Permissions checked by guide being in project.
(project_string_id)
| 12 | Roles = ["admin", "Editor"], |
| 13 | apis_user_list = ['api_enabled_builder', 'security_email_verified']) |
| 14 | def guide_edit_api(project_string_id): |
| 15 | """ |
| 16 | Permissions checked by guide being in project. |
| 17 | |
| 18 | """ |
| 19 | |
| 20 | with sessionMaker.session_scope() as session: |
| 21 | |
| 22 | spec_list = [{"name" : str}, |
| 23 | {"description_markdown": str}, |
| 24 | {"id": int}, |
| 25 | {"mode": str} # defaults to UPDATE |
| 26 | ] |
| 27 | |
| 28 | log, input, untrusted_input = regular_input.master(request=request, |
| 29 | spec_list=spec_list) |
| 30 | if len(log["error"].keys()) >= 1: |
| 31 | return jsonify(log=log), 400 |
| 32 | |
| 33 | with sessionMaker.session_scope() as session: |
| 34 | |
| 35 | guide = session.query(Guide).filter( |
| 36 | Guide.id == input['id']).first() |
| 37 | |
| 38 | if guide is None: |
| 39 | log["error"]["id"] = "Bad ID" |
| 40 | return jsonify(log=log), 400 |
| 41 | |
| 42 | if guide.project.project_string_id != project_string_id: |
| 43 | log["error"]["id"] = "Permissions Issue - Bad ID" |
| 44 | return jsonify(log=log), 400 |
| 45 | |
| 46 | # Guide itself is stored as part of session |
| 47 | # so don't need to return. |
| 48 | guide_update_core( |
| 49 | session = session, |
| 50 | guide = guide, |
| 51 | mode = input['mode'], |
| 52 | name = input['name'], |
| 53 | description_markdown = input['description_markdown'] |
| 54 | ) |
| 55 | |
| 56 | return jsonify(log = log, |
| 57 | guide = guide.serialize_for_list_view()), 200 |
| 58 | |
| 59 | |
| 60 | def guide_update_core( |
nothing calls this directly
no test coverage detected