Python PermissionDenied Exemples, utils.errors.PermissionDenied Python Exemples

Exemple #1

0

Afficher le fichier

    def resolve_table_last_commit_timestamp(self, info, datastore_id, schema_name, table_name, **kwargs):
        """Retrieve the last time a table was modified.
        """
        get_kwargs = {
            'name__iexact': table_name,
            'schema__datastore_id': shortcuts.from_global_id(datastore_id, True),
            'schema__name__iexact': schema_name,
            'workspace': info.context.workspace,
        }

        table = shortcuts.get_object_or_404(models.Table, **get_kwargs)

        if not permissions.request_can_view_datastore(info, table.datastore):
            raise errors.PermissionDenied()

        ca_id = "table.last_commit.%s" % table.id
        value = cache.get(ca_id)

        if value is not None:
            return value

        value = (
            inspector.get_engine(table.datastore)
                     .get_last_commit_time_for_table(schema_name, table_name)
        )

        cache.set(ca_id, value, (15 * 60))

        return value

Exemple #2

0

Afficher le fichier

 def func_wrapper(self, info, *args, **kwargs):
     # We should not proceed if the user isn't authenticated.
     if not info.context.user.is_authenticated:
         raise errors.PermissionDenied()
     instance = func(self, info, *args, **kwargs)
     # Owners have super user power within a workspace.
     if info.context.user.is_owner(info.context.workspace.id):
         return instance
     # We grab the datastore with the helper function if needed. Example would
     # be when we return a table definition and need to get the related datastore.
     if callable(wrapper_fcn):
         datastore = wrapper_fcn(instance)
     else:
         datastore = instance
     # Use helper function to conduct datastore permission check.
     if not request_can_view_datastore(
             info, datastore, check_if_owner=False):
         raise errors.PermissionDenied()
     return instance

Exemple #3

0

Afficher le fichier

    def get_instance(cls, info, data):
        """It should check permissions as applicable.
        """
        is_owner = info.context.user.is_owner(info.context.workspace.pk)

        if not is_owner and not info.context.user.check_email(data['email']):
            raise errors.PermissionDenied()

        return models.Membership.objects.get(
            user_id=data['email'],
            workspace=info.context.workspace,
        )

Exemple #4

0

Afficher le fichier

    def resolve_schema_names_by_datastore(self, info, datastore_id, *args, **kwargs):
        """Retrieve a list of schema names for the provided datastore.
        """
        get_kwargs = {
            'workspace': info.context.workspace,
            'pk': shortcuts.from_global_id(datastore_id, True),
        }

        datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)

        if not permissions.request_can_view_datastore(info, datastore):
            raise errors.PermissionDenied()

        return sorted(datastore.schemas.values_list('name', flat=True))

Exemple #5

0

Afficher le fichier

    def resolve_run_history(self, info, datastore_id, *args, **kwargs):
        """Retrieve the last 30 active runs.
        """
        get_kwargs = {
            'workspace': info.context.workspace,
            'pk': shortcuts.from_global_id(datastore_id, True),
        }

        datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)

        if not definition_permissions.request_can_view_datastore(info, datastore):
            raise errors.PermissionDenied()

        return datastore.run_history.filter(started_at__isnull=False).order_by('-started_at').prefetch_related('errors')

Exemple #6

0

Afficher le fichier

    def resolve_table_names_by_schema(self, info, datastore_id, schema_name, **kwargs):
        """Retrieve a list of table names for the provided schema.
        """
        get_kwargs = {
            'name__iexact': schema_name,
            'datastore_id': shortcuts.from_global_id(datastore_id, True),
            'workspace': info.context.workspace,
        }

        schema = shortcuts.get_object_or_404(models.Schema, **get_kwargs)

        if not permissions.request_can_view_datastore(info, schema.datastore):
            raise errors.PermissionDenied()

        return sorted(schema.tables.values_list('name', flat=True))

Exemple #7

0

Afficher le fichier

    def get_serializer_kwargs(cls, root, info, **data):
        instance = cls.get_instance(info, data)

        if not instance:
            raise errors.PermissionDenied()

        return {
            "instance": instance,
            "data": {
                "user": shortcuts.from_global_id(data['user_id'],
                                                 id_only=True),
            },
            "context": {
                "request": info.context,
            },
        }

Exemple #8

0

Afficher le fichier

    def get_serializer_kwargs(cls, root, info, **data):
        """Retrieve appropriate objects for the transaction.
        """
        instance = cls.get_instance(info, data)

        if not instance:
            raise errors.PermissionDenied()

        return {
            "instance": instance,
            "data": {
                "object_permissions_enabled": not instance.object_permissions_enabled,
            },
            "context": {
                "request": info.context,
            },
        }

Exemple #9

0

Afficher le fichier

    def get_serializer_kwargs(cls, root, info, **data):
        """Retrieve appropriate objects for the transaction.
        """
        instance = cls.get_instance(info, data)

        if not instance or not instance.object_permissions_enabled:
            raise errors.PermissionDenied()

        return {
            "instance": instance,
            "data": {
                "content_object": cls.get_content_object(info, data["object_id"]),
                "privileges": data["privileges"],
            },
            "context": {
                "request": info.context,
            },
        }

Exemple #10

0

Afficher le fichier

    def resolve_datastore_assets(self, info, slug, search=None, *args, **kwargs):
        """Retrieve the assets for this datastore.
        """
        get_kwargs = {
            'workspace': info.context.workspace,
            'slug__iexact': slug,
        }

        datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)

        if not permissions.request_can_view_datastore(info, datastore):
            raise errors.PermissionDenied()

        queryset = models.Table.search_objects.execute(
            search=search,
            schema__datastore_id=datastore.id,
            deleted_at__isnull=True,
        )

        return queryset.order_by('schema__name', 'name')

Exemple #11

0

Afficher le fichier

    def resolve_workspace_users(self,
                                info,
                                workspace_id,
                                permissions=None,
                                active_only=False):
        """Retrieve team members of a Workspace that the current user belongs to.
        """
        _type, node_id = graphql_relay.from_global_id(workspace_id)

        if not info.context.user.permissions_for(node_id):
            raise errors.PermissionDenied()

        queryset = Membership.objects.filter(workspace_id=node_id)

        if permissions:
            queryset = queryset.filter(permissions__in=permissions)

        if active_only:
            queryset = queryset.filter(user__id__isnull=False)

        return queryset.distinct()

Exemple #12

0

Afficher le fichier

    def resolve_datastore_group_access_privileges(self, info, datastore_id):
        """Retrieve users and their permissions for the given datastore.
        """
        get_kwargs = {
            'workspace': info.context.workspace,
            'pk': shortcuts.from_global_id(datastore_id, True),
        }

        datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)

        if not permissions.request_can_view_datastore(info, datastore):
            raise errors.PermissionDenied()

        groups = get_groups_with_perms(
            obj=datastore,
            attach_perms=True,
        )

        return [
            {'name': group.name, 'privileges': privileges, 'pk': group.pk}
            for group, privileges in groups.items()
        ]

Exemple #13

0

Afficher le fichier

    def get_serializer_kwargs(cls, root, info, **data):
        """Transform input into serializer format.
        """
        instance = cls.get_instance(info, data)

        if not instance:
            raise errors.PermissionDenied()

        properties = {
            p['id']: p['value']
            for p in data['properties'] if 'id' in p
        }

        return {
            "instance": instance,
            "data": {
                "properties": properties,
            },
            "partial": True,
            "context": {
                "request": info.context,
            },
        }