def get_services_runner(request):
service_type_filter = request.matchdict.get(
"service_type") # no check because None/empty is for 'all services'
json_response = {}
if not service_type_filter:
service_types = SERVICE_TYPE_DICT.keys()
else:
ax.verify_param(
service_type_filter,
paramCompare=SERVICE_TYPE_DICT.keys(),
isIn=True,
httpError=HTTPBadRequest,
msgOnFail=s.Services_GET_BadRequestResponseSchema.description,
content={u"service_type": str(service_type_filter)},
contentType=CONTENT_TYPE_JSON)
service_types = [service_type_filter]
for service_type in service_types:
services = su.get_services_by_type(service_type, db_session=request.db)
json_response[service_type] = {}
for service in services:
json_response[service_type][
service.resource_name] = sf.format_service(
service, show_private_url=True)
return ax.valid_http(httpSuccess=HTTPOk,
content={u"services": json_response},
detail=s.Services_GET_OkResponseSchema.description)
def get_service_type_resources_view(request):
"""
List details of resource types supported under a specific service type.
"""
def _get_resource_types_info(res_type_names):
res_type_classes = [
rtc for rtn, rtc in models.RESOURCE_TYPE_DICT.items()
if rtn in res_type_names
]
return [
sf.format_service_resource_type(rtc,
SERVICE_TYPE_DICT[service_type])
for rtc in res_type_classes
]
service_type = ar.get_value_matchdict_checked(request, "service_type")
ax.verify_param(
service_type,
paramCompare=SERVICE_TYPE_DICT.keys(),
isIn=True,
httpError=HTTPNotFound,
msgOnFail=s.ServiceTypeResources_GET_NotFoundResponseSchema.description
)
resource_types_names = ax.evaluate_call(
lambda: SERVICE_TYPE_DICT[service_type].resource_type_names,
httpError=HTTPForbidden,
content={u"service_type": str(service_type)},
msgOnFail=s.ServiceTypeResourceTypes_GET_ForbiddenResponseSchema.
description)
return ax.valid_http(
httpSuccess=HTTPOk,
detail=s.ServiceTypeResourceTypes_GET_OkResponseSchema.description,
content={
u"resource_types": _get_resource_types_info(resource_types_names)
})
def get_services_runner(request):
"""
Generates services response format from request conditions.
Obtains the full or filtered list of services categorized by type, or listed as flat list according to request path
and query parameters.
"""
service_type_filter = request.matchdict.get("service_type") # no check because None/empty is for 'all services'
services_as_list = asbool(ar.get_query_param(request, "flatten", False))
if not service_type_filter:
service_types = SERVICE_TYPE_DICT.keys()
else:
ax.verify_param(service_type_filter, param_compare=SERVICE_TYPE_DICT.keys(), is_in=True,
http_error=HTTPBadRequest, msg_on_fail=s.Services_GET_BadRequestResponseSchema.description,
content={"service_type": str(service_type_filter)}, content_type=CONTENT_TYPE_JSON)
service_types = [service_type_filter]
svc_content = [] if services_as_list else {} # type: Union[List[JSON], JSON]
for service_type in service_types:
services = su.get_services_by_type(service_type, db_session=request.db)
if not services_as_list:
svc_content[service_type] = {}
for service in services:
svc_fmt = sf.format_service(service, show_private_url=True)
if services_as_list:
svc_content.append(svc_fmt) # pylint: disable=E1101
else:
svc_content[service_type][service.resource_name] = svc_fmt
return ax.valid_http(http_success=HTTPOk, content={"services": svc_content},
detail=s.Services_GET_OkResponseSchema.description)
def get_user_service_permissions_view(request):
"""
List all permissions a user has on a service.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
service = ar.get_service_matchdict_checked(request)
inherit_groups_perms = asbool(
ar.get_query_param(request, ["inherit", "inherited"]))
resolve_groups_perms = asbool(
ar.get_query_param(request, ["resolve", "resolved"]))
perm_type = PermissionType.INHERITED if inherit_groups_perms else PermissionType.DIRECT
perms = ax.evaluate_call(
lambda: uu.get_user_service_permissions(
service=service,
user=user,
request=request,
inherit_groups_permissions=inherit_groups_perms,
resolve_groups_permissions=resolve_groups_perms),
fallback=lambda: request.db.rollback(),
http_error=HTTPNotFound,
msg_on_fail=s.UserServicePermissions_GET_NotFoundResponseSchema.
