示例#1
0
def GET(request):
    """Get this User."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    # Return this User

    return Response(
        200,
        'Successfully retrieved {}'.format(user),
        user.to_JSON(),
    )
示例#2
0
def PUT(request):
    """Update this User's given name and/ or family name."""

    # Make sure the required parameters are there

    try:
        request.check_required_parameters(
            body={
                'user': {
                    'givenName': 'string',
                    'familyName': 'string'
                }
            },
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    # Make sure this User is allowed to edit this User

    if not user.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403, 'Forbidden from editing {}.'.format(user))

    # Update this User

    user.given_name = request.params_body['user']['givenName']
    user.family_name = request.params_body['user']['familyName']

    user.update()

    # Return this User

    return Response(
        200,
        'Successfully updated {}.'.format(user),
        user.to_JSON()
    )
示例#3
0
def DELETE(request):
    """Delete this user."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found'.format(user))

    # Make sure this User is allowed to delete this User

    if not user.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403, 'Forbidden from deleting {}.'.format(user))

    # Delete this User

    user.delete()

    # Return this User

    return Response(
        200,
        'Successfully deleted {}'.format(user),
        user.to_JSON()
    )
示例#4
0
def GET(request):
    """Get this User's Authorizations."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    # Make sure this requester is allowed to retrieve this User's Authorizations

    if not user.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403, 'Forbidden from retrieving Authorizations for {}.'.format(user))

    # Return this User's Authorizations

    authorizations = Authorization.query('user_id', request.params_path['userId'])

    return Response(
        200,
        'Successfully retrieved Authorizations for {}.'.format(user),
        [x.to_JSON() for x in authorizations]
    )
示例#5
0
文件: endpoint.py 项目: kl1de/kl1de
def POST(request):
    """Add an authorization for a user's access to a simulation."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int',
                'simulationId': 'int'
            },
            body={'authorization': {
                'authorizationLevel': 'string'
            }})

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate an Authorization

    authorization = Authorization.from_JSON({
        'userId':
        request.params_path['userId'],
        'simulationId':
        request.params_path['simulationId'],
        'authorizationLevel':
        request.params_body['authorization']['authorizationLevel']
    })

    # Make sure the Simulation and User exist

    user = User.from_primary_key((authorization.user_id, ))
    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    simulation = Simulation.from_primary_key((authorization.simulation_id, ))
    if not simulation.exists():
        return Response(404, '{} not found.'.format(simulation))

    # Make sure this User is allowed to add this Authorization

    if not simulation.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403,
                        'Forbidden from creating {}.'.format(authorization))

    # Make sure this Authorization does not already exist

    if authorization.exists():
        return Response(409, '{} already exists.'.format(authorization))

    # Try to insert this Authorization into the database

    try:
        authorization.insert()

    except exceptions.ForeignKeyError:
        return Response(400, 'Invalid authorizationLevel')

    # Return this Authorization

    return Response(200, 'Successfully added {}'.format(authorization),
                    authorization.to_JSON())