def logout(session_id: str): """Logout user. Args: session_id (str): session UUID. """ db = DataBase() db_session = db.create_session() db_session.query(db.Session).filter_by(uuid=session_id).delete() db_session.commit()
def wrapper(*args, **kwargs) -> web.Response: """Wrap decorated method. Args: *args (tuple): Tuple with nameless arguments; **kwargs (dict): Dict with named arguments. Returns: Result of called wrapped method. Raises: HTTPUnauthorized: 401 HTTP error, if user session is expired or not found; HTTPForbidden: 403 HTTP error, if access denied. """ request = args[1] session_id = request.headers.get('Authorization') if not session_id: raise web.HTTPUnauthorized(text='Unauthorized request') db = DataBase() db_session = db.create_session() session = db_session.query( db.Session).filter_by(uuid=session_id).first() if not session: raise web.HTTPUnauthorized( text='Session expired. Please, sign in again') if not session.user.role: raise web.HTTPForbidden(text='User is not attached to role') method = db_session.query( db.Method).filter_by(name=func.__name__).first() if method and not method.shared: relations = set( filter(lambda rel: rel.role_id == session.user.role.id, method.roles)) if len(relations) == 0: raise web.HTTPForbidden(text='Access denied') return func(*args, **kwargs)
def add_method(method_name: str): """Add new method. Args: method_name (str): Method name. Raises: SystemError: if method exists. """ db = DataBase() db_session = db.create_session() existing_method = db_session.query( db.Method).filter_by(name=method_name).first() if existing_method: raise SystemError(f'Method {method_name} already exists') db_session.add(db.Method(method_name)) db_session.commit()
def add_role(role_name: str): """Add new role. Args: role_name (str): Role name. Raises: SystemError: if role exists. """ db = DataBase() db_session = db.create_session() existing_role = db_session.query( db.Role).filter_by(name=role_name).first() if existing_role: raise SystemError(f'Role {role_name} already exists') db_session.add(db.Role(role_name)) db_session.commit()
def wrapper(*args, **kwargs) -> web.Response: """Wrap decorated method. Args: *args (tuple): Tuple with nameless arguments; **kwargs (dict): Dict with named arguments. Returns: Result of called wrapped method. Raises: HTTPUnauthorized: 401 HTTP error, if user session is expired or not found. """ request = args[1] session_id = request.headers.get('Authorization') if not session_id: raise web.HTTPUnauthorized(text='Unauthorized request') db = DataBase() db_session = db.create_session() session = db_session.query( db.Session).filter_by(uuid=session_id).first() if not session: raise web.HTTPUnauthorized( text='Session expired. Please, sign in again') if session.exp_dt < datetime.now(): db_session.delete(session) db_session.commit() raise web.HTTPUnauthorized( text='Session expired. Please, sign in again') kwargs.update(user_id=session.user_id) return func(*args, **kwargs)
def delete_method(method_name: str): """Delete method. Args: method_name (str): Method name. Raises: SystemError: if method does not exist. """ db = DataBase() db_session = db.create_session() method = db_session.query( db.Method).filter_by(name=method_name).first() if not method: raise SystemError(f'Method {method_name} is not found') db_session.query(db.MethodRole).filter_by(method_id=method.id).delete() db_session.delete(method) db_session.commit()
def delete_role(role_name: str): """Delete role. Args: role_name (str): Role name. Raises: SystemError: if role does not exist, if role has users. """ db = DataBase() db_session = db.create_session() role = db_session.query(db.Role).filter_by(name=role_name).first() if not role: raise SystemError(f'Role {role_name} is not found') if len(role.users): raise SystemError("You can't delete role with users") db_session.query(db.MethodRole).filter_by(role_id=role.id).delete() db_session.delete(role) db_session.commit()
if not PASSWORD_REGEX.match(password): raise ValueError( 'Invalid password. Password should contain letters, digits and will be 8 to 50 characters long' ) if password != confirm_password: raise ValueError('Passwords are not match') if surname: surname = surname.strip() hashed_password = HashAPI.hash_sha512(password) db = DataBase() db_session = db.create_session() existed_user = db_session.query(db.User).filter_by(email=email).first() if existed_user: raise SystemError(f'User with email {email} already exists') role_visitor = db_session.query( db.Role).filter_by(name="visitor").first() db_session.add( db.User(email, hashed_password, name, surname, role=role_visitor)) db_session.commit() @staticmethod def signin(**kwargs) -> str: """Sign in user.