def delete_user(request):
"""
Delete a user
privs: admin, or self
"""
cur_user = request.validated['ValidUser']
target_query = DBSession.query(User).filter(User.name==request.validated['username'])
if target_query.count() > 0:
target = target_query.first()
if target.name == cur_user.name or cur_user.admin:
DBSession.delete(target)
DBSession.commit()
return {"success": True}
raise _401()
def delete_key(request):
"""
Delete an api key
privs: logged in, admin
{"username": "******", "key": "dat-key"}
"""
cur_user = request.validated['ValidUser']
target_query = DBSession.query(User).filter(
User.name==request.validated['username'])
if target_query.count() > 0:
target = target_query.first()
if target == cur_user or cur_user.admin:
key_query = DBSession.query(APIKey).filter(
APIKey.apikey==request.validated['key'])
if key_query.count() > 0:
key = key_query.first()
DBSession.delete(key)
DBSession.commit()
return {"success": True}
raise _401()
def delete_key(request):
"""
Delete an api key
privs: logged in, admin
{"username": "******", "key": "dat-key"}
"""
cur_user = request.validated['ValidUser']
target_query = DBSession.query(User).filter(
User.name == request.validated['username'])
if target_query.count() > 0:
target = target_query.first()
if target == cur_user or cur_user.admin:
key_query = DBSession.query(APIKey).filter(
APIKey.apikey == request.validated['key'])
if key_query.count() > 0:
key = key_query.first()
DBSession.delete(key)
DBSession.commit()
return {"success": True}
raise _401()
