diff options
| author | Georgios Andreadis <info@gandreadis.com> | 2020-06-23 18:08:28 +0200 |
|---|---|---|
| committer | Georgios Andreadis <info@gandreadis.com> | 2020-06-23 18:08:28 +0200 |
| commit | 565ede0dc50c3b2df09c066ea3a28a4901cce547 (patch) | |
| tree | e81a1bbed43d2eaf7e2be0bc61007963f807b62d /opendc/api/v2/users/userId | |
| parent | 6f41be7d9c244b67bfa5ff72f1e90d18fa45b590 (diff) | |
Add DB handlers and rename to v2
Diffstat (limited to 'opendc/api/v2/users/userId')
| -rw-r--r-- | opendc/api/v2/users/userId/__init__.py | 0 | ||||
| -rw-r--r-- | opendc/api/v2/users/userId/authorizations/__init__.py | 0 | ||||
| -rw-r--r-- | opendc/api/v2/users/userId/authorizations/endpoint.py | 42 | ||||
| -rw-r--r-- | opendc/api/v2/users/userId/endpoint.py | 123 |
4 files changed, 165 insertions, 0 deletions
diff --git a/opendc/api/v2/users/userId/__init__.py b/opendc/api/v2/users/userId/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/opendc/api/v2/users/userId/__init__.py diff --git a/opendc/api/v2/users/userId/authorizations/__init__.py b/opendc/api/v2/users/userId/authorizations/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/opendc/api/v2/users/userId/authorizations/__init__.py diff --git a/opendc/api/v2/users/userId/authorizations/endpoint.py b/opendc/api/v2/users/userId/authorizations/endpoint.py new file mode 100644 index 00000000..46ca12ba --- /dev/null +++ b/opendc/api/v2/users/userId/authorizations/endpoint.py @@ -0,0 +1,42 @@ +from opendc.models.authorization import Authorization +from opendc.models.user import User +from opendc.util import exceptions +from opendc.util.rest import Response + + +def GET(request): + """Get this User's Authorizations.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found.'.format(user)) + + # Make sure this requester is allowed to retrieve this User's Authorizations + + if not user.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from retrieving Authorizations for {}.'.format(user)) + + # Return this User's Authorizations + + authorizations = Authorization.query('user_id', request.params_path['userId']) + + return Response( + 200, + 'Successfully retrieved Authorizations for {}.'.format(user), + [x.to_JSON() for x in authorizations] + ) diff --git a/opendc/api/v2/users/userId/endpoint.py b/opendc/api/v2/users/userId/endpoint.py new file mode 100644 index 00000000..767c5d13 --- /dev/null +++ b/opendc/api/v2/users/userId/endpoint.py @@ -0,0 +1,123 @@ +from opendc.models.user import User +from opendc.util import exceptions +from opendc.util.rest import Response + + +def DELETE(request): + """Delete this user.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found'.format(user)) + + # Make sure this User is allowed to delete this User + + if not user.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from deleting {}.'.format(user)) + + # Delete this User + + user.delete() + + # Return this User + + return Response( + 200, + 'Successfully deleted {}'.format(user), + user.to_JSON() + ) + + +def GET(request): + """Get this User.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found.'.format(user)) + + # Return this User + + return Response( + 200, + 'Successfully retrieved {}'.format(user), + user.to_JSON(), + ) + + +def PUT(request): + """Update this User's given name and/ or family name.""" + + # Make sure the required parameters are there + + try: + request.check_required_parameters( + body={ + 'user': { + 'givenName': 'string', + 'familyName': 'string' + } + }, + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found.'.format(user)) + + # Make sure this User is allowed to edit this User + + if not user.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from editing {}.'.format(user)) + + # Update this User + + user.given_name = request.params_body['user']['givenName'] + user.family_name = request.params_body['user']['familyName'] + + user.update() + + # Return this User + + return Response( + 200, + 'Successfully updated {}.'.format(user), + user.to_JSON() + ) |