def role_delete():
"""Function which deletes role from database by it id.
:rtype: JSON
:request args: `{role_id: 5}`
:return:
- If role has permissions:
``{'error': 'Cannot delete!'}``
- If request data is invalid:
``{'status': False, error: [list of errors]}``
- If all ok:
``{'status': 'success', 'deleted_role': 'role_id'}``
:statuscode 400: if role has assigned permissions or request invalid
:statuscode 200: if no errors
"""
data = request.get_json()
valid = validator.role_delete(data)
if valid['status']:
if not db.check_role_deletion(data['role_id']):
db.delete_role_by_id(data['role_id'])
response = jsonify(msg='success', deleted_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_delete():
"""Function which deletes resource from database.
Before delete checks if resource have any permissions.
:return: If resource have permissions:
{'error': 'Cannot delete!'}, 400
If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'status': 'success', 'deleted_resource': 'resource_id'}
"""
data = request.get_json()
valid = validator.resource_delete(data)
if valid['status']:
if not db.check_resource_deletion(data['resource_id']):
db.delete_resource_by_id(data['resource_id'])
response = jsonify(status='success',
deleted_resource=data['resource_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!'), 400
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_put():
"""Function which edits resource name by its id.
:rtype: JSON
:request args: `{resource_name: "new_res_name", resource_id: 29}`
:return:
- If there is already resource with this name:
``{'error': 'this name already exists'}``
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'status': 'success', 'edited': 'resource_name'}``
:statuscode 400: resource already exists or request is invalid
:statuscode 200: resource was successfully posted
"""
data = request.get_json()
valid = validator.resource_put(data)
if valid['status']:
if db.get_resource_id(data['resource_name']):
return jsonify(error='this name already exists'), 400
db.edit_resource_name(data['resource_name'],
data['resource_id'])
response = jsonify(status='success',
edited=data['resource_name'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_post():
"""Function which edits resource name.
:return: If there is already resource with this name:
{'error': 'resource already exists'}, 400
If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'added_resource': 'resource_name',
'resource_id': 'resource_id'}
"""
data = request.get_json()
valid = validator.resource_post(data)
if valid['status']:
if db.get_resource_id(data['resource_name']):
return jsonify(error='Resource already exists'), 400
db.add_resource(data['resource_name'])
added_res_id = db.get_resource_id(data['resource_name'])
response = jsonify(added_resource=data['resource_name'],
resource_id=added_res_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_delete():
"""Function to delete permissions by role id.
:rtype: JSON
:request args example: `{role_id: 4}`
:return:
- If request data is not invalid':
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'msg': 'deleted permission'}``
"""
data = request.get_json()
valid = validator.role_permission_delete(data)
if valid['status']:
if not db.check_role_deletion(data['role_id']):
db.delete_role_by_id(data['role_id'])
response = jsonify(status='success',
deleted_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_post():
"""Function which adds new role into database.
:return: If there is already role with this name:
{'error': 'role already exists'}, 400
If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'added_role': 'role_name',
'added_role_id': 'role_id'}
"""
data = request.get_json()
valid = validator.role_post(data)
if valid['status']:
if db.get_role_id(data['role_name']):
return jsonify(error='role already exists'), 400
db.insert_role(data['role_name'])
added_role_id = db.get_role_id(data['role_name'])
response = jsonify(added_role=data['role_name'],
added_role_id=added_role_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_put():
"""Function which edits resource name by its id.
:rtype: JSON
:request args: `{resource_name: "new_res_name", resource_id: 29}`
:return:
- If there is already resource with this name:
``{'error': 'this name already exists'}``
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'status': 'success', 'edited': 'resource_name'}``
:statuscode 400: resource already exists or request is invalid
:statuscode 200: resource was successfully posted
"""
data = request.get_json()
valid = validator.resource_put(data)
if valid['status']:
if db.get_resource_id(data['resource_name']):
return jsonify(error='this name already exists'), 400
db.edit_resource_name(data['resource_name'], data['resource_id'])
response = jsonify(status='success', edited=data['resource_name'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_delete():
"""Function which deletes permission by it id.
