From 4ec6212a220c3627bdad070ac2f0e05e2d663979 Mon Sep 17 00:00:00 2001
From: Georgios Andreadis <info@gandreadis.com>
Date: Tue, 30 Jun 2020 11:17:06 +0200
Subject: Add new experiment endpoints

---
 web-server/opendc/models/experiment.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 web-server/opendc/models/experiment.py

(limited to 'web-server/opendc/models/experiment.py')

diff --git a/web-server/opendc/models/experiment.py b/web-server/opendc/models/experiment.py
new file mode 100644
index 00000000..dd7aa4f8
--- /dev/null
+++ b/web-server/opendc/models/experiment.py
@@ -0,0 +1,15 @@
+from opendc.models.model import Model
+from opendc.models.user import User
+from opendc.util.exceptions import ClientError
+from opendc.util.rest import Response
+
+
+class Experiment(Model):
+    collection_name = 'experiments'
+
+    def check_user_access(self, google_id, edit_access):
+        user = User.from_google_id(google_id)
+        authorizations = list(
+            filter(lambda x: str(x['simulationId']) == str(self.obj['simulationId']), user.obj['authorizations']))
+        if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'):
+            raise ClientError(Response(403, "Forbidden from retrieving/editing experiment."))
-- 
cgit v1.2.3


From 9f87ab4bbab048b527585929135cab80fafd9ef9 Mon Sep 17 00:00:00 2001
From: Georgios Andreadis <info@gandreadis.com>
Date: Tue, 30 Jun 2020 13:28:18 +0200
Subject: Address a number of pylint issues

---
 web-server/opendc/models/experiment.py | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'web-server/opendc/models/experiment.py')

diff --git a/web-server/opendc/models/experiment.py b/web-server/opendc/models/experiment.py
index dd7aa4f8..ac606d64 100644
--- a/web-server/opendc/models/experiment.py
+++ b/web-server/opendc/models/experiment.py
@@ -5,9 +5,18 @@ from opendc.util.rest import Response
 
 
 class Experiment(Model):
+    """Model representing a Experiment."""
+
     collection_name = 'experiments'
 
     def check_user_access(self, google_id, edit_access):
+        """Raises an error if the user with given [google_id] has insufficient access.
+
+        Checks access on the parent simulation.
+
+        :param google_id: The Google ID of the user.
+        :param edit_access: True when edit access should be checked, otherwise view access.
+        """
         user = User.from_google_id(google_id)
         authorizations = list(
             filter(lambda x: str(x['simulationId']) == str(self.obj['simulationId']), user.obj['authorizations']))
-- 
cgit v1.2.3