def resolve_current_user(root, info) -> UserModel: user = info.context.user print('current user', user) if user.is_anonymous: raise GraphQLError('Authentication Failure: Not signed inauth') return user
def wrapper(self, info, **kwargs): return function(self, info, **kwargs) if kwargs.get( 'id') == info.context.user.id else GraphQLError( "You can't access that :(")
def resolve_me(self, info): user = info.context.user if user.is_anonymous: raise GraphQLError('Not logged in!') return user
def resolve_name(root, _info): raise GraphQLError(f'Cannot query field "{_info.field_name}"' f' on type "{_info.parent_type}".')
def resolve_role_by_field(self, info, field): user = info.context.user if not is_fieldadmin(user, field): raise GraphQLError('Unauthorized') return RoleModel.query.filter(RoleModel.field == field).all()
def validate_query_body(query) -> None: if not query or not isinstance(query, str): raise GraphQLError("The query must be a string.")
def validate_operation_name(operation_name) -> None: if operation_name is not None and not isinstance(operation_name, str): raise GraphQLError('"%s" is not a valid operation name.' % operation_name)
def create_rooms_update_delete_location(self, kwargs): admin_details = get_user_from_db() location = Location.query.filter_by(id=kwargs['location_id']).first() if admin_details.location != location.name: raise GraphQLError("You are not authorized to make changes in " + location.name) # noqa: E501
def verify_admin_location(self, location_id): admin_details = get_user_from_db() location = Location.query.filter_by(id=location_id).first() if admin_details.location != location.name: raise GraphQLError("You are not authorized to make changes in " + location.name)
def check_role_or_error(ws_id, role, error="Not permitted"): user = current_user_or_error() if not WorkspaceUserRole.find(ws_id=ws_id, user_id=user.id, role=role): raise GraphQLError(error)
def current_user_or_error(message="User not found"): user = _User.find_by_email(get_jwt_identity()) if not user: raise GraphQLError(message) return user
def resolve_operation(self, info, **kwargs): operation = self.operations.filter(id=int(kwargs["id"])).first() if operation: return operation raise GraphQLError('{"operation": "Does not exist"}')
def resolve_project(self, info, **kwargs): project = self.projects.filter(id=int(kwargs["id"])).first() if project: return project raise GraphQLError('{"project": "Does not exist"}')
def resolve_scheduleDetails(self, info, arguments): if not arguments["classId"]: return GraphQLError("Missing class id") def isInSchedule(scheduleList): """ Check if current time is in a certain timeframe """ if not scheduleList: return False latestSchedule = scheduleList[0] startTime = latestSchedule["startTime"] endTime = latestSchedule["endTime"] currentTime = datetime.now() # if the current time is before the latest shedule if currentTime < startTime: return True elif currentTime > startTime and currentTime < endTime: return True return False def getLine(line): """ Get current line. If there is no current line, get the next line """ day = datetime.now().weekday() counter = 0 while True: currentLine = db.schedule.find_one({ "line": line, "day": day_name[(day + counter) % 7] }) if currentLine: currentTime = datetime.now() + timedelta(days=counter) startHour, startMinute, startSecond = map( int, currentLine["startTime"].split(":")) finishHour, finishMinute, finishSecond = map( int, currentLine["endTime"].split(":")) startTime = datetime(currentTime.year, currentTime.month, currentTime.day, startHour, startMinute, startSecond) finishTime = datetime(currentTime.year, currentTime.month, currentTime.day, finishHour, finishMinute, finishSecond) if not (datetime.now() > finishTime): return { "line": line, "startTime": startTime, "endTime": finishTime } counter += 1 if (counter > 8): break # check if the current time is in the latest schedule details latestLine = list( db.scheduleDetails.find( { "line": arguments["line"], "classId": arguments["classId"] }, { "startTime": 1, "endTime": 1 }).sort('startTime', pymongo.DESCENDING).limit(1)) if isInSchedule(latestLine): # do something here latestLine = latestLine[0] return ScheduleDetailsSchema(_id=str(latestLine["_id"]), line=str(arguments["line"]), startTime=latestLine["startTime"], endTime=latestLine["endTime"], classId=str(arguments["classId"])) else: # get the start time and end time of the line lineData = getLine(arguments["line"]) studentList = db.classrooms.find_one( { "teacherId": arguments["teacherId"], "lineId": lineData["line"] }, {"students": 1}) if not studentList: return None studentsWithMarking = list( map( lambda student: dict( _id=student, inClass=False, minsLate=0), studentList["students"])) scheduleToSave = { "line": lineData["line"], "students": studentsWithMarking, "startTime": lineData["startTime"], "endTime": lineData["endTime"], "classId": arguments["classId"] } inserted_id = db.scheduleDetails.insert_one( scheduleToSave).inserted_id return ScheduleDetailsSchema(_id=str(inserted_id), line=str(arguments["line"]), startTime=lineData["startTime"], endTime=lineData["endTime"], classId=str(arguments["classId"])) return None
def resolve_generateError(self, info): return GraphQLError( 'Cannot query field "generateError" on type "User".')
