async def handle_list_alerts(request):
if not request.app['conf'].development_mode_enabled:
raise HTTPForbidden(text='Available only in development mode')
return json_response({'current_alerts': request.app['current_alerts']})
async def put_queue(request):
"""You MUST enable redis key-space notifications in order
for this to work.
Add 'Kxg' to the 'notify-keyspace-events' in your redis.conf.
You MIGHT want to increase 'active-expire-effort' value to
improve notification schedule precision.
"""
payload = await request.json()
validate(payload, schema)
redis = request.app['redis']
sender = payload['sender']
uid = sender['id']
if sender['role'] not in daily_limit:
raise HTTPForbidden(reason=UNKNOWN_ROLE)
lim_send = f'lim_send:{uid}'
sent_before = int(await redis.get(lim_send) or 0)
if sent_before >= daily_limit[sender['role']]:
raise HTTPTooManyRequests(
reason=DAILY_LIMIT_EXCEEDED,
headers={'Retry-After': str(await redis.ttl(lim_send))})
deliver_at = get_delivery_time(payload)
payload['deliver_at'] = deliver_at.iso
history_key = payload['history_key']
delivery_key = f'delivery:{history_key[8:]}'
del payload['history_key']
for user in payload['recipients']:
user['origin'] = await Group.query.where(
(Allegiance.user == user['id'])
& (Group.id == Allegiance.group)
& (Group.is_virtual.isnot(True))).gino.all()
user['received_in'] = []
payload['recipients'].sort(key=lambda user: user['id'])
transaction = redis.multi_exec()
transaction.set(history_key, dumps(payload))
transaction.set(delivery_key, 1)
if not deliver_at.scheduled:
transaction.delete(delivery_key)
else:
# EXPIREAT key <now / some time ago>, EXPIRE key 0
# don't trigger EXPIRE events consistently.
#
# Tested on Redis-server 6.0.4.
transaction.expireat(delivery_key, round(deliver_at.unix))
transaction.incr(lim_send)
if sent_before == 0:
transaction.expire(lim_send, day)
await transaction.execute()
if deliver_at.scheduled:
return json_response(deliver_at.iso, status=HTTPStatus.ACCEPTED.value)
else:
return deliver_at.iso
async def handle_token(request: Request) -> Response:
raise HTTPForbidden()
async def decorator(*args):
request = _get_request(args)
response = await login_required(handler)(request)
if request['user']['email'] not in cfg.ADMIN_EMAILS:
raise HTTPForbidden(reason='You are not admin')
return response
async def authenticate(self, request):
auth_token = getattr(self.settings, self.auth_token_field)
if not secrets.compare_digest(
auth_token, request.headers.get('Authorization', '')):
raise HTTPForbidden(text='Invalid Authorization header')
async def error(request):
raise HTTPForbidden(reason="unauthorized")
async def return_403_handler(with_exception):
"""Return an HTTP403 error."""
if with_exception:
raise HTTPForbidden()
return Response(status=403)
async def wrapped(request):
has_perm = await permits(request, permission)
if not has_perm:
message = "User has no permission \"{}\"".format(permission)
raise HTTPForbidden(body=message)
return await f(request)
def _check_client_authorization(self, request):
token = self._get_authorization_token(request)
if token not in self.configuration.client_tokens:
logger.info('Invalid Authorization token: %s...', repr(token[:5]))
raise HTTPForbidden(reason='Invalid Authorization token')
