Feed error messages through a cors wrapper so that people on other domains can see what's happening.
This commit is contained in:
jakedt
parent
4673f40dd2
commit
3b3d71bfd7
18 changed files with 162 additions and 129 deletions
|
|
@ -1,6 +1,5 @@
|
|||
from flask.ext.restful import abort
|
||||
|
||||
from endpoints.api import resource, nickname, ApiResource, log_action, related_user_resource
|
||||
from endpoints.api import (resource, nickname, ApiResource, log_action, related_user_resource,
|
||||
Unauthorized)
|
||||
from auth.permissions import AdministerOrganizationPermission, OrganizationMemberPermission
|
||||
from auth.auth_context import get_authenticated_user
|
||||
from data import model
|
||||
|
|
@ -21,6 +20,9 @@ class UserRobotList(ApiResource):
|
|||
def get(self):
|
||||
""" List the available robots for the user. """
|
||||
user = get_authenticated_user()
|
||||
if not user:
|
||||
raise Unauthorized()
|
||||
|
||||
robots = model.list_entity_robots(user.username)
|
||||
return {
|
||||
'robots': [robot_view(name, password) for name, password in robots]
|
||||
|
|
@ -34,6 +36,9 @@ class UserRobot(ApiResource):
|
|||
def put(self, robot_shortname):
|
||||
""" Create a new user robot with the specified name. """
|
||||
parent = get_authenticated_user()
|
||||
if not parent:
|
||||
raise Unauthorized()
|
||||
|
||||
robot, password = model.create_robot(robot_shortname, parent)
|
||||
log_action('create_robot', parent.username, {'robot': robot_shortname})
|
||||
return robot_view(robot.username, password), 201
|
||||
|
|
@ -42,6 +47,9 @@ class UserRobot(ApiResource):
|
|||
def delete(self, robot_shortname):
|
||||
""" Delete an existing robot. """
|
||||
parent = get_authenticated_user()
|
||||
if not parent:
|
||||
raise Unauthorized()
|
||||
|
||||
model.delete_robot(format_robot_username(parent.username, robot_shortname))
|
||||
log_action('delete_robot', parent.username, {'robot': robot_shortname})
|
||||
return 'Deleted', 204
|
||||
|
|
@ -61,7 +69,7 @@ class OrgRobotList(ApiResource):
|
|||
'robots': [robot_view(name, password) for name, password in robots]
|
||||
}
|
||||
|
||||
abort(403)
|
||||
raise Unauthorized()
|
||||
|
||||
|
||||
@resource('/v1/organization/<orgname>/robots/<robot_shortname>')
|
||||
|
|
@ -78,7 +86,7 @@ class OrgRobot(ApiResource):
|
|||
log_action('create_robot', orgname, {'robot': robot_shortname})
|
||||
return robot_view(robot.username, password), 201
|
||||
|
||||
abort(403)
|
||||
raise Unauthorized()
|
||||
|
||||
@nickname('deleteOrgRobot')
|
||||
def delete(self, orgname, robot_shortname):
|
||||
|
|
@ -89,4 +97,4 @@ class OrgRobot(ApiResource):
|
|||
log_action('delete_robot', orgname, {'robot': robot_shortname})
|
||||
return 'Deleted', 204
|
||||
|
||||
abort(403)
|
||||
raise Unauthorized()
|
||||
|
|
|
|||
Reference in a new issue