def resolve_payments(self, info): _payments = PaymentModel.query.all() if not _payments: raise GraphQLError('No Payment found') return PaymentModel.query.all()
def validate_data(data: dict) -> None: if not isinstance(data, dict): raise GraphQLError("Operation data should be a JSON object") validate_query_body(data.get("query")) validate_variables(data.get("variables")) validate_operation_name(data.get("operationName"))
def mutate(self, info, id): try: Link.objects.get(id=id).delete() return DeleteLink(message=f"{id} is deleted") except Exception as e: raise GraphQLError(str(e))
def validate_variables(variables) -> None: if variables is not None and not isinstance(variables, dict): raise GraphQLError("Query variables must be a null or an object.")
async def execute( schema: GraphQLSchema, query: str, extensions: Sequence[Type[Extension]], execution_context: ExecutionContext, root_value: Any = None, context_value: Any = None, variable_values: Dict[str, Any] = None, additional_middlewares: List[Any] = None, operation_name: str = None, execution_context_class: Optional[Type[GraphQLExecutionContext]] = None, validate_queries: bool = True, ) -> ExecutionResult: extensions_runner = ExtensionsRunner( execution_context=execution_context, extensions=[ extension(execution_context=execution_context) for extension in extensions ], ) additional_middlewares = additional_middlewares or [] with extensions_runner.request(): # Note: In graphql-core the schema would be validated here but in # Strawberry we are validating it at initialisation time instead try: with extensions_runner.parsing(): document = parse(query) execution_context.graphql_document = document except GraphQLError as error: execution_context.errors = [error] return ExecutionResult( data=None, errors=[error], extensions=extensions_runner.get_extensions_results(), ) except Exception as error: # pragma: no cover error = GraphQLError(str(error), original_error=error) execution_context.errors = [error] return ExecutionResult( data=None, errors=[error], extensions=extensions_runner.get_extensions_results(), ) if validate_queries: with extensions_runner.validation(): validation_errors = validate(schema, document) if validation_errors: execution_context.errors = validation_errors return ExecutionResult(data=None, errors=validation_errors) result = original_execute( schema, document, root_value=root_value, middleware=extensions_runner.as_middleware_manager(*additional_middlewares), variable_values=variable_values, operation_name=operation_name, context_value=context_value, execution_context_class=execution_context_class, ) if isawaitable(result): result = await cast(Awaitable[GraphQLExecutionResult], result) execution_context.result = cast(GraphQLExecutionResult, result) result = cast(GraphQLExecutionResult, result) return ExecutionResult( data=result.data, errors=result.errors, extensions=extensions_runner.get_extensions_results(), )
def mutate(self, info, **parameters): success = False json_data = [] files_data = parameters['files_data'] project_name = parameters['project_name'].lower() for file_info in files_data: json_data.append({ 'fileName': file_info.get('fileName'), 'description': file_info.get('description'), 'uploadDate': str(datetime.now().replace(second=0, microsecond=0))[:-3], 'uploader': info.context.session['username'] }) uploaded_file = info.context.FILES.get('document', '') file_id = '{project}/{file_name}'.format(project=project_name, file_name=uploaded_file) try: file_size = 100 resources.validate_file_size(uploaded_file, file_size) except InvalidFileSize: raise GraphQLError('File exceeds the size limits') files = integrates_dao.get_project_attributes_dynamo( project_name, ['files']) project_files = files.get('files') if project_files: