need_admin=True)['uuid']
members = set(m['user_id'] for m in local.model.batch_get_user_in_group(
user_id=user_ids, group_uuid=group_uuid))
for user_id in user_ids:
if user_id in members:
local.model.update_user_in_group(user_id, group_uuid, is_admin)
else:
local.model.add_user_in_group(user_id, group_uuid, is_admin)
return request.json
def delete_worksheets():
"""
Delete the bundles specified.
If |force|, allow deletion of bundles that have descendants or that appear across multiple worksheets.
If |recursive|, add all bundles downstream too.
If |data-only|, only remove from the bundle store, not the bundle metadata.
If |dry-run|, just return list of bundles that would be deleted, but do not actually delete.
"""
uuids = get_resource_ids(request.json, 'worksheets')
force = query_get_bool('force', default=False)
for uuid in uuids:
delete_worksheet(uuid, force)
def delete_worksheets():
"""
Delete the bundles specified.
If |force|, allow deletion of bundles that have descendants or that appear across multiple worksheets.
If |recursive|, add all bundles downstream too.
If |data-only|, only remove from the bundle store, not the bundle metadata.
If |dry-run|, just return list of bundles that would be deleted, but do not actually delete.
"""
uuids = get_resource_ids(request.json, 'worksheets')
force = query_get_bool('force', default=False)
for uuid in uuids:
delete_worksheet(uuid, force)
def delete_user():
"""Fetch user ids"""
user_ids = get_resource_ids(request.json, 'users')
request_user_id = request.user.user_id
if request_user_id != local.model.root_user_id:
abort(http.client.UNAUTHORIZED, 'Only root user can delete other users.')
for user_id in user_ids:
if user_id == local.model.root_user_id:
abort(http.client.UNAUTHORIZED, 'Cannot delete root user.')
user = local.model.get_user(user_id=user_id)
if user is None:
abort(http.client.NOT_FOUND, 'User %s not found' % user_id)
'''
Check for owned bundles, worksheets, and groups.
If any are found, then do not allow user to be deleted.
'''
error_messages = []
bundles = local.model.batch_get_bundles(owner_id=user_id)
if bundles is not None and len(bundles) > 0:
bundle_uuids = [bundle.uuid for bundle in bundles]
error_messages.append(
'User %s owns bundles, can\'t delete user. UUIDs: %s\n'
% (user_id, ','.join(bundle_uuids))
)
worksheets = local.model.batch_get_worksheets(fetch_items=False, owner_id=user_id)
if worksheets is not None and len(worksheets) > 0:
worksheet_uuids = [worksheet.uuid for worksheet in worksheets]
error_messages.append(
'User %s owns worksheets, can\'t delete. UUIDs: %s\n'
% (user_id, ','.join(worksheet_uuids))
)
groups = local.model.batch_get_groups(owner_id=user_id)
if groups is not None and len(groups) > 0:
group_uuids = [group.uuid for group in groups]
error_messages.append(
'User %s owns groups, can\'t delete. UUIDs: %s\n' % (user_id, ','.join(group_uuids))
)
if error_messages:
abort(http.client.NOT_FOUND, '\n'.join(error_messages))
local.model.delete_user(user_id=user.user_id)
# Return list of deleted id as meta
return json_api_meta({}, {'ids': user_ids})
def delete_user():
"""Fetch user ids"""
user_ids = get_resource_ids(request.json, 'users')
request_user_id = request.user.user_id
if request_user_id != local.model.root_user_id:
abort(httplib.UNAUTHORIZED, 'Only root user can delete other users.')
for user_id in user_ids:
if user_id == local.model.root_user_id:
abort(httplib.UNAUTHORIZED, 'Cannot delete root user.')
user = local.model.get_user(user_id=user_id)
if user is None:
abort(httplib.NOT_FOUND, 'User %s not found' % user_id)
'''
Check for owned bundles, worksheets, and groups.
If any are found, then do not allow user to be deleted.
