def create(context, request):
try:
name = request.params['name']
parent = request.params.get('parent')
g = Group(name=name)
request.db_session.add(g)
request.db_session.flush()
if parent:
try:
g.parent = Group.get(request.db_session, parent)
except NoResultFound:
raise ParamsError('Invalid parent: %s', parent)
except KeyError as e:
raise ParamsError('Missing parameter: {}'.format(e))
except IntegrityError as e:
error = 'Group {} already exists'.format(name)
raise HTTPConflict(headers={'X-Request-Error': error})
else:
request.db_session.commit()
raise HTTPCreated()
def create(context, request):
try:
email = request.params['email']
password = request.params['password']
name = request.params['name']
surname = request.params['surname']
company = request.params.get('company')
web = request.params.get('web')
twitter = request.params.get('twitter')
request_groups = [g for g in request.params.getall('groups') if g]
groups = Group.search(request.db_session,
filters=(Group.name.in_(request_groups),)
)
organization_name = request.params.get('organization')
if organization_name:
try:
organization = Group.get(request.db_session,
organization_name)
except NoResultFound:
raise HTTPPreconditionFailed(headers={
'X-Request-Error': 'Invalid group {}'\
.format(organization_name)
})
else:
organization = None
if request_groups and len(groups) != len(request_groups):
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Invalid groups "{}"'\
.format(', '.join(request_groups))})
u = User(email=email, password=password, name=name,
surname=surname, company=company,
web=web, twitter=twitter, groups=groups,
organization=organization)
request.db_session.add(u)
request.db_session.flush()
except KeyError as e:
raise ParamsError(e)
except IntegrityError as e:
error = 'User with email {} already exists'\
.format(request.params['email'])
request.db_session.rollback()
raise HTTPConflict(headers={'X-Request-Error': error})
else:
request.db_session.commit()
raise HTTPCreated()
def empty_instance_groups(context, request):
domain = request.matchdict['domain']
group = Group.get(request.db_session, domain)
instance = Instance.get_by_domain(request.db_session, domain)
instance.groups = [group]
request.db_session.commit()
raise HTTPNoContent()
def update(context, request):
name = request.matchdict['name']
group = Group.get(request.db_session, name)
params = {}
if 'name' in request.params:
params['name'] = request.params['name']
if 'parent' in request.params:
parent = request.params['parent']
try:
if parent:
params['parent'] = Group.get(request.db_session, parent)
else:
params['parent'] = None
except NoResultFound:
raise ParamsError('Invalid parent: %s', parent)
if not params:
raise ParamsError('Missing update fields')
try:
for attr, value in params.iteritems():
setattr(group, attr, value)
request.db_session.flush()
except IntegrityError:
request.db_session.rollback()
raise HTTPConflict(headers={'X-Request-Error':
'Group {} already exists'.format(name)})
else:
request.db_session.commit()
return group.to_dict()
def remove_group_from_instance(context, request):
domain = request.matchdict['domain']
group_name = request.matchdict['group']
instance = Instance.get_by_domain(request.db_session, domain)
try:
group = Group.get(request.db_session, group_name)
except NoResultFound:
raise HTTPNoContent()
if group.name == domain:
raise HTTPConflict(headers={'X-Request-Error': \
"group {} cannot be removed".format(group_name)})
instance.groups = [g for g in instance.groups if g.name != group.name]
request.db_session.commit()
raise HTTPNoContent()
def delete(context, request):
try:
name = request.matchdict['name']
group = Group.get(request.db_session, name)
group.delete()
request.db_session.flush()
except IntegrityError as e:
Group.log.exception('Error deleting group {}'.format(name))
request.db_session.rollback()
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Cannot delete group {}: {}'\
.format(group, e)})
else:
request.db_session.commit()
raise HTTPNoContent()
def add_group_to_instance(context, request):
domain = request.matchdict['domain']
group_name = request.matchdict['group']
instance = Instance.get_by_domain(request.db_session, domain)
try:
group = Group.get(request.db_session, group_name)
except NoResultFound:
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'No such group {}'\
.format(group_name)}
)
if group_name in (g.name for g in instance.groups):
raise HTTPNoContent()
instance.groups.append(group)
request.db_session.commit()
raise HTTPNoContent()
def set_instance_groups(context, request):
domain = request.matchdict['domain']
request_groups = set(request.params.getall('groups'))
if domain not in request_groups:
request_groups.add(domain)
instance = Instance.get_by_domain(request.db_session, domain)
groups = Group.search(
request.db_session,
filters=(Group.name.in_(request_groups), )
)
if len(groups) != len(request_groups):
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Invalid groups {}'\
.format(','.join(request_groups))})
instance.groups = groups
request.db_session.commit()
raise HTTPNoContent()
def update(context, request):
email = urllib.unquote(request.matchdict['email'])
user = User.get(request.db_session, email)
principals = effective_principals(request)
# an "normal" user can update only itself
if not set(('admin', email)) & set(principals):
return generate_empty_response(HTTPForbidden(), request, 403)
params = {}
for attr in ('email', 'password', 'name', 'surname', 'company',
'web', 'twitter'):
value = request.params.get(attr)
if value:
params[attr] = value
# only admins can change users groups
if 'admin' in principals and 'groups' in request.params:
groups = [g for g in request.params.getall('groups') if g]
if not groups:
params['groups'] = []
else:
params['groups'] = Group.search(
request.db_session,
filters=(Group.name.in_(groups), )
)
if len(groups) != len(params['groups']):
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Invalid groups {}'\
.format(','.join(groups))})
if not 'admin' and 'organization' in request.params:
return generate_empty_response(HTTPForbidden(), request, 403)
elif 'organization' in request.params:
organization_name = request.params['organization']
if not organization_name:
params['organization'] = None
else:
try:
params['organization'] = Group.get(request.db_session,
organization_name)
except NoResultFound:
raise HTTPPreconditionFailed(headers={
'X-Request-Error': 'Invalid group {}'\
.format(organization_name)
})
if not params:
raise ParamsError('Missing update fields')
try:
for param in params:
setattr(user, param, params[param])
request.db_session.flush()
except IntegrityError:
error = 'An user with email {} already exists'.format(params['email'])
raise HTTPPreconditionFailed(headers={'X-Request-Error': error})
else:
request.db_session.commit()
return user.to_dict()
def info(context, request):
group = Group.get(request.db_session, request.matchdict['name'])
return group.to_dict()
def list(context, request):
return {group.name: group.to_dict() for group in
Group.all(request.db_session)}