:rtype: JSON
:request args example: `{permission_id: 5}`
:return:
- If permission was binded to some role:
``{'error': 'Cannot delete!'}``
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'status': 'success',
'edited_perm_id': 'permission_id'}``
:statuscode 400: if role has assigned permissions or request invalid
:statuscode 200: if no errors
"""
if request.method == 'DELETE' and request.get_json():
data = request.get_json()
valid = validator.permission_delete(data)
if valid['status']:
if not db.check_permission_deletion(data['permission_id']):
db.delete_permission_by_id(data['permission_id'])
response = jsonify(status='success',
deleted_permission=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_post():
"""Function which binds permission with role.
:rtype: JSON
:request args example: `{permission_id: 5, role_id: 4}`
:return:
- If request data is not valid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'added_role_permission_for_role': 'role_id'}``
:statuscode 400: if role has assigned permissions or request invalid
:statuscode 200: if no errors
"""
data = request.get_json()
valid = validator.role_permission_post(data)
if valid['status']:
db.add_role_permission(data['role_id'],
data['permission_id'])
response = jsonify(added_role_permission_for_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_delete():
"""Function which edits permission.
:return: If permission is binded with any role:
{'error': 'Cannot delete!'}
If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'status': 'success',
'edited_perm_id': 'permission_id'}
"""
if request.method == 'DELETE' and request.get_json():
data = request.get_json()
valid = validator.permission_delete(data)
if valid['status']:
if not db.check_permission_deletion(data['permission_id']):
db.delete_permission_by_id(data['permission_id'])
response = jsonify(status='success',
deleted_permission=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_put():
"""Function which edits permission.
:rtype: JSON
:request args example: `{action: "POST",
description: "edited description",
modifier: "Any",
resource_id: "33"}`
:return:
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'status': 'success',
'edited_perm_id': 'permission_id'}``
:statuscode 400: invalid request
:statuscode 200: if no errors
"""
if request.method == 'PUT' and request.get_json():
data = request.get_json()
valid = validator.permission_put(data)
if valid['status']:
db.edit_permission(data['action'],
data['modifier'],
data['permission_id'],
data['description'])
response = jsonify(status='success',
edited_perm_id=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_delete():
"""Function which deletes role from database by it id.
:rtype: JSON
:request args: `{role_id: 5}`
:return:
- If role has permissions:
``{'error': 'Cannot delete!'}``
- If request data is invalid:
``{'status': False, error: [list of errors]}``
- If all ok:
``{'status': 'success', 'deleted_role': 'role_id'}``
:statuscode 400: if role has assigned permissions or request invalid
:statuscode 200: if no errors
"""
data = request.get_json()
valid = validator.role_delete(data)
if valid['status']:
if not db.check_role_deletion(data['role_id']):
db.delete_role_by_id(data['role_id'])
response = jsonify(msg='success',
deleted_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_put():
"""Function which edits resource name.
:return: If there is already resource with this name:
{'error': 'this name already exists'}, 400
If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'status': 'success', 'edited': 'resource_name'}
"""
data = request.get_json()
valid = validator.resource_put(data)
if valid['status']:
if db.get_resource_id(data['resource_name']):
return jsonify(error='this name already exists'), 400
db.edit_resource_name(data['resource_name'],
data['resource_id'])
response = jsonify(status='success',
edited=data['resource_name'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_delete():
"""Function which deletes resource from database.
Before delete checks if resource have any permissions.
:return: If resource have permissions:
{'error': 'Cannot delete!'}, 400
If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'status': 'success', 'deleted_resource': 'resource_id'}
"""
data = request.get_json()
valid = validator.resource_delete(data)
if valid['status']:
if not db.check_resource_deletion(data['resource_id']):
db.delete_resource_by_id(data['resource_id'])
response = jsonify(status='success',
deleted_resource=data['resource_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!'), 400
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def get_all_users():
"""Function, used to get all users.
:return: list of users with id, first name, last name, email and role
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.user_role_put(data)
if valid['status']:
db.change_user_role(data['role_id'], data['user_id'])
response = jsonify(msg='success', added_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
users_tuple = db.get_all_users()
parsed_json = []
if users_tuple:
for res in users_tuple:
parsed_json.append({
'user_id': res[0],
'first_name': res[1],
'last_name': res[2],
'email': res[3],
'role': res[4]
})
return Response(json.dumps(parsed_json), mimetype='application/json')
def permission_post():
"""Function which adds new permission into database.
