def update(table_name, record_id=None, username=None, updates={}):
"""
Updates a single record (handles GET traffic)
"""
try:
if record_id:
return make_response(
jsonify(Interactions.update(
table_name, record_id=record_id, updates=updates)),
client.OK)
else:
return make_response(
jsonify(Interactions.update(
table_name,
filters={'username': username},
updates=updates)
), client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(
jsonify({'Error': 'Invalid parameter(s)'}), client.BAD_REQUEST)
def delete_account(record_id):
"""
Deletes a single account record, removes all traces of account from other
tables
"""
try:
# Delete this account's subscriptions
Interactions.delete_specific(
DEFAULT_SUBSCRIPTIONS_TABLE, filters={'account_id': record_id})
# Loop and delete any records subscribed to their registrations
registrations = Interactions.query(DEFAULT_REGISTRATIONS_TABLE,
filters={'account_id': record_id})
for registration in registrations:
delete_registration(registration['id'])
return make_response(
jsonify(Interactions.delete(DEFAULT_ACCOUNTS_TABLE, record_id)),
client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(
jsonify({'Error': 'Invalid id parameter'}), client.BAD_REQUEST)
def insert_account(table_name, **kwargs):
"""
Creates new account records (handles POST traffic)
Salts the api_key
"""
try:
# Username cannot already exist
record = Interactions.query(
table_name, filters={'username': kwargs['username']})
if record:
return make_response(
jsonify({'Error': 'Username already exists'}), client.CONFLICT)
original_api_key = kwargs['api_key']
kwargs['api_key'] = generate_password_hash(kwargs['api_key'])
account_data = Interactions.insert(table_name, **kwargs)
account_data['api_key'] = original_api_key
return make_response(jsonify(account_data), client.CREATED)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(
jsonify({'Error': 'Invalid parameter(s)'}), client.BAD_REQUEST)
def update(table_name, record_id=None, username=None, updates={}):
"""
Updates a single record (handles GET traffic)
"""
try:
if record_id:
return make_response(
jsonify(
Interactions.update(table_name,
record_id=record_id,
updates=updates)), client.OK)
else:
return make_response(
jsonify(
Interactions.update(table_name,
filters={'username': username},
updates=updates)), client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(jsonify({'Error': 'Invalid parameter(s)'}),
client.BAD_REQUEST)
def insert_account(table_name, **kwargs):
"""
Creates new account records (handles POST traffic)
Salts the api_key
"""
try:
# Username cannot already exist
record = Interactions.query(table_name,
filters={'username': kwargs['username']})
if record:
return make_response(jsonify({'Error': 'Username already exists'}),
client.CONFLICT)
original_api_key = kwargs['api_key']
kwargs['api_key'] = generate_password_hash(kwargs['api_key'])
account_data = Interactions.insert(table_name, **kwargs)
account_data['api_key'] = original_api_key
return make_response(jsonify(account_data), client.CREATED)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(jsonify({'Error': 'Invalid parameter(s)'}),
client.BAD_REQUEST)
def delete_account(record_id):
"""
Deletes a single account record, removes all traces of account from other
tables
"""
try:
# Delete this account's subscriptions
Interactions.delete_specific(DEFAULT_SUBSCRIPTIONS_TABLE,
filters={'account_id': record_id})
# Loop and delete any records subscribed to their registrations
registrations = Interactions.query(DEFAULT_REGISTRATIONS_TABLE,
filters={'account_id': record_id})
for registration in registrations:
delete_registration(registration['id'])
return make_response(
jsonify(Interactions.delete(DEFAULT_ACCOUNTS_TABLE, record_id)),
client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(jsonify({'Error': 'Invalid id parameter'}),
client.BAD_REQUEST)
def post(self, registration_id):
"""
Creates new triggered webhook event
"""
registration = Interactions.query(DEFAULT_REGISTRATIONS_TABLE,
