def resolve_current_user(root, info) -> UserModel:
user = info.context.user
print('current user', user)
if user.is_anonymous:
raise GraphQLError('Authentication Failure: Not signed inauth')
return user
def wrapper(self, info, **kwargs):
return function(self, info, **kwargs) if kwargs.get(
'id') == info.context.user.id else GraphQLError(
"You can't access that :(")
def resolve_me(self, info):
user = info.context.user
if user.is_anonymous:
raise GraphQLError('Not logged in!')
return user
def resolve_name(root, _info):
raise GraphQLError(f'Cannot query field "{_info.field_name}"'
f' on type "{_info.parent_type}".')
def resolve_role_by_field(self, info, field):
user = info.context.user
if not is_fieldadmin(user, field):
raise GraphQLError('Unauthorized')
return RoleModel.query.filter(RoleModel.field == field).all()
def validate_query_body(query) -> None:
if not query or not isinstance(query, str):
raise GraphQLError("The query must be a string.")
def validate_operation_name(operation_name) -> None:
if operation_name is not None and not isinstance(operation_name, str):
raise GraphQLError('"%s" is not a valid operation name.' % operation_name)
def create_rooms_update_delete_location(self, kwargs):
admin_details = get_user_from_db()
location = Location.query.filter_by(id=kwargs['location_id']).first()
if admin_details.location != location.name:
raise GraphQLError("You are not authorized to make changes in " +
location.name) # noqa: E501
def verify_admin_location(self, location_id):
admin_details = get_user_from_db()
location = Location.query.filter_by(id=location_id).first()
if admin_details.location != location.name:
raise GraphQLError("You are not authorized to make changes in " +
location.name)
def check_role_or_error(ws_id, role, error="Not permitted"):
user = current_user_or_error()
if not WorkspaceUserRole.find(ws_id=ws_id, user_id=user.id, role=role):
raise GraphQLError(error)
def current_user_or_error(message="User not found"):
user = _User.find_by_email(get_jwt_identity())
if not user:
raise GraphQLError(message)
return user
def resolve_operation(self, info, **kwargs):
operation = self.operations.filter(id=int(kwargs["id"])).first()
if operation: return operation
raise GraphQLError('{"operation": "Does not exist"}')
def resolve_project(self, info, **kwargs):
project = self.projects.filter(id=int(kwargs["id"])).first()
if project: return project
raise GraphQLError('{"project": "Does not exist"}')
def resolve_scheduleDetails(self, info, arguments):
if not arguments["classId"]:
return GraphQLError("Missing class id")
def isInSchedule(scheduleList):
"""
Check if current time is in a certain timeframe
"""
if not scheduleList:
return False
latestSchedule = scheduleList[0]
startTime = latestSchedule["startTime"]
endTime = latestSchedule["endTime"]
currentTime = datetime.now()
# if the current time is before the latest shedule
if currentTime < startTime:
return True
elif currentTime > startTime and currentTime < endTime:
return True
return False
def getLine(line):
"""
Get current line.
If there is no current line, get the next line
"""
day = datetime.now().weekday()
counter = 0
while True:
currentLine = db.schedule.find_one({
"line":
line,
"day":
day_name[(day + counter) % 7]
})
if currentLine:
currentTime = datetime.now() + timedelta(days=counter)
startHour, startMinute, startSecond = map(
int, currentLine["startTime"].split(":"))
finishHour, finishMinute, finishSecond = map(
int, currentLine["endTime"].split(":"))
startTime = datetime(currentTime.year, currentTime.month,
currentTime.day, startHour,
startMinute, startSecond)
finishTime = datetime(currentTime.year, currentTime.month,
currentTime.day, finishHour,
finishMinute, finishSecond)
if not (datetime.now() > finishTime):
return {
"line": line,
"startTime": startTime,
"endTime": finishTime
}
counter += 1
if (counter > 8):
break
# check if the current time is in the latest schedule details
latestLine = list(
db.scheduleDetails.find(
{
"line": arguments["line"],
"classId": arguments["classId"]
}, {
"startTime": 1,
"endTime": 1
}).sort('startTime', pymongo.DESCENDING).limit(1))
if isInSchedule(latestLine):
# do something here
latestLine = latestLine[0]
return ScheduleDetailsSchema(_id=str(latestLine["_id"]),
line=str(arguments["line"]),
startTime=latestLine["startTime"],
endTime=latestLine["endTime"],
classId=str(arguments["classId"]))
else:
# get the start time and end time of the line
lineData = getLine(arguments["line"])
studentList = db.classrooms.find_one(
{
"teacherId": arguments["teacherId"],
"lineId": lineData["line"]
}, {"students": 1})
if not studentList:
return None
studentsWithMarking = list(
map(
lambda student: dict(
_id=student, inClass=False, minsLate=0),
studentList["students"]))
scheduleToSave = {
"line": lineData["line"],
"students": studentsWithMarking,
"startTime": lineData["startTime"],
"endTime": lineData["endTime"],
"classId": arguments["classId"]
}
inserted_id = db.scheduleDetails.insert_one(
scheduleToSave).inserted_id
return ScheduleDetailsSchema(_id=str(inserted_id),
line=str(arguments["line"]),
startTime=lineData["startTime"],
endTime=lineData["endTime"],
classId=str(arguments["classId"]))
return None
def resolve_generateError(self, info):
return GraphQLError(
'Cannot query field "generateError" on type "User".')