description,
content={
"service_name": str(service.resource_name),
"user_name": str(user.user_name)
})
return ax.valid_http(
http_success=HTTPOk,
content=format_permissions(perms, perm_type),
detail=s.UserServicePermissions_GET_OkResponseSchema.description)
def get_user_service_permissions_view(request):
"""
List all permissions a user has on a service.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
service = ar.get_service_matchdict_checked(request)
inherit_groups_perms = asbool(ar.get_query_param(request, "inherit"))
perms = ax.evaluate_call(
lambda: uu.get_user_service_permissions(service=service,
user=user,
request=request,
inherit_groups_permissions=
inherit_groups_perms),
fallback=lambda: request.db.rollback(),
httpError=HTTPNotFound,
msgOnFail=s.UserServicePermissions_GET_NotFoundResponseSchema.
description,
content={
u"service_name": str(service.resource_name),
u"user_name": str(user.user_name)
})
return ax.valid_http(
httpSuccess=HTTPOk,
detail=s.UserServicePermissions_GET_OkResponseSchema.description,
content={u"permission_names": sorted(p.value for p in perms)})
def get_user_service_resources_view(request):
"""
List all resources under a service a user has permission on.
"""
inherit_groups_perms = asbool(ar.get_query_param(request, "inherit"))
user = ar.get_user_matchdict_checked_or_logged(request)
service = ar.get_service_matchdict_checked(request)
service_perms = uu.get_user_service_permissions(
user,
service,
request=request,
inherit_groups_permissions=inherit_groups_perms)
resources_perms_dict = uu.get_user_service_resources_permissions_dict(
user,
service,
request=request,
inherit_groups_permissions=inherit_groups_perms)
user_svc_res_json = format_service_resources(
service=service,
db_session=request.db,
service_perms=service_perms,
resources_perms_dict=resources_perms_dict,
show_all_children=False,
show_private_url=False,
)
return ax.valid_http(
httpSuccess=HTTPOk,
detail=s.UserServiceResources_GET_OkResponseSchema.description,
content={u"service": user_svc_res_json})
def delete_user_group_view(request):
"""
Remove a user from a group.
"""
db = request.db
user = ar.get_user_matchdict_checked_or_logged(request)
group = ar.get_group_matchdict_checked(request)
def del_usr_grp(usr, grp):
db.query(models.UserGroup) \
.filter(models.UserGroup.user_id == usr.id) \
.filter(models.UserGroup.group_id == grp.id) \
.delete()
ax.evaluate_call(
lambda: del_usr_grp(user, group),
fallback=lambda: db.rollback(),
httpError=HTTPNotFound,
msgOnFail=s.UserGroup_DELETE_NotFoundResponseSchema.description,
content={
u"user_name": user.user_name,
u"group_name": group.group_name
})
return ax.valid_http(
httpSuccess=HTTPOk,
detail=s.UserGroup_DELETE_OkResponseSchema.description)
def verify_user(request):
# type: (Request) -> HTTPException
"""
Verifies that a valid user authentication on the pointed ``Magpie`` instance (via configuration) also results into a
valid user authentication with the current ``Twitcher`` instance to ensure settings match between them.
:param request: an HTTP request with valid authentication token/cookie credentials.
:return: appropriate HTTP success or error response with details about the result.
