Exemplo n.º 1
0
async def get_technologies_handler() -> TechnologiesPagination:
    technologies = execute_query_with_connection(get_technologies)

    return TechnologiesPagination(page=1,
                                  page_size=len(technologies),
                                  items_count=len(technologies),
                                  items=technologies)
Exemplo n.º 2
0
async def get_access_token_handler(
        response: Response,
        form_data: OAuth2PasswordRequestForm = Depends(),
) -> Token:
    user = execute_query_with_connection(
        lambda db_connection: get_user_with_permissions_and_role_by_username(
            db_connection,
            form_data.username,
        ))

    if user is None:
        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST,
                            detail={
                                "username":
                                "******"
                            })

    if form_data.password != user["password"]:
        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST,
                            detail={"password": "******"})

    refresh_token = create_refresh_token(user)

    response.set_cookie(
        key="refresh_token",
        value=refresh_token,
        httponly=True,
    )

    access_token = create_access_token(user)

    return Token(
        access_token=access_token,
        token_type="Bearer",
    )
Exemplo n.º 3
0
async def get_cities_handler() -> CitiesPagination:
    cities = execute_query_with_connection(get_cities)

    return CitiesPagination(page=1,
                            page_size=len(cities),
                            items_count=len(cities),
                            items=cities)
Exemplo n.º 4
0
async def get_positions_handler() -> PositionsPagination:
    positions = execute_query_with_connection(get_positions)

    return PositionsPagination(page=1,
                               page_size=len(positions),
                               items_count=len(positions),
                               items=positions)
Exemplo n.º 5
0
async def update_article_by_id_handler(
    id: int,
    article_input: ArticleInput,
    access_token_payload=Depends(get_access_token_payload)
) -> Article:
    current_user_id = access_token_payload.get("sub")

    initial_article = execute_query_with_connection(
        lambda db_connection: get_article_by_id(
            db_connection=db_connection,
            id=id,
            are_draft_allowed=True,
            are_draft_allowed_for_current_user_id=True,
            current_user_id=current_user_id,
            are_published_allowed=True,
            are_published_allowed_for_current_user_id=True,
            are_archived_allowed=True,
            are_archived_allowed_for_current_user_id=True,
        )
    )

    if initial_article is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="Article not found",
        )

    check_permissions_to_update_article(
        current_user_id=current_user_id,
        article=initial_article,
        access_token_payload=access_token_payload,
    )

    updated_article = execute_query_with_connection(
        lambda db_connection: update_article(
            db_connection=db_connection,
            id=id,
            article_input=article_input,
        )
    )

    return updated_article
Exemplo n.º 6
0
async def get_access_token_for_visitor_handler() -> Token:
    visitor_permissions_and_role = execute_query_with_connection(
        lambda db_connection: get_visitor_permissions_and_role(
            db_connection, ))

    access_token = create_access_token(visitor_permissions_and_role)

    return Token(
        access_token=access_token,
        token_type="Bearer",
    )
Exemplo n.º 7
0
async def get_comments_handler(
    page: int = 1,
    page_size: int = 20,
    article_id: Optional[int] = None,
    access_token_payload=Depends(get_access_token_payload)
) -> CommentsPagination:
    check_permissions(access_token_payload, ["COMMENT_VIEW_ALL"])

    comments_count = execute_query_with_connection(
        lambda db_connection: get_comments_count(db_connection, article_id))
    comments = execute_query_with_connection(
        lambda db_connection: get_comments(
            db_connection=db_connection,
            page=page,
            page_size=page_size,
            article_id=article_id,
        ))

    return CommentsPagination(page=page,
                              page_size=page_size,
                              items_count=comments_count,
                              items=comments)
Exemplo n.º 8
0
async def get_user_by_id_handler(id: int) -> User:
    user = execute_query_with_connection(lambda db_connection: get_user_by_id(
        db_connection,
        id,
    ))

    if user is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found.",
        )

    return user
Exemplo n.º 9
0
async def post_comment_handler(
    new_comment: NewComment,
    access_token_payload=Depends(get_access_token_payload)
) -> Comment:
    check_permissions(access_token_payload, ["COMMENT_CREATE"])

    created_comment = execute_query_with_connection(
        lambda db_connection: create_comment(
            db_connection=db_connection,
            author_id=access_token_payload['sub'],
            new_comment=new_comment,
            created_date=datetime.now(),
        ))

