def base_preprocessor_delete_many(search_params=None, **kw): """Create a generic DELETE_MANY preprocessor. Accepts a single argument, `search_params`, which is a dictionary containing the search parameters for the request. """ logger.info('`base_preprocessor_delete_many` used for endpoint')
def remote_authorize(*args, **kwargs): """Login via JSON from another application. :param string email: Email associated with user account :param string password: Password assocaited with user account :return bool """ form_class = _security.login_form error_message = 'No credentials provided' if request.json: form = form_class(MultiDict(request.json)) else: error_message = "Request did not use Content-Type:application/json" logger.info('[OAUTH::remote_authorize] %s', error_message) abort(403, error_message) if form.validate_on_submit(): login_user(form.user, remember=form.remember.data) after_this_request(_commit) current_user = form.user else: logger.error( '[OAUTH::remote_authorize] Validation Failed with ' 'message: %s', form.errors) return abort(403, form.errors) return True
def base_preprocessor_get_many(search_params=None, **kw): """Create a generic GET_MANY preprocessor. Accepts a single argument, `search_params`, which is a dictionary containing the search parameters for the request. """ logger.info('`base_preprocessor_get_many` responded to request')
def base_preprocessor_get_single(instance_id=None, **kw): """Create a generic GET_SINGLE preprocessor. Accepts a single argument, `instance_id`, the primary key of the instance of the model to get. """ logger.info('`base_preprocessor_get_single` responded to request')
def base_preprocessor_post(data=None, **kw): """Create a generic POST preprocessor. Accepts a single argument, `data`, which is the dictionary of fields to set on the new instance of the model. """ logger.info('`base_preprocessor_post` used for endpoint')
def user_postprocessor_post(result=None, **kw): """Create an User specific POST postprocessor. Accepts a single argument, `result`, which is the dictionary representation of the created instance of the model. """ logger.info('`user_postprocessor_post` used for endpoint') authorization = verify_authorization() role = verify_roles(authorization, ['admin']) """ HACK: We really shouldn't be doing this, however, it's quicker and more straight forward than converting the <dict> to enable dot sytnax that is compatible with Flask-Security """ user = db.session.query(Model).get(result['id']) """ Sends the reset password instructions email for the specified user. :param user: The user to send the instructions to """ token = generate_reset_password_token(user) reset_link = url_for_security('reset_password', token=token, _external=True) send_mail('An administrator has created an account for you', user.email, 'staff', user=user, confirmation_link=reset_link)
def base_postprocessor_post(result=None, **kw): """Create a generic POST postprocessor. Accepts a single argument, `result`, which is the dictionary representation of the created instance of the model. """ logger.info('`base_postprocessor_post` used for endpoint')
def base_preprocessor_delete_single(instance_id=None, **kw): """Create a generic DELETE_SINGLE preprocessor. Accepts a single argument, `instance_id`, which is the primary key of the instance which will be deleted. """ logger.info('`base_preprocessor_delete_single` used for endpoint')
def base_postprocessor_delete_single(was_deleted=None, **kw): """Create a generic DELETE_SINGLE postprocessor. Accepts a single argument, `was_deleted`, which represents whether the instance has been deleted. """ logger.info('`base_postprocessor_delete_single` used for endpoint')
def base_postprocessor_update_single(result=None, **kw): """Create a generic PATCH_SINGLE and PUT_SINGLE postprocessor. Accepts a single argument, `result`, which is the dictionary representation of the requested instance of the model. """ logger.info('`base_postprocessor_update_single` used for endpoint')
def base_postprocessor_get_single(result=None, **kw): """Create a generic GET_SINGLE postprocessor. Accepts a single argument, `result`, which is the dictionary representation of the requested instance of the model. """ logger.info('`base_postprocessor_get_single` responded to request')
def base_preprocessor_update_single(instance_id=None, **kw): """Create a generic PATCH_SINGLE and PUT_SINGLE preprocessor. Accepts two arguments, `instance_id`, the primary key of the instance of the model to patch, and `data`, the dictionary of fields to change on the instance. """ logger.info('`base_preprocessor_update_single` used for endpoint')
def base_preprocessor_update_many(search_params=None, **kw): """Create a generic PATCH_MANY and PATCH_SINGLE preprocessor. Accepts two arguments: `search_params`, which is a dictionary containing the search parameters for the request, and `data`, which is a dictionary representing the fields to change on the matching instances and the values to which they will be set. """ logger.info('`base_preprocessor_update_many` used for endpoint')
