boot: Refactor token validation decorator.

Change-Id: I529aaf81d922db1f110cb8ddd22e88227ac3c462
author: Milo Casagrande <milo.casagrande@linaro.org> 2014-10-20 22:38:59 +0200
committer: Milo Casagrande <milo.casagrande@linaro.org> 2014-10-20 22:38:59 +0200
commit: 10af86f53d61429e3c1f6495f3b748da7d09ccc3 (patch)
tree: d3d48c3842fe6ea41bb794d2896b72d1906ccbd6 /app/handlers/boot.py
parent: c05651d8484f3db4f0a4b22ab9f3fdbcc17c04f8 (diff)
1 files changed, 27 insertions, 22 deletions
diff --git a/app/handlers/boot.py b/app/handlers/boot.py
index 0bd26d8..511929f 100644
--- a/app/handlers/boot.py
+++ b/app/handlers/boot.py
@@ -18,6 +18,7 @@
 from handlers.base import BaseHandler
 from handlers.common import (
     BOOT_VALID_KEYS,
+    NOT_VALID_TOKEN,
     get_query_spec,
 )
 from handlers.response import HandlerResponse
@@ -55,31 +56,35 @@ class BootHandler(BaseHandler):
     def execute_delete(self, *args, **kwargs):
         response = None
 
-        if kwargs and kwargs.get('id', None):
-            doc_id = kwargs['id']
-            if find_one(self.collection, doc_id):
-                response = self._delete(doc_id)
-                if response.status_code == 200:
-                    response.reason = "Resource '%s' deleted" % doc_id
+        if self._validate_req_token("DELETE"):
+            if kwargs and kwargs.get('id', None):
+                doc_id = kwargs['id']
+                if find_one(self.collection, doc_id):
+                    response = self._delete(doc_id)
+                    if response.status_code == 200:
+                        response.reason = "Resource '%s' deleted" % doc_id
+                else:
+                    response = HandlerResponse(404)
+                    response.reason = "Resource '%s' not found" % doc_id
             else:
-                response = HandlerResponse(404)
-                response.reason = "Resource '%s' not found" % doc_id
-        else:
-            spec = get_query_spec(
-                self.get_query_arguments, self._valid_keys("DELETE")
-            )
-            if spec:
-                response = self._delete(spec)
-                if response.status_code == 200:
+                spec = get_query_spec(
+                    self.get_query_arguments, self._valid_keys("DELETE")
+                )
+                if spec:
+                    response = self._delete(spec)
+                    if response.status_code == 200:
+                        response.reason = (
+                            "Resources identified with '%s' deleted" % spec
+                        )
+                else:
+                    response = HandlerResponse(400)
+                    response.result = None
                     response.reason = (
-                        "Resources identified with '%s' deleted" % spec
+                        "No valid data provided to execute a DELETE"
                     )
-            else:
-                response = HandlerResponse(400)
-                response.result = None
-                response.reason = (
-                    "No valid data provided to execute a DELETE"
-                )
+        else:
+            response = HandlerResponse(403)
+            response.reason = NOT_VALID_TOKEN
 
         return response
author	Milo Casagrande <milo.casagrande@linaro.org>	2014-10-20 22:38:59 +0200
committer	Milo Casagrande <milo.casagrande@linaro.org>	2014-10-20 22:38:59 +0200
commit	10af86f53d61429e3c1f6495f3b748da7d09ccc3 (patch)
tree	d3d48c3842fe6ea41bb794d2896b72d1906ccbd6 /app/handlers/boot.py
parent	c05651d8484f3db4f0a4b22ab9f3fdbcc17c04f8 (diff)