filters={'id': registration_id})
if not registration:
return make_response(
jsonify({'Error': 'Registration id not found'}),
client.NOT_FOUND)
# Other users cannot trigger webhooks they didn't create
calling_account_id = lookup_account_id(request.headers['username'])
if not lookup_registration_id(calling_account_id, registration_id):
return make_response(
jsonify({
'Error':
'You don\'t have access '
'to this registration record or it no '
'longer exists'
}), client.UNAUTHORIZED)
# Notify subscribed endpoints (send the webhooks out)
subscriptions = Interactions.list_all(
DEFAULT_SUBSCRIPTIONS_TABLE,
order_by='epoch',
filters={'registration_id': registration_id})
if subscriptions:
for record in subscriptions:
account = Interactions.get(DEFAULT_ACCOUNTS_TABLE,
record['account_id'])
# Only hit the endpoint if their failed count is low enough
if int(account['failed_count']) < MAX_FAILED_COUNT:
# This import is required to be here so the flask-restful
# piece works properly with Celery
from pywebhooks.tasks.webhook_notification import \
notify_subscribed_accounts
notify_subscribed_accounts.delay(
event=registration[0]['event'],
event_data=registration[0]['event_data'],
secret_key=account['secret_key'],
endpoint=account['endpoint'],
account_id=record['account_id'])
return insert(DEFAULT_TRIGGERED_TABLE,
**{'registration_id': registration_id})
def post(self, registration_id):
"""
Creates new triggered webhook event
"""
registration = Interactions.query(
DEFAULT_REGISTRATIONS_TABLE, filters={'id': registration_id})
if not registration:
return make_response(
jsonify(
{'Error': 'Registration id not found'}
), client.NOT_FOUND)
# Other users cannot trigger webhooks they didn't create
calling_account_id = lookup_account_id(request.headers['username'])
if not lookup_registration_id(calling_account_id, registration_id):
return make_response(
jsonify({'Error': 'You don\'t have access '
'to this registration record or it no '
'longer exists'}),
client.UNAUTHORIZED)
# Notify subscribed endpoints (send the webhooks out)
subscriptions = Interactions.list_all(
DEFAULT_SUBSCRIPTIONS_TABLE, order_by='epoch',
filters={'registration_id': registration_id})
if subscriptions:
for record in subscriptions:
account = Interactions.get(DEFAULT_ACCOUNTS_TABLE,
record['account_id'])
# Only hit the endpoint if their failed count is low enough
if int(account['failed_count']) < MAX_FAILED_COUNT:
# This import is required to be here so the flask-restful
# piece works properly with Celery
from pywebhooks.tasks.webhook_notification import \
notify_subscribed_accounts
notify_subscribed_accounts.delay(
event=registration[0]['event'],
event_data=registration[0]['event_data'],
secret_key=account['secret_key'],
endpoint=account['endpoint'],
account_id=record['account_id'])
return insert(DEFAULT_TRIGGERED_TABLE,
**{'registration_id': registration_id})
def wrapper(*args, **kwargs):
try:
api_key = request.headers['api-key']
except KeyError:
return make_response(
jsonify({'Error': 'Missing API key header value'}),
client.UNAUTHORIZED)
try:
username = request.headers['username']
except KeyError:
return make_response(
jsonify({'Error': 'Missing username header value'}),
client.UNAUTHORIZED)
record = Interactions.query(DEFAULT_ACCOUNTS_TABLE,
filters={'username': username})
if not record:
return make_response(
jsonify({'Error': 'Invalid API key or Username'}),
client.UNAUTHORIZED)
if not check_password_hash(record[0]['api_key'], api_key):
return make_response(jsonify({'Error': 'Invalid API key'}),
client.UNAUTHORIZED)
if verify_admin:
if not record[0]['is_admin']:
return make_response(jsonify({'Error': 'Not an Admin'}),
client.UNAUTHORIZED)
return f(*args, **kwargs)
def paginate(request, table_name, resource_name, filters=None):
limit = int(request.args.get('limit'))
start = int(request.args.get('start'))
if not filters:
filters = {}
end = start + limit
returned_records = Interactions.list(
