class Query(object): indicator = relay.Node.Field(IndicatorNode) all_indicators = DjangoFilterConnectionField( IndicatorNode, filterset_class=IndicatorFilter) datapoints_aggregation = graphene.List( DatapointsAggregationNode, groupBy=List(of_type=String), fields=List(of_type=String), orderBy=List(of_type=String), aggregation=List(of_type=String), geolocationTag__In=List(of_type=String), geolocationIso2__In=List(of_type=String), geolocationIso3__In=List(of_type=String), geolocationObjectId__In=List(of_type=String), geolocationContentObject__In=List(of_type=String), geolocationType__In=List(of_type=String), filterId__In=List(of_type=Int), indicatorFilterHeadingId__In=List(of_type=Int), date__In=List(of_type=String), filterName__In=List(of_type=String), indicatorName__In=List(of_type=String), indicatorId__In=List(of_type=Int), geolocationIso2__Is__Null=Boolean(), geolocationIso3__Is__Null=Boolean(), OR__Geolocation_Iso2__Is__Null=Boolean(), OR__Geolocation_Iso3__Is__Null=Boolean(), unique_indicator=Boolean(), indicator_file_accesibility=String(), geoJsonUrl=Boolean(), currentGeoJson=String()) all_filter_headings = DjangoFilterConnectionField( FilterHeadingsNode, filterset_class=FilterHeadingsFilter) all_data_points = DjangoFilterConnectionField( DatapointsNode, filterset_class=DatapointsFilter) all_filters = DjangoFilterConnectionField(FiltersNode, filterset_class=FiltersFilter) def resolve_datapoints_aggregation(self, context, **kwargs): return DatapointsAggregationNode().get_nodes(context, **kwargs)
def convert_form_field_to_boolean(field): return Boolean(description=field.help_text, required=True)
class CourseType(ObjectType): id = Int(required=True) title = String(required=True) mentor = String() active = Boolean() create_date = Date()
class ViolentEventSchema(ObjectType): event_id = String() violence = String() method = String() interrogation = Boolean() torture = Boolean() mistreatment = Boolean() press = Boolean() start_date_daily = Date() end_date_daily = Date() start_date_monthly = Date() end_date_monthly = Date() page = String() additional_comments = String() victims = List(VictimSchema) perpetrators = List(PerpetratorSchema) locations = List(LocationSchema) # TODO: firstlocation, lastlocation, def resolve_start_date_daily(self, info): # graphene does not support neotime.Date objects try: return date( self.start_date_daily.year, self.start_date_daily.month, self.start_date_daily.day, ) except Exception as e: return None def resolve_end_date_daily(self, info): # graphene does not support neotime.Date objects try: return date( self.end_date_daily.year, self.end_date_daily.month, self.end_date_daily.day, ) except Exception as e: return None def resolve_start_date_monthly(self, info): # graphene does not support neotime.Date objects try: return date( self.start_date_monthly.year, self.start_date_monthly.month, self.start_date_monthly.day, ) except Exception as e: return None def resolve_end_date_monthly(self, info): # graphene does not support neotime.Date objects try: return date( self.end_date_monthly.year, self.end_date_monthly.month, self.end_date_monthly.day, ) except Exception as e: return None def resolve_victims(self, info): return None def resolve_perpetrators(self, info): return None def resolve_locations(self, info): return None
class UpdateEvidence(Mutation): """ Update evidence files """ class Arguments(object): finding_id = String(required=True) id = String(required=True) # noqa pylint: disable=invalid-name success = Boolean() finding = Field(Finding) @require_login @require_role(['analyst', 'admin']) @require_finding_access_gql def mutate(self, info, **parameters): success = False uploaded_file = info.context.FILES.get('document', '') project_name = get_project_name(parameters.get('finding_id')).lower() if util.assert_uploaded_file_mime(uploaded_file, ['image/gif', 'image/png', 'text/x-python', 'text/x-objective-c', 'text/x-c', 'text/plain', 'text/html']): if evidence_exceeds_size(uploaded_file, int(parameters.get('id'))): util.cloudwatch_log(info.context, 'Security: Attempted to upload evidence file \ heavier than allowed in {project} project' .format(project=project_name)) raise GraphQLError('File exceeds the size limits') else: field_num = FindingDTO() fieldname = [ ['animation', field_num.ANIMATION], ['exploitation', field_num.EXPLOTATION], ['evidence_route_1', field_num.DOC_ACHV1], ['evidence_route_2', field_num.DOC_ACHV2], ['evidence_route_3', field_num.DOC_ACHV3], ['evidence_route_4', field_num.DOC_ACHV4], ['evidence_route_5', field_num.DOC_ACHV5], ['exploit', field_num.EXPLOIT], ['fileRecords', field_num.REG_FILE] ] file_id = '{project}/{finding_id}/{project}-{finding_id}'.format( project=project_name, finding_id=parameters.get('finding_id') ) migrate_all_files(parameters, file_id, info.context) success = update_file_to_s3(parameters, fieldname[int(parameters.get('id'))][1], fieldname[int(parameters.get('id'))][0], uploaded_file, file_id) else: util.cloudwatch_log(info.context, 'Security: Attempted to upload evidence file with a \ non-allowed format in {project} project' .format(project=project_name)) raise GraphQLError('Extension not allowed') ret = UpdateEvidence(success=success, finding=Finding(parameters.get('finding_id'))) util.invalidate_cache(parameters.get('finding_id')) return ret
class Device(ObjectType): """This class represent a device.""" name = String() state = String() connected = Boolean() properties = List(DeviceProperty, pattern=String()) attributes = List(DeviceAttribute, pattern=String()) commands = List(DeviceCommand, pattern=String()) server = Field(DeviceInfo) user_actions = List(UserAction, skip=Int(), first=Int()) device_class = String() # server = String() pid = Int() started_date = String() stopped_date = String() exported = Boolean() def resolve_user_actions(self, info, skip=None, first=None): result = user_actions.get(self.name) if skip: result = result[skip:] if first: result = result[:first] return result async def resolve_state(self, info): """This method fetch the state of the device. :return: State of the device. :rtype: str """ try: proxy = self._get_proxy() return await proxy.state() except (PyTango.DevFailed, PyTango.ConnectionFailed, PyTango.CommunicationFailed, PyTango.DeviceUnlocked): return "UNKNOWN" except Exception as e: return str(e) def resolve_properties(self, info, pattern="*"): """This method fetch the properties of the device. :param pattern: Pattern for filtering the result. Returns only properties that matches the pattern. :type pattern: str :return: List of properties for the device. :rtype: List of DeviceProperty """ #TODO:Db calls are not asynchronous in tango props = db.get_device_property_list(self.name, pattern) return [DeviceProperty(name=p, device=self.name) for p in props] async def resolve_attributes(self, info, pattern="*"): """This method fetch all the attributes and its' properties of a device. :param pattern: Pattern for filtering the result. Returns only properties that match the pattern. :type pattern: str :return: List of attributes of the device. :rtype: List of DeviceAttribute """ # TODO: Ensure that result is passed properly, refresh mutable # arguments copy or pointer ...? Tests are passing ... result = [] if await self._get_connected(): proxy = self._get_proxy() attr_infos = proxy.attribute_list_query() rule = re.compile(fnmatch.translate(pattern), re.IGNORECASE) sorted_info = sorted(attr_infos, key=attrgetter("name")) for attr_info in sorted_info: if rule.match(attr_info.name): result.append( DeviceAttribute( name=attr_info.name, device=self.name, )) return result async def resolve_commands(self, info, pattern="*"): """This method fetch all the commands of a device. :param pattern: Pattern for filtering of the result. Returns only commands that match the pattern. :type pattern: str :return: List of commands of the device. :rtype: List of DeviceCommand """ if await self._get_connected(): proxy = self._get_proxy() cmd_infos = proxy.command_list_query() rule = re.compile(fnmatch.translate(pattern), re.IGNORECASE) def create_device_command(cmd_info): return DeviceCommand(name=cmd_info.cmd_name, tag=cmd_info.cmd_tag, displevel=cmd_info.disp_level, intype=cmd_info.in_type, intypedesc=cmd_info.in_type_desc, outtype=cmd_info.out_type, outtypedesc=cmd_info.out_type_desc) return [ create_device_command(a) for a in sorted(cmd_infos, key=attrgetter("cmd_name")) if rule.match(a.cmd_name) ] else: return [] async def resolve_server(self, info): """ This method fetch the server infomation of a device. :return: List server info of a device. :rtype: List of DeviceInfo """ if await self._get_connected(): proxy = self._get_proxy() dev_info = proxy.info() return