class Clinic(PostSchema): __tablename__ = 'clinic' id = fields.Integer(sqlfield=sql.Integer, autoincrement=sql.Sequence('clinic_id_seq'), read_only=True, primary_key=True) text = fields.String(sqlfield=sql.Text, default='clinicname') owner = AutoSessionOwner() workspace = AutoSessionSelectedWorkspace() class Authed: class permissions: post = ['Owner'] class Private: get_by = ['id', 'workspace', 'owner'] list_by = ['id', 'workspace', 'owner'] class permissions: get = {'*': CheckedPermClause('self.owner = session.actor_id')} list = { '*': CheckedPermClause('self.workspace = session.workspace') } update = { 'Owner': CheckedPermClause('self.owner = session.actor_id') } class Meta: def default_get_critera(request): return {'owner': request.session.actor_id}
class AlterShieldedResource(PostSchema): __tablename__ = 'otpshield_alt' id = AutoSessionOwner(required=True, primary_key=True) class Meta: route_base = 'otpshield_alt' class Authed: class permissions: post = '*' class Shield: post = {'Staff': 'otp', 'Doctor': 'sms'}
class OtpShieldedResourceMutliRoles(PostSchema): __tablename__ = 'otpshield_multiroles' id = AutoSessionOwner(unique=True, required=True, primary_key=True) class Meta: route_base = 'otpshield_multiroles' class Authed: class permissions: post = '*' class Shield: post = {('Staff', 'Operator'): 'otp'}
class OtpShieldedResource(PostSchema): __tablename__ = 'otpshield' id = AutoSessionOwner(unique=True, required=True, primary_key=True) class Meta: route_base = 'otpshield' class Authed: class permissions: post = '*' class Shield: post = {'*': 'otp'}
class OtpShieldedResourceOneRole(PostSchema): __tablename__ = 'otpshield_onerole' id = AutoSessionOwner(required=True, primary_key=True) class Meta: route_base = 'otpshield_onerole' class Authed: class permissions: post = '*' class Shield: post = { # 'Doctor': 'sms', 'Staff': 'otp' }
class AutoPKResource(PostSchema): __tablename__ = 'autopk' actor = AutoSessionOwner(unique=True, required=True, primary_key=True) var = fields.String(sqlfield=sql.String(200)) class Meta: route_base = 'autopk' class Authed: get_by = ['actor', 'var'] class permissions: post = ['*'] update = ['*'] get = ['*'] list = ['*'] delete = ['*']
class ExtraSearchFields(PostSchema): __tablename__ = 'extrasearch' id = fields.Integer(sqlfield=sql.Integer, autoincrement=sql.Sequence('extrasearch_id_seq'), read_only=True, primary_key=True) str1 = fields.String(sqlfield=sql.String(250), index=True, gist_index=True) number = fields.Integer(sqlfield=sql.Integer) date = Date() autodatenow = AutoDateNow() autodatetimenow = AutoDateTimeNow() time = AutoTimeNow() owner = AutoSessionOwner() class Public: get_by = [ 'id', 'str1', 'number', 'date', 'autodatenow', 'autodatetimenow', 'time' ] list_by = [ 'id', 'str1', 'number', 'date', 'autodatenow', 'autodatetimenow', 'time' ] class permissions: read = {} patch = {} class Authed: get_by = ['id', 'str1', 'number', 'date', 'time'] delete_by = ['id', 'str1', 'number', 'date', 'time'] class permissions: post = ['*'] delete = ['*'] class Private: class permissions: put = {'*': CheckedPermClause('self.owner = session.actor_id')} class Meta: order_by = ['id', 'str1', 'number', 'date', 'time'] enable_extended_search = True route_base = 'extrasearch'
class SameIDConstr(PostSchema): __tablename__ = 'sameidconstr' id = fields.Integer(sqlfield=sql.Integer, autoincrement=sql.Sequence('sameidconstr_id_seq'), read_only=True, primary_key=True) owner = AutoSessionOwner() common = ForeignResource('sameidcommon.id', required=True, identity_constraint={ 'self_col': 'owner', 'target_col': 'actor' }) class Public: class permissions: allow_all = True class Meta: route_base = 'sameidconstr'
class ExpendableResource(PostSchema): __tablename__ = 'expen' id = fields.Integer(sqlfield=sql.Integer, autoincrement=sql.Sequence('expen_id_seq'), read_only=True, primary_key=True) owner = AutoSessionOwner() class Meta: route_base = 'expen' class Private: class permissions: delete = { 'Owner': CheckedPermClause('self.owner = session.actor_id') } class Public: class permissions: post = {}
class PermClauseTester(PostSchema): __tablename__ = 'permclausetester' id = fields.Integer(sqlfield=sql.Integer, autoincrement=sql.Sequence('permclause_id_seq'), read_only=True, primary_key=True) owner = AutoSessionOwner() int1 = fields.Integer(sqlfield=sql.Integer, required=True) int2 = fields.Integer(sqlfield=sql.Integer) flag = fields.String(sqlfield=sql.String(30)) class Authed: class permissions: post = ["*"] class Private: list_by = ['int1', 'int2', 'owner', 'id', 'flag'] get_by = ['int1', 'int2', 'owner', 'id', 'flag'] class permissions: patch = { 'Owner': CheckedPermClause('self.owner = session.actor_id') & OpenPermClause('permclausetester.int1 >= 10') | OpenPermClause('permclausetester.int2 < 20') } read = { 'Owner': OpenPermClause('permclausetester.owner = {session.actor_id}') & OpenPermClause('permclausetester.int1 >= %(int1)s') | OpenPermClause('permclausetester.int2 < 10'), } list = { 'Staff': OpenPermClause('permclausetester.int1 >= %(int1)s') | OpenPermClause('permclausetester.flag is NULL') } class AccessLogging: authed = '*'