def check_access_via_api(): frontend_name = request.headers.get('X-Frontend-Name') if frontend_name == settings.ADMIN_FRONTEND_NAME: return if request.endpoint is None: return method = request.method endpoint = request.endpoint username = g.auth.username message = ( 'Request this api is forbidden, please access huskar console instead') response = api_response(message=message, status='Forbidden') response.status_code = 403 action = 'fetch' if method in FETCH_METHOD_SET: action = 'fetch' trace_access(g.auth, endpoint, action, 'all') if allow_fetch_api(username, endpoint): return else: action = 'update' trace_access(g.auth, endpoint, action, 'all') if allow_update_api(username, endpoint): return trace_access(g.auth, endpoint, action, 'forbidden') return response
def handle_http_error(error): status = error.name.replace(u' ', '') description = error.description if isinstance(error, KeyError) and error.args: description = u'"%s" is required field.' % error.args[0] return api_response(status=status, message=description), error.code
def check_config_and_switch_read_only(): method = request.method view_args = request.view_args appid = view_args and view_args.get('application_name') response = api_response(message='Config and switch write inhibit', status="Forbidden") response.status_code = 403 if method in READ_METHOD_SET: return if request.endpoint not in config_and_switch_readonly_endpoints: return if appid and appid in settings.CONFIG_AND_SWITCH_READONLY_BLACKLIST: return response if switch.is_switched_on(SWITCH_ENABLE_CONFIG_AND_SWITCH_WRITE, True): return if appid and appid in settings.CONFIG_AND_SWITCH_READONLY_WHITELIST: return return response
def whoami(): if not g.auth: return '', 401 return api_response(data=dict(username=g.auth.username, is_application=g.auth.is_application, is_admin=g.auth.is_admin))
def post_list(): return api_response()
def this_is_okay(): return api_response()
def handle_marshmallow_validation_error(error): description = json.dumps(error.messages) return api_response(status='ValidationError', message=description), 400
def handle_huskar_api_error(error): status = error.__class__.__name__ description = ( next(iter(error.args), None) or getattr(error, 'message', None) or u'') return api_response(status=status, message=description), 400
def test_email(): deliver_email_safe(EmailTemplate.DEBUG, '*****@*****.**', {'foo': 't'}) return api_response()
def test_cache_control(): return api_response()
def test_etag(): return api_response(data={ '233': request.args.get('value', '666'), })