DeviceInfo(id=dev_info.server_id, host=dev_info.server_host) def resolve_exported(self, info): """ This method fetch the infomation about the device if it is exported or not. :return: True if exported, False otherwise. :rtype: bool """ return self._get_info().exported def resolve_device_class(self, info): return self._get_info().class_name def resolve_pid(self, info): return self._get_info().pid def resolve_started_date(self, info): return self._get_info().started_date def resolve_stopped_date(self, info): return self._get_info().stopped_date async def resolve_connected(self, info): return await self._get_connected() def _get_proxy(self): if not hasattr(self, "_proxy"): self._proxy = proxies.get(self.name) return self._proxy async def _get_connected(self): if not hasattr(self, "_connected"): try: proxy = self._get_proxy() await proxy.state() self._connected = True except (PyTango.DevFailed, PyTango.ConnectionFailed): self._connected = False return self._connected def _get_info(self): """This method fetch all the information of a device.""" if not hasattr(self, "_info"): self._info = db.get_device_info(self.name) return self._info
class ParticipantStats(RiotGrapheneObject): firstBloodAssist = Boolean() visionScore = Int() magicDamageDealtToChampions = Int() damageDealtToObjectives = Int() totalTimeCrowdControlDealt = Int() longestTimeSpentLiving = Int() perk1Var1 = Int() perk1Var3 = Int() perk1Var2 = Int() tripleKills = Int() perk3Var3 = Int() nodeNeutralizeAssist = Int() perk3Var2 = Int() playerScore9 = Int() playerScore8 = Int() kills = Int() playerScore1 = Int() playerScore0 = Int() playerScore3 = Int() playerScore2 = Int() playerScore5 = Int() playerScore4 = Int() playerScore7 = Int() playerScore6 = Int() perk5Var1 = Int() perk5Var3 = Int() perk5Var2 = Int() totalScoreRank = Int() neutralMinionsKilled = Int() damageDealtToTurrets = Int() physicalDamageDealtToChampions = Int() nodeCapture = Int() largestMultiKill = Int() perk2Var2 = Int() perk2Var3 = Int() totalUnitsHealed = Int() perk2Var1 = Int() perk4Var1 = Int() perk4Var2 = Int() perk4Var3 = Int() wardsKilled = Int() largestCriticalStrike = Int() largestKillingSpree = Int() quadraKills = Int() teamObjective = Int() magicDamageDealt = Int() item2 = Int() item3 = Int() item0 = Int() neutralMinionsKilledTeamJungle = Int() item6 = Int() item4 = Int() item5 = Int() perk1 = Int() perk0 = Int() perk3 = Int() perk2 = Int() perk5 = Int() perk4 = Int() perk3Var1 = Int() damageSelfMitigated = Int() magicalDamageTaken = Int() firstInhibitorKill = Boolean() trueDamageTaken = Int() nodeNeutralize = Int() assists = Int() combatPlayerScore = Int() perkPrimaryStyle = Int() goldSpent = Int() trueDamageDealt = Int() participantId = Int() totalDamageTaken = Int() physicalDamageDealt = Int() sightWardsBoughtInGame = Int() totalDamageDealtToChampions = Int() physicalDamageTaken = Int() totalPlayerScore = Int() win = Boolean() objectivePlayerScore = Int() totalDamageDealt = Int() item1 = Int() neutralMinionsKilledEnemyJungle = Int() deaths = Int() wardsPlaced = Int() perkSubStyle = Int() turretKills = Int() firstBloodKill = Boolean() trueDamageDealtToChampions = Int() goldEarned = Int() killingSprees = Int() unrealKills = Int() altarsCaptured = Int() firstTowerAssist = Boolean() firstTowerKill = Boolean() champLevel = Int() doubleKills = Int() nodeCaptureAssist = Int() inhibitorKills = Int() firstInhibitorAssist = Boolean() perk0Var1 = Int() perk0Var2 = Int() perk0Var3 = Int() visionWardsBoughtInGame = Int() altarsNeutralized = Int() pentaKills = Int() totalHeal = Int() totalMinionsKilled = Int() timeCCingOthers = Int()
class Query(ObjectType): all_reporters = DjangoFilterConnectionField(ReporterType, reverse_order=Boolean())
def convert_field_to_boolean(field, registry=None): return Boolean( description=get_field_description(field, registry), required=field._required, )
def convert_field_to_boolean(field, registry=None): return Boolean(description=get_django_field_description(field), required=not field.null)
class GoogleVerifyTokenType(ObjectType): token = String() verified = Boolean()
class UserTypeAuth(ObjectType): user_type = String() google_auth_enabled = Boolean()
