class Clinic(PostSchema):
__tablename__ = 'clinic'
id = fields.Integer(sqlfield=sql.Integer,
autoincrement=sql.Sequence('clinic_id_seq'),
read_only=True,
primary_key=True)
text = fields.String(sqlfield=sql.Text, default='clinicname')
owner = AutoSessionOwner()
workspace = AutoSessionSelectedWorkspace()
class Authed:
class permissions:
post = ['Owner']
class Private:
get_by = ['id', 'workspace', 'owner']
list_by = ['id', 'workspace', 'owner']
class permissions:
get = {'*': CheckedPermClause('self.owner = session.actor_id')}
list = {
'*': CheckedPermClause('self.workspace = session.workspace')
}
update = {
'Owner': CheckedPermClause('self.owner = session.actor_id')
}
class Meta:
def default_get_critera(request):
return {'owner': request.session.actor_id}
class AlterShieldedResource(PostSchema):
__tablename__ = 'otpshield_alt'
id = AutoSessionOwner(required=True, primary_key=True)
class Meta:
route_base = 'otpshield_alt'
class Authed:
class permissions:
post = '*'
class Shield:
post = {'Staff': 'otp', 'Doctor': 'sms'}
class OtpShieldedResourceMutliRoles(PostSchema):
__tablename__ = 'otpshield_multiroles'
id = AutoSessionOwner(unique=True, required=True, primary_key=True)
class Meta:
route_base = 'otpshield_multiroles'
class Authed:
class permissions:
post = '*'
class Shield:
post = {('Staff', 'Operator'): 'otp'}
class OtpShieldedResource(PostSchema):
__tablename__ = 'otpshield'
id = AutoSessionOwner(unique=True, required=True, primary_key=True)
class Meta:
route_base = 'otpshield'
class Authed:
class permissions:
post = '*'
class Shield:
post = {'*': 'otp'}
class OtpShieldedResourceOneRole(PostSchema):
__tablename__ = 'otpshield_onerole'
id = AutoSessionOwner(required=True, primary_key=True)
class Meta:
route_base = 'otpshield_onerole'
class Authed:
class permissions:
post = '*'
class Shield:
post = {
# 'Doctor': 'sms',
'Staff': 'otp'
}
class AutoPKResource(PostSchema):
__tablename__ = 'autopk'
actor = AutoSessionOwner(unique=True, required=True, primary_key=True)
var = fields.String(sqlfield=sql.String(200))
class Meta:
route_base = 'autopk'
class Authed:
get_by = ['actor', 'var']
class permissions:
post = ['*']
update = ['*']
get = ['*']
list = ['*']
delete = ['*']
class ExtraSearchFields(PostSchema):
__tablename__ = 'extrasearch'
id = fields.Integer(sqlfield=sql.Integer,
autoincrement=sql.Sequence('extrasearch_id_seq'),
read_only=True,
primary_key=True)
str1 = fields.String(sqlfield=sql.String(250), index=True, gist_index=True)
number = fields.Integer(sqlfield=sql.Integer)
date = Date()
autodatenow = AutoDateNow()
autodatetimenow = AutoDateTimeNow()
time = AutoTimeNow()
owner = AutoSessionOwner()
class Public:
get_by = [
'id', 'str1', 'number', 'date', 'autodatenow', 'autodatetimenow',
'time'
]
list_by = [
'id', 'str1', 'number', 'date', 'autodatenow', 'autodatetimenow',
'time'
]
class permissions:
read = {}
patch = {}
class Authed:
get_by = ['id', 'str1', 'number', 'date', 'time']
delete_by = ['id', 'str1', 'number', 'date', 'time']
class permissions:
post = ['*']
delete = ['*']
class Private:
class permissions:
put = {'*': CheckedPermClause('self.owner = session.actor_id')}
class Meta:
order_by = ['id', 'str1', 'number', 'date', 'time']
enable_extended_search = True
route_base = 'extrasearch'
class SameIDConstr(PostSchema):
__tablename__ = 'sameidconstr'
id = fields.Integer(sqlfield=sql.Integer,
autoincrement=sql.Sequence('sameidconstr_id_seq'),
read_only=True,
primary_key=True)
owner = AutoSessionOwner()
common = ForeignResource('sameidcommon.id',
required=True,
identity_constraint={
'self_col': 'owner',
'target_col': 'actor'
})
class Public:
class permissions:
allow_all = True
class Meta:
route_base = 'sameidconstr'
class ExpendableResource(PostSchema):
__tablename__ = 'expen'
id = fields.Integer(sqlfield=sql.Integer,
autoincrement=sql.Sequence('expen_id_seq'),
read_only=True,
primary_key=True)
owner = AutoSessionOwner()
class Meta:
route_base = 'expen'
class Private:
class permissions:
delete = {
'Owner': CheckedPermClause('self.owner = session.actor_id')
}
class Public:
class permissions:
post = {}
class PermClauseTester(PostSchema):
__tablename__ = 'permclausetester'
id = fields.Integer(sqlfield=sql.Integer,
autoincrement=sql.Sequence('permclause_id_seq'),
read_only=True,
primary_key=True)
owner = AutoSessionOwner()
int1 = fields.Integer(sqlfield=sql.Integer, required=True)
int2 = fields.Integer(sqlfield=sql.Integer)
flag = fields.String(sqlfield=sql.String(30))
class Authed:
class permissions:
post = ["*"]
class Private:
list_by = ['int1', 'int2', 'owner', 'id', 'flag']
get_by = ['int1', 'int2', 'owner', 'id', 'flag']
class permissions:
patch = {
'Owner':
CheckedPermClause('self.owner = session.actor_id')
& OpenPermClause('permclausetester.int1 >= 10')
| OpenPermClause('permclausetester.int2 < 20')
}
read = {
'Owner':
OpenPermClause('permclausetester.owner = {session.actor_id}')
& OpenPermClause('permclausetester.int1 >= %(int1)s')
| OpenPermClause('permclausetester.int2 < 10'),
}
list = {
'Staff':
OpenPermClause('permclausetester.int1 >= %(int1)s')
| OpenPermClause('permclausetester.flag is NULL')
}
class AccessLogging:
authed = '*'