def can_write(cls, user, blitem_id): if is_valid_id(blitem_id): doc = cls.get({'_id': ObjectId(blitem_id)}) blibb_id = str(doc['b']) current_app.logger.info('can_write' + user + ' ' + blibb_id) return Blibb.can_write(user, '', blibb_id) return False
def newItem(): bid = request.form['blibb_id'] key = request.form['login_key'] tags = request.form['tags'] app_token = request.form['app_token'] user = get_user_name(key) current_app.logger.info('labels: ' + str(user)) if is_valid_id(bid): b = Blibb.get_object({'_id': ObjectId(bid)}, {'u': 1, 't.i': 1}) controls = Blibb.get_controls_as_dict(b.get('t')) current_app.logger.info(controls) if Blibb.can_write(user, app_token, bid): # labels = Blibb.get_labels(b.get('t')) # current_app.logger.info('labels: ' + str(labels)) bitems = Blitem.get_items_from_request(controls, request) current_app.logger.info('items from request: ' + str(bitems)) blitem_id = Blitem.insert(bid, user, bitems, tags) if blitem_id: cond = {'_id': ObjectId(bid)} Blibb.inc_num_item(cond) Blitem.post_process(blitem_id, bitems) return blitem_id else: abort(401) return jsonify(Message.get('id_not_valid'))
def newTag(): target_id = None target = None key = request.form['k'] user = get_user_name(key) target_id = request.form['b'] if Blibb.can_write(target_id, user): tag = request.form['t'] target.addTag(target_id, tag) return json.dumps('ok')
def updateView(): blibb_id = request.form['blibb_id'] user = get_user_name(request.form['login_key']) view = request.form['viewName'] html = request.form['viewHtml'] # current_app.logger.info(user + ' ' + blibb_id + ' ' + view + ' ' + html) if is_valid_id(blibb_id): if Blibb.can_write(user, '', blibb_id): Blibb.update_view(blibb_id, user, view, html) return jsonify({'result': 'View Updated'}) else: abort(401) abort(404)
def add_webhook(): key = request.form['login_key'] bid = request.form['blibb_id'] callback = request.form['callback'] fields = request.form['fields'] action = request.form['action'] user = get_key(key) res = dict() wb = {'a': action, 'u': callback, 'f': fields} if is_valid_id(bid): if Blibb.can_write(user, '', bid): Blibb.add_webhook(bid, wb) res['result'] = 'ok' else: abort(401) else: res['error'] = 'Object Id is not valid' return jsonify(res)
def add_user_to_group(): key = request.form['login_key'] bid = request.form['blibb_id'] username = request.form['username'] user = get_key(key) res = dict() if is_valid_id(bid): user_to_add = User.get_by_name(username) if user_to_add: if Blibb.can_write(user, '', bid): Blibb.add_user_to_group(username, bid) res['result'] = 'ok' else: res['error'] = 'Not permissions' else: res['error'] = 'User not found' else: res['error'] = 'Object Id is not valid' return jsonify(res)
def addItemtoBlibb(username=None, slug=None): if username is None or slug is None: abort(404) user = '' app_token = '' if 'login_key' in request.form: key = request.form['login_key'] user = get_key(key) else: app_token = request.form['app_token'] if \ 'app_token' in request.form else '' tags = request.form['tags'] if 'tags' in request.form else '' blibb = Blibb.get_object({'u': username, 's': slug}, {'_id': 1, 't.i': 1}) if blibb: blibb_id = blibb['_id'] controls = Blibb.get_controls_as_dict(blibb.get('t')) current_app.logger.info(str(user) + ' - ' + str(app_token) + ' - ' + str(blibb_id) + ' - ' + username + ' - ' + slug) if Blibb.can_write(user, app_token, blibb_id): bitems = Blitem.get_items_from_request(controls, request) if len(bitems) > 0: blitem_id = Blitem.insert(blibb_id, user, bitems, tags) if is_valid_id(blitem_id): cond = {'s': slug, 'u': username} Blibb.inc_num_item(cond) Blitem.post_process(blitem_id, bitems) res = {'id': blitem_id} return jsonify(res) else: return jsonify({'error': 'your POST data was not complete'}) else: abort(401) else: abort(404)