class Query(object): account_note = Field(AccountNoteType, note_id=ID()) student = Field(StudentType, user_id=ID(), email=String()) school = Field(SchoolType, school_id=ID(), name=String()) parent = Field(ParentType, user_id=ID(), email=String()) instructor = Field(InstructorType, user_id=ID(), email=String()) admin = Field(AdminType, user_id=ID(), email=String()) user_info = Field(UserInfoType, user_id=ID(), user_name=String()) user_type = Field( UserTypeAuth, user_id=ID(), user_name=String(), admin_types=Boolean() ) email_from_token = Field(String, token=String()) verify_google_oauth = Field( GoogleVerifyTokenType, login_email=String(required=True), oauth_email=String(required=True), ) account_notes = List(AccountNoteType, user_id=ID(required=True)) students = List(StudentType, grade=ID()) schools = List(SchoolType, district=String()) parents = List(ParentType) instructors = List(InstructorType, subject=String()) admins = List(AdminType, admin_type=String()) user_infos = List(UserInfoType, user_ids=List(ID)) instructor_ooo = List(InstructorOutOfOfficeType, instructor_id=ID(required=True)) instructor_availability = List( InstructorAvailabilityType, instructor_id=ID(required=True) ) @login_required def resolve_account_note(self, info, **kwargs): note_id = kwargs.get("note_id") if note_id: return AccountNote.objects.get(id=note_id) return None @login_required def resolve_student(self, info, **kwargs): user_id = kwargs.get("user_id") email = kwargs.get("email") if user_id: return Student.objects.get(user=user_id) if email: return Student.objects.get(user__email=email) return None @login_required def resolve_school(self, info, **kwargs): school_id = kwargs.get("school_id") name = kwargs.get("name") if school_id: return School.objects.get(id=school_id) if name: return School.objects.get(name=name) return None @login_required def resolve_parent(self, info, **kwargs): user_id = kwargs.get("user_id") email = kwargs.get("email") if user_id: return Parent.objects.get(user=user_id) if email: return Parent.objects.get(user__email=email) return None @login_required def resolve_instructor(self, info, **kwargs): user_id = kwargs.get("user_id") email = kwargs.get("email") if user_id: return Instructor.objects.get(user=user_id) if email: return Instructor.objects.get(user__email=email) return None @login_required def resolve_admin(self, info, **kwargs): user_id = kwargs.get("user_id") email = kwargs.get("email") if user_id: return Admin.objects.get(user=user_id) if email: return Admin.objects.get(user__email=email) return None def resolve_user_type(self, info, **kwargs): user_id = kwargs.get("user_id") user_name = kwargs.get("user_name") admin_types = kwargs.get("admin_types") if user_name: if Student.objects.filter(user__email=user_name).exists(): return UserTypeAuth(user_type="STUDENT", google_auth_enabled=False) if Instructor.objects.filter(user__email=user_name).exists(): return UserTypeAuth(user_type="INSTRUCTOR", google_auth_enabled=False) if Parent.objects.filter(user__email=user_name).exists(): return UserTypeAuth(user_type="PARENT", google_auth_enabled=False) if Admin.objects.filter(user__email=user_name).exists(): admin = Admin.objects.get(user__email=user_name) if admin_types: return Admin.objects.get(user__email=user_name).admin_type.upper() return UserTypeAuth( user_type="ADMIN", google_auth_enabled=admin.google_auth_enabled ) if user_id: if Student.objects.filter(user=user_id).exists(): return UserTypeAuth(user_type="STUDENT", google_auth_enabled=False) if Instructor.objects.filter(user=user_id).exists(): return UserTypeAuth(user_type="INSTRUCTOR", google_auth_enabled=False) if Parent.objects.filter(user=user_id).exists(): return UserTypeAuth(user_type="PARENT", google_auth_enabled=False) if Admin.objects.filter(user=user_id).exists(): admin = Admin.objects.get(user__email=user_name) if admin_types: return UserTypeAuth( user_type=admin.admin_type.upper(), google_auth_enabled=admin.google_auth_enabled, ) return UserTypeAuth( user_type="ADMIN", google_auth_enabled=admin.google_auth_enabled ) return None @login_required def resolve_user_info(self, info, **kwargs): user_id = kwargs.get("user_id") user_name = kwargs.get("user_name") if user_name: if Student.objects.filter(user__email=user_name).exists(): return Student.objects.get(user__email=user_name) if Instructor.objects.filter(user__email=user_name).exists(): return Instructor.objects.get(user__email=user_name) if Parent.objects.filter(user__email=user_name).exists(): return Parent.objects.get(user__email=user_name) if