"""
magpie_url = get_magpie_url(request)
resp = requests.post(magpie_url + SigninAPI.path,
json=request.json,
headers={
"Content-Type": CONTENT_TYPE_JSON,
"Accept": CONTENT_TYPE_JSON
})
if resp.status_code != HTTPOk.code:
content = {"response": resp.json()}
return raise_http(HTTPForbidden,
detail="Failed Magpie login.",
content=content,
nothrow=True) # noqa
authn_policy = request.registry.queryUtility(IAuthenticationPolicy) # noqa
result = authn_policy.cookie.identify(request)
if result is None:
return raise_http(
HTTPForbidden,
detail="Twitcher login incompatible with Magpie login.",
nothrow=True) # noqa
return valid_http(
HTTPOk,
detail="Twitcher login verified successfully with Magpie login.")
def unregister_service_view(request):
"""
Unregister a service.
"""
service = ar.get_service_matchdict_checked(request)
service_push = asbool(
ar.get_multiformat_delete(request, "service_push", default=False))
svc_content = sf.format_service(service, show_private_url=True)
svc_res_id = service.resource_id
ax.evaluate_call(lambda: models.resource_tree_service.delete_branch(
resource_id=svc_res_id, db_session=request.db),
fallback=lambda: request.db.rollback(),
httpError=HTTPForbidden,
msgOnFail="Delete service from resource tree failed.",
content=svc_content)
def remove_service_magpie_and_phoenix(svc, svc_push, db_session):
db_session.delete(svc)
if svc_push and svc.type in SERVICES_PHOENIX_ALLOWED:
sync_services_phoenix(db_session.query(models.Service))
ax.evaluate_call(
lambda: remove_service_magpie_and_phoenix(service, service_push,
request.db),
fallback=lambda: request.db.rollback(),
httpError=HTTPForbidden,
msgOnFail=s.Service_DELETE_ForbiddenResponseSchema.description,
content=svc_content)
return ax.valid_http(httpSuccess=HTTPOk,
detail=s.Service_DELETE_OkResponseSchema.description)
def delete_resource(request):
resource = ar.get_resource_matchdict_checked(request)
service_push = asbool(
ar.get_multiformat_body(request, "service_push", default=False))
res_content = {"resource": format_resource(resource, basic_info=True)}
ax.evaluate_call(
lambda: models.RESOURCE_TREE_SERVICE.delete_branch(
resource_id=resource.resource_id, db_session=request.db),
fallback=lambda: request.db.rollback(),
http_error=HTTPForbidden,
msg_on_fail="Delete resource branch from tree service failed.",
content=res_content)
def remove_service_magpie_and_phoenix(res, svc_push, db):
if res.resource_type != "service":
svc_push = False
db.delete(res)
if svc_push:
sync_services_phoenix(db.query(models.Service))
ax.evaluate_call(
lambda: remove_service_magpie_and_phoenix(resource, service_push,
request.db),
fallback=lambda: request.db.rollback(),
http_error=HTTPForbidden,
msg_on_fail=s.Resource_DELETE_ForbiddenResponseSchema.description,
content=res_content)
return ax.valid_http(http_success=HTTPOk,
detail=s.Resource_DELETE_OkResponseSchema.description)
def login_success_external(request, external_user_name, external_id, email, provider_name):
# type: (Request, Str, Str, Str, Str) -> HTTPException
"""
Generates the login response in case of successful external provider identification.
