Python PermissionRequiredの例

コード例 #1

ファイル: auth_view.py プロジェクト: takidog/announcements_service

class Ban:
    def __init__(self, auth_service: AuthService):
        self.auth_service = auth_service

    @falcon.before(PermissionRequired(permission_level=1))
    def on_get(self, req, resp):
        resp.body = json.dumps(self.auth_service.get_banned_list())
        resp.media = falcon.MEDIA_JSON
        resp.status = falcon.HTTP_200

    @falcon.before(PermissionRequired(permission_level=1))
    def on_post(self, req, resp):
        req_json = json.loads(req.bounded_stream.read(), encoding='utf-8')
        for key in req_json.keys():
            if key not in ["username"]:
                raise falcon.HTTPBadRequest(
                    description=f"{key}, key error, not in allow field.")
        if isinstance(req_json['username'], list):
            for username in req_json['username']:
                self.auth_service.ban_user(username)
            resp.status = falcon.HTTP_200
            return True
        if isinstance(req_json['username'], str):
            self.auth_service.ban_user(req_json['username'])
            resp.status = falcon.HTTP_200
            return True

        return True

    @falcon.before(PermissionRequired(permission_level=1))
    def on_delete(self, req, resp):
        req_json = json.loads(req.bounded_stream.read(), encoding='utf-8')
        for key in req_json.keys():
            if key not in ["username"]:
                raise falcon.HTTPBadRequest(
                    description=f"{key}, key error, not in allow field.")
        if isinstance(req_json['username'], list):
            for username in req_json['username']:
                self.auth_service.remove_banned(username)
            resp.status = falcon.HTTP_200
            return True
        if isinstance(req_json['username'], str):
            self.auth_service.remove_banned(req_json['username'])
            resp.status = falcon.HTTP_200
            return True

        return True

コード例 #2

ファイル: application_view.py プロジェクト: takidog/announcements_service

class ApplicationAction:
    def __init__(self, review_service: ReviewService):
        self.review_service = review_service

    @falcon.before(PermissionRequired(permission_level=1))
    def on_put(self, req, resp, application_id: str, action: str):

        if action == "approve":
            '/application/{application_id}/approve'
            'approve application by application_id'
            # If body is json
            body = req.bounded_stream.read()
            review_description = None
            if len(body) != 0:
                # If not json type, raise
                try:
                    req_json = json.loads(body, encoding='utf-8')
                except json.decoder.JSONDecodeError:
                    raise falcon.HTTPNotAcceptable
                except:
                    raise falcon.HTTPBadRequest
                review_description = req_json.get("reviewDescription", None)
            approve_status = self.review_service.approve_application(
                application_id,
                review_description=review_description
            )
            if approve_status is False:
                # Not found application
                raise falcon.HTTPNotFound()
            if isinstance(approve_status, int):
                resp.media = {
                    'id': approve_status
                }
                resp.status = falcon.HTTP_200
                return True
        elif action == "reject":
            '/application/{application_id}/reject'
            'reject application by application_id'

            req_json = json.loads(req.bounded_stream.read())

            reject_status = self.review_service.reject_application(
                application_id=application_id,
                review_description=req_json.get("description", None)
            )
            if reject_status is False:
                # Not found application
                raise falcon.HTTPNotFound()

            if reject_status:
                return True

        raise falcon.HTTPInternalServerError()

コード例 #3

ファイル: announcement_view.py プロジェクト: takidog/announcements_service

class AnnouncementsRemove:
    def __init__(self, cache_manager, announcement_service):
        self.cache_manager = cache_manager
        self.acs = announcement_service

    @falcon.before(PermissionRequired(permission_level=1))
    def on_delete(self, req, resp, announcement_id):
        result = self.acs.delete_announcement(announcement_id)
        if result is True:
            resp.media = {
                "id": announcement_id,
                "message": f"Remove success,id {announcement_id}."
            }
            self.cache_manager.clear_cache()
            resp.status = falcon.HTTP_200
            return True

        raise falcon.HTTPInternalServerError()

コード例 #4

ファイル: announcement_view.py プロジェクト: takidog/announcements_service

class AnnouncementsAdd:
    def __init__(self, cache_manager, announcement_service):
        self.cache_manager = cache_manager
        self.acs = announcement_service

    @falcon.before(PermissionRequired(permission_level=1))
    def on_post(self, req, resp):

        req_json = json.loads(req.bounded_stream.read(), encoding='utf-8')
        for key in req_json.keys():
            if key not in ANNOUNCEMENT_FIELD.keys():
                raise falcon.HTTPBadRequest(
                    description=f"{key}, key error, not in allow field.")

        result = self.acs.add_announcement(**req_json)
        if isinstance(result, int):
            resp.media = {'id': result}
            self.cache_manager.clear_cache()
            resp.status = falcon.HTTP_200
            return True
        elif result is False:
            raise falcon.HTTPBadRequest()
        raise falcon.HTTPInternalServerError()

コード例 #5

ファイル: application_view.py プロジェクト: takidog/announcements_service

class ApplicationById:
    def __init__(self, review_service: ReviewService):
        self.review_service = review_service

    @falcon.before(PermissionRequired(permission_level=1))
    def on_get(self, req, resp, application_id: str):
        '/application/{application_id}'

        resp.body = self.review_service.get_application_by_id(application_id)

        resp.media = falcon.MEDIA_JSON
        resp.status = falcon.HTTP_200
        return True

    def on_put(self, req, resp, application_id: str):
        '/application/{application_id}'
        'Update application info, not approve method.'

        jwt_payload = req.context['user']['user']
        if ALLOW_APPLICATION_OWNER_MODIFY \
                and jwt_payload['permission_level'] == 0:
            # If not owner or admin will raise falcon Error.
            only_owner_modify(
                review_service=self.review_service,
                application_id=application_id,
                applicant_username=jwt_payload['username']
            )

        req_json = json.loads(req.bounded_stream.read())
        for key in req_json.keys():
            if key not in ANNOUNCEMENT_FIELD.keys():
                raise falcon.HTTPBadRequest(
                    description=f"{key}, key error, not in allow field.")
        reslut = self.review_service.update_application(
            application_id=application_id, **req_json)
        if not isinstance(reslut, bool):
            raise falcon.HTTPBadRequest(
                description="Maybe request data not allow.")

        resp.media = {
            'application_id': application_id
        }
        resp.status = falcon.HTTP_200
        return True

    def on_delete(self, req, resp, application_id: str):
        '/application/{application_id}'
        'delete application by application_id'

        jwt_payload = req.context['user']['user']
        if ALLOW_APPLICATION_OWNER_MODIFY \
                and jwt_payload['permission_level'] == 0:

            only_owner_modify(
                review_service=self.review_service,
                application_id=application_id,
                applicant_username=jwt_payload['username']
            )

        delete_status = self.review_service.delete_application(application_id)

        if delete_status is False:
            falcon.HTTPNotFound()

        resp.status = falcon.HTTP_200
        return True