diff options
| author | Fabian Mastenbroek <mail.fabianm@gmail.com> | 2021-05-15 13:09:06 +0200 |
|---|---|---|
| committer | Fabian Mastenbroek <mail.fabianm@gmail.com> | 2021-05-18 15:46:40 +0200 |
| commit | 2281d3265423d01e60f8cc088de5a5730bb8a910 (patch) | |
| tree | 8dc81338cfd30845717f1b9025176d26c82fe930 /opendc-web/opendc-web-api/opendc/models/project.py | |
| parent | 05d2318538eba71ac0555dc5ec146499d9cb0592 (diff) | |
api: Migrate to Flask Restful
This change updates the API to use Flask Restful instead of our own
in-house REST library. This change reduces the maintenance effort and
allows us to drastically simplify the API implementation needed for the
OpenDC v2 API.
Diffstat (limited to 'opendc-web/opendc-web-api/opendc/models/project.py')
| -rw-r--r-- | opendc-web/opendc-web-api/opendc/models/project.py | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/opendc-web/opendc-web-api/opendc/models/project.py b/opendc-web/opendc-web-api/opendc/models/project.py index 2b3fd5f4..ee84c73e 100644 --- a/opendc-web/opendc-web-api/opendc/models/project.py +++ b/opendc-web/opendc-web-api/opendc/models/project.py @@ -1,7 +1,20 @@ +from marshmallow import Schema, fields +from werkzeug.exceptions import Forbidden + from opendc.models.model import Model -from opendc.util.database import DB -from opendc.util.exceptions import ClientError -from opendc.util.rest import Response +from opendc.exts import db + + +class ProjectSchema(Schema): + """ + Schema representing a Project. + """ + _id = fields.String() + name = fields.String(required=True) + datetimeCreated = fields.DateTime() + datetimeLastEdited = fields.DateTime() + topologyIds = fields.List(fields.String()) + portfolioIds = fields.List(fields.String()) class Project(Model): @@ -16,13 +29,11 @@ class Project(Model): :param edit_access: True when edit access should be checked, otherwise view access. """ for authorization in self.obj['authorizations']: - if user_id == authorization['userId'] and authorization['authorizationLevel'] != 'VIEW' or not edit_access: + if user_id == authorization['userId'] and authorization['level'] != 'VIEW' or not edit_access: return - raise ClientError(Response(403, "Forbidden from retrieving project.")) + raise Forbidden("Forbidden from retrieving project.") @classmethod def get_for_user(cls, user_id): """Get all projects for the specified user id.""" - return DB.fetch_all({'authorizations': { - 'userId': user_id - }}, Project.collection_name) + return db.fetch_all({'authorizations.userId': user_id}, Project.collection_name) |