"""
# find possibly already registered user by external_id/provider
user = ExternalIdentityService.user_by_external_id_and_provider(external_id, provider_name, request.db)
if user is None:
# create new user with an External Identity
user = new_user_external(external_user_name=external_user_name, external_id=external_id,
email=email, provider_name=provider_name, db_session=request.db)
# set a header to remember user (set-cookie)
headers = remember(request, user.id)
# redirect to 'Homepage-Route' header only if corresponding to Magpie host
if "homepage_route" in request.cookies:
homepage_route = str(request.cookies["homepage_route"])
elif "Homepage-Route" in request.headers:
homepage_route = str(request.headers["Homepage-Route"])
else:
homepage_route = "/"
header_host = urlparse(homepage_route).hostname
magpie_host = get_magpie_url(request)
if header_host and header_host != magpie_host:
ax.raise_http(http_error=HTTPForbidden, detail=s.ProviderSignin_GET_ForbiddenResponseSchema.description)
if not header_host:
homepage_route = magpie_host + ("/" if not homepage_route.startswith("/") else "") + homepage_route
return ax.valid_http(http_success=HTTPFound, detail=s.ProviderSignin_GET_FoundResponseSchema.description,
content={"homepage_route": homepage_route},
http_kwargs={"location": homepage_route, "headers": headers})
def create_group_resource_permission_response(group, resource, permission, db_session):
# type: (models.Group, ServiceOrResourceType, Permission, Session) -> HTTPException
"""
Creates a permission on a group/resource combination if it is permitted and not conflicting.
:returns: valid HTTP response on successful operations.
:raises HTTPException: error HTTP response of corresponding situation.
"""
resource_id = resource.resource_id
check_valid_service_or_resource_permission(permission.value, resource, db_session)
perm_content = {u"permission_name": str(permission.value),
u"resource": format_resource(resource, basic_info=True),
u"group": format_group(group, basic_info=True)}
existing_perm = ax.evaluate_call(
lambda: GroupResourcePermissionService.get(group.id, resource_id, permission.value, db_session=db_session),
fallback=lambda: db_session.rollback(), httpError=HTTPForbidden,
msgOnFail=s.GroupResourcePermissions_POST_ForbiddenGetResponseSchema.description, content=perm_content
)
ax.verify_param(existing_perm, isNone=True, httpError=HTTPConflict,
msgOnFail=s.GroupResourcePermissions_POST_ConflictResponseSchema.description, content=perm_content)
# noinspection PyArgumentList
new_perm = ax.evaluate_call(
lambda: models.GroupResourcePermission(resource_id=resource_id, group_id=group.id, perm_name=permission.value),
fallback=lambda: db_session.rollback(), httpError=HTTPForbidden, content=perm_content,
msgOnFail=s.GroupResourcePermissions_POST_ForbiddenCreateResponseSchema.description)
ax.evaluate_call(lambda: db_session.add(new_perm), fallback=lambda: db_session.rollback(),
httpError=HTTPForbidden, content=perm_content,
msgOnFail=s.GroupResourcePermissions_POST_ForbiddenAddResponseSchema.description)
return ax.valid_http(httpSuccess=HTTPCreated, content=perm_content,
detail=s.GroupResourcePermissions_POST_CreatedResponseSchema.description)
def get_providers(request): # noqa: F811
"""
Get list of login providers.
"""
return ax.valid_http(http_success=HTTPOk, detail=s.Providers_GET_OkResponseSchema.description,
content={"providers": {"internal": sorted(MAGPIE_INTERNAL_PROVIDERS.values()),
"external": sorted(MAGPIE_EXTERNAL_PROVIDERS.values()), }})
def assign_user_group_view(request):
"""
Assign a user to a group.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
group_name = ar.get_value_multiformat_body_checked(request, "group_name")
group = ax.evaluate_call(
lambda: GroupService.by_group_name(group_name, db_session=request.db),
fallback=lambda: request.db.rollback(),
http_error=HTTPForbidden,
msg_on_fail=s.UserGroups_POST_ForbiddenResponseSchema.description)
ax.verify_param(
group,
not_none=True,
http_error=HTTPNotFound,
msg_on_fail=s.UserGroups_POST_GroupNotFoundResponseSchema.description)
uu.assign_user_group(user, group, db_session=request.db)
return ax.valid_http(
http_success=HTTPCreated,
detail=s.UserGroups_POST_CreatedResponseSchema.description,
content={
"user_name": user.user_name,
"group_name": group.group_name
})
def delete_user_resource_permission_response(user, resource, permission, db_session, similar=True):
# type: (models.User, ServiceOrResourceType, PermissionSet, Session, bool) -> HTTPException
"""
Get validated response on deleted user resource permission.
