def log_out(): """ Blacklist the token. Requires the user to be logged in. """ token = flask.request.headers.get("Authorization") db_session = db_access.Session() try: if not auth_service.is_token_ok(token): return flask.jsonify({ "status": "failure", "message": "Błąd autoryzacji" }), 401 auth_service.blacklist_token(token) db_session.commit() except Exception as err: logger.log_error(str(err)) db_session.rollback() return flask.jsonify({ "status": "failure", "message": "Błąd aplikacji" }), 500 finally: db_session.close() return flask.jsonify({"status": "success", "message": ""}), 200
def users_list(): """ Get the list of all users. """ db_session = db_access.Session() try: users = user_service.get_all_users() result = list() for user in users: result.append({ "id": user["id"], "userName": user["user_name"] }) return flask.jsonify({ "status": "success", "message": "", "users": result }), 200 except Exception as err: logger.log_error(str(err)) db_session.rollback() return flask.jsonify({ "status": "failure", "message": "Błąd aplikacji" }), 500 finally: db_session.close()
def wrapper(*args, **kwargs): token = flask.request.headers.get("Authorization") db_session = db_access.Session() try: if not auth_service.is_token_ok(token): return flask.jsonify({ "status": "failure", "message": "Błąd autoryzacji" }), 401 if not auth_service.are_roles_sufficient(token, roles): return flask.jsonify({ "status": "failure", "message": "Brak uprawnień" }), 403 except Exception as err: logger.log_error(str(err)) db_session.rollback() return flask.jsonify({ "status": "failure", "message": "Błąd aplikacji" }), 500 finally: db_session.close() return func(*args, **kwargs)
def users_add(): """ Add a new user. Requires the following request body: { "userName": "******", "password": "******", "roles": [ (optional) <role1>, ... ] } """ editor_name = None user_name = None password = None roles = None if flask.request.headers.get("Authorization") is not None: token = flask.request.headers.get("Authorization") editor_name = auth_service.get_user_name(token) if flask.request.json is not None: user_name = flask.request.json.get("userName") password = flask.request.json.get("password") roles = flask.request.json.get("roles") db_session = db_access.Session() try: user_service.create_user(editor_name, user_name, password, roles) db_session.commit() return flask.jsonify({ "status": "success", "message": "" }), 200 except BusinessError as err: db_session.rollback() return flask.jsonify({ "status": "failure", "message": err.message }), 200 except Exception as err: logger.log_error(str(err)) db_session.rollback() return flask.jsonify({ "status": "failure", "message": "Błąd aplikacji." }), 500 finally: db_session.close()
def read_by_id(id): """ Read the user of the given ID. """ try: session: Session = db_access.Session() return session.query(UserEntity).filter_by(id=id).first() except SQLAlchemyError as err: raise PersistenceError( f"Error on reading user by the ID {id}: {str(err)}") from err
def __init__(self): # Making sure that all the entities has been imported (i.e. initialized) assert auth_model is not None assert user_model is not None assert campaign_model is not None self.flask_app = flask.Flask(__name__) properties.init() self.host = properties.get_app_host() self.port = properties.get_app_port() db_access.init() # Registering web-service endpoints self.flask_app.register_blueprint(auth_endpoint.AUTH_BLUEPRINT) self.flask_app.register_blueprint(users_endpoint.USERS_BLUEPRINT) self.flask_app.register_blueprint( my_campaigns_endpoint.MY_CAMPAIGNS_BLUEPRINT) # Registering views self.flask_app.register_blueprint(index_view.INDEX_BLUEPRINT) session = db_access.Session() try: if not startup_service.superuser_exists(): startup_service.create_superuser() else: superuser_roles = user_roles_service.get_user_roles( "superuser") grant_required = False for role in roles.ALL_ROLES: if role not in superuser_roles: grant_required = True break if grant_required: user_roles_service.grant_roles("SYSTEM", "superuser", roles.ALL_ROLES) session.commit() except Exception as err: session.rollback() logger.log_error("Error on application startup: {}".format( str(err))) raise err finally: session.close() logger.log_info("Application initialized.")
