created listhandler class

created route to handle roles get, post, put, delete for groups

created listhandler class
f0dd2a84 · Renzo Frigato · 3af5e46d · f0dd2a84 · f0dd2a84 · f0dd2a84
Commit f0dd2a84 authored 9 years ago by Renzo Frigato
--- a/api/api.py
+++ b/api/api.py
@@ -14,6 +14,8 @@ from . import projects
 from . import sessions
 from . import acquisitions
 from . import collections
+from . import listhandler
+from . import permchecker


 routes = [
@@ -44,6 +46,7 @@ routes = [
        webapp2.Route(r'/<:[^/]+>',                                 users.Group, name='group'),
        webapp2.Route(r'/<gid:[^/]+>/projects',                     projects.Projects, name='g_projects'),
        webapp2.Route(r'/<gid:[^/]+>/sessions',                     sessions.Sessions, name='g_sessions', methods=['GET']),
+        webapp2.Route(r'/<cid:[^/]+>/<list:roles>/<_id:[^/]+>',     listhandler.ListHandler, name='g_roles', defaults={'collection': 'groups', 'permchecker': permchecker.default_sublist}),
    ]),
    webapp2.Route(r'/api/projects',                                 projects.Projects, methods=['GET'], name='projects'),
    webapp2_extras.routes.PathPrefixRoute(r'/api/projects', [