Admin.objects.filter(user__email=user_name).exists(): return Admin.objects.get(user__email=user_name) if user_id: if Student.objects.filter(user=user_id).exists(): return Student.objects.get(user=user_id) if Instructor.objects.filter(user=user_id).exists(): return Instructor.objects.get(user=user_id) if Parent.objects.filter(user=user_id).exists(): return Parent.objects.get(user=user_id) if Admin.objects.filter(user=user_id).exists(): return Admin.objects.get(user=user_id) return None @login_required def resolve_account_notes(self, info, **kwargs): user_id = kwargs.get("user_id") return AccountNote.objects.filter(user=user_id) def resolve_students(self, info, **kwargs): grade = kwargs.get("grade") if grade: return Student.objects.filter(grade=grade) return Student.objects.all() @login_required def resolve_schools(self, info, **kwargs): district = kwargs.get("district") queryset = School.objects if district: queryset = queryset.filter(district=district) return queryset.all() @login_required def resolve_admins(self, info, **kwargs): admin_type = kwargs.get("admin_type") if admin_type: return Admin.objects.filter(admin_type=admin_type) return Admin.objects.all() @login_required def resolve_parents(self, info, **kwargs): return Parent.objects.all() @login_required def resolve_instructors(self, info, **kwargs): return Instructor.objects.all() @login_required def resolve_instructor_ooo(self, info, **kwargs): instructor_id = kwargs.get("instructor_id") return InstructorOutOfOffice.objects.filter(instructor=instructor_id) @login_required def resolve_instructor_availability(self, info, **kwargs): instructor_id = kwargs.get("instructor_id") return InstructorAvailability.objects.filter(instructor=instructor_id) def resolve_user_infos(self, info, user_ids): user_list = [] for user_id in user_ids: if Student.objects.filter(user=user_id).exists(): user_list.append(Student.objects.get(user=user_id)) if Instructor.objects.filter(user=user_id).exists(): user_list.append(Instructor.objects.get(user=user_id)) if Parent.objects.filter(user=user_id).exists(): user_list.append(Parent.objects.get(user=user_id)) if Admin.objects.filter(user=user_id).exists(): user_list.append(Admin.objects.get(user=user_id)) return user_list def resolve_email_from_token(self, info, token): return jwt.decode(token, settings.SECRET_KEY, algorithms=["HS256"])["email"] def resolve_verify_google_oauth(self, info, login_email, oauth_email): admin = Admin.objects.get(user__email=login_email) if admin.google_auth_email == oauth_email: encoded_jwt = jwt.encode( { "username": login_email, "origIat": int(datetime.utcnow().timestamp()), "exp": int((datetime.utcnow() + timedelta(minutes=5)).timestamp()), }, settings.SECRET_KEY, algorithm="HS256", ) return GoogleVerifyTokenType( token=encoded_jwt.decode("utf-8"), verified=True ) return GoogleVerifyTokenType(token="", verified=False)
def convert_column_to_boolean(type, column, registry=None): return Boolean(description=get_column_doc(column), required=not (is_column_nullable(column)))
def convert_form_field_to_nullboolean(field): return Boolean(description=field.help_text)
def convert_field_to_boolean(field, registry=None): return Boolean(description=field.help_text)
class FindingType(ObjectType): # noqa pylint: disable=too-many-instance-attributes id = String() # noqa pylint: disable=invalid-name success = Boolean() error_message = String() state = String() vulnerabilities = List(Vulnerability, vuln_type=String(), state=String()) open_vulnerabilities = Int() closed_vulnerabilities = Int() project_name = String() release_date = String() records = JSONString() tracking = List(GenericScalar) severity = GenericScalar() exploit = String() evidence = GenericScalar() comments = List(GenericScalar) observations = List(GenericScalar) report_level = String() title = String() scenario = String() actor = String() description = String() requirements = String() attack_vector_desc = String() threat = String() recommendation = String() affected_systems = String() compromised_attributes = String() compromised_records = Int() cwe_url = String() bts_url = String() kb_url = String() treatment = String() treatment_manager = String() treatment_justification = String() remediated = Boolean() type = String() cvss_version = String() age = Int() last_vulnerability = Int() severity_score = Float() is_exploitable = Boolean() report_date = String() where = String() # Additional attributes of detailed findings client_code = String() client_project = String() probability = Int() detailed_severity = Int() risk = String() risk_level = String() ambit = String() category = String() def __init__(self): super(FindingType, self).