382
384
def render_POST(self, request): # pylint: disable-msg=R0201
383
385
"""Update image attributes: public/private"""
387
# image_id required for all requests
385
388
image_id = get_argument(request, 'image_id', u'')
389
image_object = image.Image(image_id)
390
if not image_object.is_authorized(request.context):
391
logging.debug("not authorized for render_POST in images")
392
raise exception.NotAuthorized
386
394
operation = get_argument(request, 'operation', u'')
388
image_object = image.Image(image_id)
390
if not image_object.is_authorized(request.context):
391
raise exception.NotAuthorized
393
image_object.set_public(operation=='add')
396
# operation implies publicity toggle
397
logging.debug("handling publicity toggle")
398
image_object.set_public(operation=='add')
400
# other attributes imply update
401
logging.debug("update user fields")
403
for arg in request.args.keys():
404
clean_args[arg] = request.args[arg][0]
405
image_object.update_user_editable_fields(clean_args)
397
408
def render_DELETE(self, request): # pylint: disable-msg=R0201