--- a/api/dao/__init__.py
+++ b/api/dao/__init__.py
--- a/api/dao/grouproles.py
+++ b/api/dao/grouproles.py
+import storage
+import copy
+
+class GroupRolesStorage(object):
+
+    def init(self, dbc):
+        self.dbc = dbc
+
+    def get_container(self, _id):
+        return super(GroupRolesStorage, storage.Storage).get_container(self, _id)
+
+    def store_change(self, action, _id, elem_match=None, payload=None):
+        if action == 'DELETE':
+            return self._delete_role(_id, elem_match)
+        if action == 'PUT':
+            return self._update_role(_id, elem_match, payload)
+        if action == 'POST':
+            return self._create_role(_id, payload)
+        raise ValueError('action should be one of POST, PUT, DELETE')
+
+    def _create_role(self, _id, payload):
+        return super(GroupRolesStorage, self)._delete_el(_id, 'roles', payload)
+
+    def _delete_role(self, _id, elem_match):
+        return super(GroupRolesStorage, self)._delete_el(_id, 'roles', elem_match)
+
+    def _update_role(self, _id, elem_match, payload):
+        return super(GroupRolesStorage, self)._update_el(_id, 'roles', elem_match, payload)
+
+
+storage.Storage.register(GroupRolesStorage)
\ No newline at end of file
--- a/api/dao/notes.py
+++ b/api/dao/notes.py
+import storage
+
+class NotesStorage(object):
+
+    def init(self, dbc):
+        self.dbc = dbc
+
+    def get_container(self, _id):
+        return super(NotesStorage, storage.Storage).get_container(self, _id)
+
+    def store_change(self, action, **kwargs):
+        if action == 'DELETE':
+            return self._delete_note(**kwargs)
+        if action == 'PUT':
+            return self._update_note(**kwargs)
+        if action == 'POST':
+            return self._create_note(**kwargs)
+        raise ValueError('action should be one of POST, PUT, DELETE')
+
+    def _create_note(self, _id=None, **kwargs):
+        _id = _id or bson.objectid.ObjectId()
+        query = {'_id': _id, 'notes': {'$not': {'$elemMatch': kwargs} } }
+        update = {'$push': {'notes': payload} }
+        return dbc.update_one(query, update)
+
+    def _delete_note(self, _id, **kwargs):
+        query = {'_id': _id}
+        update = {'$pull': {'notes': payload} }
+        return dbc.update_one(query, update)
+
+
+    def _update_note(self, _id, **kwargs):
+        for k,v in kwargs.items():
+            mod_payload['notes.$.' + k] = v
+
+        query = {'_id': _id, 'notes': {'$elemMatch': kwargs} }
+
+        update = {
+            '$set': mod_payload
+        }
+
+        return dbc.update_one(query, update)
+
+storage.Storage.register(NotesStorage)
\ No newline at end of file
--- a/api/dao/storage.py
+++ b/api/dao/storage.py
+from abc import ABCMeta, abstractmethod
+
+class AbstractStorage:
+    __metaclass__ = ABCMeta
+
+    @abstractmethod
+    def get_container(self, _id):
+        return self.dbc.find_one(_id)
+
+    @abstractmethod
+    def store_change(self, action, list_, elem_match=None, payload=None):
+        pass
+
+    def _create_el(self, _id, list_, payload):
+        if !isinstance(payload, str):
+            elem_match = copy.deepcopy(payload)
+            payload['_id'] = bson.objectid.ObjectId()
+        else:
+             elem_match = payload
+        query = {'_id': _id, list_: {'$not': {'$elemMatch': elem_match} } }
+        update = {'$push': {list_: payload} }
+        return dbc.update_one(query, update)
+
+    def _update_el(self, _id, list_, elem_match, payload):
+        if isinstance(payload, str):
+            mod_elem = {
+                list_ + '.$': v
+            }
+        else:
+            mod_elem = {}
+            for k,v in payload.items():
+                mod_elem[list_ + '.$.' + k] = v
+        query = {'_id': _id, 'notes': {'$elemMatch': elem_match} }
+        update = {
+            '$set': mod_elem
+        }
+        return self.dbc.update_one(query, update)
+
+    def _delete_el(self, _id, list_, elem_match):
+        query = {'_id': _id}
+        update = {'$pull': {list_: elem_match} }
+        return self.dbc.update_one(query, update)
--- a/api/listhandler.py
+++ b/api/listhandler.py
+# @author:  Renzo Frigato
+
+import logging
+import base
+import json
+log = logging.getLogger('scitran.api.listhandler')
+
+class ListHandler(base.RequestHandler):
+
+    def __init__(self, request=None, response=None):
+        super(ListHandler, self).__init__(request, response)
+        self.permissions = None
+
+    def get(self, *args, **kwargs):
+        #permchecker = kwargs.pop('permchecker')
+        collection = kwargs.pop('collection')
+        list_ = kwargs.pop('list')
+        _id = kwargs.pop('cid', None) or kwargs.pop('_id')
+        query = {'_id': _id}
+        projection = {}
+        query[list_] = projection[list_] = {'$elemMatch': kwargs}
+
+        dbc = self.app.db.get_collection(collection)
+        result = dbc.find_one(query)
+
+        if result is not None:
+            return result[list_][0]
+        else:
+            self.abort(404, 'Element not found in list {} of collection {}'.format(list_, collection))
+
+    def post(self, *args, **kwargs):
+        collection = kwargs.pop('collection')
+        list_ = kwargs.pop('list')
+        _id = kwargs.pop('cid', None) or kwargs.pop('_id')
+
+        payload = self.request.POST.mixed()
+        payload.update(kwargs)
+        query = {'_id': _id, list_: {'$not': {'$elemMatch': kwargs} } }
+        update = {'$push': {list_: payload} }
+
+        dbc = self.app.db.get_collection(collection)
+        result = dbc.update_one(query, update)
+
+        if result.modified_count == 1:
+            return {'modified':result.modified_count}
+        else:
+            self.abort(404, 'Element not added in list {} of collection {}'.format(list_, collection))
+
+    def put(self, *args, **kwargs):
+        collection = kwargs.pop('collection')
+        list_ = kwargs.pop('list')
+        _id = kwargs.pop('cid', None) or kwargs.pop('_id')
+        payload = self.request.POST.mixed()
+        mod_payload = {}
+        for k,v in payload.items():
+            mod_payload[list_ + '.$.' + k] = v
+
+        query = {'_id': _id, list_: {'$elemMatch': kwargs} }
+
+        update = {
+            '$set': mod_payload
+        }
+
+        dbc = self.app.db.get_collection(collection)
+        result = dbc.update_one(query, update)
+
+        if result.modified_count == 1:
+            return {'modified':result.modified_count}
+        else:
+            self.abort(404, 'Element not added in list {} of collection {}'.format(list_, collection))
+
+    def delete(self, *args, **kwargs):
+        collection = kwargs.pop('collection')
+        list_ = kwargs.pop('list')
+        _id = kwargs.pop('cid', None) or kwargs.pop('_id')
+        payload = self.request.POST.mixed()
+        payload.update(kwargs)
+        query = {'_id': _id}
+        update = {'$pull': {list_: payload} }
+
+        dbc = self.app.db.get_collection(collection)
+        result = dbc.update_one(query, update)
+
+        if result.modified_count == 1:
+            return {'modified':result.modified_count}
+        else:
+            self.abort(404, 'Element not added in list {} of collection {}'.format(list_, collection))
--- a/api/permchecker.py
+++ b/api/permchecker.py
+from users import INTEGER_ROLES
+
+def _get_access(container, uid):
+    permissions_list = container['roles'] or container['permissions']
+    for perm in permissions_list:
+        if perm._id == uid:
+            return INTEGER_ROLES[perm.access]
+    else:
+        return -1
+
+def default_sublist(container, method, uid):
+    access = _get_access(container, uid)
+
+    if method == 'GET':
+        return access >= INTEGER_ROLES['ro']
+    if method in Set(['POST', 'PUT', 'DELETE']):
+        return access >= INTEGER_ROLES['rw']
+    return False
+
+def group_roles_sublist(container, method, uid):
+    access = _get_access(container, uid)
+    return access >= INTEGER_ROLES['admin']
+
+