From e2e9cec1d4836a4cba81874129b8da8a12c216f6 Mon Sep 17 00:00:00 2001 From: Georgios Andreadis Date: Wed, 8 Jul 2020 14:35:47 +0200 Subject: Implement scenario adding endpoint --- web-server/opendc/models/scenario.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 web-server/opendc/models/scenario.py (limited to 'web-server/opendc/models/scenario.py') diff --git a/web-server/opendc/models/scenario.py b/web-server/opendc/models/scenario.py new file mode 100644 index 00000000..d7d959ca --- /dev/null +++ b/web-server/opendc/models/scenario.py @@ -0,0 +1,26 @@ +from opendc.models.model import Model +from opendc.models.portfolio import Portfolio +from opendc.models.user import User +from opendc.util.exceptions import ClientError +from opendc.util.rest import Response + + +class Scenario(Model): + """Model representing a Scenario.""" + + collection_name = 'scenarios' + + def check_user_access(self, google_id, edit_access): + """Raises an error if the user with given [google_id] has insufficient access. + + Checks access on the parent project. + + :param google_id: The Google ID of the user. + :param edit_access: True when edit access should be checked, otherwise view access. + """ + portfolio = Portfolio.from_id(self.obj['portfolioId']) + user = User.from_google_id(google_id) + authorizations = list( + filter(lambda x: str(x['projectId']) == str(portfolio.get_id()), user.obj['authorizations'])) + if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'): + raise ClientError(Response(403, 'Forbidden from retrieving/editing scenario.')) -- cgit v1.2.3