def resolve_payments(self, info):
_payments = PaymentModel.query.all()
if not _payments:
raise GraphQLError('No Payment found')
return PaymentModel.query.all()
def validate_data(data: dict) -> None:
if not isinstance(data, dict):
raise GraphQLError("Operation data should be a JSON object")
validate_query_body(data.get("query"))
validate_variables(data.get("variables"))
validate_operation_name(data.get("operationName"))
def mutate(self, info, id):
try:
Link.objects.get(id=id).delete()
return DeleteLink(message=f"{id} is deleted")
except Exception as e:
raise GraphQLError(str(e))
def validate_variables(variables) -> None:
if variables is not None and not isinstance(variables, dict):
raise GraphQLError("Query variables must be a null or an object.")
async def execute(
schema: GraphQLSchema,
query: str,
extensions: Sequence[Type[Extension]],
execution_context: ExecutionContext,
root_value: Any = None,
context_value: Any = None,
variable_values: Dict[str, Any] = None,
additional_middlewares: List[Any] = None,
operation_name: str = None,
execution_context_class: Optional[Type[GraphQLExecutionContext]] = None,
validate_queries: bool = True,
) -> ExecutionResult:
extensions_runner = ExtensionsRunner(
execution_context=execution_context,
extensions=[
extension(execution_context=execution_context) for extension in extensions
],
)
additional_middlewares = additional_middlewares or []
with extensions_runner.request():
# Note: In graphql-core the schema would be validated here but in
# Strawberry we are validating it at initialisation time instead
try:
with extensions_runner.parsing():
document = parse(query)
execution_context.graphql_document = document
except GraphQLError as error:
execution_context.errors = [error]
return ExecutionResult(
data=None,
errors=[error],
extensions=extensions_runner.get_extensions_results(),
)
except Exception as error: # pragma: no cover
error = GraphQLError(str(error), original_error=error)
execution_context.errors = [error]
return ExecutionResult(
data=None,
errors=[error],
extensions=extensions_runner.get_extensions_results(),
)
if validate_queries:
with extensions_runner.validation():
validation_errors = validate(schema, document)
if validation_errors:
execution_context.errors = validation_errors
return ExecutionResult(data=None, errors=validation_errors)
result = original_execute(
schema,
document,
root_value=root_value,
middleware=extensions_runner.as_middleware_manager(*additional_middlewares),
variable_values=variable_values,
operation_name=operation_name,
context_value=context_value,
execution_context_class=execution_context_class,
)
if isawaitable(result):
result = await cast(Awaitable[GraphQLExecutionResult], result)
execution_context.result = cast(GraphQLExecutionResult, result)
result = cast(GraphQLExecutionResult, result)
return ExecutionResult(
data=result.data,
errors=result.errors,
extensions=extensions_runner.get_extensions_results(),
)
def mutate(self, info, **parameters):
success = False
json_data = []
files_data = parameters['files_data']
project_name = parameters['project_name'].lower()
for file_info in files_data:
json_data.append({
'fileName':
file_info.get('fileName'),
'description':
file_info.get('description'),
'uploadDate':
str(datetime.now().replace(second=0, microsecond=0))[:-3],
'uploader':
info.context.session['username']
})
uploaded_file = info.context.FILES.get('document', '')
file_id = '{project}/{file_name}'.format(project=project_name,
file_name=uploaded_file)
try:
file_size = 100
resources.validate_file_size(uploaded_file, file_size)
