def _on_get(self, req, resp, **kwargs):
if (not hasattr(self, 'no_auth_needed') or self.no_auth_needed
== False) and not check_permission(self, req, 'list'):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
try:
objects_list, total, page, per_page = self.get_objects_list(
req, self.model_class, **kwargs)
self.set_response(
resp,
responses.SuccessResponse(data={
'items':
self.scheme_class().dump(objects_list, many=True).data,
'total':
total,
'page':
page,
'per_page':
per_page
},
scheme=schemes.ObjectScheme))
except AttributeError as e:
self.set_response(
resp,
responses.AttributeNotExitsErrorResponse(
data=ATTRIBUTE_ERROR_RE.search(str(e)).group(1)))
except Exception as e:
log.error(e)
#self.set_response(resp, responses.OperationErrorResponse(data=errors.CommonErrors.DataError))
self.set_response(resp, OperationalError(e))
def on_patch(self, req, resp, **kwargs):
self.init_req(req)
kwargs = user_context(self, req, resp, **kwargs)
if not self.has_modify_operation: # pragma: no cover
return self.method_not_allowed_response(resp, 'PATCH')
if not check_permission(
self, req, 'modify',
self.get_object(resp, self.model_class, **kwargs)):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
try:
scheme = self.scheme_class_modify(
) if self.scheme_class_modify else self.scheme_class()
if self.check_request_data(req, resp, scheme):
if self.update_object(
req, resp, self.model_class, self.scheme_class_modify
if self.scheme_class_modify else self.scheme_class,
**kwargs):
data = self.get_object_data(resp, self.model_class,
self.scheme_class_get,
**kwargs)
if data:
self.set_response(
resp,
responses.SuccessResponseObjectInfo(data=data))
else:
self.set_response(resp,
responses.SuccessResponseJustOk())
except IntegrityError as e:
try:
msg = str(e).split('\n')[1].split(':')[1]
except:
msg = str(e)
self.set_response(resp, AlreadyExistsResponse(self.entity, msg))
except FkConstraintViolation as e:
self.set_response(
resp,
responses.FkConstraintViolationResponse(
data=errors.CommonErrors.get_fk_violation_error(
e.table_name, e.column_name, e.value)))
except ValidationError as e:
self.set_response(
resp, responses.ValidationErrorResponse(data=e.messages))
except NoResultFound:
self.set_response(resp, responses.ObjectNotFoundErrorResponse())
except Exception as e:
log.error(e)
#self.set_response(resp, responses.OperationErrorResponse(data=errors.CommonErrors.DataError))
self.set_response(resp, OperationalError(e))
def check_token(self, req, resp, resource, params):
if super(RbacMiddleware, self).check_token(req, resp, resource, params) and req.method != 'OPTIONS':
if hasattr(resource, 'acl'):
perm = resource.acl.is_allowed(resource, req.method.lower(), req.context.get('user'))
if not perm.check():
resource.set_response(
resp, responses.ForbiddenErrorResponse()
)
raise falcon.HTTPUnauthorized()
else:
return True
def on_post(self, req, resp, **kwargs):
self.init_req(req)
kwargs = user_context(self, req, resp, **kwargs)
self.apply_restrict_rules(req, kwargs)
scheme = self.scheme_class()
if not check_permission(self, req, 'create'):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
if self.check_request_data(req, resp, scheme):
try:
data = self.create_object(req, scheme, **kwargs)
self.set_response(
resp,
self.scheme_class.get_object_created_response(data=data))
self.after_create(data, req, resp, **kwargs)
except IntegrityError as e:
#self.set_response(resp, responses.AlreadyExistsResponse(
# data=errors.CommonErrors.get_already_exists_error(self.entity, self.unique_field))
#)
try:
msg = str(e).split('\n')[1].split(':')[1]
except:
msg = str(e)
self.set_response(resp,
AlreadyExistsResponse(self.entity, msg))
except FkConstraintViolation as e:
self.set_response(
resp,
responses.FkConstraintViolationResponse(
data=errors.CommonErrors.get_fk_violation_error(
e.table_name, e.fk_column_name, e.column_name,
e.value)))
except schemes.validate.ValidationError as e:
self.set_response(
resp, responses.ValidationErrorResponse(data=e.messages))
except DataError as e:
log.error(e)
#self.set_response(resp, responses.OperationErrorResponse(data=errors.CommonErrors.DataError))
self.set_response(resp, OperationalError(e))
except Exception as e:
log.error(e)
# self.set_response(resp, responses.OperationErrorResponse(data=errors.CommonErrors.DataError))
self.set_response(resp, OperationalError(e))
def proceed(self, req, resp, **kwargs):
if (not hasattr(self, 'no_auth_needed') or self.no_auth_needed == False) and \
not check_permission(self, req, self.action, self.get_object(resp, self.model_class, **kwargs)):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
try:
obj = self.get_object(resp, self.model_class, **kwargs)
if self.check_conditions(obj, self.pre_conditions,
lambda a, b: a == b):
if self.check_conditions(obj, self.pre_conditions_inverted,
lambda a, b: a != b):
if self.apply(obj, req, resp, **kwargs):
self.set_response(resp,
responses.SuccessResponseJustOk())
except FkConstraintViolation as e:
self.set_response(
resp,
responses.FkConstraintViolationResponse(
data=errors.CommonErrors.get_fk_violation_error(
e.table_name, e.column_name, e.value)))
except IntegrityError as e:
try:
msg = str(e).split('\n')[1].split(':')[1]
except:
msg = str(e)
self.set_response(resp, AlreadyExistsResponse(self.entity, msg))
return False
except PreConditionFailedException as e:
self.set_response(
resp,
responses.OperationErrorResponse(
data=errors.CommonErrors.get_pre_condition_failed_error(
e.message)))
except Exception as e:
self.set_response(resp, OperationalError(e))
def on_delete(self, req, resp, **kwargs):
self.init_req(req)
if not self.has_delete_operation: # pragma: no cover
return self.method_not_allowed_response(resp, 'DELETE')
obj = self.get_object(resp, self.model_class, **kwargs)
if not check_permission(self, req, 'delete', obj):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
kw = user_context(self, req, resp, **kwargs)
try:
self.before_delete(obj, req, resp, **kwargs)
except Exception as e:
self.set_response(resp, OperationalError(e))
return
try:
if self.delete_object(req, resp, self.model_class, **kwargs):
self.set_response(resp, responses.SuccessResponseJustOk())
except NoResultFound:
self.set_response(resp, responses.ObjectNotFoundErrorResponse())
def on_post(self, req, resp, **kwargs):
obj = self.get_object(resp, ObjectRevisionModel, **kwargs)
user = self.get_user(req)
if not check_permission('ObjectRevision', req, 'restore', obj) or (
hasattr(user, 'can_restore') and not user.can_restore(obj)):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
try:
if obj.restore(self.get_user(req)):
self.set_response(resp, responses.SuccessResponseJustOk())
except RestoreExceptionToRevisionWhereWasDeleted:
self.set_response(
resp,
responses.OperationErrorResponse(data=CantRestoreToDeleted))
except RestoreExceptionToCurrentRevision:
self.set_response(
resp,
responses.OperationErrorResponse(
data=CantRestoreToCurrentRevision))