def do(data, resource):
body = {}
params = data['params']
user = data.get('user', None)
if user:
user_id = user.get('id', None)
else:
user_id = None
partition = params.get('partition', None)
max_workers = params.get('max_workers', None)
if database_can_not_access_to_item(partition):
body['error'] = error.PERMISSION_DENIED
return body
# Check partition has been existed
if not resource.db_has_partition(partition):
body['error'] = error.NO_SUCH_PARTITION
return body
items = params.get('items', [])
error_list = [None] * len(items)
item_ids = [None] * len(items)
index_keys = util.get_index_keys_to_index(resource, user, partition, 'w')
sort_keys = util.get_sort_keys(resource)
policy_code = get_policy_code(resource, partition, 'create')
def try_put_item(idx, item):
item['id'] = uuid()
if 'owner' not in item:
item['owner'] = user_id
item = {
key: value
for key, value in item.items()
if value != '' and value != {} and value != []
}
if match_policy(policy_code, user, item):
resource.db_put_item(partition,
item,
item_id=item['id'],
index_keys=index_keys,
sort_keys=sort_keys)
item_ids[idx] = item.get('id', None)
else:
error_list[idx] = error.PERMISSION_DENIED
if not max_workers:
max_workers = len(items)
max_workers = int(max_workers) + 1
max_workers = min(32, max_workers)
with ThreadPoolExecutor(max_workers=max_workers) as exc:
for _idx, _item in enumerate(items):
exc.submit(try_put_item, _idx, _item)
body['error_list'] = error_list
body['item_ids'] = item_ids
return body
def do(data, resource):
body = {}
params = data['params']
runner_user = data.get('user', None) # 작업을 시행하는 유저
user_id = params.get('user_id', None)
new_user_fields = params.get('user')
user_to_update = resource.db_get_item(user_id)
if user_to_update['partition'] != 'user':
body['error'] = error.NOT_USER_PARTITION
body['success'] = False
return body
if not get_policy_code.match_policy_after_get_policy_code(
resource, 'update', 'user', runner_user, new_user_fields):
body['error'] = error.UPDATE_POLICY_VIOLATION
return body
# 생성날짜 유지를 위해 기록
creation_date = user_to_update.get('creation_date', float(time.time()))
# For security
new_item = {}
for field in new_user_fields:
if field in [
'id', 'email', 'password_hash', 'salt', 'groups',
'login_method'
]:
body['error'] = error.FORBIDDEN_MODIFICATION
body.setdefault('forbidden_fields', [])
body['forbidden_fields'].append(field)
else:
new_item[field] = new_user_fields[field]
new_item = util.simplify_item(user_to_update, new_item)
new_item['partition'] = 'user'
new_item['updated_date'] = float(time.time())
new_item['creation_date'] = creation_date
# 소트키 존재시 무조건 포함
sort_keys = database_util.get_sort_keys(resource)
for sort_key_item in sort_keys:
s_key = sort_key_item.get('sort_key', None)
if s_key and s_key not in new_item and user_to_update.get(
s_key, None) is not None:
new_item[s_key] = user_to_update.get(s_key, None)
resource.db_update_item_v2(user_id, new_item)
body['user_id'] = user_id
body['success'] = True
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
field_name = params.get('field_name', None)
field_value = params.get('field_value', None)
item = resource.db_get_item(item_id)
# 시스템 파티션 접근 제한
if database_can_not_access_to_item(item['partition']):
body['error'] = error.PERMISSION_DENIED
return body
if not resource.db_has_partition(item['partition']):
body['error'] = error.NO_SUCH_PARTITION
return body
new_item = {
'id': item_id,
field_name: field_value,
'partition': item['partition'],
'creation_date': item.get('creation_date', 0)
}
if match_policy_after_get_policy_code(resource,
'update',
item['partition'],
user,
item,
new_item=new_item):
index_keys = util.get_index_keys_to_index(resource, user,
item['partition'], 'w')