:param user: user for which to delete the permission.
:param resource: service or resource for which to delete the permission.
:param permission: permission with modifiers to be deleted.
:param db_session: database connection.
:param similar:
Allow matching provided permission against any similar database permission. Otherwise, must match exactly.
:returns: valid HTTP response on successful operations.
:raises HTTPException: error HTTP response of corresponding situation.
"""
ru.check_valid_service_or_resource_permission(permission.name, resource, db_session)
res_id = resource.resource_id
if similar:
found_perm = get_similar_user_resource_permission(user, resource, permission, db_session)
else:
found_perm = permission
del_perm = UserResourcePermissionService.get(user.id, res_id, str(found_perm), db_session)
permission.type = PermissionType.APPLIED
err_content = {"resource_id": res_id, "user_id": user.id,
"permission_name": str(permission), "permission": permission.json()}
ax.verify_param(del_perm, not_none=True, http_error=HTTPNotFound, content=err_content,
msg_on_fail=s.UserResourcePermissionName_DELETE_NotFoundResponseSchema.description)
ax.evaluate_call(lambda: db_session.delete(del_perm), fallback=lambda: db_session.rollback(),
http_error=HTTPNotFound, content=err_content,
msg_on_fail=s.UserResourcePermissionName_DELETE_NotFoundResponseSchema.description)
return ax.valid_http(http_success=HTTPOk, detail=s.UserResourcePermissionName_DELETE_OkResponseSchema.description)
def get_group_service_resources_response(group, service, db_session):
# type: (models.Group, models.Service, Session) -> HTTPException
"""
Get validated response of all found service resources which the group has permissions on.
:returns: valid HTTP response on successful operations.
:raises HTTPException: error HTTP response of corresponding situation.
"""
svc_perms = get_group_service_permissions(group=group,
service=service,
db_session=db_session)
res_perms = get_group_service_resources_permissions_dict(
group=group, service=service, db_session=db_session)
svc_res_json = format_service_resources(
service=service,
db_session=db_session,
service_perms=svc_perms,
resources_perms_dict=res_perms,
show_all_children=False,
show_private_url=False,
)
return ax.valid_http(
http_success=HTTPOk,
detail=s.GroupServiceResources_GET_OkResponseSchema.description,
content={"service": svc_res_json})
def get_group_resource_permissions_response(group, resource, db_session):
# type: (models.Group, models.Resource, Session) -> HTTPException
"""
Get validated response with group resource permissions as content.
:returns: valid HTTP response on successful operations.
:raises HTTPException: error HTTP response of corresponding situation.
"""
def get_grp_res_perms(grp, res, db):
if res.owner_group_id == grp.id:
# FIXME: no 'magpie.models.Resource.permissions' - ok for now because no owner handling...
return models.RESOURCE_TYPE_DICT[res.type].permissions
perms = db.query(models.GroupResourcePermission) \
.filter(models.GroupResourcePermission.resource_id == res.resource_id) \
.filter(models.GroupResourcePermission.group_id == grp.id)
return [PermissionSet(p, typ=PermissionType.APPLIED) for p in perms]
group_permissions = ax.evaluate_call(
lambda: format_permissions(
get_grp_res_perms(group, resource, db_session), PermissionType.
APPLIED),
http_error=HTTPInternalServerError,
msg_on_fail=s.
GroupResourcePermissions_InternalServerErrorResponseSchema.description,
content={
"group": repr(group),
"resource": repr(resource)
})
return ax.valid_http(
http_success=HTTPOk,
detail=s.GroupResourcePermissions_GET_OkResponseSchema.description,
content=group_permissions)
def delete_user_resource_permission_response(user, resource, permission,
db_session):
# type: (models.User, ServiceOrResourceType, Permission, Session) -> HTTPException
"""
Get validated response on deleted user resource permission.
:returns: valid HTTP response on successful operations.
:raises HTTPException: error HTTP response of corresponding situation.
