userInfoSessionController.py

#!/usr/bin/env python

import cherrypy
from dm.common.service.dmSessionController import DmSessionController
from dm.ds_web_service.service.impl.userInfoSessionControllerImpl import UserInfoSessionControllerImpl
from dm.common.db.api.experimentDbApi import ExperimentDbApi
from dm.common.exceptions.invalidRequest import InvalidRequest
from dm.common.exceptions.authorizationError import AuthorizationError

class UserInfoSessionController(DmSessionController):

    def __init__(self):
        DmSessionController.__init__(self)
        self.experimentDbApi = ExperimentDbApi()
        self.userInfoSessionControllerImpl = UserInfoSessionControllerImpl()

    @cherrypy.expose
    @DmSessionController.require(DmSessionController.isLoggedIn())
    @DmSessionController.execute
    def getUsers(self, **kwargs):
        return self.listToJson(self.userInfoSessionControllerImpl.getUsers())

    @cherrypy.expose
    @DmSessionController.require(DmSessionController.isLoggedIn())
    @DmSessionController.execute
    def getUserById(self, id, **kwargs):
        if not id:
            raise InvalidRequest('Invalid id provided.')
        response = self.userInfoSessionControllerImpl.getUserById(id).getFullJsonRep()
        self.logger.debug('Returning user info for %s: %s' % (id,response))
        return response

    @cherrypy.expose
    @DmSessionController.require(DmSessionController.isLoggedIn())
    @DmSessionController.execute
    def getUserByUsername(self, username, **kwargs):
        if not len(username):
            raise InvalidRequest('Invalid username provided.')
        response = self.userInfoSessionControllerImpl.getUserByUsername(username).getFullJsonRep()
        self.logger.debug('Returning user info for %s: %s' % (username,response))
        return response

    @cherrypy.expose
    @DmSessionController.require(DmSessionController.isLoggedIn())
    @DmSessionController.execute
    def addUserSystemRole(self, username, roleName, **kwargs):
        if not username:
            raise InvalidRequest('Invalid username provided.')
        if not roleName:
            raise InvalidRequest('Invalid role name provided.')
        experimentStationName = kwargs.get('experimentStationName')
        if experimentStationName:
            experimentStation = self.experimentDbApi.getExperimentStationByName(experimentStationName)
            if not self.hasAdministratorRole() and not self.hasManagerRole(experimentStation['id']):
                raise AuthorizationError('User %s cannot modify system roles for experiment station %s.' % (self.getSessionUsername(),experimentStationName))
        else:
            if not self.hasAdministratorRole():
                raise AuthorizationError('User %s cannot modify system roles.' % (self.getSessionUsername()))

        response = self.userInfoSessionControllerImpl.addUserSystemRole(username, roleName, experimentStationName).getFullJsonRep()
        return response

    @cherrypy.expose
    @DmSessionController.require(DmSessionController.isLoggedIn())
    @DmSessionController.execute
    def deleteUserSystemRole(self, username, roleName, **kwargs):
        if not username:
            raise InvalidRequest('Invalid username provided.')
        if not roleName:
            raise InvalidRequest('Invalid role name provided.')
        experimentStationName = kwargs.get('experimentStationName')
        if experimentStationName:
            experimentStation = self.experimentDbApi.getExperimentStationByName(experimentStationName)
            if not self.hasAdministratorRole() and not self.hasManagerRole(experimentStation['id']):
                raise AuthorizationError('User %s cannot modify system roles for experiment station %s.' % (self.getSessionUsername(),experimentStationName))
        else:
            if not self.hasAdministratorRole():
                raise AuthorizationError('User %s cannot modify system roles.' % (self.getSessionUsername()))

        response = self.userInfoSessionControllerImpl.deleteUserSystemRole(username, roleName, experimentStationName).getFullJsonRep()
        return response

    @cherrypy.expose
    @DmSessionController.require(DmSessionController.isLoggedIn())
    @DmSessionController.execute
    def addUserExperimentRole(self, username, roleName, experimentName, **kwargs):
        if not username:
            raise InvalidRequest('Invalid username provided.')
        if not experimentName:
            raise InvalidRequest('Invalid experiment name provided.')
        if not roleName:
            raise InvalidRequest('Invalid role name provided.')
 
        experiment = self.experimentDbApi.getExperimentByName(experimentName)
        if not self.hasAdministratorRole() and not self.hasManagerRole(experiment['experimentStationId']) and not self.hasPiRole(experiment['id']):
            raise AuthorizationError('User %s cannot modify users for experiment %s.' % (self.getSessionUsername(),experimentName))

        response = self.userInfoSessionControllerImpl.addUserExperimentRole(username, roleName, experimentName).getFullJsonRep()
        return response

    @cherrypy.expose
    @DmSessionController.require(DmSessionController.isLoggedIn())
    @DmSessionController.execute
    def deleteUserExperimentRole(self, username, roleName, experimentName, **kwargs):
        if not username:
            raise InvalidRequest('Invalid username provided.')
        if not experimentName:
            raise InvalidRequest('Invalid experiment name provided.')
        if not roleName:
            raise InvalidRequest('Invalid role name provided.')

        experiment = self.experimentDbApi.getExperimentByName(experimentName)
        if not self.hasAdministratorRole() and not self.hasManagerRole(experiment['experimentStationId']) and not self.hasPiRole(experiment['id']):
            raise AuthorizationError('User %s cannot modify users for experiment %s.' % (self.getSessionUsername(),experimentName))

        response = self.userInfoSessionControllerImpl.deleteUserExperimentRole(username, roleName, experimentName).getFullJsonRep()
        return response