Assumes for current logged in user Assumes user not member / auth_api Question is "enable" the right name when this can disbale too... A few context things: Other APIs are enabled through direct processes (generally for good reason ) for example, "builder_api". In general this is more fo
()
| 5 | methods=['POST']) |
| 6 | @General_permissions.grant_permission_for(['normal_user']) |
| 7 | def api_enable_user(): |
| 8 | """ |
| 9 | Assumes for current logged in user |
| 10 | Assumes user not member / auth_api |
| 11 | Question is "enable" the right name when this can disbale too... |
| 12 | |
| 13 | A few context things: |
| 14 | Other APIs are enabled through direct processes (generally for good reason ) |
| 15 | for example, "builder_api". |
| 16 | In general this is more for the "optional" APIs . |
| 17 | Less significant may not quite be the right word but just the concept that |
| 18 | at least for now this is more for the user experience then any strict |
| 19 | security / billing thing. |
| 20 | |
| 21 | """ |
| 22 | |
| 23 | spec_list = [{"api_name": str}, |
| 24 | {"mode": { |
| 25 | 'default': True, # ENABLE (True) or DISABLE (False) ? |
| 26 | 'kind': bool |
| 27 | } |
| 28 | }] |
| 29 | |
| 30 | log, input, untrusted_input = regular_input.master(request=request, |
| 31 | spec_list=spec_list) |
| 32 | if len(log["error"].keys()) >= 1: |
| 33 | return jsonify(log=log), 400 |
| 34 | |
| 35 | with sessionMaker.session_scope() as session: |
| 36 | |
| 37 | user = User.get(session) |
| 38 | session.add(user) |
| 39 | |
| 40 | # In the future imagine we could make this a lot |
| 41 | # more generic, but for now it's a start... |
| 42 | # not checking any permissions or anything here either... |
| 43 | |
| 44 | if input['api_name'] == "api_actions": |
| 45 | |
| 46 | # Can we cast this with |
| 47 | # getattr(user, 'string name') ? |
| 48 | |
| 49 | user.api_actions = input['mode'] |
| 50 | |
| 51 | Event.new( |
| 52 | session = session, |
| 53 | kind = f"api_enable_{str(input['api_name'])}", |
| 54 | member_id = user.member_id, |
| 55 | success = True, |
| 56 | email = user.email) |
| 57 | |
| 58 | log['success'] = True |
| 59 | |
| 60 | return jsonify(log=log, |
| 61 | user = user.serialize()), 200 |
| 62 | |
| 63 | |
| 64 | log['error'] = "Invalid API name" |