__init__() self.id = '' # noqa pylint: disable=invalid-name self.vulnerabilities = [] self.success = False self.error_message = '' self.open_vulnerabilities = 0 self.closed_vulnerabilities = 0 self.project_name = '' self.release_date = '' self.records = {} self.severity = {} self.tracking = [] self.comments = [] self.observations = [] self.report_level = '' self.title = '' self.scenario = '' self.actor = '' self.description = '' self.requirements = '' self.attack_vector_desc = '' self.threat = '' self.recommendation = '' self.affected_systems = '' self.compromised_attributes = '' self.compromised_records = 0 self.cwe_url = '' self.bts_url = '' self.treatment = '' self.treatment_manager = '' self.treatment_justification = '' self.type = '' self.cvss_version = '' self.exploit = '' self.age = 0 self.last_vulnerability = 0 self.severity_score = 0.0 self.is_exploitable = False self.remediated = '' self.report_date = '' self.where = ''
def convert_form_field_to_boolean(field): return Boolean(description=get_form_field_description(field), required=field.required)
class PageInfo(ObjectType): has_next_page = Boolean() offset = Int() page_size = Int(required=True)
def convert_form_field_to_nullboolean(field): return Boolean(description=get_form_field_description(field))
def convert_field_to_boolean(field, registry=None): """ Converts Mongoengine fields to Graphene Boolean type """ return Boolean(**get_data_from_field(field))
class EventParameter(Interface): id = ID() description = String() required = Boolean()
def convert_field_to_nullboolean(field, registry=None, input_flag=None, nested_fields=False): return Boolean(description=field.help_text or field.verbose_name, required=is_required(field) and input_flag == 'create')
class ResetVariables(Mutation): ok = Boolean() def mutate(root, info): reset_variables() return dict(ok=True)
class PerpetratorSchema(ObjectType): perpetrator_id = String() perpetrator_affiliation = String() perpetrator_affiliation_detail = String() war_tribunal = Boolean()
class Scenario(ObjectType): id = ID(required=True) label = String(required=True) description = String() active = Boolean(required=True)
def convert_field_to_boolean(field, registry=None): return Boolean(description=field.help_text, required=not field.null)
class SimulationResults(ObjectType): run_id = ID(required=True) finished = Boolean(required=True) end_date = String(required=True) predicted_metrics = Field(DailyMetrics, required=True)
class DjangoSerializerType(ObjectType): """ DjangoSerializerType definition """ ok = Boolean( description="Boolean field that return mutation result request.") errors = List(ErrorType, description="Errors list for the field") class Meta: abstract = True @classmethod def __init_subclass_with_meta__( cls, serializer_class=None, queryset=None, only_fields=(), include_fields=(), exclude_fields=(), pagination=None, input_field_name=None, output_field_name=None, results_field_name=None, nested_fields=(), filter_fields=None, description="", filterset_class=None, **options, ): if not serializer_class: raise Exception( "serializer_class is required on all ModelSerializerType") model = serializer_class.Meta.model description = description or "ModelSerializerType for {} model".format( model.__name__) input_field_name = input_field_name or "new_{}".format( model._meta.model_name) output_field_name = output_field_name or model._meta.model_name input_class = getattr(cls, "Arguments", None) if not input_class: input_class = getattr(cls, "Input", None) if input_class: warn_deprecation(( "Please use {name}.Arguments instead of {name}.Input." "Input is now only used in ClientMutationID.\nRead more: " "https://github.com/graphql-python/graphene/blob/2.0/UPGRADE-v2.0.md#mutation-input" ).format(name=cls.