From 565ede0dc50c3b2df09c066ea3a28a4901cce547 Mon Sep 17 00:00:00 2001 From: Georgios Andreadis Date: Tue, 23 Jun 2020 18:08:28 +0200 Subject: Add DB handlers and rename to v2 --- opendc/api/v2/users/__init__.py | 0 opendc/api/v2/users/endpoint.py | 82 ++++++++++++++ opendc/api/v2/users/userId/__init__.py | 0 .../api/v2/users/userId/authorizations/__init__.py | 0 .../api/v2/users/userId/authorizations/endpoint.py | 42 +++++++ opendc/api/v2/users/userId/endpoint.py | 123 +++++++++++++++++++++ 6 files changed, 247 insertions(+) create mode 100644 opendc/api/v2/users/__init__.py create mode 100644 opendc/api/v2/users/endpoint.py create mode 100644 opendc/api/v2/users/userId/__init__.py create mode 100644 opendc/api/v2/users/userId/authorizations/__init__.py create mode 100644 opendc/api/v2/users/userId/authorizations/endpoint.py create mode 100644 opendc/api/v2/users/userId/endpoint.py (limited to 'opendc/api/v2/users') diff --git a/opendc/api/v2/users/__init__.py b/opendc/api/v2/users/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/opendc/api/v2/users/endpoint.py b/opendc/api/v2/users/endpoint.py new file mode 100644 index 00000000..abd54f27 --- /dev/null +++ b/opendc/api/v2/users/endpoint.py @@ -0,0 +1,82 @@ +from opendc.models.user import User +from opendc.util import exceptions +from opendc.util.rest import Response + + +def GET(request): + """Search for a User using their email address.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + query={ + 'email': 'string' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate and read a User from the database + + user = User.from_email(request.params_query['email']) + + # Make sure this User exists in the database + + if not user.exists(): + return Response(404, '{} not found'.format(user)) + + # Return this User + + return Response( + 200, + 'Successfully retrieved {}.'.format(user), + user.to_JSON() + ) + + +def POST(request): + """Add a new User.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + body={ + 'user': { + 'email': 'string' + } + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User + + request.params_body['user']['googleId'] = request.google_id + user = User.from_JSON(request.params_body['user']) + + # Make sure a User with this Google ID does not already exist + + if user.exists('google_id'): + user = user.from_google_id(user.google_id) + return Response(409, '{} already exists.'.format(user)) + + # Make sure this User is authorized to create this User + + if not request.google_id == user.google_id: + return Response(403, 'Forbidden from creating this User.') + + # Insert the User + + user.insert() + + # Return a JSON representation of the User + + return Response( + 200, + 'Successfully created {}'.format(user), + user.to_JSON() + ) diff --git a/opendc/api/v2/users/userId/__init__.py b/opendc/api/v2/users/userId/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/opendc/api/v2/users/userId/authorizations/__init__.py b/opendc/api/v2/users/userId/authorizations/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/opendc/api/v2/users/userId/authorizations/endpoint.py b/opendc/api/v2/users/userId/authorizations/endpoint.py new file mode 100644 index 00000000..46ca12ba --- /dev/null +++ b/opendc/api/v2/users/userId/authorizations/endpoint.py @@ -0,0 +1,42 @@ +from opendc.models.authorization import Authorization +from opendc.models.user import User +from opendc.util import exceptions +from opendc.util.rest import Response + + +def GET(request): + """Get this User's Authorizations.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found.'.format(user)) + + # Make sure this requester is allowed to retrieve this User's Authorizations + + if not user.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from retrieving Authorizations for {}.'.format(user)) + + # Return this User's Authorizations + + authorizations = Authorization.query('user_id', request.params_path['userId']) + + return Response( + 200, + 'Successfully retrieved Authorizations for {}.'.format(user), + [x.to_JSON() for x in authorizations] + ) diff --git a/opendc/api/v2/users/userId/endpoint.py b/opendc/api/v2/users/userId/endpoint.py new file mode 100644 index 00000000..767c5d13 --- /dev/null +++ b/opendc/api/v2/users/userId/endpoint.py @@ -0,0 +1,123 @@ +from opendc.models.user import User +from opendc.util import exceptions +from opendc.util.rest import Response + + +def DELETE(request): + """Delete this user.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found'.format(user)) + + # Make sure this User is allowed to delete this User + + if not user.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from deleting {}.'.format(user)) + + # Delete this User + + user.delete() + + # Return this User + + return Response( + 200, + 'Successfully deleted {}'.format(user), + user.to_JSON() + ) + + +def GET(request): + """Get this User.""" + + # Make sure required parameters are there + + try: + request.check_required_parameters( + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found.'.format(user)) + + # Return this User + + return Response( + 200, + 'Successfully retrieved {}'.format(user), + user.to_JSON(), + ) + + +def PUT(request): + """Update this User's given name and/ or family name.""" + + # Make sure the required parameters are there + + try: + request.check_required_parameters( + body={ + 'user': { + 'givenName': 'string', + 'familyName': 'string' + } + }, + path={ + 'userId': 'int' + } + ) + + except exceptions.ParameterError as e: + return Response(400, e.message) + + # Instantiate a User and make sure they exist + + user = User.from_primary_key((request.params_path['userId'],)) + + if not user.exists(): + return Response(404, '{} not found.'.format(user)) + + # Make sure this User is allowed to edit this User + + if not user.google_id_has_at_least(request.google_id, 'OWN'): + return Response(403, 'Forbidden from editing {}.'.format(user)) + + # Update this User + + user.given_name = request.params_body['user']['givenName'] + user.family_name = request.params_body['user']['familyName'] + + user.update() + + # Return this User + + return Response( + 200, + 'Successfully updated {}.'.format(user), + user.to_JSON() + ) -- cgit v1.2.3