def base_postprocessor_delete_many(result=None, search_params=None, **kw): """Create a generic DELETE_MANY postprocessor. Accepts two arguments: `result`, which is the dictionary representation of which is the dictionary representation of the JSON response which will be returned to the client, and `search_params`, which is a dictionary containing the search parameters for the request. """ logger.info('`base_postprocessor_delete_many` used for endpoint')
def base_postprocessor_get_many(result=None, search_params=None, **kw): """Create a generic GET_MANY postprocessor. Accepts two arguments, `result`, which is the dictionary representation of the JSON response which will be returned to the client, and `search_params`, which is a dictionary containing the search parameters for the request (that produced the specified `result`). """ logger.info('`base_postprocessor_get_many` responded to request')
def base_postprocessor_update_many(query=None, data=None, search_params=None, **kw): """Create a generic PATCH_MANY and PATCH_SINGLE postprocessor. Accepts three arguments: `query`, which is the SQLAlchemy query which was inferred from the search parameters in the query string, `data`, which is the dictionary representation of the JSON response which will be returned to the client, and `search_params`, which is a dictionary containing the search parameters for the request. """ logger.info('`base_postprocessor_update_many` used for endpoint')
def user_preprocessor_update_single(instance_id=None, **kw): """Create an User specific PATCH_SINGLE and PUT_SINGLE preprocessor. Accepts two arguments, `instance_id`, the primary key of the instance of the model to patch, and `data`, the dictionary of fields to change on the instance. """ logger.info('`user_preprocessor_update_single` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() if (int(authorization.id) == int(instance_id)): logger.debug('User %d updating their account' % (authorization.id)) pass elif check_roles('admin', authorization.roles): logger.info('Administrator with id %d is updating user id %d' % (authorization.id, int(instance_id))) pass else: logger.info('User %d attempted to access a User UPDATE_SINGLE ' 'for another user account' % (authorization.id)) abort(403) else: logger.info('Anonymous user attempted to access User' 'UPDATE_SINGLE') abort(403)
def user_preprocessor_post(data=None, **kw): """Create an User specific POST preprocessor. Accepts a single argument, `data`, which is the dictionary of fields to set on the new instance of the model. """ logger.info('`user_preprocessor_post` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() if check_roles('generic', authorization.roles) and \ not check_roles('admin', authorization.roles): logger.warning('User %d %s access failed User POST' % (authorization.id, 'generic')) logger.warning('generic role unauthorized to access ' 'User POST') abort(401) elif check_roles('admin', authorization.roles): logger.info('User %d accessed User POST as %s' % (authorization.id, 'admin')) pass else: logger.info('User %d accessed User POST with no role' % (authorization.id)) abort(403) else: logger.info('Anonymous user attempted to access User POST') abort(403)
def file_preprocessor_delete_single(instance_id=None, **kw): """Create an File specific DELETE_SINGLE preprocessor. Accepts a single argument, `instance_id`, which is the primary key of the instance which will be deleted. """ logger.info('`file_preprocessor_delete_single` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() else: abort(403)
def file_preprocessor_get_single(instance_id=None, **kw): """Create an File specific GET_SINGLE preprocessor. Accepts a single argument, `instance_id`, the primary key of the instance of the model to get. """ logger.info('`file_preprocessor_get_single` responded to request') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() else: abort(403)
def token_preprocessor_post(data=None, **kw): """Create an Token specific POST preprocessor. Accepts a single argument, `data`, which is the dictionary of fields to set on the new instance of the model. """ logger.info('`token_preprocessor_post` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() else: abort(403)
def file_preprocessor_get_many(search_params=None, **kw): """Create an File specific GET_MANY preprocessor. Accepts a single argument, `search_params`, which is a dictionary containing the search parameters for the request. """ logger.info('`file_preprocessor_get_many` responded to request') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() else: abort(403)
