def init_app(app, **kwargs):
# pylint: disable=unused-argument,unused-variable
# Touch underlying modules
from . import models, routes # noqa
api.add_namespace(routes.ns)
def create_api(environment_name=None):
for namespace in NAMESPACES:
api.add_namespace(namespace)
app = Flask(__name__)
#app.config.from_object(config[environment_name])
app.config.from_object(Config)
CORS(app)
with app.app_context():
db.init_app(app)
db.create_all()
migrate.init_app(app, db)
api.init_app(app)
return app
def register_routes(app):
# Set URL rules for resources
app.add_url_rule('/', endpoint='index')
api.add_namespace(mines_api)
api.add_namespace(parties_api)
api.add_namespace(permits_api)
api.add_namespace(document_api)
api.add_namespace(document_manager_api)
# Healthcheck endpoint
@api.route('/health')
class Healthcheck(Resource):
def get(self):
return {'success': 'true'}
# Default error handler to propagate lower level errors up to the API level
@api.errorhandler
def default_error_handler(error):
_, value, traceback = sys.exc_info()
return json.loads({"error": str(traceback)})
def init_app(app):
from . import resources, models # noqa: F401
api.add_namespace(rewards_api)
def register_routes(app):
# Set URL rules for resources
app.add_url_rule('/', endpoint='index')
api.add_namespace(compliance_api)
api.add_namespace(mines_api)
api.add_namespace(parties_api)
api.add_namespace(download_token_api)
api.add_namespace(users_api)
api.add_namespace(search_api)
api.add_namespace(variances_api)
api.add_namespace(incidents_api)
api.add_namespace(reporting_api)
api.add_namespace(now_sub_api)
api.add_namespace(now_app_api)
api.add_namespace(exports_api)
api.add_namespace(doc_gen_api)
api.add_namespace(securities_api)
api.add_namespace(verify_api)
api.add_namespace(orgbook_api)
# Healthcheck endpoint
@api.route('/health')
class Healthcheck(Resource):
def get(self):
return {'status': 'pass'}
@api.errorhandler(AuthError)
def jwt_oidc_auth_error_handler(error):
app.logger.error(str(error))
app.logger.error('REQUEST\n' + str(request))
app.logger.error('HEADERS\n ' + str(request.headers))
return {
'status': getattr(error, 'status_code', 401),
'message': str(error),
}, getattr(error, 'status_code', 401)
@api.errorhandler(Forbidden)
def forbidden_error_handler(error):
app.logger.error(str(error))
app.logger.error('REQUEST\n' + str(request))
app.logger.error('HEADERS\n ' + str(request.headers))
return {
'status': getattr(error, 'status_code', 403),
'message': str(error),
}, getattr(error, 'status_code', 403)
@api.errorhandler(AssertionError)
def assertion_error_handler(error):
app.logger.error(str(error))
return {
'status': getattr(error, 'code', 400),
'message': str(error),
}, getattr(error, 'code', 400)
# Recursively add handler to every SQLAlchemy Error
def sqlalchemy_error_handler(error):
app.logger.error(str(error))
app.logger.error(type(error))
return {
'status': getattr(error, 'status_code', 400),
'message': str(error),
}, getattr(error, 'status_code', 400)
def _add_sqlalchemy_error_handlers(classname):
for subclass in classname.__subclasses__():
(api.errorhandler(subclass))(sqlalchemy_error_handler)
if len(subclass.__subclasses__()) != 0:
_add_sqlalchemy_error_handlers(subclass)
_add_sqlalchemy_error_handlers(SQLAlchemyError)
@api.errorhandler(Exception)
def default_error_handler(error):
app.logger.error(str(error))
return {
'status': getattr(error, 'code', 500),
'message': str(error),
}, getattr(error, 'code', 500)
return user_security.is_restricted()
@requires_any_of([VIEW_ALL, MINESPACE_PROPONENT])
def delete(self):
user_security = auth.get_current_user_security()
return user_security.is_restricted()
@requires_any_of([VIEW_ALL, MINESPACE_PROPONENT])
def put(self):
user_security = auth.get_current_user_security()
return user_security.is_restricted()
api = Namespace('authtest')
api.add_resource(DummyAuthResource, '')
app_api.add_namespace(api)
@pytest.fixture(scope="function")
def setup_info(db_session):
User._test_mode = False
auth.clear_cache()
MinespaceUserFactory(email_or_username='******')
yield
User._test_mode = True
# Test no role
def test_get_no_auth_user(test_client, db_session, auth_headers, setup_info):
def init_app(app):
from . import resources # noqa: F401
api.add_namespace(auth_api)
def register_routes(app):