# 소트키는 무조건 업데이트시 포함해야함.
sort_keys = util.get_sort_keys(resource)
for sort_key in sort_keys:
s_key = sort_key.get('sort_key', None)
if s_key and s_key not in new_item and item.get(s_key,
None) is not None:
new_item[s_key] = item.get(s_key, None)
success = resource.db_update_item_v2(item_id,
new_item,
index_keys=index_keys,
sort_keys=sort_keys)
body['success'] = success
else:
body['error'] = error.PERMISSION_DENIED
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
if not user:
body['error'] = error.LOGIN_IS_REQUIRED
return body
user_id = user['id']
field = params.get('field')
value = params.get('value', None)
user_to_update = {
field: value
}
# user = resource.db_get_item(user_id)
# For security
if field in ['id', 'email', 'password_hash', 'salt', 'groups', 'login_method']:
body['error'] = error.FORBIDDEN_MODIFICATION
return body
elif not get_policy_code.match_policy_after_get_policy_code(resource, 'update', 'user', user, user_to_update):
body['error'] = error.UPDATE_POLICY_VIOLATION
return body
else:
creation_date = user.get('creation_date', time.time())
user_to_update = {
'partition': 'user',
'updated_date': float(time.time()),
field: value,
'creation_date': creation_date,
}
# 소트키 존재시 무조건 포함
sort_keys = util.get_sort_keys(resource)
for sort_key_item in sort_keys:
s_key = sort_key_item.get('sort_key', None)
if s_key and s_key not in user_to_update and user.get(s_key, None) is not None:
user_to_update[s_key] = user.get(s_key, None)
resource.db_update_item_v2(user_id, user_to_update)
body['user_id'] = user_id
return body
def do(data, resource):
body = {}
params = data['params']
user = data.get('user', None)
user_id = params.get('user_id', None)
field = params.get('field')
value = params.get('value', None)
user_to_update = {field: value, 'updated_date': float(time.time())}
item = resource.db_get_item(user_id)
if item.get('partition', None) != 'user':
body['error'] = error.NOT_USER_PARTITION
body['success'] = False
return body
# For security
if field in ['id', 'password_hash', 'salt', 'groups', 'login_method']:
body['error'] = error.FORBIDDEN_MODIFICATION
return body
elif not get_policy_code.match_policy_after_get_policy_code(
resource, 'update', 'user', user, user_to_update):
body['error'] = error.UPDATE_POLICY_VIOLATION
return body
else:
# for field, value in user_to_update.items():
# item[field] = value
creation_date = item.get('creation_date', time.time())
user_to_update['partition'] = 'user'
user_to_update['creation_date'] = creation_date
# 소트키 존재시 무조건 포함
sort_keys = util.get_sort_keys(resource)
for sort_key_item in sort_keys:
s_key = sort_key_item.get('sort_key', None)
if s_key and s_key not in user_to_update and item.get(
s_key, None) is not None:
user_to_update[s_key] = item.get(s_key, None)
resource.db_update_item_v2(user_id, user_to_update)
body['user_id'] = user_id
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
user_id = user['id']
ignore_error = params.get('ignore_error', False)
user_item = params.get('item', {})
user_to_update = {}
# user = resource.db_get_item(user_id)
# For security
for field, value in user_item.items():
if field in ['id', 'email', 'password_hash', 'salt', 'groups', 'login_method']:
body['error'] = error.FORBIDDEN_MODIFICATION
if not ignore_error: # 에러 무시하는 경우
return body
else:
user_to_update[field] = value
if not get_policy_code.match_policy_after_get_policy_code(resource, 'update', 'user', user, user_to_update):
body['error'] = error.UPDATE_POLICY_VIOLATION
return body
else:
creation_date = user.get('creation_date', time.time())
user_to_update['partition'] = 'user'
user_to_update['updated_date'] = float(time.time())
user_to_update['creation_date'] = creation_date
# 소트키 존재시 무조건 포함
sort_keys = util.get_sort_keys(resource)
for sort_key_item in sort_keys:
s_key = sort_key_item.get('sort_key', None)
if s_key and s_key not in user_to_update and user.get(s_key, None) is not None:
user_to_update[s_key] = user.get(s_key, None)
resource.db_update_item_v2(user_id, user_to_update)
body['user_id'] = user_id
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
user_id = user['id']
creation_date = user.get('creation_date', time.time())
email = params.get('email')
instructions = [[None, 'email', 'eq', email]]
items, end_key = resource.db_query('user', instructions)
users = list(items)
if len(users) > 0:
body['error'] = error.EXISTING_ACCOUNT
return body
# user = resource.db_get_item(user_id)
if not get_policy_code.match_policy_after_get_policy_code(
resource, 'update', 'user', user, {'email': email}):
body['error'] = error.UPDATE_POLICY_VIOLATION
return body
user_to_update = {
'partition': 'user',
'updated_date': float(time.time()),
'email': email,
'creation_date': creation_date,
}
# 소트키 존재시 무조건 포함
sort_keys = util.get_sort_keys(resource)
for sort_key_item in sort_keys:
s_key = sort_key_item.get('sort_key', None)
if s_key and s_key not in user_to_update and user.get(
s_key, None) is not None:
user_to_update[s_key] = user.get(s_key, None)
