def on_delete(self, context):
on_handle(context)
on_delete_cb(context)
context.session.delete(
self.rest_get_model(context)).commit()
return cv.create_json('success')
def on_post(self, context):
'''
Upload a plugin.
'''
# TODO: Authz.
request, session = context[:2]
zip_file = ZipFile(BytesIO(request.data))
try:
meta_json = cv.deserialize_json(
zip_file.open('.canvas/meta.json').read())
name, description = meta_json['name'], meta_json['description']
repo_url = meta_json['repo_url']
dependencies = meta_json['dependencies']
except KeyError:
raise cv.BadRequest('Invalid plugin package (bad meta info)')
plugin = Plugin(name, description, repo_url)
session.save(plugin)
for dependency_name in dependencies:
dependency = session.query(Plugin,
Plugin.name == dependency_name,
one=True)
if not dependency:
raise cv.UnprocessableEntity('Invalid dependency "%s"' %
dependency_name)
session.save(PluginDependency(plugin, dependency))
session.commit()
return cv.create_json('success', {'created_id': plugin.id})
def on_put(self, context):
on_handle(context)
on_update(context)
resource = self.rest_get_model(context)
request_to_update(resource, context.request)
context.session.commit()
return cv.create_json('success')
def on_get(self, context):
if not context.user.is_admin and not context.user.id == context.route.id:
raise cv.Unauthorized(
"You don't have access to that user's information")
user = User.get(context.route.id, context.session)
if not user:
raise cv.NotFound(context.route)
return cv.create_json('success', user)
def on_post(self, context):
request, session = context[:2]
user = session.query(User,
User.email == request[('email', str)],
one=True)
if not user or not user.check_password(request[('password', str)]):
raise cv.ValidationErrors(summary='Incorrect username or password')
authorize(user, context)
return cv.create_json('success')
def on_put(self, context):
on_handle(context)
on_create(context)
instance = request_to_model(model_cls, context.request)
context.session.save(instance).commit()
return cv.create_json(
'success', {
'created_id':
model_cls.__table__.primary_key.value_on(instance)
})
def on_get(self, context):
query = True
for key, value in context.query.items():
if not hasattr(User, key):
raise cv.ValidationErrors({key: 'Invalid key'})
column = getattr(User, key)
value = column.cast(value)
query = (column == value) & query
users = context.session.query(User, query)
return cv.create_json('success', cv.dictize(users))
def on_get(self, context):
on_handle(context)
on_query(context)
target, condition, order, offset, count = query_to_query(
model_cls, context.query, default_query)
result = context.session.query(target,
condition,
order=order,
offset=offset,
count=count)
return cv.create_json('success', cv.dictize(result))
def on_get(self, context):
'''
Retrieve a list of plugins.
'''
query, session = context[:2]
condition = True
if 's' in query:
condition = Plugin.name.matches(
query.s) | Plugin.description.matches(query.s)
plugins = session.query(Plugin, condition)
return cv.create_json('success', cv.dictize(plugins))
def on_put(self, context):
request, session = context[:2]
user = User()
for key, value in context.request.items():
if key not in User.__table__.columns:
raise cv.ValidationErrors({key: 'Invalid key.'})
if key == 'password':
user.set_password(value)
else:
setattr(user, key, value)
session.save(user).commit()
if not context.user:
authorize(user, context)
return cv.create_json('success', {'created_id': user.id})
def on_put(self, context):
if not context.user.is_admin and not context.user.id == context.route.id:
raise cv.Unauthorized(
"You don't have permission to edit that user's information")
user = User.get(context.route.id, context.session)
_edit_approver(user, context)
for key, value in context.request.items():
if not hasattr(User, key):
raise cv.ValidationErrors({key: 'Invalid key'})
column = getattr(User, key)
value = column.cast(value)
setattr(user, key, value)
context.session.commit()
return cv.create_json('success')
def on_get(self, context):
on_handle(context)
on_retrieve(context)
# TODO: Variants.
return cv.create_json(
'success', cv.dictize(self.rest_get_model(context)))
def on_get(self, context):
breakfasts = context.session.query(Breakfast)
return cv.create_json('success', cv.dictize(breakfasts))
def on_put(self, context):
request, cookie, session = context[:3]
session.save(Breakfast(request.name)).commit()
return cv.create_json('success')
def on_delete(self, context):
flush_auth(context)
return cv.create_json('success')
