Introducing project_node_type_has_method

Check for a specific request arg, and check generate the
allowed_methods list for the required node_type.
This commit is contained in:
2016-01-26 18:26:18 +01:00
parent 1a5fcc1744
commit 8a06634839
2 changed files with 35 additions and 13 deletions

View File

@@ -9,12 +9,19 @@ from flask import request
from flask import url_for from flask import url_for
from flask import abort from flask import abort
from eve import Eve from eve import Eve
from eve.auth import TokenAuth
from eve.io.mongo import Validator from eve.io.mongo import Validator
from application.utils.authentication import validate_token
from application.utils.authentication import NewAuth
RFC1123_DATE_FORMAT = '%a, %d %b %Y %H:%M:%S GMT' RFC1123_DATE_FORMAT = '%a, %d %b %Y %H:%M:%S GMT'
class NewAuth(TokenAuth):
def check_auth(self, token, allowed_roles, resource, method):
if not token:
return False
else:
validate_token()
return True
class ValidateCustomFields(Validator): class ValidateCustomFields(Validator):
def convert_properties(self, properties, node_schema): def convert_properties(self, properties, node_schema):
for prop in node_schema: for prop in node_schema:
@@ -88,6 +95,7 @@ bugsnag.configure(
) )
handle_exceptions(app) handle_exceptions(app)
from application.utils.authentication import validate_token
from application.utils.authorization import check_permissions from application.utils.authorization import check_permissions
from application.utils.cdn import hash_file_path from application.utils.cdn import hash_file_path
from application.utils.gcs import GoogleCloudStorageBucket from application.utils.gcs import GoogleCloudStorageBucket
@@ -176,6 +184,27 @@ def resource_parse_attachments(response):
for item in response['_items']: for item in response['_items']:
item_parse_attachments(item) item_parse_attachments(item)
def project_node_type_has_method(response):
"""Check for a specific request arg, and check generate the allowed_methods
list for the required node_type.
"""
try:
node_type_name = request.args['node_type']
except KeyError:
return
# Proceed only node_type has been requested
if node_type_name:
# Look up the node type in the project document
node_type = next(
(item for item in response['node_types'] if item.get('name') \
and item['name'] == node_type_name), None)
if not node_type:
return abort(404)
# Check permissions and append the allowed_methods to the node_type
if not check_permissions(node_type, 'GET', append_allowed_methods=True):
return abort(403)
app.on_fetched_item_nodes += before_returning_item_permissions app.on_fetched_item_nodes += before_returning_item_permissions
app.on_fetched_item_nodes += item_parse_attachments app.on_fetched_item_nodes += item_parse_attachments
app.on_fetched_resource_nodes += before_returning_resource_permissions app.on_fetched_resource_nodes += before_returning_resource_permissions
@@ -185,6 +214,7 @@ app.on_fetched_resource_node_types += before_returning_resource_permissions
app.on_replace_nodes += before_replacing_node app.on_replace_nodes += before_replacing_node
app.on_insert_nodes += before_inserting_nodes app.on_insert_nodes += before_inserting_nodes
app.on_fetched_item_projects += before_returning_item_permissions app.on_fetched_item_projects += before_returning_item_permissions
app.on_fetched_item_projects += project_node_type_has_method
app.on_fetched_resource_projects += before_returning_resource_permissions app.on_fetched_resource_projects += before_returning_resource_permissions
def post_GET_user(request, payload): def post_GET_user(request, payload):

View File

@@ -1,3 +1,4 @@
import os
import requests import requests
from datetime import datetime from datetime import datetime
from datetime import timedelta from datetime import timedelta
@@ -5,9 +6,9 @@ from flask import g
from flask import request from flask import request
from flask import url_for from flask import url_for
from flask import abort from flask import abort
from eve.methods.post import post_internal
from eve.auth import TokenAuth from application import app
from eve.auth import BasicAuth
class SystemUtility(): class SystemUtility():
def __new__(cls, *args, **kwargs): def __new__(cls, *args, **kwargs):
@@ -135,12 +136,3 @@ def validate_token():
setattr(g, 'current_user', current_user) setattr(g, 'current_user', current_user)
class NewAuth(TokenAuth):
def check_auth(self, token, allowed_roles, resource, method):
if not token:
return False
else:
validate_token()
return True