def put_permissions_for_role(request):
discussion = request.context
role_name = request.matchdict['role_name']
session = Discussion.default_db
role = Role.get_by(name=role_name)
if not role:
raise HTTPNotFound("Role %s does not exist" % (role_name,))
try:
data = json.loads(request.body)
except Exception as e:
raise HTTPBadRequest("Malformed Json")
if not isinstance(data, list):
raise HTTPBadRequest("Not a list")
if data and frozenset((type(x) for x in data)) != frozenset((str,)):
raise HTTPBadRequest("not strings")
permissions = set(session.query(Permission).filter(Permission.name.in_(data)).all())
data = set(data)
if len(permissions) != len(data):
raise HTTPBadRequest("Not valid permissions: %s" % (repr(
data - set((p.name for p in permissions))),))
known_dp = session.query(DiscussionPermission).join(Permission).filter(
role=role, discussion=discussion).all()
dp_by_permission = {dp.permission.name: dp for dp in known_dp}
known_permissions = set(dp_by_permission.keys())
for permission in known_permissions - permissions:
session.delete(dp_by_permission[permission])
for permission in permissions - known_permissions:
session.add(DiscussionPermission(
role=role, permission=permission, discussion=discussion))
return {"added": list(permissions - known_permissions),
"removed": list(known_permissions - permissions)}
评论列表
文章目录
