diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-11-05 10:36:02 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-11-05 10:36:02 +0200 |
commit | 82aa16698668375881e9edcab46965e4be3f5b83 (patch) | |
tree | 855cb8434e8cee343c1d7435337fe3af440a217f /muck_poc | |
parent | 782d42ef1ee0c7edb2a9cf68a24ea5ba60eca8cc (diff) | |
download | muck-poc-82aa16698668375881e9edcab46965e4be3f5b83.tar.gz |
Add: owner metadata
Diffstat (limited to 'muck_poc')
-rwxr-xr-x | muck_poc | 15 |
1 files changed, 9 insertions, 6 deletions
@@ -79,23 +79,25 @@ class MuckAPI: r = muck.Request(method=bottle.request.method) r.add_headers(bottle.request.headers) if self._ac.request_is_allowed(r, req_method, [req_scope]): - return callback() + claims = self._ac.get_claims_from_token(r) + return callback(claims) logging.error('Access denied') return bottle.HTTPError(401) return check_authz - def _create_res(self): + def _create_res(self, claims): res = self._get_json_body() meta = { 'id': self._gen.new_id(), 'rev': self._gen.new_id(), + 'owner': claims.get('sub'), } create = muck.CreateChange(meta, res) self._store.change(create) return self._create_response(201, 'create', meta, res) - def _update_res(self): + def _update_res(self, claims): rid = self._get_resource_id() try: meta, _ = self._get_existing(rid) @@ -112,7 +114,7 @@ class MuckAPI: self._store.change(update) return self._create_response(200, 'change', meta, res) - def _show_res(self): + def _show_res(self, claims): rid = self._get_resource_id() try: meta, res = self._get_existing(rid) @@ -120,7 +122,7 @@ class MuckAPI: return e return self._create_response(200, 'show', meta, res) - def _delete_res(self): + def _delete_res(self, claims): rid = self._get_resource_id() try: meta, res = self._get_existing(rid) @@ -130,7 +132,7 @@ class MuckAPI: self._store.change(delete) return self._create_response(200, 'delete', meta, res) - def _search_res(self): + def _search_res(self, claims): body = self._get_json_body() cond = body.get('cond') ms = self._store.get_memory_store() @@ -174,6 +176,7 @@ class MuckAPI: return { 'Muck-ID': meta['id'], 'Muck-Revision': meta['rev'], + 'Muck-Owner': meta['owner'], } |