def update_perm(perm_id): if not request.json: raise ApiError('nothing to change', 400) for s in request.json.get('scopes', []): if s not in Scope.find_all(): raise ApiError("'{}' is not a valid Scope".format(s), 400) perm = Permission.find_by_id(perm_id) if not perm: raise ApiError('not found', 404) admin_audit_trail.send(current_app._get_current_object(), event='permission-updated', message='', user=g.login, customers=g.customers, scopes=g.scopes, resource_id=perm.id, type='permission', request=request) updated = perm.update(**request.json) if updated: return jsonify(status='ok', permission=updated.serialize) else: raise ApiError('failed to update permission', 500)
def list_scopes(): scopes = Scope.find_all() return jsonify(status='ok', scopes=scopes, total=len(scopes))