async def destroy(
user_id: int,
user_repo: UserRepo = Depends(UserRepo()),
token: TokenPayload = Depends(
ScopedTo("user:create", "super", satisfy="one")),
user: User = Depends(current_user),
):
if user_id == user.id:
abort(403, msg="Cannot deactivate self")
remaining_supers = len(
user_repo.filter(
user_repo.label("is_superuser") == True,
user_repo.label("is_active") == True,
user_repo.label("id") != user_id,
).all().results())
if remaining_supers < 1:
abort(
403,
msg="Cannot deactivate user. No other active super users available."
)
user_repo.clear()
messages = [{"text": "Deactivation Succesful", "type": "success"}]
if not user_repo.exists(id=user_id):
return BaseResponse(messages=messages)
user_repo.deactivate(user_id)
return BaseResponse(messages=messages)
def first(self, or_fail=False, **kwargs):
if kwargs:
self.filter_by(**kwargs)
self.debug(
f"executing first query {self.compiled()} in {self.__class__.__name__}"
)
results = self.final().first()
if or_fail:
if not results:
abort(404, f"Item not found: {self.__class__.__name__}")
self._results = results
return self
async def store(
form: DnsServerCreateForm,
dns_server_repo: DnsServerRepo = Depends(DnsServerRepo),
token: TokenPayload = Depends(ScopedTo("dns-server:create")),
):
if dns_server_repo.exists(name=form.name.lower()):
abort(422, "Invalid Name")
data = only(dict(form), ["name"])
data["name"] = data["name"].lower()
item = dns_server_repo.create(data).data()
return DnsServerResponse(dns_server=item)
def exists(self, id=None, or_fail=False, **kwargs):
if id and not kwargs:
self.filter_by(id=id)
elif kwargs:
self.filter_by(**kwargs)
self.debug(
f"executing first (exists) query {self.compiled()} in {self.__class__.__name__}"
)
results = self.final().first()
if or_fail and not results:
abort(404, f"Item not found: {self.__class__.__name__}")
self._results = results
return bool(self._results)
async def __call__(
self,
request: Request,
bl_token_repo: BlackListedTokenRepo = Depends(
BlackListedTokenRepo()),
token: str = Security(oauth2),
) -> TokenPayload:
token = verify_jwt_token(token, bl_token_repo,
self._leeway) # proper validation goes here
if self._satisfy not in ["all", "one"]:
logger.warning(f"Invalid satisfy value: {self._satisfy}")
if self._satisfy == "one":
if not token_has_one_required_scopes(token, self._scopes):
vmsg = f"Token does not have one of the required scopes: {str(self._scopes)}"
logger.error(vmsg)
abort(code=403, msg="Forbidden", debug=vmsg)
else:
if not token_has_required_scopes(token, self._scopes):
vmsg = f"Token does not have all required scopes: {str(self._scopes)}"
logger.error(vmsg)
abort(code=403, msg="Forbidden", debug=vmsg)
return token