def create(context, request): try: email = request.params['email'] password = request.params['password'] name = request.params['name'] surname = request.params['surname'] company = request.params.get('company') web = request.params.get('web') twitter = request.params.get('twitter') request_groups = [g for g in request.params.getall('groups') if g] groups = Group.search(request.db_session, filters=(Group.name.in_(request_groups),) ) organization_name = request.params.get('organization') if organization_name: try: organization = Group.get(request.db_session, organization_name) except NoResultFound: raise HTTPPreconditionFailed(headers={ 'X-Request-Error': 'Invalid group {}'\ .format(organization_name) }) else: organization = None if request_groups and len(groups) != len(request_groups): raise HTTPPreconditionFailed( headers={'X-Request-Error': 'Invalid groups "{}"'\ .format(', '.join(request_groups))}) u = User(email=email, password=password, name=name, surname=surname, company=company, web=web, twitter=twitter, groups=groups, organization=organization) request.db_session.add(u) request.db_session.flush() except KeyError as e: raise ParamsError(e) except IntegrityError as e: error = 'User with email {} already exists'\ .format(request.params['email']) request.db_session.rollback() raise HTTPConflict(headers={'X-Request-Error': error}) else: request.db_session.commit() raise HTTPCreated()
def set_instance_groups(context, request): domain = request.matchdict['domain'] request_groups = set(request.params.getall('groups')) if domain not in request_groups: request_groups.add(domain) instance = Instance.get_by_domain(request.db_session, domain) groups = Group.search( request.db_session, filters=(Group.name.in_(request_groups), ) ) if len(groups) != len(request_groups): raise HTTPPreconditionFailed( headers={'X-Request-Error': 'Invalid groups {}'\ .format(','.join(request_groups))}) instance.groups = groups request.db_session.commit() raise HTTPNoContent()
def update(context, request): email = urllib.unquote(request.matchdict['email']) user = User.get(request.db_session, email) principals = effective_principals(request) # an "normal" user can update only itself if not set(('admin', email)) & set(principals): return generate_empty_response(HTTPForbidden(), request, 403) params = {} for attr in ('email', 'password', 'name', 'surname', 'company', 'web', 'twitter'): value = request.params.get(attr) if value: params[attr] = value # only admins can change users groups if 'admin' in principals and 'groups' in request.params: groups = [g for g in request.params.getall('groups') if g] if not groups: params['groups'] = [] else: params['groups'] = Group.search( request.db_session, filters=(Group.name.in_(groups), ) ) if len(groups) != len(params['groups']): raise HTTPPreconditionFailed( headers={'X-Request-Error': 'Invalid groups {}'\ .format(','.join(groups))}) if not 'admin' and 'organization' in request.params: return generate_empty_response(HTTPForbidden(), request, 403) elif 'organization' in request.params: organization_name = request.params['organization'] if not organization_name: params['organization'] = None else: try: params['organization'] = Group.get(request.db_session, organization_name) except NoResultFound: raise HTTPPreconditionFailed(headers={ 'X-Request-Error': 'Invalid group {}'\ .format(organization_name) }) if not params: raise ParamsError('Missing update fields') try: for param in params: setattr(user, param, params[param]) request.db_session.flush() except IntegrityError: error = 'An user with email {} already exists'.format(params['email']) raise HTTPPreconditionFailed(headers={'X-Request-Error': error}) else: request.db_session.commit() return user.to_dict()