From 2281d3265423d01e60f8cc088de5a5730bb8a910 Mon Sep 17 00:00:00 2001
From: Fabian Mastenbroek <mail.fabianm@gmail.com>
Date: Sat, 15 May 2021 13:09:06 +0200
Subject: api: Migrate to Flask Restful

This change updates the API to use Flask Restful instead of our own
in-house REST library. This change reduces the maintenance effort and
allows us to drastically simplify the API implementation needed for the
OpenDC v2 API.
---
 opendc-web/opendc-web-api/opendc/models/project.py | 27 +++++++++++++++-------
 1 file changed, 19 insertions(+), 8 deletions(-)

(limited to 'opendc-web/opendc-web-api/opendc/models/project.py')

diff --git a/opendc-web/opendc-web-api/opendc/models/project.py b/opendc-web/opendc-web-api/opendc/models/project.py
index 2b3fd5f4..ee84c73e 100644
--- a/opendc-web/opendc-web-api/opendc/models/project.py
+++ b/opendc-web/opendc-web-api/opendc/models/project.py
@@ -1,7 +1,20 @@
+from marshmallow import Schema, fields
+from werkzeug.exceptions import Forbidden
+
 from opendc.models.model import Model
-from opendc.util.database import DB
-from opendc.util.exceptions import ClientError
-from opendc.util.rest import Response
+from opendc.exts import db
+
+
+class ProjectSchema(Schema):
+    """
+    Schema representing a Project.
+    """
+    _id = fields.String()
+    name = fields.String(required=True)
+    datetimeCreated = fields.DateTime()
+    datetimeLastEdited = fields.DateTime()
+    topologyIds = fields.List(fields.String())
+    portfolioIds = fields.List(fields.String())
 
 
 class Project(Model):
@@ -16,13 +29,11 @@ class Project(Model):
         :param edit_access: True when edit access should be checked, otherwise view access.
         """
         for authorization in self.obj['authorizations']:
-            if user_id == authorization['userId'] and authorization['authorizationLevel'] != 'VIEW' or not edit_access:
+            if user_id == authorization['userId'] and authorization['level'] != 'VIEW' or not edit_access:
                 return
-        raise ClientError(Response(403, "Forbidden from retrieving project."))
+        raise Forbidden("Forbidden from retrieving project.")
 
     @classmethod
     def get_for_user(cls, user_id):
         """Get all projects for the specified user id."""
-        return DB.fetch_all({'authorizations': {
-            'userId': user_id
-        }}, Project.collection_name)
+        return db.fetch_all({'authorizations.userId': user_id}, Project.collection_name)
-- 
cgit v1.2.3