class Client(ResourceModel):
identifiers = ['client_id']
GRANT_AUTHORIZATION_CODE = 'authorization_code'
GRANT_IMPLICIT = 'implicit'
GRANT_PASSWORD = '******'
GRANT_CLIENT_CREDENTIALS = 'client_credentials'
GRANT_TYPES = (
# (GRANT_AUTHORIZATION_CODE, _('Authorization code')),
# (GRANT_IMPLICIT, _('Implicit')),
(GRANT_PASSWORD, _('Resource owner password-based')),
(GRANT_CLIENT_CREDENTIALS, _('Client credentials')),
)
default_scopes = ['contrib']
client_id = db.UUIDField(unique=True, default=uuid.uuid4)
name = db.CharField(max_length=100)
user = db.ForeignKeyField(User)
client_secret = db.CharField(unique=True, max_length=55, index=True)
redirect_uris = db.ArrayField(db.CharField)
grant_type = db.CharField(choices=GRANT_TYPES)
is_confidential = db.BooleanField(default=False)
@property
def default_redirect_uri(self):
return self.redirect_uris[0] if self.redirect_uris else None
@property
def allowed_grant_types(self):
return [id for id, name in self.GRANT_TYPES]
class Anomaly(resource.ResourceModel):
__openapi__ = """
properties:
identifier:
type: string
description:
key/value pair for identifier.
. key = identifier name. e.g., 'id'.
. value = identifier value.
. key and value are separated by a ':'
"""
resource_fields = ['versions', 'kind', 'insee', 'created_at']
readonly_fields = (resource.ResourceModel.readonly_fields + ['created_at'])
versions = db.ManyToManyField(Version, related_name='_anomalies')
kind = db.CharField()
insee = db.CharField(length=5)
created_at = db.DateTimeField()
legitimate = db.BooleanField(default=False)
def save(self, *args, **kwargs):
if not self.created_at:
self.created_at = utcnow()
return super().save(*args, **kwargs)
def mark_deleted(self):
self.delete_instance()
class Client(ResourceModel):
identifiers = ['client_id']
resource_fields = ['name', 'user', 'scopes', 'contributor_types']
GRANT_CLIENT_CREDENTIALS = 'client_credentials'
GRANT_TYPES = ((GRANT_CLIENT_CREDENTIALS, _('Client credentials')), )
TYPE_IGN = 'ign'
TYPE_LAPOSTE = 'laposte'
TYPE_DGFIP = 'dgfip'
TYPE_ETALAB = 'etalab'
TYPE_OSM = 'osm'
TYPE_SDIS = 'sdis'
TYPE_MUNICIPAL = 'municipal_administration'
TYPE_ADMIN = 'admin'
TYPE_DEV = 'develop'
TYPE_INSEE = 'insee'
TYPE_VIEWER = 'viewer'
CONTRIBUTOR_TYPE = (TYPE_SDIS, TYPE_OSM, TYPE_LAPOSTE, TYPE_IGN,
TYPE_DGFIP, TYPE_ETALAB, TYPE_MUNICIPAL, TYPE_ADMIN,
TYPE_INSEE, TYPE_DEV, TYPE_VIEWER)
client_id = db.UUIDField(unique=True, default=uuid.uuid4)
name = db.CharField(max_length=100)
user = db.ForeignKeyField(User)
client_secret = db.CharField(unique=True, max_length=55)
redirect_uris = db.ArrayField(db.CharField)
grant_type = db.CharField(choices=GRANT_TYPES)
is_confidential = db.BooleanField(default=False)
contributor_types = db.ArrayField(db.CharField,
default=[TYPE_VIEWER],
null=True)
scopes = db.ArrayField(db.CharField, default=[], null=True)
@property
def default_redirect_uri(self):
return self.redirect_uris[0] if self.redirect_uris else None
@property
def allowed_grant_types(self):
return [id for id, name in self.GRANT_TYPES]
#Necessaire pour OAuth
@property
def default_scopes(self):
return self.scopes
def save(self, *args, **kwargs):
if not self.client_secret:
self.client_secret = generate_secret()
self.redirect_uris = ['http://localhost/authorize'] # FIXME
self.grant_type = self.GRANT_CLIENT_CREDENTIALS
if not self.contributor_types:
self.contributor_types = ['viewer']
super().save(*args, **kwargs)
class User(ResourceModel):
identifiers = ['email']
resource_fields = ['username', 'email', 'company']
username = db.CharField(max_length=100, index=True)
email = db.CharField(max_length=100, unique=True)
company = db.CharField(max_length=100, null=True)
is_staff = db.BooleanField(default=False, index=True)
auth = 1
class Meta:
database = db.database
def __str__(self):
return self.username
class Client(ResourceModel):
identifiers = ['client_id']
resource_fields = ['name', 'user']
GRANT_AUTHORIZATION_CODE = 'authorization_code'
GRANT_IMPLICIT = 'implicit'
GRANT_PASSWORD = '******'
GRANT_CLIENT_CREDENTIALS = 'client_credentials'
GRANT_TYPES = (
# (GRANT_AUTHORIZATION_CODE, _('Authorization code')),
# (GRANT_IMPLICIT, _('Implicit')),
(GRANT_PASSWORD, _('Resource owner password-based')),
(GRANT_CLIENT_CREDENTIALS, _('Client credentials')),
)
default_scopes = ['contrib']
FLAGS = ['ign', 'laposte', 'local_authority']
FLAG_IDS = tuple((i, i) for i in FLAGS) + (None, 'None')
client_id = db.UUIDField(unique=True, default=uuid.uuid4)
name = db.CharField(max_length=100)
user = db.ForeignKeyField(User)
client_secret = db.CharField(unique=True, max_length=55)
redirect_uris = db.ArrayField(db.CharField)
grant_type = db.CharField(choices=GRANT_TYPES)
is_confidential = db.BooleanField(default=False)
flag_id = db.CharField(choices=FLAG_IDS, default=None, null=True)
@property
def default_redirect_uri(self):
return self.redirect_uris[0] if self.redirect_uris else None
@property
def allowed_grant_types(self):
return [id for id, name in self.GRANT_TYPES]
def save(self, *args, **kwargs):
if not self.client_secret:
self.client_secret = generate_secret()
self.redirect_uris = ['http://localhost/authorize'] # FIXME
self.grant_type = self.GRANT_CLIENT_CREDENTIALS
super().save(*args, **kwargs)
class User(ResourceModel):
identifiers = ['email']
resource_fields = ['username', 'email', 'company']
username = db.CharField(max_length=100)
email = db.CharField(max_length=100, unique=True)
company = db.CharField(max_length=100, null=True)
# Allow null, because password is not a resource field, and thus cannot be
# passed to validators.
password = db.PasswordField(null=True)
is_staff = db.BooleanField(default=False)
class Meta:
database = db.default
def __str__(self):
return self.username
def set_password(self, password):
self.password = password
self.save()
def check_password(self, password):
return self.password.check_password(password)
