def add_cp_organization_membership():
"""Add new organization membership
**Example request**:
.. sourcecode:: http
POST /api/1.0/organization_memberships HTTP/1.1
Host: do.cert.europa.eu
Accept: application/json
Content-Type: application/json
{
"membership_role_id": 12,
"user_id": 153,
"organization_id": 201,
"country_id": 23,
"street": "Mustergasse 2/4",
"zip": "1234",
"phone": "+4315671234",
"email": "*****@*****.**",
"comment": "foo",
"pgp_key_id": "abc123",
"pgp_key_fingerprint": "def456",
"pgp_key": "ghi789",
"smime": "something",
"coc": "anythnig goes"
}
**Example response**:
.. sourcecode:: http
HTTP/1.0 201 CREATED
Content-Type: application/json
{
"message": "Organization saved"
}
**Example validation error**:
.. sourcecode:: http
HTTP/1.0 400 BAD REQUEST
Content-Type: application/json
{
"message": "'membership_role_id' is a required property",
"validator": "required"
}
:reqheader Accept: Content type(s) accepted by the client
:reqheader API-Authorization: API key. If present authentication and
authorization will be attempted.
:resheader Content-Type: This depends on `Accept` header or request
:<json integer membership_role_id: Unique ID of the organization user role
:<json integer user_id: Unique ID of the user
:<json integer organization_id: Unique ID of the organization
:<json string country_id: Unique ID of the country
:<json string street: Street address
:<json string zip: Zip code
:<json string phone: Phone number
:<json string email: Email address
:<json string comment: Arbitrary comment
:<json string pgp_key_id: PGP key ID
:<json string pgp_key_fingerprint: PGP key fingerprint
:<json string pgp_key: PGP key
:<json string smime: S/MIME
:<json string coc: Code of Conduct
:>json string message: Status message
:>json integer id: Organization membership ID
:status 200: Organization membership details were successfully saved
:status 400: Bad request
:status 401: Authorization failure. The client MAY repeat the request with
a suitable API-Authorization header field. If the request already
included Authorization credentials, then the 401 response indicates
that authorization has been refused for those credentials.
:status 403: Access denied. Authorization will not help and the request
SHOULD NOT be repeated.
:status 422: Validation error
"""
try:
membership = OrganizationMembership.fromdict(request.json)
except AttributeError:
return ApiResponse(
{
'message': 'Attribute error. Invalid email, phone or mobile?',
}, 422, {})
check_membership_permissions(membership)
db.session.add(membership)
db.session.commit()
return ApiResponse({'organization_membership': membership.serialize(),
'message': 'Organization membership added'}, 201, \
{'Location': url_for('cp.get_cp_organization_membership',
membership_id=membership.id)})
def add_cp_user():
"""Add new user
**Example request**:
.. sourcecode:: http
POST /api/1.0/users HTTP/1.1
Host: do.cert.europa.eu
Accept: application/json
Content-Type: application/json
{
"login": "******",
"password": "******",
"name": "Max Muster",
"picture": "image/png;base64,iVBORw0KGgoAAAANS...",
"birthdate": "1951-03-22",
"title": "Dr.",
"origin": "Uranus",
"membership_role_id": 12,
"organization_id": 201
}
**Example response**:
.. sourcecode:: http
HTTP/1.0 201 CREATED
Content-Type: application/json
{
"message": "User saved"
}
**Example validation error**:
.. sourcecode:: http
HTTP/1.0 400 BAD REQUEST
Content-Type: application/json
{
"message": "'name' is a required property",
"validator": "required"
}
:reqheader Accept: Content type(s) accepted by the client
:reqheader API-Authorization: API key. If present authentication and
authorization will be attempted.
:resheader Content-Type: This depends on `Accept` header or request
:<json string login: Login email address. If not present, the user can't
login
:<json string password: Password
:<json string name: Name
:<json string picture: Base64-encoded PNG profile picture
:<json string birthdate: Birthdate as YYYY-MM-DD
:<json string title: Academic or honorific title
:<json string origin: Origin
:<json integer membership_role_id: Unique ID of the organization user role
:<json integer organization_id: Unique ID of the organization
:<json string country_id: Unique ID of the country
:<json string street: Street address
:<json string zip: Zip code
:<json string phone: Phone number
:<json string email: Email address
:<json string comment: Arbitrary comment
:<json string pgp_key_id: PGP key ID
:<json string pgp_key_fingerprint: PGP key fingerprint
:<json string pgp_key: PGP key
:<json string smime: S/MIME
:<json string coc: Code of Conduct
:>json string message: Status message
:>json integer id: User ID
:status 200: User details were successfully saved
:status 400: Bad request
:status 401: Authorization failure. The client MAY repeat the request with
a suitable API-Authorization header field. If the request already
included Authorization credentials, then the 401 response indicates
that authorization has been refused for those credentials.
:status 403: Access denied. Authorization will not help and the request
SHOULD NOT be repeated.
"""
try:
user = User.fromdict(request.json['user'])
membership = OrganizationMembership.fromdict(
request.json['organization_membership'])
except AttributeError as ae:
return ApiResponse(
{
'message':
'Attribute error. Invalid email, phone or mobile?' + str(ae),
}, 422, {})
# The role and organization must exist and the current user must be able to
# admin the organization.
role = MembershipRole.query.get_or_404(membership.membership_role_id)
org = Organization.query.get_or_404(membership.organization_id)
if not g.user.may_handle_organization(org):
abort(403)
db.session.add(user)
db.session.commit()
membership.user_id = user.id
db.session.add(membership)
db.session.commit()
return ApiResponse({'user': user.serialize(),
'organization_membership': membership.serialize(),
'message': 'User added'}, 201, \
{'Location': url_for('cp.get_cp_user', user_id=user.id)})