:return: If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'added_permission': 'description',
'permission_id': 'permission_id'}
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.permission_post(data)
if valid['status']:
db.insert_permission(data['resource_id'],
data['action'],
data['modifier'],
data['description'])
added_perm_id = db.get_permission_id(data['resource_id'],
data['action'],
data['modifier'])
response = jsonify(added_permission_for=data['description'],
permission_id=added_perm_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_post():
"""Function which adds new role into database.
:rtype: JSON
:request args: `{"role_name":"test"}`
:return:
- If there is already role with this name:
``{'error': 'role already exists'}``
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'added_role': 'role_name',
'added_role_id': 'role_id'}``
:statuscode 400: If role with this name exists or request is invalid
:statuscode 200: If no errors
"""
data = request.get_json()
valid = validator.role_post(data)
if valid['status']:
if db.get_role_id(data['role_name']):
return jsonify(error='role already exists'), 400
db.insert_role(data['role_name'])
added_role_id = db.get_role_id(data['role_name'])
response = jsonify(added_role=data['role_name'],
added_role_id=added_role_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_post():
"""Function which binds permission with role.
:rtype: JSON
:request args example: `{permission_id: 5, role_id: 4}`
:return:
- If request data is not valid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'added_role_permission_for_role': 'role_id'}``
:statuscode 400: if role has assigned permissions or request invalid
:statuscode 200: if no errors
"""
data = request.get_json()
valid = validator.role_permission_post(data)
if valid['status']:
db.add_role_permission(data['role_id'], data['permission_id'])
response = jsonify(added_role_permission_for_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_delete():
"""Function to delete permissions by role id.
:rtype: JSON
:request args example: `{role_id: 4}`
:return:
- If request data is not invalid':
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'msg': 'deleted permission'}``
"""
data = request.get_json()
valid = validator.role_permission_delete(data)
if valid['status']:
if not db.check_role_deletion(data['role_id']):
db.delete_role_by_id(data['role_id'])
response = jsonify(status='success', deleted_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_put():
"""Function which edits permission.
:rtype: JSON
:request args example: `{action: "POST",
description: "edited description",
modifier: "Any",
resource_id: "33"}`
:return:
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'status': 'success',
'edited_perm_id': 'permission_id'}``
:statuscode 400: invalid request
:statuscode 200: if no errors
"""
if request.method == 'PUT' and request.get_json():
data = request.get_json()
valid = validator.permission_put(data)
if valid['status']:
db.edit_permission(data['action'], data['modifier'],
data['permission_id'], data['description'])
response = jsonify(status='success',
edited_perm_id=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_delete():
"""Function which deletes permission by it id.
:rtype: JSON
:request args example: `{permission_id: 5}`
:return:
- If permission was binded to some role:
``{'error': 'Cannot delete!'}``
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'status': 'success',
'edited_perm_id': 'permission_id'}``
:statuscode 400: if role has assigned permissions or request invalid
:statuscode 200: if no errors
"""
if request.method == 'DELETE' and request.get_json():
data = request.get_json()
valid = validator.permission_delete(data)
if valid['status']:
if not db.check_permission_deletion(data['permission_id']):
db.delete_permission_by_id(data['permission_id'])
response = jsonify(status='success',
deleted_permission=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def get_all_users():
"""Function, used to get all users.
:return: list of users with id, first name, last name, email and role
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.user_role_put(data)
if valid['status']:
db.change_user_role(data['role_id'],
data['user_id'])
response = jsonify(msg='success',
added_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
users_tuple = db.get_all_users()
parsed_json = []
if users_tuple:
for res in users_tuple:
parsed_json.append({'user_id': res[0], 'first_name': res[1],
'last_name': res[2], 'email': res[3],
'role': res[4]})
return Response(json.dumps(parsed_json), mimetype='application/json')
def permission_delete():
"""Function which edits permission.
:return: If permission is binded with any role:
{'error': 'Cannot delete!'}
If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'status': 'success',
'edited_perm_id': 'permission_id'}
"""
if request.method == 'DELETE' and request.get_json():
data = request.get_json()
valid = validator.permission_delete(data)
if valid['status']:
if not db.check_permission_deletion(data['permission_id']):
db.delete_permission_by_id(data['permission_id'])
response = jsonify(status='success',
deleted_permission=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_post():
"""Function which adds new permission into database.