"""
check_valid_service_or_resource_permission(permission.value, resource,
db_session)
resource_id = resource.resource_id
del_perm = UserResourcePermissionService.get(user.id, resource_id,
permission.value, db_session)
ax.evaluate_call(
lambda: db_session.delete(del_perm),
fallback=lambda: db_session.rollback(),
httpError=HTTPNotFound,
msgOnFail=s.UserResourcePermissions_DELETE_NotFoundResponseSchema.
description,
content={
u"resource_id": resource_id,
u"user_id": user.id,
u"permission_name": permission.value
})
return ax.valid_http(
httpSuccess=HTTPOk,
detail=s.UserResourcePermissions_DELETE_OkResponseSchema.description)
def create_user_resource_permission_response(user, resource, permission,
db_session):
# type: (models.User, ServiceOrResourceType, Permission, Session) -> HTTPException
"""
Creates a permission on a user/resource combination if it is permitted and not conflicting.
:returns: valid HTTP response on successful operation.
"""
check_valid_service_or_resource_permission(permission.value, resource,
db_session)
resource_id = resource.resource_id
existing_perm = UserResourcePermissionService.by_resource_user_and_perm(
user_id=user.id,
resource_id=resource_id,
perm_name=permission.value,
db_session=db_session)
ax.verify_param(
existing_perm,
isNone=True,
httpError=HTTPConflict,
content={
u"resource_id": resource_id,
u"user_id": user.id,
u"permission_name": permission.value
},
msgOnFail=s.UserResourcePermissions_POST_ConflictResponseSchema.
description)
# noinspection PyArgumentList
new_perm = models.UserResourcePermission(resource_id=resource_id,
user_id=user.id,
perm_name=permission.value)
usr_res_data = {
u"resource_id": resource_id,
u"user_id": user.id,
u"permission_name": permission.value
}
ax.verify_param(
new_perm,
notNone=True,
httpError=HTTPForbidden,
content={
u"resource_id": resource_id,
u"user_id": user.id
},
msgOnFail=s.UserResourcePermissions_POST_ForbiddenResponseSchema.
description)
ax.evaluate_call(
lambda: db_session.add(new_perm),
fallback=lambda: db_session.rollback(),
httpError=HTTPForbidden,
content=usr_res_data,
msgOnFail=s.UserResourcePermissions_POST_ForbiddenResponseSchema.
description)
return ax.valid_http(
httpSuccess=HTTPCreated,
content=usr_res_data,
detail=s.UserResourcePermissions_POST_CreatedResponseSchema.description
)
def update_user_view(request):
"""
Update user information by user name.
"""
user_name = ar.get_value_matchdict_checked(request, key="user_name")
ax.verify_param(
user_name,
paramCompare=get_constant("MAGPIE_LOGGED_USER"),
notEqual=True,
httpError=HTTPBadRequest,
paramName="user_name",
content={u"user_name": user_name},
msgOnFail=s.Service_PUT_BadRequestResponseSchema_ReservedKeyword.
description)
user = ar.get_user_matchdict_checked(request, user_name_key="user_name")
new_user_name = ar.get_multiformat_post(request,
"user_name",
default=user.user_name)
new_email = ar.get_multiformat_post(request, "email", default=user.email)
new_password = ar.get_multiformat_post(request,
"password",
default=user.user_password)
uu.check_user_info(new_user_name,
new_email,
new_password,
group_name=new_user_name)
update_username = user.user_name != new_user_name
update_password = user.user_password != new_password
update_email = user.email != new_email
ax.verify_param(any([update_username, update_password, update_email]),
isTrue=True,
httpError=HTTPBadRequest,
content={u"user_name": user.user_name},
msgOnFail=s.User_PUT_BadRequestResponseSchema.description)
if user.user_name != new_user_name:
existing_user = ax.evaluate_call(
lambda: UserService.by_user_name(new_user_name,
db_session=request.db),
fallback=lambda: request.db.rollback(),
httpError=HTTPForbidden,
msgOnFail=s.User_PUT_ForbiddenResponseSchema.description)
ax.verify_param(
existing_user,
isNone=True,
httpError=HTTPConflict,
msgOnFail=s.User_PUT_ConflictResponseSchema.description)
user.user_name = new_user_name
if user.email != new_email:
user.email = new_email
if user.user_password != new_password and new_password is not None:
UserService.set_password(user, new_password)
UserService.regenerate_security_code(user)
return ax.valid_http(httpSuccess=HTTPOk,
detail=s.Users_PUT_OkResponseSchema.description)
def get_user_view(request):
"""
Get user information by name.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
return ax.valid_http(http_success=HTTPOk,
content={"user": uf.format_user(user)},
detail=s.User_GET_OkResponseSchema.description)
def get_service_types_view(request):
"""
List all available service types.