def role_preprocessor_post(data=None, **kw): """Create an Role specific POST preprocessor. Accepts a single argument, `data`, which is the dictionary of fields to set on the new instance of the model. """ logger.info('`role_preprocessor_post` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() else: logger.info('Anonymous user attempted to access User GET_MANY') abort(403)
def file_preprocessor_update_single(instance_id=None, **kw): """Create an File specific PATCH_SINGLE and PUT_SINGLE preprocessor. Accepts two arguments, `instance_id`, the primary key of the instance of the model to patch, and `data`, the dictionary of fields to change on the instance. """ logger.info('`file_preprocessor_update_single` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() else: abort(403)
def token_preprocessor_update_many(search_params=None, **kw): """Create an Token specific PATCH_MANY and PATCH_SINGLE preprocessor. Accepts two arguments: `search_params`, which is a dictionary containing the search parameters for the request, and `data`, which is a dictionary representing the fields to change on the matching instances and the values to which they will be set. """ logger.info('`token_preprocessor_update_many` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() else: abort(403)
def file_preprocessor_post(data=None, **kw): """Create an File specific POST preprocessor. Accepts a single argument, `data`, which is the dictionary of fields to set on the new instance of the model. """ logger.info('`file_preprocessor_post` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() data['created_on'] = datetime.now().isoformat() data['modified_on'] = datetime.now().isoformat() data['creator_id'] = authorization.id data['last_modified_by_id'] = authorization.id else: abort(403)
def user_preprocessor_update_many(search_params=None, **kw): """Create an User specific PATCH_MANY and PATCH_SINGLE preprocessor. Accepts two arguments: `search_params`, which is a dictionary containing the search parameters for the request, and `data`, which is a dictionary representing the fields to change on the matching instances and the values to which they will be set. """ logger.info('`user_preprocessor_update_many` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() if check_roles('generic', authorization.roles): logger.warning('User %d %s access failed User ' 'UPDATE_MANY' % (authorization.id, 'generic')) logger.warning('generic role unauthorized to access ' 'User UPDATE_MANY') abort(401) else: logger.info('User %d accessed User UPDATE_MANY ' 'with no role' % (authorization.id)) abort(403) else: logger.info('Anonymous user attempted to access User' 'UPDATE_MANY') abort(403)
def user_preprocessor_delete_single(instance_id=None, **kw): """Create an User specific DELETE_SINGLE preprocessor. Accepts a single argument, `instance_id`, which is the primary key of the instance which will be deleted. """ logger.info('`user_preprocessor_delete_single` used for endpoint') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() if check_roles('generic', authorization.roles) and\ not check_roles('admin', authorization.roles): logger.warning('User %d %s access failed User ' 'DELETE_SINGLE' % (authorization.id, 'generic')) logger.warning('generic role unauthorized to access ' 'User DELETE_SINGLE') abort(401) elif check_roles('admin', authorization.roles): pass else: logger.info('User %d accessed User DELETE_SINGLE with ' 'no role' % (authorization.id)) abort(403) else: logger.info('Anonymous user attempted to access User ' 'DELETE_SINGLE') abort(403)
def user_preprocessor_get_single(instance_id=None, **kw): """Create an User specific GET_SINGLE preprocessor. Accepts a single argument, `instance_id`, the primary key of the instance of the model to get. """ logger.info('`user_preprocessor_get_single` responded to request') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() if check_roles('generic', authorization.roles): logger.warning('User %d %s access failed User GET_SINGLE' % (authorization.id, 'grantee')) logger.warning('generic role unauthorized to access ' 'User GET_SINGLE') pass else: logger.info('User %d accessed User GET_SINGLE with no' 'role' % (authorization.id)) abort(403) else: logger.info('Anonymous user attempted to access User' 'GET_SINGLE') abort(403)
def user_preprocessor_get_many(search_params=None, **kw): """Create an User specific GET_MANY preprocessor. Accepts a single argument, `search_params`, which is a dictionary containing the search parameters for the request. """ logger.info('`user_preprocessor_get_many` responded to request') if request.args.get('access_token', '') or \ request.headers.get('Authorization'): authorization = verify_authorization() if check_roles('generic', authorization.roles): logger.warning('User %d %s access failed User GET_MANY' % (authorization.id, 'generic')) logger.warning('generic role unauthorized to access ' 'User GET_MANY') pass else: logger.info('User %d accessed User GET_MANY with no role' % (authorization.id)) abort(403) else: logger.info('Anonymous user attempted to access User GET_MANY') abort(403)