contains_repeated = [ f.get('fileName') for f in project_files if f.get('fileName') == uploaded_file.name ] if contains_repeated: raise GraphQLError('File already exist') else: # File is unique pass else: # Project doesn't have files pass if util.is_valid_file_name(uploaded_file): try: resources.upload_file_to_s3(uploaded_file, file_id) integrates_dao.add_list_resource_dynamo( 'FI_projects', 'project_name', project_name, json_data, 'files') user_email = info.context.session['username'] resources.send_mail(project_name, user_email, json_data, 'added', 'file') success = True except ErrorUploadingFileS3: raise GraphQLError('Error uploading file') if success: util.cloudwatch_log( info.context, 'Security: Added evidence files to \ {project} project succesfully'.format(project=project_name)) else: util.cloudwatch_log( info.context, 'Security: Attempted to add evidence files \ from {project} project'.format(project=project_name)) ret = AddFiles(success=success, resources=Resource(project_name)) util.invalidate_cache(project_name) return ret
def mutate(root, info, input_object): name = input_object.name comment = input_object.comment if (input_object.alive_test is not None and input_object.alive_test.lower() != 'scan config default'): # must be lower case to work; gsa sends lower case alive_test = get_alive_test_from_string(input_object.alive_test) else: alive_test = None if input_object.hosts is not None: hosts = [host.strip() for host in input_object.hosts.split(',')] else: hosts = None if input_object.exclude_hosts is not None: exclude_hosts = [ host.strip() for host in input_object.exclude_hosts.split(',') ] else: exclude_hosts = None if input_object.ssh_credential_id is not None: ssh_credential_id = str(input_object.ssh_credential_id) ssh_credential_port = input_object.ssh_credential_port else: ssh_credential_id = None ssh_credential_port = None if input_object.smb_credential_id is not None: smb_credential_id = str(input_object.smb_credential_id) else: smb_credential_id = None if input_object.snmp_credential_id is not None: snmp_credential_id = str(input_object.snmp_credential_id) else: snmp_credential_id = None if input_object.esxi_credential_id is not None: esxi_credential_id = str(input_object.esxi_credential_id) else: esxi_credential_id = None reverse_lookup_only = input_object.reverse_lookup_only reverse_lookup_unify = input_object.reverse_lookup_unify if (input_object.port_list_id is None and input_object.port_range is None): raise GraphQLError( "PortListID or PortRange field required.") from None if input_object.port_list_id is not None: port_list_id = str(input_object.port_list_id) else: port_list_id = None gmp = get_gmp(info) resp = gmp.create_target( name, alive_test=alive_test, hosts=hosts, exclude_hosts=exclude_hosts, comment=comment, ssh_credential_id=ssh_credential_id, ssh_credential_port=ssh_credential_port, smb_credential_id=smb_credential_id, snmp_credential_id=snmp_credential_id, esxi_credential_id=esxi_credential_id, reverse_lookup_only=reverse_lookup_only, reverse_lookup_unify=reverse_lookup_unify, port_list_id=port_list_id, port_range=input_object.port_range, ) return CreateTarget(target_id=resp.get('id'))
def resolve_statistic(self, info, **kwargs): user = info.context.user if user.is_anonymous: raise GraphQLError('Not logged in!') return user.statistics.first()