"""
return ax.valid_http(
httpSuccess=HTTPOk,
content={u"service_types": list(sorted(SERVICE_TYPE_DICT.keys()))},
detail=s.ServiceTypes_GET_OkResponseSchema.description)
def get_groups_view(request):
"""
Get list of group names.
"""
group_names = gu.get_all_group_names(request.db)
return ax.valid_http(http_success=HTTPOk,
detail=s.Groups_GET_OkResponseSchema.description,
content={"group_names": group_names})
def get_discoverable_group_info_view(request):
"""
Obtain the information of a discoverable group.
"""
group = ar.get_group_matchdict_checked(request)
public_group = ru.get_discoverable_group_by_name(group.group_name, db_session=request.db)
group_fmt = gf.format_group(public_group, public_info=True)
return ax.valid_http(http_success=HTTPOk, content={"group": group_fmt},
detail=s.RegisterGroup_GET_OkResponseSchema.description)
def get_service_view(request):
"""
Get a service information.
"""
service = ar.get_service_matchdict_checked(request)
service_info = sf.format_service(service, show_private_url=True,
show_resources_allowed=True, show_configuration=True)
return ax.valid_http(http_success=HTTPOk, detail=s.Service_GET_OkResponseSchema.description,
content={"service": service_info})
def get_user_groups_view(request):
"""
List all groups a user belongs to.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
group_names = uu.get_user_groups_checked(user, request.db)
return ax.valid_http(http_success=HTTPOk,
content={"group_names": group_names},
detail=s.UserGroups_GET_OkResponseSchema.description)
def get_service_resources_view(request):
"""
List all resources registered under a service.
"""
service = ar.get_service_matchdict_checked(request)
svc_res_json = sf.format_service_resources(service, db_session=request.db,
show_all_children=True, show_private_url=True)
return ax.valid_http(http_success=HTTPOk, content={svc_res_json["service_name"]: svc_res_json},
detail=s.ServiceResources_GET_OkResponseSchema.description)
def leave_discoverable_group_view(request):
"""
Removes membership of the logged user from a previously joined discoverable group.
"""
group = ar.get_group_matchdict_checked(request)
user = ar.get_logged_user(request)
group = ru.get_discoverable_group_by_name(group.group_name, db_session=request.db)
uu.delete_user_group(user, group, request.db)
return ax.valid_http(http_success=HTTPOk, detail=s.RegisterGroup_DELETE_OkResponseSchema.description)
def delete_user_group_view(request):
"""
Removes a user from a group.
"""
user = ar.get_user_matchdict_checked_or_logged(request)
group = ar.get_group_matchdict_checked(request)
uu.delete_user_group(user, group, request.db)
return ax.valid_http(
http_success=HTTPOk,
detail=s.UserGroup_DELETE_OkResponseSchema.description)
def get_group_view(request):
"""
Get group information.
"""
group = ar.get_group_matchdict_checked(request,
group_name_key="group_name")
return ax.valid_http(
http_success=HTTPOk,
detail=s.Group_GET_OkResponseSchema.description,
content={"group": gf.format_group(group, db_session=request.db)})