# Set URL rules for resources
app.add_url_rule('/', endpoint='index')
api.add_namespace(mines_api)
api.add_namespace(parties_api)
api.add_namespace(permits_api)
api.add_namespace(document_api)
api.add_namespace(document_manager_api)
api.add_namespace(users_api)
api.add_namespace(applications_api)
api.add_namespace(search_api)
api.add_namespace(variances_api)
# Healthcheck endpoint
@api.route('/health')
class Healthcheck(Resource):
def get(self):
return {'success': 'true'}
@api.errorhandler(AuthError)
def jwt_oidc_auth_error_handler(error):
return {
'status': getattr(error, 'status_code', 401),
'message': str(error),
}, getattr(error, 'status_code', 401)
@api.errorhandler(AssertionError)
def assertion_error_handler(error):
return {
'status': getattr(error, 'code', 400),
'message': str(error),
}, getattr(error, 'code', 400)
@api.errorhandler(Exception)
def default_error_handler(error):
if getattr(error, 'code', 500) == 500:
current_app.logger.error(str(error))
return {
'status': getattr(error, 'code', 500),
'message': str(error),
}, getattr(error, 'code', 500)
def register_routes(app):
# Set URL rules for resources
app.add_url_rule('/', endpoint='index')
api.add_namespace(mines_api)
api.add_namespace(parties_api)
api.add_namespace(download_token_api)
api.add_namespace(users_api)
api.add_namespace(applications_api)
api.add_namespace(search_api)
api.add_namespace(variances_api)
api.add_namespace(incidents_api)
api.add_namespace(reporting_api)
api.add_namespace(now_api)
# Healthcheck endpoint
@api.route('/health')
class Healthcheck(Resource):
def get(self):
return {'success': 'true'}
@api.errorhandler(AuthError)
def jwt_oidc_auth_error_handler(error):
app.logger.error(str(error))
return {
'status': getattr(error, 'status_code', 401),
'message': str(error),
}, getattr(error, 'status_code', 401)
@api.errorhandler(AssertionError)
def assertion_error_handler(error):
app.logger.error(str(error))
return {
'status': getattr(error, 'code', 400),
'message': str(error),
}, getattr(error, 'code', 400)
# Recursively add handler to every SQLAlchemy Error
def sqlalchemy_error_handler(error):
app.logger.error(str(error))
return {
'status': getattr(error, 'status_code', 400),
'message': str('Invalid request.'),
}, getattr(error, 'status_code', 400)
def _add_sqlalchemy_error_handlers(classname):
for subclass in classname.__subclasses__():
(api.errorhandler(subclass))(sqlalchemy_error_handler)
if len(subclass.__subclasses__()) != 0:
_add_sqlalchemy_error_handlers(subclass)
_add_sqlalchemy_error_handlers(SQLAlchemyError)
@api.errorhandler(Exception)
def default_error_handler(error):
if getattr(error, 'code', 500) == 500:
app.logger.error(str(error))
return {
'status': getattr(error, 'code', 500),
'message': str(error),
}, getattr(error, 'code', 500)
# -*- coding: utf-8 -*-
# import json
# import requests
# from flask import Blueprint, current_app, g, request
from flask import Blueprint
from app import models as m # noqa
from app.extensions import api # noqa
from .adv import ns as adv_ns
from .category import ns as category_ns
from .conversion import ns as conversion_ns
from .offer import ns as offer_ns
# import jwt
from .user import ns as user_ns
from .domain import ns as domain_ns
bp = Blueprint('api', __name__, url_prefix='/api/v1.0')
api.add_namespace(ns=user_ns)
api.add_namespace(ns=category_ns)
api.add_namespace(ns=adv_ns)
api.add_namespace(ns=offer_ns)
api.add_namespace(ns=conversion_ns)
api.add_namespace(ns=domain_ns)
class DummyAuthResource(Resource):
api = Namespace('authtest')
api.add_resource(DummyAuthResource, '')
app_api.add_namespace(api)
@pytest.fixture(scope="function")
def setup_info(db_session):
User._test_mode = False
auth.clear_cache()
MinespaceUserFactory(email='*****@*****.**')
yield
User._test_mode = True
# Test no role
def test_get_no_auth_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.get('/authtest', headers={})
assert resp.status_code == 403
# Test view
def test_get_view_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.get('/authtest', headers=auth_headers['view_only_auth_header'])
assert json.loads(resp.data.decode()) == False
# Test proponent
def test_get_proponent_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.get('/authtest', headers=auth_headers['proponent_only_auth_header'])
assert json.loads(resp.data.decode()) == True