table_name, start, end, 'epoch', filters=filters)
records = []
for item in returned_records:
records.append(item)
if len(returned_records) == 0:
return make_response('', client.NO_CONTENT)
if len(returned_records) < limit:
return_json = {
resource_name: records
}
else:
return_json = {
'next_start': end,
resource_name: records
}
return make_response(jsonify(return_json), client.OK)
def paginate(request, table_name, resource_name, filters=None):
limit = int(request.args.get('limit'))
start = int(request.args.get('start'))
if not filters:
filters = {}
end = start + limit
returned_records = Interactions.list(table_name,
start,
end,
'epoch',
filters=filters)
records = []
for item in returned_records:
records.append(item)
if len(returned_records) == 0:
return make_response('', client.NO_CONTENT)
if len(returned_records) < limit:
return_json = {resource_name: records}
else:
return_json = {'next_start': end, resource_name: records}
return make_response(jsonify(return_json), client.OK)
def reset_key(username, key_type):
"""
Resets either a secret key or api key
"""
try:
# Note: The validate_username_in_header decorator will verify the
# username and record. The api_key_restricted_resource will validate
# the username as well as a valid API key
record = Interactions.query(DEFAULT_ACCOUNTS_TABLE,
filters={"username": username})
endpoint = record[0]['endpoint']
if not endpoint:
return make_response(
jsonify({'Error': 'Endpoint not found'}),
client.NOT_FOUND
)
new_key = common.generate_key()
salted_new_key = generate_password_hash(new_key)
if not client_reset_key(endpoint, key_type, new_key):
return make_response(
jsonify({'Error': 'Failed to contact the endpoint or wrong '
'HTTP status code returned'}),
client.BAD_REQUEST
)
if key_type == 'api_key':
update = {key_type: salted_new_key}
else:
update = {key_type: new_key}
Interactions.update(DEFAULT_ACCOUNTS_TABLE,
filters={"username": username},
updates=update)
return make_response(jsonify({'Message': 'New key sent to endpoint'}),
client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
def reset_key(username, key_type):
"""
Resets either a secret key or api key
"""
try:
# Note: The validate_username_in_header decorator will verify the
# username and record. The api_key_restricted_resource will validate
# the username as well as a valid API key
record = Interactions.query(DEFAULT_ACCOUNTS_TABLE,
filters={"username": username})
endpoint = record[0]['endpoint']
if not endpoint:
return make_response(jsonify({'Error': 'Endpoint not found'}),
client.NOT_FOUND)
new_key = common.generate_key()
salted_new_key = generate_password_hash(new_key)
if not client_reset_key(endpoint, key_type, new_key):
return make_response(
jsonify({
'Error':
'Failed to contact the endpoint or wrong '
'HTTP status code returned'
}), client.BAD_REQUEST)
if key_type == 'api_key':
update = {key_type: salted_new_key}
else:
update = {key_type: new_key}
Interactions.update(DEFAULT_ACCOUNTS_TABLE,
filters={"username": username},
updates=update)
return make_response(jsonify({'Message': 'New key sent to endpoint'}),
client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
def update_failed_count(account_id=None, increment_failed_count=False):
"""
Update the failed_count field on the user's account
"""
try:
# Get the failed_count value
account_record = Interactions.get(
DEFAULT_ACCOUNTS_TABLE, record_id=account_id)
failed_count = int(account_record['failed_count'])
if increment_failed_count:
failed_count += 1
else:
failed_count = 0
Interactions.update(DEFAULT_ACCOUNTS_TABLE, record_id=account_id,
updates={'failed_count': failed_count})
except (RqlRuntimeError, RqlDriverError, Exception):
pass
def create_admin_account():
"""
Creates a new admin account
"""
try:
original_api_key = generate_key()
secret_key = generate_key()
hashed_api_key = generate_password_hash(original_api_key)
Interactions.insert(DEFAULT_ACCOUNTS_TABLE,
**{'username': '******',
'endpoint': '',
'is_admin': True,