resource.db_update_item_v2(user_id, user_to_update)
body['user_id'] = user_id
return body
def do(data, resource):
body = {}
params = data['params']
user = data.get('user', None)
if user:
user_id = user.get('id', None)
else:
user_id = None
partition = params.get('partition', None)
item = params.get('item', {})
item['id'] = uuid()
if 'owner' not in item:
item['owner'] = user_id
item = {key: value for key, value in item.items() if value != '' and value != {} and value != []}
# 시스템 파티션 접근 제한
if database_can_not_access_to_item(partition):
body['error'] = error.PERMISSION_DENIED
return body
# Check partition has been existed
if resource.db_has_partition(partition):
if match_policy_after_get_policy_code(resource, 'create', partition, user, item):
index_keys = util.get_index_keys_to_index(resource, user, partition, 'w')
sort_keys = util.get_sort_keys(resource)
resource.db_put_item(partition, item, item_id=item['id'], index_keys=index_keys, sort_keys=sort_keys)
body['item_id'] = item.get('id', None)
return body
else:
body['error'] = error.PERMISSION_DENIED
return body
body['error'] = error.NO_SUCH_PARTITION
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
pairs = params.get('pairs', None)
max_workers = params.get('max_workers', None)
error_list = [None] * len(pairs)
success_list = [False] * len(pairs)
policy_codes_by_partition = {}
partitions = resource.db_get_partitions()
partition_names = [partition['name'] for partition in partitions]
sort_keys = util.get_sort_keys(resource)
def update_work(idx, item_id):
new_item = pairs[item_id]
item = resource.db_get_item(item_id)
# 아이템 없는 경우
if not item:
error_list[idx] = error.NO_SUCH_ITEM
return
# 시스템 파티션 접근 제한
if database_can_not_access_to_item(item['partition']):
error_list[idx] = error.PERMISSION_DENIED
return
# 등록된 파티션이 아닌경우
if item['partition'] not in partition_names:
error_list[idx] = error.UNREGISTERED_PARTITION
return
if item['partition'] in policy_codes_by_partition:
policy_code = policy_codes_by_partition[item['partition']]
else:
policy_code = get_policy_code(resource, item['partition'], 'update')
policy_codes_by_partition[item['partition']] = policy_code
# Remove field if value is None
# for key, value in new_item.copy().items():
# if value is None:
# new_item.pop(key)
new_item = {key: value for key, value in new_item.items() if value != '' and value != {} and value != []}
new_item = util.simplify_item(item, new_item)
new_item['partition'] = item.get('partition', None)
new_item['creation_date'] = item.get('creation_date', None)
if match_policy(policy_code, user, item, new_item=new_item):
index_keys = util.get_index_keys_to_index(resource, user, item['partition'], 'w')
# 소트키는 무조건 업데이트시 포함해야함.
for sort_key in sort_keys:
s_key = sort_key.get('sort_key', None)
if s_key and s_key not in new_item and item.get(s_key, None) is not None:
new_item[s_key] = item.get(s_key, None)
success = resource.db_update_item_v2(item_id, new_item, index_keys=index_keys, sort_keys=sort_keys)
success_list[idx] = success
else:
error_list[idx] = error.UPDATE_POLICY_VIOLATION
if not max_workers:
max_workers = len(pairs)
max_workers = int(max_workers) + 1
max_workers = min(32, max_workers)
with ThreadPoolExecutor(max_workers=max_workers) as exc:
for _idx, _item_id in enumerate(pairs):
exc.submit(update_work, _idx, _item_id)
body['error_list'] = error_list
body['success_list'] = success_list
return body
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
new_item = params.get('item', {})
use_simplify = params.get('use_simplify', True)
item = resource.db_get_item(item_id)
# 아이템 없는 경우
if not item:
body['item'] = None
body['error'] = error.NO_SUCH_ITEM
return body
# 시스템 파티션 접근 제한
if database_can_not_access_to_item(item['partition']):
body['error'] = error.PERMISSION_DENIED
return body
# 등록된 파티션이 아닌경우
if not resource.db_has_partition(item['partition']):
body['item'] = None
body['error'] = error.UNREGISTERED_PARTITION
return body
# Remove null
# for key, value in new_item.copy().items():
# if value is None:
# new_item.pop(key)
# Put the value in the previous item that is not in the new field
new_item = {
key: value
for key, value in new_item.items()
if value != '' and value != {} and value != []
}
if use_simplify:
new_item = util.simplify_item(item, new_item)
new_item['partition'] = item['partition']
new_item['creation_date'] = item['creation_date']
if match_policy_after_get_policy_code(resource,
'update',
item['partition'],
user,
item,
new_item=new_item):
index_keys = util.get_index_keys_to_index(resource, user,
item['partition'], 'w')
# 소트키는 무조건 업데이트시 포함해야함.
sort_keys = util.get_sort_keys(resource)
for sort_key in sort_keys:
s_key = sort_key.get('sort_key', None)
if s_key and s_key not in new_item and item.get(s_key,
None) is not None:
new_item[s_key] = item.get(s_key, None)
success = resource.db_update_item_v2(item_id,
new_item,
index_keys=index_keys,
sort_keys=sort_keys)
body['success'] = success
else:
body['error'] = error.UPDATE_POLICY_VIOLATION
return body