:return: If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'added_permission': 'description',
'permission_id': 'permission_id'}
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.permission_post(data)
if valid['status']:
db.insert_permission(data['resource_id'], data['action'],
data['modifier'], data['description'])
added_perm_id = db.get_permission_id(data['resource_id'],
data['action'],
data['modifier'])
response = jsonify(added_permission_for=data['description'],
permission_id=added_perm_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_delete():
"""Function to delete permissions."""
data = request.get_json()
valid = validator.role_permission_delete(data)
if valid['status']:
if not db.check_role_deletion(data['role_id']):
db.delete_role_by_id(data['role_id'])
response = jsonify(status='success', deleted_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_put():
"""Function which sets list of permission to role. Before sets
removes all permissions from role.
:return: If request data is not invalid':
{'status': False, 'error': [list of errors]}
If all ok:
{'msg': 'edited permission'}
"""
data = request.get_json()
logger.info('Role permission has been changed.')
db.delete_permissions_by_role_id(data['role_id'])
for perm_id in data['permission_id']:
db.add_role_permission(data['role_id'], perm_id)
response = jsonify(msg='edited permission')
session['access_control'] = permission_control.reload_dct()
return response
def role_permission_put():
"""Function which sets list of permission to role. Before sets
removes all permissions from role.
:return: If request data is not invalid':
{'status': False, 'error': [list of errors]}
If all ok:
{'msg': 'edited permission'}
"""
data = request.get_json()
logger.info('Role permission has been changed.')
db.delete_permissions_by_role_id(data['role_id'])
for perm_id in data['permission_id']:
db.add_role_permission(data['role_id'], perm_id)
response = jsonify(msg='edited permission')
session['access_control'] = permission_control.reload_dct()
return response
def role_permission_post():
"""Function which binds permission with role.
:return: If request data is not valid:
{'status': False, 'error': [list of errors]}
If all ok:
{'added_role_permission_for_role': 'role_id'}
"""
data = request.get_json()
valid = validator.role_permission_post(data)
if valid['status']:
db.add_role_permission(data['role_id'], data['permission_id'])
response = jsonify(added_role_permission_for_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_delete():
"""Function to delete permissions."""
data = request.get_json()
valid = validator.role_permission_delete(data)
if valid['status']:
if not db.check_role_deletion(data['role_id']):
db.delete_role_by_id(data['role_id'])
response = jsonify(status='success',
deleted_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = jsonify(error='Cannot delete!')
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def role_permission_post():
"""Function which binds permission with role.
:return: If request data is not valid:
{'status': False, 'error': [list of errors]}
If all ok:
{'added_role_permission_for_role': 'role_id'}
"""
data = request.get_json()
valid = validator.role_permission_post(data)
if valid['status']:
db.add_role_permission(data['role_id'],
data['permission_id'])
response = jsonify(added_role_permission_for_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def get_all_users():
"""Function, used to get all users.
:return: list of all users with id, first name, last name, email and role
``[{"role": "admin", "first_name": "Admin", "last_name": "Administrator",
"user_id": 3, "email": "*****@*****.**"}
...
{"role": "user", "first_name": "Oleg", "last_name": "Lyashko",
"user_id": 4, "email": "*****@*****.**"}``
:statuscode 200: no errors
:statuscode 400: invalid request
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.user_role_put(data)
if valid['status']:
db.change_user_role(data['role_id'], data['user_id'])
response = jsonify(msg='success', added_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
users_tuple = db.get_all_users()
parsed_json = []
if users_tuple:
for res in users_tuple:
parsed_json.append({
'user_id': res[0],
'first_name': res[1],
'last_name': res[2],
'email': res[3],
'role': res[4]
})
return Response(json.dumps(parsed_json), mimetype='application/json')
def permission_post():
"""Function which adds new permission into database.
:rtype: JSON
:request args example: `{action: "DELETE",
description: "TEST",
modifier: "None",
resource_id: "33"}`
:return:
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'added_permission': 'description',
'permission_id': 'permission_id'}``
:statuscode 400: invalid request
:statuscode 200: permission has been successfully added
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.permission_post(data)
if valid['status']:
db.insert_permission(data['resource_id'],
data['action'],
data['modifier'],
data['description'])
added_perm_id = db.get_permission_id(data['resource_id'],
data['action'],
data['modifier'])
response = jsonify(added_permission_for=data['description'],
permission_id=added_perm_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def get_all_users():
"""Function, used to get all users.