'api_key': hashed_api_key,
'secret_key': secret_key})
return {'api_key': original_api_key, 'secret_key': secret_key}
except (RqlRuntimeError, RqlDriverError) as err:
raise err
def update_failed_count(account_id=None, increment_failed_count=False):
"""
Update the failed_count field on the user's account
"""
try:
# Get the failed_count value
account_record = Interactions.get(DEFAULT_ACCOUNTS_TABLE,
record_id=account_id)
failed_count = int(account_record['failed_count'])
if increment_failed_count:
failed_count += 1
else:
failed_count = 0
Interactions.update(DEFAULT_ACCOUNTS_TABLE,
record_id=account_id,
updates={'failed_count': failed_count})
except (RqlRuntimeError, RqlDriverError, Exception):
pass
def lookup_subscription_id(account_id, subscription_id):
"""
Looks up subscription based on account_id and pass the record back
"""
try:
return Interactions.query(
DEFAULT_SUBSCRIPTIONS_TABLE,
filters={'account_id': account_id, 'id': subscription_id})
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def lookup_account_id(username):
"""
Looks up the user's account id based on username
"""
try:
record = Interactions.query(
DEFAULT_ACCOUNTS_TABLE, filters={'username': username})
return record[0]['id']
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def lookup_account_id(username):
"""
Looks up the user's account id based on username
"""
try:
record = Interactions.query(DEFAULT_ACCOUNTS_TABLE,
filters={'username': username})
return record[0]['id']
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def lookup_registration_id(account_id, registration_id):
"""
Looks up registration based on account_id and pass the record back
"""
try:
return Interactions.query(
DEFAULT_REGISTRATIONS_TABLE,
filters={'account_id': account_id, 'id': registration_id})
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def delete_all(table_name):
"""
Deletes all records (handles DELETE traffic)
"""
try:
return make_response(
jsonify(Interactions.delete_all(table_name)), client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
def delete_all(table_name):
"""
Deletes all records (handles DELETE traffic)
"""
try:
return make_response(jsonify(Interactions.delete_all(table_name)),
client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
def lookup_subscription_id(account_id, subscription_id):
"""
Looks up subscription based on account_id and pass the record back
"""
try:
return Interactions.query(DEFAULT_SUBSCRIPTIONS_TABLE,
filters={
'account_id': account_id,
'id': subscription_id
})
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def registration_id_exists(registration_id):
"""
Looks up registration based on record_id and pass the record back
"""
try:
registration = Interactions.query(DEFAULT_REGISTRATIONS_TABLE,
filters={'id': registration_id})
if registration:
return True
return False
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def registration_id_exists(registration_id):
"""
Looks up registration based on record_id and pass the record back
"""
try:
registration = Interactions.query(
DEFAULT_REGISTRATIONS_TABLE, filters={'id': registration_id})
if registration:
return True
return False
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def lookup_registration_id(account_id, registration_id):
"""
Looks up registration based on account_id and pass the record back
"""
try:
return Interactions.query(DEFAULT_REGISTRATIONS_TABLE,
filters={
'account_id': account_id,
'id': registration_id
})
except RqlRuntimeError as runtime_err:
return runtime_err
except RqlDriverError as rql_err:
return rql_err
def delete_registration(registration_id):
"""
Deletes a single registration record, removes all traces of this
registration from the subscription table
"""
try:
Interactions.delete_specific(
DEFAULT_SUBSCRIPTIONS_TABLE,
filters={'registration_id': registration_id})
return make_response(
jsonify(Interactions.delete_specific(
DEFAULT_REGISTRATIONS_TABLE,
filters={'id': registration_id})), client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(