'''
error_messages = []
bundles = local.model.batch_get_bundles(owner_id=user_id)
if bundles is not None and len(bundles) > 0:
bundle_uuids = [bundle.uuid for bundle in bundles]
error_messages.append(
'User %s owns bundles, can\'t delete user. UUIDs: %s\n'
% (user_id, ','.join(bundle_uuids))
)
worksheets = local.model.batch_get_worksheets(fetch_items=False, owner_id=user_id)
if worksheets is not None and len(worksheets) > 0:
worksheet_uuids = [worksheet.uuid for worksheet in worksheets]
error_messages.append(
'User %s owns worksheets, can\'t delete. UUIDs: %s\n'
% (user_id, ','.join(worksheet_uuids))
)
groups = local.model.batch_get_groups(owner_id=user_id)
if groups is not None and len(groups) > 0:
group_uuids = [group.uuid for group in groups]
error_messages.append(
'User %s owns groups, can\'t delete. UUIDs: %s\n' % (user_id, ','.join(group_uuids))
)
if error_messages:
abort(httplib.NOT_FOUND, '\n'.join(error_messages))
local.model.delete_user(user_id=user.user_id)
# Return list of deleted id as meta
return json_api_meta({}, {'ids': user_ids})
def delete_groups():
"""Delete groups."""
group_ids = get_resource_ids(request.json, 'groups')
# Check permissions first
for group_id in group_ids:
get_group_info(group_id, need_admin=True)
# Delete groups
for group_id in group_ids:
local.model.delete_group(group_id)
abort(http.client.NO_CONTENT)
def delete_groups():
"""Delete groups."""
group_ids = get_resource_ids(request.json, 'groups')
# Check permissions first
for group_id in group_ids:
get_group_info(group_id, need_admin=True)
# Delete groups
for group_id in group_ids:
local.model.delete_group(group_id)
abort(httplib.NO_CONTENT)
def add_group_members_helper(group_spec, is_admin):
user_ids = get_resource_ids(request.json, 'users')
group_info = get_group_info(group_spec, need_admin=True, access_all_groups=False)
group_uuid = group_info['uuid']
group_owner = group_info['owner_id']
if group_owner in user_ids:
raise UsageError("Cannot relegate the group owner into non-admin status")
members = set(
m['user_id']
for m in local.model.batch_get_user_in_group(user_id=user_ids, group_uuid=group_uuid)
)
for user_id in user_ids:
if user_id in members:
local.model.update_user_in_group(user_id, group_uuid, is_admin)
else:
local.model.add_user_in_group(user_id, group_uuid, is_admin)
return request.json
def add_group_members_helper(group_spec, is_admin):
user_ids = get_resource_ids(request.json, 'users')
group_info = get_group_info(group_spec, need_admin=True, access_all_groups=False)
group_uuid = group_info['uuid']
group_owner = group_info['owner_id']
if group_owner in user_ids:
raise UsageError("Cannot relegate the group owner into non-admin status")
members = set(
m['user_id']
for m in local.model.batch_get_user_in_group(user_id=user_ids, group_uuid=group_uuid)
)
for user_id in user_ids:
if user_id in members:
local.model.update_user_in_group(user_id, group_uuid, is_admin)
else:
local.model.add_user_in_group(user_id, group_uuid, is_admin)
return request.json
def _delete_bundles():
"""
Delete the bundles specified.
If |force|, allow deletion of bundles that have descendants or that appear across multiple worksheets.
If |recursive|, add all bundles downstream too.
If |data-only|, only remove from the bundle store, not the bundle metadata.
If |dry-run|, just return list of bundles that would be deleted, but do not actually delete.
"""
uuids = get_resource_ids(request.json, 'bundles')
force = query_get_bool('force', default=False)
recursive = query_get_bool('recursive', default=False)
data_only = query_get_bool('data-only', default=False)
dry_run = query_get_bool('dry-run', default=False)
deleted_uuids = delete_bundles(uuids,
force=force,
recursive=recursive,
data_only=data_only,
dry_run=dry_run)
# Return list of deleted ids as meta
return json_api_meta({}, {'ids': deleted_uuids})