def read_by_id(campaign_id: int) -> CampaignEntity: """ Read campaign data by its ID. """ try: session: Session = db_access.Session() return session.query(CampaignEntity).filter_by(id=campaign_id).first() except SQLAlchemyError as err: raise PersistenceError( f"Error on reading a campaign of the ID: {str(campaign_id)}" ) from err
def read_by_user_name(name): """ Read the user of the given name. """ try: session: Session = db_access.Session() return session.query(UserEntity).filter_by(user_name=name).first() except SQLAlchemyError as err: raise PersistenceError( f"Error on reading user by the user name {name}: {str(err)}" ) from err
def read_all(): """ Read all users. """ session: Session = db_access.Session() try: users = session.query(UserEntity).all() return users except SQLAlchemyError as err: raise PersistenceError( f"Error on reading all users: {str(err)}") from err
def read_by_token(token): """ Read a blacklisted token entry by the token value. """ try: session = db_access.Session() blacklisted_token = session.query(BlacklistedTokenEntity).filter_by( token=token).first() return blacklisted_token except SQLAlchemyError as err: raise PersistenceError( f"Error on reading blacklisted token: {token}") from err
def read_by_gm_id(gm_id): """ Get all campaigns belonging to the game master of the given ID. """ try: session: Session = db_access.Session() return session.query(CampaignEntity).filter_by( game_master_id=gm_id).all() except SQLAlchemyError as err: raise PersistenceError( f"Error on reading campaigns of the GM (ID: {str(gm_id)}): {str(err)}" ) from err
def persist(campaign): """ Persist the campaign data. """ if not isinstance(campaign, CampaignEntity): raise ValueError("The argument is not CampaignEntity!") try: session: Session = db_access.Session() session.add(campaign) session.flush() return campaign except SQLAlchemyError as err: raise PersistenceError(f"Error on persisting a campaign: {str(err)}")
def persist(user): """ Persist the given user in the database. """ if not isinstance(user, UserEntity): raise ValueError("The argument is not UserEntity.") try: session: Session = db_access.Session() session.add(user) session.flush() return user except SQLAlchemyError as err: raise PersistenceError("Error on persisting user: {}".format( str(err))) from err
def persist(blacklisted_token): """ Persist the given blacklisted token in the database. """ if not isinstance(blacklisted_token, BlacklistedTokenEntity): raise ValueError("The argument is not BlacklistedTokenEntity.") try: session = db_access.Session() session.add(blacklisted_token) session.flush() return blacklisted_token except SQLAlchemyError as err: raise PersistenceError( f"Error on persisting blacklisted token: {str(err)}")
def log_in(): """ Get the authentication token. Requires the request body: { "userName": "******", "password": "******" } """ user_name = None password = None if flask.request.json is not None: user_name = flask.request.json.get("userName") password = flask.request.json.get("password") if not user_name: return flask.jsonify({ "status": "failure", "message": "Brakująca nazwa użytkownika." }), 200 if not password: return flask.jsonify({ "status": "failure", "message": "Brakujące hasło." }), 200 db_session = db_access.Session() try: current_user = auth_service.log_in(user_name, password) db_session.commit() except BusinessError: return flask.jsonify({ "status": "failure", "message": "Błąd autentykacji" }), 401 except Exception as err: logger.log_error(str(err)) db_session.rollback() return flask.jsonify({ "status": "failure", "message": "Błąd aplikacji" }), 500 finally: db_session.close() return flask.jsonify({ "status": "success", "message": "", "currentUser": { "userName": current_user["user_name"], "token": current_user["token"], "roles": current_user["roles"] } }), 200
def setUp(self): properties.init() db_access.init() self.session = db_access.Session()
def setUp(self): assertModelInitialized() properties.init() db_access.init() self.session = db_access.Session()