__name__)) if input_class: arguments = props(input_class) else: arguments = {} registry = get_global_registry() factory_kwargs = { "model": model, "only_fields": only_fields, "include_fields": include_fields, "exclude_fields": exclude_fields, "filter_fields": filter_fields, "pagination": pagination, "queryset": queryset, "nested_fields": nested_fields, "registry": registry, "skip_registry": False, "filterset_class": filterset_class, "results_field_name": results_field_name, } output_type = registry.get_type_for_model(model) if not output_type: output_type = factory_type("output", DjangoObjectType, **factory_kwargs) output_list_type = factory_type("list", DjangoListObjectType, **factory_kwargs) django_fields = OrderedDict({output_field_name: Field(output_type)}) global_arguments = {} for operation in ("create", "delete", "update"): global_arguments.update({operation: OrderedDict()}) if operation != "delete": input_type = registry.get_type_for_model(model, for_input=operation) if not input_type: # factory_kwargs.update({'skip_registry': True}) input_type = factory_type("input", DjangoInputObjectType, operation, **factory_kwargs) global_arguments[operation].update( {input_field_name: Argument(input_type, required=True)}) else: global_arguments[operation].update({ "id": Argument( ID, required=True, description="Django object unique identification field", ) }) global_arguments[operation].update(arguments) _meta = DjangoSerializerOptions(cls) _meta.mutation_output = cls _meta.arguments = global_arguments _meta.fields = django_fields _meta.output_type = output_type _meta.output_list_type = output_list_type _meta.model = model _meta.queryset = queryset or model._default_manager _meta.serializer_class = serializer_class _meta.input_field_name = input_field_name _meta.output_field_name = output_field_name _meta.nested_fields = nested_fields super(DjangoSerializerType, cls).__init_subclass_with_meta__(_meta=_meta, description=description, **options) @classmethod def list_object_type(cls): return cls._meta.output_list_type @classmethod def object_type(cls): return cls._meta.output_type @classmethod def get_errors(cls, errors): errors_dict = { cls._meta.output_field_name: None, "ok": False, "errors": errors } return cls(**errors_dict) @classmethod def perform_mutate(cls, obj, info): resp = {cls._meta.output_field_name: obj, "ok": True, "errors": None} return cls(**resp) @classmethod def get_serializer_kwargs(cls, root, info, **kwargs): return {} @classmethod def manage_nested_fields(cls, data, root, info): nested_objs = {} if cls._meta.nested_fields and type(cls._meta.nested_fields) == dict: for field in cls._meta.nested_fields: sub_data = data.pop(field, None) if sub_data: serialized_data = cls._meta.nested_fields[field]( data=sub_data, many=True if type(sub_data) == list else False) ok, result = cls.save(serialized_data, root, info) if not ok: return cls.get_errors(result) if type(sub_data) == list: nested_objs.update({field: result}) else: data.update({field: result.id}) return nested_objs @classmethod def create(cls, root, info, **kwargs): data = kwargs.get(cls._meta.input_field_name) request_type = info.context.META.get("CONTENT_TYPE", "") if "multipart/form-data" in request_type: data.update( {name: value for name, value in info.context.FILES.items()}) nested_objs = cls.manage_nested_fields(data, root, info) serializer = cls._meta.serializer_class(data=data, **cls.get_serializer_kwargs( root, info, **kwargs)) ok, obj = cls.save(serializer, root, info) if not ok: return cls.get_errors(obj) elif nested_objs: [ getattr(obj, field).add(*objs) for field, objs in nested_objs.items() ] return cls.perform_mutate(obj, info) @classmethod def delete(cls, root, info, **kwargs): pk = kwargs.get("id") old_obj = get_Object_or_None(cls._meta.model, pk=pk) if old_obj: old_obj.delete() old_obj.id = pk return cls.perform_mutate(old_obj, info) else: return cls.get_errors([ ErrorType( field="id", messages=[ "A {} obj with id {} do not exist".format( cls._meta.model.__name__, pk) ], ) ]) @classmethod def update(cls, root, info, **kwargs): data = kwargs.get(cls._meta.input_field_name) request_type = info.context.META.get("CONTENT_TYPE", "") if "multipart/form-data" in request_type: data.update( {name: value for name, value in info.context.FILES.items()}) pk = data.pop("id") old_obj = get_Object_or_None(cls._meta.model, pk=pk) if old_obj: nested_objs = cls.manage_nested_fields(data, root, info) serializer = cls._meta.serializer_class( old_obj, data=data, partial=True, **cls.get_serializer_kwargs(root, info, **kwargs), ) ok, obj = cls.save(serializer, root, info) if not ok: return cls.get_errors(obj) elif nested_objs: [ getattr(obj, field).add(*objs) for field, objs in nested_objs.items() ] return cls.perform_mutate(obj, info) else: return cls.get_errors([ ErrorType( field="id", messages=[ "A {} obj with id: {} do not exist".format( cls._meta.model.