:return: list of all users with id, first name, last name, email and role
``[{"role": "admin", "first_name": "Admin", "last_name": "Administrator",
"user_id": 3, "email": "*****@*****.**"}
...
{"role": "user", "first_name": "Oleg", "last_name": "Lyashko",
"user_id": 4, "email": "*****@*****.**"}``
:statuscode 200: no errors
:statuscode 400: invalid request
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.user_role_put(data)
if valid['status']:
db.change_user_role(data['role_id'],
data['user_id'])
response = jsonify(msg='success',
added_role=data['role_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
users_tuple = db.get_all_users()
parsed_json = []
if users_tuple:
for res in users_tuple:
parsed_json.append({'user_id': res[0], 'first_name': res[1],
'last_name': res[2], 'email': res[3],
'role': res[4]})
return Response(json.dumps(parsed_json), mimetype='application/json')
def permission_put():
"""Function which edits permission.
:return: If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'status': 'success',
'edited_perm_id': 'permission_id'}
"""
if request.method == 'PUT' and request.get_json():
data = request.get_json()
valid = validator.permission_put(data)
if valid['status']:
db.edit_permission(data['action'], data['modifier'],
data['permission_id'], data['description'])
response = jsonify(status='success',
edited_perm_id=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_post():
"""Function which adds new permission into database.
:rtype: JSON
:request args example: `{action: "DELETE",
description: "TEST",
modifier: "None",
resource_id: "33"}`
:return:
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'added_permission': 'description',
'permission_id': 'permission_id'}``
:statuscode 400: invalid request
:statuscode 200: permission has been successfully added
"""
if request.method == 'POST' and request.get_json():
data = request.get_json()
valid = validator.permission_post(data)
if valid['status']:
db.insert_permission(data['resource_id'], data['action'],
data['modifier'], data['description'])
added_perm_id = db.get_permission_id(data['resource_id'],
data['action'],
data['modifier'])
response = jsonify(added_permission_for=data['description'],
permission_id=added_perm_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_post():
"""Function which adds new site resource to site-map in admin panel.
:rtype: JSON
:request agrs: `{resource_name: "/res_name"}`
:return:
- If there is already resource with this name:
``{'error': 'resource already exists'}``
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'added_resource': 'resource_name',
'resource_id': 'resource_id'}``
:statuscode 400: resource already exists or request is invalid
:statuscode 200: resource was successfully posted
"""
data = request.get_json()
valid = validator.resource_post(data)
if valid['status']:
if db.get_resource_id(data['resource_name']):
return jsonify(error='Resource already exists'), 400
db.add_resource(data['resource_name'])
added_res_id = db.get_resource_id(data['resource_name'])
response = jsonify(added_resource=data['resource_name'],
resource_id=added_res_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def resource_post():
"""Function which adds new site resource to site-map in admin panel.
:rtype: JSON
:request agrs: `{resource_name: "/res_name"}`
:return:
- If there is already resource with this name:
``{'error': 'resource already exists'}``
- If request data is invalid:
``{'status': False, 'error': [list of errors]}``
- If all ok:
``{'added_resource': 'resource_name',
'resource_id': 'resource_id'}``
:statuscode 400: resource already exists or request is invalid
:statuscode 200: resource was successfully posted
"""
data = request.get_json()
valid = validator.resource_post(data)
if valid['status']:
if db.get_resource_id(data['resource_name']):
return jsonify(error='Resource already exists'), 400
db.add_resource(data['resource_name'])
added_res_id = db.get_resource_id(data['resource_name'])
response = jsonify(added_resource=data['resource_name'],
resource_id=added_res_id[0])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
def permission_put():
"""Function which edits permission.
:return: If request data is invalid:
{'status': False, 'error': [list of errors]}, 400
If all ok:
{'status': 'success',
'edited_perm_id': 'permission_id'}
"""
if request.method == 'PUT' and request.get_json():
data = request.get_json()
valid = validator.permission_put(data)
if valid['status']:
db.edit_permission(data['action'],
data['modifier'],
data['permission_id'],
data['description'])
response = jsonify(status='success',
edited_perm_id=data['permission_id'])
session['access_control'] = permission_control.reload_dct()
else:
response = Response(json.dumps(valid),
mimetype='application/json'), 400
return response
