diff options
Diffstat (limited to 'opendc/api/v2/simulations/simulationId/authorizations')
4 files changed, 256 insertions, 0 deletions
diff --git a/opendc/api/v2/simulations/simulationId/authorizations/__init__.py b/opendc/api/v2/simulations/simulationId/authorizations/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/opendc/api/v2/simulations/simulationId/authorizations/__init__.py diff --git a/opendc/api/v2/simulations/simulationId/authorizations/endpoint.py b/opendc/api/v2/simulations/simulationId/authorizations/endpoint.py new file mode 100644 index 00000000..1d6b494e --- /dev/null +++ b/opendc/api/v2/simulations/simulationId/authorizations/endpoint.py @@ -0,0 +1,44 @@ +from opendc.models.authorization import Authorization +from opendc.models.simulation import Simulation +from opendc.util import exceptions +from opendc.util.rest import Response + + +def GET(request): + """Find all authorizations for a Simulation.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'simulationId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a Simulation and make sure it exists + + simulation = Simulation.from_primary_key((request.params_path['simulationId'],)) + + if not simulation.exists(): + return Response(404, '{} not found.'.format(simulation)) + + # Make sure this User is allowed to view this Simulation's Authorizations + + if not simulation.google_id_has_at_least(request.google_id, 'VIEW'): + return Response(403, 'Forbidden from retrieving Authorizations for {}.'.format(simulation)) + + # Get the Authorizations + + authorizations = Authorization.query('simulation_id', request.params_path['simulationId']) + + # Return the Authorizations + + return Response( + 200, + 'Successfully retrieved Authorizations for {}.'.format(simulation), + [x.to_JSON() for x in authorizations] + ) diff --git a/opendc/api/v2/simulations/simulationId/authorizations/userId/__init__.py b/opendc/api/v2/simulations/simulationId/authorizations/userId/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/opendc/api/v2/simulations/simulationId/authorizations/userId/__init__.py diff --git a/opendc/api/v2/simulations/simulationId/authorizations/userId/endpoint.py b/opendc/api/v2/simulations/simulationId/authorizations/userId/endpoint.py new file mode 100644 index 00000000..46458ffc --- /dev/null +++ b/opendc/api/v2/simulations/simulationId/authorizations/userId/endpoint.py @@ -0,0 +1,212 @@ +from opendc.models.authorization import Authorization +from opendc.models.simulation import Simulation +from opendc.models.user import User +from opendc.util import exceptions +from opendc.util.rest import Response + + +def DELETE(request): + """Delete a user's authorization level over a simulation.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'simulationId': 'int', + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate an Authorization + + authorization = Authorization.from_primary_key(( + request.params_path['userId'], + request.params_path['simulationId'] + )) + + # Make sure this Authorization exists in the database + + if not authorization.exists(): + return Response(404, '{} not found.'.format(authorization)) + + # Make sure this User is allowed to delete this Authorization + + if not authorization.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from deleting {}.'.format(authorization)) + + # Delete this Authorization + + authorization.delete() + + return Response( + 200, + 'Successfully deleted {}.'.format(authorization), + authorization.to_JSON() + ) + + +def GET(request): + """Get this User's Authorization over this Simulation.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'simulationId': 'int', + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate an Authorization + + authorization = Authorization.from_primary_key(( + request.params_path['userId'], + request.params_path['simulationId'] + )) + + # Make sure this Authorization exists in the database + + if not authorization.exists(): + return Response(404, '{} not found.'.format(authorization)) + + # Read this Authorization from the database + + authorization.read() + + # Return this Authorization + + return Response( + 200, + 'Successfully retrieved {}'.format(authorization), + authorization.to_JSON() + ) + + +def POST(request): + """Add an authorization for a user's access to a simulation.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'userId': 'int', + 'simulationId': 'int' + }, + body={ + 'authorization': { + 'authorizationLevel': 'string' + } + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate an Authorization + + authorization = Authorization.from_JSON({ + 'userId': request.params_path['userId'], + 'simulationId': request.params_path['simulationId'], + 'authorizationLevel': request.params_body['authorization']['authorizationLevel'] + }) + + # Make sure the Simulation and User exist + + user = User.from_primary_key((authorization.user_id,)) + if not user.exists(): + return Response(404, '{} not found.'.format(user)) + + simulation = Simulation.from_primary_key((authorization.simulation_id,)) + if not simulation.exists(): + return Response(404, '{} not found.'.format(simulation)) + + # Make sure this User is allowed to add this Authorization + + if not simulation.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from creating {}.'.format(authorization)) + + # Make sure this Authorization does not already exist + + if authorization.exists(): + return Response(409, '{} already exists.'.format(authorization)) + + # Try to insert this Authorization into the database + + try: + authorization.insert() + + except exceptions.ForeignKeyError: + return Response(400, 'Invalid authorizationLevel') + + # Return this Authorization + + return Response( + 200, + 'Successfully added {}'.format(authorization), + authorization.to_JSON() + ) + + +def PUT(request): + """Change a user's authorization level over a simulation.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'simulationId': 'int', + 'userId': 'int' + }, + body={ + 'authorization': { + 'authorizationLevel': 'string' + } + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate and Authorization + + authorization = Authorization.from_JSON({ + 'userId': request.params_path['userId'], + 'simulationId': request.params_path['simulationId'], + 'authorizationLevel': request.params_body['authorization']['authorizationLevel'] + }) + + # Make sure this Authorization exists + + if not authorization.exists(): + return Response(404, '{} not found.'.format(authorization)) + + # Make sure this User is allowed to edit this Authorization + + if not authorization.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from updating {}.'.format(authorization)) + + # Try to update this Authorization + + try: + authorization.update() + + except exceptions.ForeignKeyError as e: + return Response(400, 'Invalid authorization level.') + + # Return this Authorization + + return Response( + 200, + 'Successfully updated {}.'.format(authorization), + authorization.to_JSON() + ) |