__name__, pk) ], ) ]) @classmethod def save(cls, serialized_obj, root, info, **kwargs): if serialized_obj.is_valid(): obj = serialized_obj.save() return True, obj else: errors = [ ErrorType(field=key, messages=value) for key, value in serialized_obj.errors.items() ] return False, errors @classmethod def retrieve(cls, manager, root, info, **kwargs): pk = kwargs.pop("id", None) try: return manager.get_queryset().get(pk=pk) except manager.model.DoesNotExist: return None @classmethod def list(cls, manager, filterset_class, filtering_args, root, info, **kwargs): qs = queryset_factory(cls._meta.queryset or manager, info.field_asts, info.fragments, **kwargs) filter_kwargs = { k: v for k, v in kwargs.items() if k in filtering_args } qs = filterset_class(data=filter_kwargs, queryset=qs).qs count = qs.count() return DjangoListObjectBase( count=count, results=maybe_queryset(qs), results_field_name=cls.list_object_type()._meta.results_field_name, ) @classmethod def RetrieveField(cls, *args, **kwargs): return DjangoObjectField(cls._meta.output_type, resolver=cls.retrieve, **kwargs) @classmethod def ListField(cls, *args, **kwargs): return DjangoListObjectField(cls._meta.output_list_type, resolver=cls.list, **kwargs) @classmethod def CreateField(cls, *args, **kwargs): return Field( cls._meta.mutation_output, args=cls._meta.arguments["create"], resolver=cls.create, **kwargs, ) @classmethod def DeleteField(cls, *args, **kwargs): return Field( cls._meta.mutation_output, args=cls._meta.arguments["delete"], resolver=cls.delete, **kwargs, ) @classmethod def UpdateField(cls, *args, **kwargs): return Field( cls._meta.mutation_output, args=cls._meta.arguments["update"], resolver=cls.update, **kwargs, ) @classmethod def QueryFields(cls, *args, **kwargs): retrieve_field = cls.RetrieveField(*args, **kwargs) list_field = cls.ListField(*args, **kwargs) return retrieve_field, list_field @classmethod def MutationFields(cls, *args, **kwargs): create_field = cls.CreateField(*args, **kwargs) delete_field = cls.DeleteField(*args, **kwargs) update_field = cls.UpdateField(*args, **kwargs) return create_field, delete_field, update_field
class EditUser(Mutation): """Edit user of a given project.""" class Arguments(): project_name = String(required=True) email = String(required=True) organization = String(required=True) responsibility = String(required=True) role = String(required=True) phone_number = String(required=True) modified_user = Field(User) success = Boolean() @require_login @enforce_authz @require_project_access def mutate(self, info, **query_args): project_name = query_args.get('project_name') success = False user_data = util.get_jwt_content(info.context) role = get_user_role(user_data) modified_user_data = { 'email': query_args.get('email'), 'organization': query_args.get('organization'), 'responsibility': query_args.get('responsibility'), 'role': query_args.get('role'), 'phone_number': query_args.get('phone_number') } if (role == 'admin' and modified_user_data['role'] in ['admin', 'analyst', 'customer', 'customeradmin']) \ or (is_customeradmin(project_name, user_data['user_email']) and modified_user_data['role'] in ['customer', 'customeradmin']): if user_domain.assign_role(modified_user_data['email'], modified_user_data['role']): modify_user_information(info.context, modified_user_data, project_name) success = True else: rollbar.report_message('Error: Couldn\'t update user role', 'error', info.context) else: rollbar.report_message( 'Error: Invalid role provided: ' + modified_user_data['role'], 'error', info.context) if success: util.invalidate_cache(project_name) util.invalidate_cache(query_args.get('email')) util.cloudwatch_log( info.context, 'Security: Modified user data:{user} \ in {project} project succesfully'.format( user=query_args.get('email'), project=project_name)) else: util.cloudwatch_log( info.context, 'Security: Attempted to modify user \ data:{user} in {project} project'.format( user=query_args.get('email'), project=project_name)) ret = \ EditUser(success=success, modified_user=User(project_name, modified_user_data['email'])) return ret