def __init_subclass_with_meta__( cls, _meta=None, model=None, permissions=None, login_required=None, only_fields=(), exclude_fields=(), optional_fields=(), required_fields=(), auto_context_fields={}, return_field_name=None, many_to_many_extras=None, foreign_key_extras=None, many_to_one_extras=None, one_to_one_extras=None, type_name=None, use_type_name=None, field_types=None, custom_fields=None, **kwargs, ): registry = get_global_registry() meta_registry = get_type_meta_registry() model_type = registry.get_type_for_model(model) if auto_context_fields is None: auto_context_fields = {} if many_to_one_extras is None: many_to_one_extras = {} if foreign_key_extras is None: foreign_key_extras = {} if many_to_many_extras is None: many_to_many_extras = {} if one_to_one_extras is None: one_to_one_extras = {} if custom_fields is None: custom_fields = {} assert model_type, f"Model type must be registered for model {model}" if not return_field_name: # Pluralize return_field_name = to_snake_case(model.__name__) + "s" if use_type_name: input_type_name = use_type_name InputType = registry.get_converted_field(input_type_name) if not InputType: raise GraphQLError( f"Could not find input type with name {input_type_name}" ) else: input_type_name = type_name or f"BatchUpdate{model.__name__}Input" model_fields = get_input_fields_for_model( model, only_fields, exclude_fields, tuple(auto_context_fields.keys()) + optional_fields, required_fields, many_to_many_extras, foreign_key_extras, many_to_one_extras, one_to_one_extras=one_to_one_extras, parent_type_name=input_type_name, field_types=field_types, ignore_primary_key=False, ) for name, field in custom_fields.items(): model_fields[name] = field InputType = type(input_type_name, (InputObjectType,), model_fields) # Register meta-data meta_registry.register( input_type_name, { "auto_context_fields": auto_context_fields or {}, "optional_fields": optional_fields, "required_fields": required_fields, "many_to_many_extras": many_to_many_extras, "many_to_one_extras": many_to_one_extras, "foreign_key_extras": foreign_key_extras, "one_to_one_extras": one_to_one_extras, "field_types": field_types or {}, }, ) registry.register_converted_field(input_type_name, InputType) arguments = OrderedDict(input=graphene.List(InputType, required=True)) output_fields = OrderedDict() output_fields[return_field_name] = graphene.List(model_type) if _meta is None: _meta = DjangoBatchUpdateMutationOptions(cls) _meta.model = model _meta.fields = yank_fields_from_attrs(output_fields, _as=graphene.Field) _meta.return_field_name = return_field_name _meta.optional_fields = optional_fields _meta.required_fields = required_fields _meta.permissions = permissions _meta.auto_context_fields = auto_context_fields _meta.many_to_many_extras = many_to_many_extras _meta.foreign_key_extras = foreign_key_extras _meta.many_to_one_extras = many_to_one_extras _meta.one_to_one_extras = one_to_one_extras _meta.field_types = field_types or {} _meta.InputType = InputType _meta.input_type_name = input_type_name _meta.login_required = login_required or ( _meta.permissions and len(_meta.permissions) > 0 ) super().__init_subclass_with_meta__(arguments=arguments, _meta=_meta, **kwargs)
def resolve_person(self, info, id, **kwargs): try: return Person.objects.get(pk=id) except ObjectDoesNotExist: raise GraphQLError('Please enter a valid id')
def follow(current_pk, pk): api = get_session(current_pk) if api.follow(pk): return FOLLOW_SUCCESS raise GraphQLError(FOLLOW_ERROR)
def wrapper(cls, root, info, **kwargs): print(kwargs.get('id'), info.context.user) return function(cls, root, info, ** kwargs) if info.context.user.id == kwargs.get( 'id') else GraphQLError("You can't access that :(")
def resolve_identify(self, info): user = info.context.user if user.is_anonymous: raise GraphQLError("Authentication Error") return user
def get(self, aggClient, argv): response = aggClient.sendCommand('getResult', argv) if response['status']: return self.generateResult(response['data']) else: raise GraphQLError(response['error'])
def get_user_or_raise(user_id): user = user_repo.get_user(user_id, raise_exception=False) if not user: raise GraphQLError("Not found") return user