From 9761bdd1f2b0f72a2c0fa46b3dee1920a580a26a Mon Sep 17 00:00:00 2001 From: Georgios Andreadis Date: Tue, 7 Jul 2020 20:59:38 +0200 Subject: Implement portfolio endpoints --- web-server/opendc/models/experiment.py | 24 ------------------------ web-server/opendc/models/model.py | 8 ++++++-- web-server/opendc/models/portfolio.py | 24 ++++++++++++++++++++++++ 3 files changed, 30 insertions(+), 26 deletions(-) delete mode 100644 web-server/opendc/models/experiment.py create mode 100644 web-server/opendc/models/portfolio.py (limited to 'web-server/opendc/models') diff --git a/web-server/opendc/models/experiment.py b/web-server/opendc/models/experiment.py deleted file mode 100644 index 46373b99..00000000 --- a/web-server/opendc/models/experiment.py +++ /dev/null @@ -1,24 +0,0 @@ -from opendc.models.model import Model -from opendc.models.user import User -from opendc.util.exceptions import ClientError -from opendc.util.rest import Response - - -class Experiment(Model): - """Model representing a Experiment.""" - - collection_name = 'experiments' - - def check_user_access(self, google_id, edit_access): - """Raises an error if the user with given [google_id] has insufficient access. - - Checks access on the parent project. - - :param google_id: The Google ID of the user. - :param edit_access: True when edit access should be checked, otherwise view access. - """ - user = User.from_google_id(google_id) - authorizations = list( - filter(lambda x: str(x['projectId']) == str(self.obj['projectId']), user.obj['authorizations'])) - if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'): - raise ClientError(Response(403, 'Forbidden from retrieving/editing experiment.')) diff --git a/web-server/opendc/models/model.py b/web-server/opendc/models/model.py index cab283c9..bcb833ae 100644 --- a/web-server/opendc/models/model.py +++ b/web-server/opendc/models/model.py @@ -33,8 +33,12 @@ class Model: raise ClientError(Response(404, 'Not found.')) def set_property(self, key, value): - """Sets the given property on the enclosed object.""" - self.obj[key] = value + """Sets the given property on the enclosed object, with support for simple nested access.""" + if '.' in key: + keys = key.split('.') + self.obj[keys[0]][keys[1]] = value + else: + self.obj[key] = value def insert(self): """Inserts the enclosed object and generates a UUID for it.""" diff --git a/web-server/opendc/models/portfolio.py b/web-server/opendc/models/portfolio.py new file mode 100644 index 00000000..32961b63 --- /dev/null +++ b/web-server/opendc/models/portfolio.py @@ -0,0 +1,24 @@ +from opendc.models.model import Model +from opendc.models.user import User +from opendc.util.exceptions import ClientError +from opendc.util.rest import Response + + +class Portfolio(Model): + """Model representing a Portfolio.""" + + collection_name = 'portfolios' + + def check_user_access(self, google_id, edit_access): + """Raises an error if the user with given [google_id] has insufficient access. + + Checks access on the parent project. + + :param google_id: The Google ID of the user. + :param edit_access: True when edit access should be checked, otherwise view access. + """ + user = User.from_google_id(google_id) + authorizations = list( + filter(lambda x: str(x['projectId']) == str(self.obj['projectId']), user.obj['authorizations'])) + if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'): + raise ClientError(Response(403, 'Forbidden from retrieving/editing portfolio.')) -- cgit v1.2.3 From e2e9cec1d4836a4cba81874129b8da8a12c216f6 Mon Sep 17 00:00:00 2001 From: Georgios Andreadis Date: Wed, 8 Jul 2020 14:35:47 +0200 Subject: Implement scenario adding endpoint --- web-server/opendc/models/scenario.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 web-server/opendc/models/scenario.py (limited to 'web-server/opendc/models') diff --git a/web-server/opendc/models/scenario.py b/web-server/opendc/models/scenario.py new file mode 100644 index 00000000..d7d959ca --- /dev/null +++ b/web-server/opendc/models/scenario.py @@ -0,0 +1,26 @@ +from opendc.models.model import Model +from opendc.models.portfolio import Portfolio +from opendc.models.user import User +from opendc.util.exceptions import ClientError +from opendc.util.rest import Response + + +class Scenario(Model): + """Model representing a Scenario.""" + + collection_name = 'scenarios' + + def check_user_access(self, google_id, edit_access): + """Raises an error if the user with given [google_id] has insufficient access. + + Checks access on the parent project. + + :param google_id: The Google ID of the user. + :param edit_access: True when edit access should be checked, otherwise view access. + """ + portfolio = Portfolio.from_id(self.obj['portfolioId']) + user = User.from_google_id(google_id) + authorizations = list( + filter(lambda x: str(x['projectId']) == str(portfolio.get_id()), user.obj['authorizations'])) + if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'): + raise ClientError(Response(403, 'Forbidden from retrieving/editing scenario.')) -- cgit v1.2.3