def get_spec(self):
additional_responses = (responses.OperationErrorResponse(
data=errors.CommonErrors.PermissionError,
description='Can\'t create file'), ) + self.additional_responses
ext_body_parameters = ({
'name': 'file',
'in': 'formData',
'description': 'File to upload',
'required': True,
'type': 'file'
}, )
return swagger.specify.get_spec(
method='post',
description='Creates new {}'.format(self.entity.lower()),
consumes=['multipart/form-data'],
path_parameters=self.path_parameters,
responses=(
responses.ObjectCreatedResponse(),
# self.scheme_class.get_object_created_response(entity=self.entity),#,scheme=ObjectCreatedWithErrorsScheme),
) + additional_responses,
security=self.get_security(method='post'),
# body_parameters=('{} to create'.format(self.entity), self.scheme_class),
ext_body_parameters=ext_body_parameters)
def get_spec(self):
return specify.get_spec(
method='post',
description='Checks and refreshes token',
responses=(responses.SuccessResponse(
scheme=auth_schemes.AuthTokenExtScheme),
responses.ValidationErrorResponse(),
responses.OperationErrorResponse('Incorrect token')),
security=self.security)
def get_spec(self):
return specify.get_spec(
method='post',
description='Checks current user password',
body_parameters=('User password',
auth_schemes.PasswordCheckScheme),
responses=(responses.SuccessResponseJustOk(),
responses.ValidationErrorResponse(),
responses.OperationErrorResponse('Incorrect password')),
security=self.security)
def apply(self, obj, req, resp, **kwargs):
from falcon_rest.contrib.auth import auth
user = model.User.filter(email=req.data['email']).first()
if user:
user.token = auth.get_token(user)
ret = user.apply_mail('retrieve_password')
if ret:
self.set_response(resp, responses.OperationErrorResponse(
data=dict(message=ret, reason='mail_error', code=406)))
return False
def on_post(self, req, resp, **kwargs):
obj = self.get_object(resp, ObjectRevisionModel, **kwargs)
user = self.get_user(req)
if not check_permission('ObjectRevision', req, 'restore', obj) or (
hasattr(user, 'can_restore') and not user.can_restore(obj)):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
try:
if obj.restore(self.get_user(req)):
self.set_response(resp, responses.SuccessResponseJustOk())
except RestoreExceptionToRevisionWhereWasDeleted:
self.set_response(
resp,
responses.OperationErrorResponse(data=CantRestoreToDeleted))
except RestoreExceptionToCurrentRevision:
self.set_response(
resp,
responses.OperationErrorResponse(
data=CantRestoreToCurrentRevision))
def on_post(self, req, resp, **kwargs):
password_scheme = auth_schemes.PasswordCheckScheme()
if self.check_request_data(req, resp, password_scheme):
data = self.get_loaded_data(password_scheme)
if auth.check_password(data['password'],
self.get_user(req).password):
self.set_response(
resp,
responses.SuccessResponse(scheme=schemes.SuccessScheme))
else:
self.set_response(
resp,
responses.OperationErrorResponse(
data=responses.errors.UserErrors.IncorrectPassword))
def proceed(self, req, resp, **kwargs):
if (not hasattr(self, 'no_auth_needed') or self.no_auth_needed == False) and \
not check_permission(self, req, self.action, self.get_object(resp, self.model_class, **kwargs)):
self.set_response(
resp,
responses.ForbiddenErrorResponse(
data=errors.AuthErrors.Forbidden))
return
try:
obj = self.get_object(resp, self.model_class, **kwargs)
if self.check_conditions(obj, self.pre_conditions,
lambda a, b: a == b):
if self.check_conditions(obj, self.pre_conditions_inverted,
lambda a, b: a != b):
if self.apply(obj, req, resp, **kwargs):
self.set_response(resp,
responses.SuccessResponseJustOk())
except FkConstraintViolation as e:
self.set_response(
resp,
responses.FkConstraintViolationResponse(
data=errors.CommonErrors.get_fk_violation_error(
e.table_name, e.column_name, e.value)))
except IntegrityError as e:
try:
msg = str(e).split('\n')[1].split(':')[1]
except:
msg = str(e)
self.set_response(resp, AlreadyExistsResponse(self.entity, msg))
return False
except PreConditionFailedException as e:
self.set_response(
resp,
responses.OperationErrorResponse(
data=errors.CommonErrors.get_pre_condition_failed_error(
e.message)))
except Exception as e:
self.set_response(resp, OperationalError(e))
def OperationalError(e):
msg = str(e).split('\n')
if len(msg) > 3:
msg = msg[0:2]
return responses.OperationErrorResponse(
data=responses.errors.Error(40, msg, e.__class__.__name__))