summaryrefslogtreecommitdiff
path: root/opendc/api/v1/users/userId
diff options
context:
space:
mode:
Diffstat (limited to 'opendc/api/v1/users/userId')
-rw-r--r--opendc/api/v1/users/userId/__init__.py0
-rw-r--r--opendc/api/v1/users/userId/authorizations/__init__.py0
-rw-r--r--opendc/api/v1/users/userId/authorizations/endpoint.py41
-rw-r--r--opendc/api/v1/users/userId/endpoint.py121
4 files changed, 162 insertions, 0 deletions
diff --git a/opendc/api/v1/users/userId/__init__.py b/opendc/api/v1/users/userId/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/opendc/api/v1/users/userId/__init__.py
diff --git a/opendc/api/v1/users/userId/authorizations/__init__.py b/opendc/api/v1/users/userId/authorizations/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/opendc/api/v1/users/userId/authorizations/__init__.py
diff --git a/opendc/api/v1/users/userId/authorizations/endpoint.py b/opendc/api/v1/users/userId/authorizations/endpoint.py
new file mode 100644
index 00000000..2320456f
--- /dev/null
+++ b/opendc/api/v1/users/userId/authorizations/endpoint.py
@@ -0,0 +1,41 @@
+from opendc.models.authorization import Authorization
+from opendc.models.user import User
+from opendc.util import database, exceptions
+from opendc.util.rest import Response
+
+def GET(request):
+ """Get this User's Authorizations."""
+
+ # Make sure required parameters are there
+
+ try:
+ request.check_required_parameters(
+ path = {
+ 'userId': 'int'
+ }
+ )
+
+ except exceptions.ParameterError as e:
+ return Response(400, e.message)
+
+ # Instantiate a User and make sure they exist
+
+ user = User.from_primary_key((request.params_path['userId'],))
+
+ if not user.exists():
+ return Response(404, '{} not found.'.format(user))
+
+ # Make sure this requester is allowed to retrieve this User's Authorizations
+
+ if not user.google_id_has_at_least(request.google_id, 'OWN'):
+ return Response(403, 'Forbidden from retrieving Authorizations for {}.'.format(user))
+
+ # Return this User's Authorizations
+
+ authorizations = Authorization.query('user_id', request.params_path['userId'])
+
+ return Response(
+ 200,
+ 'Successfully retrieved Authorizations for {}.'.format(user),
+ [x.to_JSON() for x in authorizations]
+ )
diff --git a/opendc/api/v1/users/userId/endpoint.py b/opendc/api/v1/users/userId/endpoint.py
new file mode 100644
index 00000000..e4edc107
--- /dev/null
+++ b/opendc/api/v1/users/userId/endpoint.py
@@ -0,0 +1,121 @@
+from opendc.models.user import User
+from opendc.util import database, exceptions
+from opendc.util.rest import Response
+
+def DELETE(request):
+ """Delete this user."""
+
+ # Make sure required parameters are there
+
+ try:
+ request.check_required_parameters(
+ path = {
+ 'userId': 'int'
+ }
+ )
+
+ except exceptions.ParameterError as e:
+ return Response(400, e.message)
+
+ # Instantiate a User and make sure they exist
+
+ user = User.from_primary_key((request.params_path['userId'],))
+
+ if not user.exists():
+ return Response(404, '{} not found'.format(user))
+
+ # Make sure this User is allowed to delete this User
+
+ if not user.google_id_has_at_least(request.google_id, 'OWN'):
+ return Response(403, 'Forbidden from deleting {}.'.format(user))
+
+ # Delete this User
+
+ user.delete()
+
+ # Return this User
+
+ return Response(
+ 200,
+ 'Succesfully deleted {}'.format(user),
+ user.to_JSON()
+ )
+
+def GET(request):
+ """Get this User."""
+
+ # Make sure required parameters are there
+
+ try:
+ request.check_required_parameters(
+ path = {
+ 'userId': 'int'
+ }
+ )
+
+ except exceptions.ParameterError as e:
+ return Response(400, e.message)
+
+ # Instantiate a User and make sure they exist
+
+ user = User.from_primary_key((request.params_path['userId'],))
+
+ if not user.exists():
+ return Response(404, '{} not found.'.format(user))
+
+ # Return this User
+
+ return Response(
+ 200,
+ 'Successfully retrieved {}'.format(user),
+ user.to_JSON(),
+ )
+
+def PUT(request):
+ """Update this User's given name and/ or family name."""
+
+ # Make sure the required parameters are there
+
+ try:
+ request.check_required_parameters(
+ body = {
+ 'user': {
+ 'givenName': 'string',
+ 'familyName': 'string'
+ }
+ },
+ path = {
+ 'userId': 'int'
+ }
+ )
+
+ except exceptions.ParameterError as e:
+ return Response(400, e.message)
+
+ # Instantiate a User and make sure they exist
+
+ user = User.from_primary_key((request.params_path['userId'],))
+
+ if not user.exists():
+ return Response(404, '{} not found.'.format(user))
+
+ # Make sure this User is allowed to edit this User
+
+ if not user.google_id_has_at_least(request.google_id, 'OWN'):
+ return Response(403, 'Forbidden from editing {}.'.format(user))
+
+ # Update this User
+
+ user.given_name = request.params_body['user']['givenName']
+ user.family_name = request.params_body['user']['familyName']
+
+ user.update()
+
+ # Return this User
+
+ return Response(
+ 200,
+ 'Successfully updated {}.'.format(user),
+ user.to_JSON()
+ )
+
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-04 12:51:54 +0000