#!/usr/bin/env python
import cherrypy
from dm.common.service.dmSessionController import DmSessionController
from dm.ds_web_service.service.impl.userInfoSessionControllerImpl import UserInfoSessionControllerImpl
from dm.common.db.api.experimentDbApi import ExperimentDbApi
from dm.common.exceptions.invalidRequest import InvalidRequest
from dm.common.exceptions.authorizationError import AuthorizationError
class UserInfoSessionController(DmSessionController):
def __init__(self):
DmSessionController.__init__(self)
self.experimentDbApi = ExperimentDbApi()
self.userInfoSessionControllerImpl = UserInfoSessionControllerImpl()
@cherrypy.expose
@DmSessionController.require(DmSessionController.isLoggedIn())
@DmSessionController.execute
def getUsers(self, **kwargs):
return self.listToJson(self.userInfoSessionControllerImpl.getUsers())
@cherrypy.expose
@DmSessionController.require(DmSessionController.isLoggedIn())
@DmSessionController.execute
def getUserById(self, id, **kwargs):
if not id:
raise InvalidRequest('Invalid id provided.')
response = self.userInfoSessionControllerImpl.getUserById(id).getFullJsonRep()
self.logger.debug('Returning user info for %s: %s' % (id,response))
return response
@cherrypy.expose
@DmSessionController.require(DmSessionController.isLoggedIn())
@DmSessionController.execute
def getUserByUsername(self, username, **kwargs):
if not len(username):
raise InvalidRequest('Invalid username provided.')
response = self.userInfoSessionControllerImpl.getUserByUsername(username).getFullJsonRep()
self.logger.debug('Returning user info for %s: %s' % (username,response))
return response
@cherrypy.expose
@DmSessionController.require(DmSessionController.isLoggedIn())
@DmSessionController.execute
def addUserSystemRole(self, username, roleName, **kwargs):
if not username:
raise InvalidRequest('Invalid username provided.')
if not roleName:
raise InvalidRequest('Invalid role name provided.')
experimentStationName = kwargs.get('experimentStationName')
if experimentStationName:
experimentStation = self.experimentDbApi.getExperimentStationByName(experimentStationName)
if not self.hasAdministratorRole() and not self.hasManagerRole(experimentStation['id']):
raise AuthorizationError('User %s cannot modify system roles for experiment station %s.' % (self.getSessionUsername(),experimentStationName))
else:
if not self.hasAdministratorRole():
raise AuthorizationError('User %s cannot modify system roles.' % (self.getSessionUsername()))
response = self.userInfoSessionControllerImpl.addUserSystemRole(username, roleName, experimentStationName).getFullJsonRep()
return response
@cherrypy.expose
@DmSessionController.require(DmSessionController.isLoggedIn())
@DmSessionController.execute
def deleteUserSystemRole(self, username, roleName, **kwargs):
if not username:
raise InvalidRequest('Invalid username provided.')
if not roleName:
raise InvalidRequest('Invalid role name provided.')
experimentStationName = kwargs.get('experimentStationName')
if experimentStationName:
experimentStation = self.experimentDbApi.getExperimentStationByName(experimentStationName)
if not self.hasAdministratorRole() and not self.hasManagerRole(experimentStation['id']):
raise AuthorizationError('User %s cannot modify system roles for experiment station %s.' % (self.getSessionUsername(),experimentStationName))
else:
if not self.hasAdministratorRole():
raise AuthorizationError('User %s cannot modify system roles.' % (self.getSessionUsername()))
response = self.userInfoSessionControllerImpl.deleteUserSystemRole(username, roleName, experimentStationName).getFullJsonRep()
return response
@cherrypy.expose
@DmSessionController.require(DmSessionController.isLoggedIn())
@DmSessionController.execute
def addUserExperimentRole(self, username, roleName, experimentName, **kwargs):
if not username:
raise InvalidRequest('Invalid username provided.')
if not experimentName:
raise InvalidRequest('Invalid experiment name provided.')
if not roleName:
raise InvalidRequest('Invalid role name provided.')
experiment = self.experimentDbApi.getExperimentByName(experimentName)
if not self.hasAdministratorRole() and not self.hasManagerRole(experiment['experimentStationId']) and not self.hasPiRole(experiment['id']):
raise AuthorizationError('User %s cannot modify users for experiment %s.' % (self.getSessionUsername(),experimentName))
response = self.userInfoSessionControllerImpl.addUserExperimentRole(username, roleName, experimentName).getFullJsonRep()
return response
@cherrypy.expose
@DmSessionController.require(DmSessionController.isLoggedIn())
@DmSessionController.execute
def deleteUserExperimentRole(self, username, roleName, experimentName, **kwargs):
if not username:
raise InvalidRequest('Invalid username provided.')
if not experimentName:
raise InvalidRequest('Invalid experiment name provided.')
if not roleName:
raise InvalidRequest('Invalid role name provided.')
experiment = self.experimentDbApi.getExperimentByName(experimentName)
if not self.hasAdministratorRole() and not self.hasManagerRole(experiment['experimentStationId']) and not self.hasPiRole(experiment['id']):
raise AuthorizationError('User %s cannot modify users for experiment %s.' % (self.getSessionUsername(),experimentName))
response = self.userInfoSessionControllerImpl.deleteUserExperimentRole(username, roleName, experimentName).getFullJsonRep()
return response