From 5dffe7e0889dd76885d313c1d44a4b389f4b8667 Mon Sep 17 00:00:00 2001
From: "ahmed.helmy" <ahmad.helmy@orange.com>
Date: Thu, 5 Apr 2018 15:41:37 +0200
Subject: continue integrating validation

Change-Id: Ifbda169affd649f9125581ac5b688b509d1f0d82
Signed-off-by: ahmed.helmy <ahmad.helmy@orange.com>
---
 moon_manager/moon_manager/api/meta_data.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'moon_manager/moon_manager/api/meta_data.py')

diff --git a/moon_manager/moon_manager/api/meta_data.py b/moon_manager/moon_manager/api/meta_data.py
index 104f26be..ab5702e4 100644
--- a/moon_manager/moon_manager/api/meta_data.py
+++ b/moon_manager/moon_manager/api/meta_data.py
@@ -12,6 +12,7 @@ from flask_restful import Resource
 import logging
 from python_moonutilities.security_functions import check_auth
 from python_moondb.core import ModelManager
+from python_moonutilities.security_functions import validate_input
 
 __version__ = "4.3.2"
 
@@ -29,6 +30,7 @@ class SubjectCategories(Resource):
         "/subject_categories/<string:category_id>",
     )
 
+    @validate_input("get",kwargs_state=[False,False])
     @check_auth
     def get(self, category_id=None, user_id=None):
         """Retrieve all subject categories or a specific one
@@ -52,6 +54,7 @@ class SubjectCategories(Resource):
                     "error": str(e)}, 500
         return {"subject_categories": data}
 
+    @validate_input("post",body_state=[True,False])
     @check_auth
     def post(self, category_id=None, user_id=None):
         """Create or update a subject category.
@@ -79,6 +82,7 @@ class SubjectCategories(Resource):
                     "error": str(e)}, 500
         return {"subject_categories": data}
 
+    @validate_input("delete",kwargs_state=[True,False])
     @check_auth
     def delete(self, category_id=None, user_id=None):
         """Delete a subject category
@@ -112,6 +116,7 @@ class ObjectCategories(Resource):
         "/object_categories/<string:category_id>",
     )
 
+    @validate_input("get",kwargs_state=[False,False])
     @check_auth
     def get(self, category_id=None, user_id=None):
         """Retrieve all object categories or a specific one
@@ -135,6 +140,7 @@ class ObjectCategories(Resource):
                     "error": str(e)}, 500
         return {"object_categories": data}
 
+    @validate_input("post", body_state=[True, False])
     @check_auth
     def post(self, category_id=None, user_id=None):
         """Create or update a object category.
@@ -162,6 +168,7 @@ class ObjectCategories(Resource):
                     "error": str(e)}, 500
         return {"object_categories": data}
 
+    @validate_input("delete", kwargs_state=[True, False])
     @check_auth
     def delete(self, category_id=None, user_id=None):
         """Delete an object category
@@ -195,6 +202,7 @@ class ActionCategories(Resource):
         "/action_categories/<string:category_id>",
     )
 
+    @validate_input("get", kwargs_state=[False, False])
     @check_auth
     def get(self, category_id=None, user_id=None):
         """Retrieve all action categories or a specific one
@@ -218,6 +226,7 @@ class ActionCategories(Resource):
                     "error": str(e)}, 500
         return {"action_categories": data}
 
+    @validate_input("post", body_state=[True, False])
     @check_auth
     def post(self, category_id=None, user_id=None):
         """Create or update an action category.
@@ -245,6 +254,7 @@ class ActionCategories(Resource):
                     "error": str(e)}, 500
         return {"action_categories": data}
 
+    @validate_input("delete", kwargs_state=[True, False])
     @check_auth
     def delete(self, category_id=None, user_id=None):
         """Delete an action
-- 
cgit 1.2.3-korg