# Test no role
def test_put_no_auth_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.put('/authtest', headers={})
assert resp.status_code == 403
# Test view
def test_put_view_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.put('/authtest', headers=auth_headers['view_only_auth_header'])
assert json.loads(resp.data.decode()) == False
# Test proponent
def test_put_proponent_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.put('/authtest', headers=auth_headers['proponent_only_auth_header'])
assert json.loads(resp.data.decode()) == True
# Test no role
def test_post_no_auth_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.post('/authtest', headers={})
assert resp.status_code == 403
# Test view
def test_post_view_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.post('/authtest', headers=auth_headers['view_only_auth_header'])
assert json.loads(resp.data.decode()) == False
# Test proponent
def test_post_proponent_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.post('/authtest', headers=auth_headers['proponent_only_auth_header'])
assert json.loads(resp.data.decode()) == True
# Test no role
def test_delete_no_auth_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.delete('/authtest', headers={})
assert resp.status_code == 403
# Test view
def test_delete_view_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.delete('/authtest', headers=auth_headers['view_only_auth_header'])
assert json.loads(resp.data.decode()) == False
# Test proponent
def test_delete_proponent_auth_applies_user(test_client, db_session, auth_headers, setup_info):
resp = test_client.delete('/authtest', headers=auth_headers['proponent_only_auth_header'])
assert json.loads(resp.data.decode()) == True
def init_app(app):
from . import resources, models # noqa 401
api.add_namespace(restaurant_api)
def init_app(app):
from . import resources, models # noqa: F401
api.add_namespace(food_request_api)
def init_app(app):
from . import resources # noqa: 401
api.add_namespace(test_api)
def register_routes(app):
# Set URL rules for resources
app.add_url_rule('/', endpoint='index')
api.add_namespace(dsrp_settings_api)
api.add_namespace(exports_api)
api.add_namespace(application_api)
api.add_namespace(download_api)
api.add_namespace(permit_holder_api)
api.add_namespace(well_api)
api.add_namespace(liability_api)
api.add_namespace(orgbook_api)
api.add_namespace(authorization)
api.add_namespace(nominate_well_site_api)
# Healthcheck endpoint
@api.route('/health')
class Healthcheck(Resource):
def get(self):
return {'status': 'pass'}
@api.errorhandler(AuthError)
def jwt_oidc_auth_error_handler(error):
app.logger.error(str(error))
app.logger.error('REQUEST\n' + str(request))
app.logger.error('HEADERS\n ' + str(request.headers))
return {
'status': getattr(error, 'status_code', 401),
'message': str(error),
}, getattr(error, 'status_code', 401)
@api.errorhandler(Forbidden)
def forbidden_error_handler(error):
app.logger.error(str(error))
app.logger.error('REQUEST\n' + str(request))
app.logger.error('HEADERS\n ' + str(request.headers))
return {
'status': getattr(error, 'status_code', 403),
'message': str(error),
}, getattr(error, 'status_code', 403)
@api.errorhandler(AssertionError)
def assertion_error_handler(error):
app.logger.error(str(error))
app.logger.error('REQUEST\n' + str(request))
app.logger.error('HEADERS\n ' + str(request.headers))
return {
'status': getattr(error, 'code', 400),
'message': str(error),
}, getattr(error, 'code', 400)
# Recursively add handler to every SQLAlchemy Error
def sqlalchemy_error_handler(error):
app.logger.error(str(error))
app.logger.error(type(error))
return {
'status': getattr(error, 'status_code', 400),
'message': str(error),
}, getattr(error, 'status_code', 400)
def _add_sqlalchemy_error_handlers(classname):
for subclass in classname.__subclasses__():
(api.errorhandler(subclass))(sqlalchemy_error_handler)
if len(subclass.__subclasses__()) != 0:
_add_sqlalchemy_error_handlers(subclass)
_add_sqlalchemy_error_handlers(SQLAlchemyError)
@api.errorhandler(Exception)
def default_error_handler(error):
app.logger.error(str(error))
app.logger.error('REQUEST\n' + str(request))
app.logger.error('HEADERS\n ' + str(request.headers))
return {
'status': getattr(error, 'code', 500),
'message': str(error),
}, getattr(error, 'code', 500)