except InvalidFileSize:
raise GraphQLError('File exceeds the size limits')
files = integrates_dao.get_project_attributes_dynamo(
project_name, ['files'])
project_files = files.get('files')
if project_files:
contains_repeated = [
f.get('fileName') for f in project_files
if f.get('fileName') == uploaded_file.name
]
if contains_repeated:
raise GraphQLError('File already exist')
else:
# File is unique
pass
else:
# Project doesn't have files
pass
if util.is_valid_file_name(uploaded_file):
try:
resources.upload_file_to_s3(uploaded_file, file_id)
integrates_dao.add_list_resource_dynamo(
'FI_projects', 'project_name', project_name, json_data,
'files')
user_email = info.context.session['username']
resources.send_mail(project_name, user_email, json_data,
'added', 'file')
success = True
except ErrorUploadingFileS3:
raise GraphQLError('Error uploading file')
if success:
util.cloudwatch_log(
info.context, 'Security: Added evidence files to \
{project} project succesfully'.format(project=project_name))
else:
util.cloudwatch_log(
info.context, 'Security: Attempted to add evidence files \
from {project} project'.format(project=project_name))
ret = AddFiles(success=success, resources=Resource(project_name))
util.invalidate_cache(project_name)
return ret
def mutate(root, info, input_object):
name = input_object.name
comment = input_object.comment
if (input_object.alive_test is not None
and input_object.alive_test.lower() != 'scan config default'):
# must be lower case to work; gsa sends lower case
alive_test = get_alive_test_from_string(input_object.alive_test)
else:
alive_test = None
if input_object.hosts is not None:
hosts = [host.strip() for host in input_object.hosts.split(',')]
else:
hosts = None
if input_object.exclude_hosts is not None:
exclude_hosts = [
host.strip() for host in input_object.exclude_hosts.split(',')
]
else:
exclude_hosts = None
if input_object.ssh_credential_id is not None:
ssh_credential_id = str(input_object.ssh_credential_id)
ssh_credential_port = input_object.ssh_credential_port
else:
ssh_credential_id = None
ssh_credential_port = None
if input_object.smb_credential_id is not None:
smb_credential_id = str(input_object.smb_credential_id)
else:
smb_credential_id = None
if input_object.snmp_credential_id is not None:
snmp_credential_id = str(input_object.snmp_credential_id)
else:
snmp_credential_id = None
if input_object.esxi_credential_id is not None:
esxi_credential_id = str(input_object.esxi_credential_id)
else:
esxi_credential_id = None
reverse_lookup_only = input_object.reverse_lookup_only
reverse_lookup_unify = input_object.reverse_lookup_unify
if (input_object.port_list_id is None
and input_object.port_range is None):
raise GraphQLError(
"PortListID or PortRange field required.") from None
if input_object.port_list_id is not None:
port_list_id = str(input_object.port_list_id)
else:
port_list_id = None
gmp = get_gmp(info)
resp = gmp.create_target(
name,
alive_test=alive_test,
hosts=hosts,
exclude_hosts=exclude_hosts,
comment=comment,
ssh_credential_id=ssh_credential_id,
ssh_credential_port=ssh_credential_port,
smb_credential_id=smb_credential_id,
snmp_credential_id=snmp_credential_id,
esxi_credential_id=esxi_credential_id,
reverse_lookup_only=reverse_lookup_only,
reverse_lookup_unify=reverse_lookup_unify,
port_list_id=port_list_id,
port_range=input_object.port_range,
)
return CreateTarget(target_id=resp.get('id'))
def resolve_statistic(self, info, **kwargs):
user = info.context.user
if user.is_anonymous:
raise GraphQLError('Not logged in!')