jsonify({'Error': 'Invalid id parameter'}), client.BAD_REQUEST)
def delete_registration(registration_id):
"""
Deletes a single registration record, removes all traces of this
registration from the subscription table
"""
try:
Interactions.delete_specific(
DEFAULT_SUBSCRIPTIONS_TABLE,
filters={'registration_id': registration_id})
return make_response(
jsonify(
Interactions.delete_specific(DEFAULT_REGISTRATIONS_TABLE,
filters={'id': registration_id})),
client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(jsonify({'Error': 'Invalid id parameter'}),
client.BAD_REQUEST)
def delete(table_name, record_id):
"""
Deletes a single record (handles DELETE traffic)
"""
try:
return make_response(
jsonify(Interactions.delete(table_name, record_id)), client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(
jsonify({'Error': 'Invalid id parameter'}), client.BAD_REQUEST)
def delete(table_name, record_id):
"""
Deletes a single record (handles DELETE traffic)
"""
try:
return make_response(
jsonify(Interactions.delete(table_name, record_id)), client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(jsonify({'Error': 'Invalid id parameter'}),
client.BAD_REQUEST)
def insert(table_name, **kwargs):
"""
Creates new records (handles POST traffic)
"""
try:
return make_response(
jsonify(Interactions.insert(table_name, **kwargs)), client.CREATED)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(jsonify({'Error': 'Invalid parameter(s)'}),
client.BAD_REQUEST)
def insert(table_name, **kwargs):
"""
Creates new records (handles POST traffic)
"""
try:
return make_response(
jsonify(Interactions.insert(table_name, **kwargs)), client.CREATED)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
except TypeError:
return make_response(
jsonify({'Error': 'Invalid parameter(s)'}), client.BAD_REQUEST)
def wrapper(*args, **kwargs):
try:
username = request.headers['username']
except KeyError:
return make_response(
jsonify({'Error': 'Missing the username header value'}),
client.BAD_REQUEST)
record = Interactions.query(DEFAULT_ACCOUNTS_TABLE,
filters={'username': username})
if not record:
return make_response(jsonify({'Error': 'Username not found'}),
client.NOT_FOUND)
return f(*args, **kwargs)
def delete_accounts_except_admins():
"""
Deletes all account records except those marked as admins, removes all
traces of account from other tables
"""
try:
return make_response(
jsonify(Interactions.delete_specific(
DEFAULT_ACCOUNTS_TABLE,
filters={'is_admin': False})), client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
def delete_accounts_except_admins():
"""
Deletes all account records except those marked as admins, removes all
traces of account from other tables
"""
try:
return make_response(
jsonify(
Interactions.delete_specific(DEFAULT_ACCOUNTS_TABLE,
filters={'is_admin': False})),
client.OK)
except RqlRuntimeError as runtime_err:
return make_response(jsonify({'Error': runtime_err.message}),
client.INTERNAL_SERVER_ERROR)
except RqlDriverError as rql_err:
return make_response(jsonify({'Error': rql_err.message}),
client.INTERNAL_SERVER_ERROR)
def wrapper(*args, **kwargs):
try:
api_key = request.headers['api-key']
except KeyError:
return make_response(
jsonify(
{'Error': 'Missing API key header value'}
), client.UNAUTHORIZED
)
try:
username = request.headers['username']
except KeyError:
return make_response(
jsonify(
{'Error': 'Missing username header value'}
), client.UNAUTHORIZED
)
record = Interactions.query(DEFAULT_ACCOUNTS_TABLE,
filters={'username': username})
if not record:
return make_response(
jsonify({'Error': 'Invalid API key or Username'}),
client.UNAUTHORIZED
)
if not check_password_hash(record[0]['api_key'], api_key):
return make_response(
jsonify({'Error': 'Invalid API key'}), client.UNAUTHORIZED)
if verify_admin:
if not record[0]['is_admin']:
return make_response(
jsonify({'Error': 'Not an Admin'}),
client.UNAUTHORIZED
)
return f(*args, **kwargs)
