added permission checks to user and recorder API

backend/api/user_api.py

@@ -14,7 +14,8 @@ from flask_restx import Resource, fields, inputs, abort
 from backend import db, app, jwt_auth
 from backend.api import api_user
 from backend.api.models import user_model, recorder_model, generic_id_parser
-from backend.models import Recorder
+from backend.auth.utils import requires_permission_level
+from backend.models import Recorder, Config
 from backend.models.user_model import User, Group
 
 
@@ -90,18 +91,20 @@ class UserList(Resource):
 
     # @jwt_auth.login_required
     @jwt_required
+    @requires_permission_level(Config.Permissions.USERS_LIST)
     @api_user.doc('users')
     @api_user.marshal_list_with(user_model)
     def get(self):
         """
-        just a test!
-        :return: Hello: World
+        returns all users
+        :return: all users
         """
         current_user = get_jwt_identity()
         app.logger.info(current_user)
         return User.get_all()
 
     @jwt_required
+    @requires_permission_level(Config.Permissions.USER_CREATE)
     @api_user.doc('create_group')
     @api_user.expect(user_model)
     @api_user.marshal_with(user_model, code=201)
@@ -117,6 +120,7 @@ class UserList(Resource):
 @api_user.response(404, 'User not found')
 class UserResource(Resource):
     @jwt_auth.login_required
+    @requires_permission_level(Config.Permissions.USER_SHOW)
     @api_user.doc('get_user')
     @api_user.marshal_with(user_model)
     def get(self, id):
@@ -126,4 +130,16 @@ class UserResource(Resource):
             return user
         api_user.abort(404)
 
+    @jwt_auth.login_required
+    @requires_permission_level(Config.Permissions.USER_DELETE)
+    @api_user.doc('delete_user')
+    def delete(self, id):
+        """Fetch a user given its identifier"""
+        user = User.get_by_id(id)
+        if user is not None:
+            db.session.delete(user)
+            db.session.commit()
+            return "ok"
+        api_user.abort(404)
+
 # api_user.add_resource(UserResource, '/')