return user.statistics.first()
def __init_subclass_with_meta__(
cls,
_meta=None,
model=None,
permissions=None,
login_required=None,
only_fields=(),
exclude_fields=(),
optional_fields=(),
required_fields=(),
auto_context_fields={},
return_field_name=None,
many_to_many_extras=None,
foreign_key_extras=None,
many_to_one_extras=None,
one_to_one_extras=None,
type_name=None,
use_type_name=None,
field_types=None,
custom_fields=None,
**kwargs,
):
registry = get_global_registry()
meta_registry = get_type_meta_registry()
model_type = registry.get_type_for_model(model)
if auto_context_fields is None:
auto_context_fields = {}
if many_to_one_extras is None:
many_to_one_extras = {}
if foreign_key_extras is None:
foreign_key_extras = {}
if many_to_many_extras is None:
many_to_many_extras = {}
if one_to_one_extras is None:
one_to_one_extras = {}
if custom_fields is None:
custom_fields = {}
assert model_type, f"Model type must be registered for model {model}"
if not return_field_name:
# Pluralize
return_field_name = to_snake_case(model.__name__) + "s"
if use_type_name:
input_type_name = use_type_name
InputType = registry.get_converted_field(input_type_name)
if not InputType:
raise GraphQLError(
f"Could not find input type with name {input_type_name}"
)
else:
input_type_name = type_name or f"BatchUpdate{model.__name__}Input"
model_fields = get_input_fields_for_model(
model,
only_fields,
exclude_fields,
tuple(auto_context_fields.keys()) + optional_fields,
required_fields,
many_to_many_extras,
foreign_key_extras,
many_to_one_extras,
one_to_one_extras=one_to_one_extras,
parent_type_name=input_type_name,
field_types=field_types,
ignore_primary_key=False,
)
for name, field in custom_fields.items():
model_fields[name] = field
InputType = type(input_type_name, (InputObjectType,), model_fields)
# Register meta-data
meta_registry.register(
input_type_name,
{
"auto_context_fields": auto_context_fields or {},
"optional_fields": optional_fields,
"required_fields": required_fields,
"many_to_many_extras": many_to_many_extras,
"many_to_one_extras": many_to_one_extras,
"foreign_key_extras": foreign_key_extras,
"one_to_one_extras": one_to_one_extras,
"field_types": field_types or {},
},
)
registry.register_converted_field(input_type_name, InputType)
arguments = OrderedDict(input=graphene.List(InputType, required=True))
output_fields = OrderedDict()
output_fields[return_field_name] = graphene.List(model_type)
if _meta is None:
_meta = DjangoBatchUpdateMutationOptions(cls)
_meta.model = model
_meta.fields = yank_fields_from_attrs(output_fields, _as=graphene.Field)
_meta.return_field_name = return_field_name
_meta.optional_fields = optional_fields
_meta.required_fields = required_fields
_meta.permissions = permissions
_meta.auto_context_fields = auto_context_fields
_meta.many_to_many_extras = many_to_many_extras
_meta.foreign_key_extras = foreign_key_extras
_meta.many_to_one_extras = many_to_one_extras
_meta.one_to_one_extras = one_to_one_extras
_meta.field_types = field_types or {}
_meta.InputType = InputType
_meta.input_type_name = input_type_name
_meta.login_required = login_required or (
_meta.permissions and len(_meta.permissions) > 0
)
super().__init_subclass_with_meta__(arguments=arguments, _meta=_meta, **kwargs)
def resolve_person(self, info, id, **kwargs):
try:
return Person.objects.get(pk=id)
except ObjectDoesNotExist:
raise GraphQLError('Please enter a valid id')
def follow(current_pk, pk):
api = get_session(current_pk)
if api.follow(pk):
return FOLLOW_SUCCESS
raise GraphQLError(FOLLOW_ERROR)
def wrapper(cls, root, info, **kwargs):
print(kwargs.get('id'), info.context.user)
return function(cls, root, info, **
kwargs) if info.context.user.id == kwargs.get(
'id') else GraphQLError("You can't access that :(")
def resolve_identify(self, info):
user = info.context.user
if user.is_anonymous:
raise GraphQLError("Authentication Error")
return user
def get(self, aggClient, argv):
response = aggClient.sendCommand('getResult', argv)
if response['status']:
return self.generateResult(response['data'])
else:
raise GraphQLError(response['error'])
def get_user_or_raise(user_id):
user = user_repo.get_user(user_id, raise_exception=False)
if not user:
raise GraphQLError("Not found")
return user