    return created_comment
Exemplo n.º 10
0
async def post_article_handler(
    article_input: ArticleInput,
    access_token_payload=Depends(get_access_token_payload)
) -> Article:
    check_permissions(access_token_payload, ["ARTICLE_CREATE"])

    created_article = execute_query_with_connection(
        lambda db_connection: create_article(
            db_connection=db_connection,
            author_id=access_token_payload["sub"],
            article_input=article_input,
            created_date=datetime.now(),
        )
    )

    return created_article
Exemplo n.º 11
0
async def get_article_by_id_handler(
    id: int,
    access_token_payload=Depends(get_access_token_payload)
) -> Article:
    check_permissions(
        access_token_payload,
        [
            "ARTICLE_VIEW_ALL_DRAFT",
            "ARTICLE_VIEW_OWN_DRAFT",
            "ARTICLE_VIEW_ALL_PUBLISHED",
            "ARTICLE_VIEW_OWN_PUBLISHED",
            "ARTICLE_VIEW_ALL_ARCHIVED",
            "ARTICLE_VIEW_OWN_ARCHIVED",
        ]
    )

    permissions = access_token_payload.get("permissions", [])

    are_draft_allowed = "ARTICLE_VIEW_ALL_DRAFT" in permissions or "ARTICLE_VIEW_OWN_DRAFT" in permissions,
    are_draft_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_DRAFT" not in permissions
    current_user_id = access_token_payload.get("sub")
    are_published_allowed = "ARTICLE_VIEW_ALL_PUBLISHED" in permissions or "ARTICLE_VIEW_OWN_PUBLISHED" in permissions
    are_published_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_PUBLISHED" not in permissions
    are_archived_allowed = "ARTICLE_VIEW_ALL_ARCHIVED" in permissions or "ARTICLE_VIEW_OWN_ARCHIVED" in permissions
    are_archived_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_ARCHIVED" not in permissions

    article = execute_query_with_connection(
        lambda db_connection: get_article_by_id(
            db_connection=db_connection,
            id=id,
            are_draft_allowed=are_draft_allowed,
            are_draft_allowed_for_current_user_id=are_draft_allowed_for_current_user_id,
            current_user_id=current_user_id,
            are_published_allowed=are_published_allowed,
            are_published_allowed_for_current_user_id=are_published_allowed_for_current_user_id,
            are_archived_allowed=are_archived_allowed,
            are_archived_allowed_for_current_user_id=are_archived_allowed_for_current_user_id,
        )
    )

    if article is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="Article not found",
        )

    return article
Exemplo n.º 12
0
async def refresh_access_token_handler(
    request: Request,
    response: Response,
) -> Token:
    old_refresh_token = request.cookies.get("refresh_token")

    try:
        refresh_token_payload = decode_refresh_token(old_refresh_token)
    except (Exception, ):
        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
                            detail="Refresh token is invalid.")

    user = execute_query_with_connection(
        lambda db_connection: get_user_with_permissions_and_role_by_id(
            db_connection,
            refresh_token_payload["sub"],
        ))

    if user is None:
        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
                            detail="The user does not exist.")

    new_refresh_token = create_refresh_token(user)

    response.set_cookie(
        key="refresh_token",
        value=new_refresh_token,
        httponly=True,
    )

    new_access_token = create_access_token(user)

    return Token(
        access_token=new_access_token,
        token_type="Bearer",
    )
Exemplo n.º 13
0
async def get_articles_handler(
    page: int = 1,
    page_size: int = 20,
    status: Optional[str] = None,
    access_token_payload=Depends(get_access_token_payload)
) -> ArticlesPagination:
    check_permissions(
        access_token_payload,
        [
            "ARTICLE_VIEW_ALL_DRAFT",
            "ARTICLE_VIEW_OWN_DRAFT",
            "ARTICLE_VIEW_ALL_PUBLISHED",
            "ARTICLE_VIEW_OWN_PUBLISHED",
            "ARTICLE_VIEW_ALL_ARCHIVED",
            "ARTICLE_VIEW_OWN_ARCHIVED",
        ]
    )

    permissions = access_token_payload.get("permissions", [])

    are_draft_allowed = "ARTICLE_VIEW_ALL_DRAFT" in permissions or "ARTICLE_VIEW_OWN_DRAFT" in permissions,
    are_draft_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_DRAFT" not in permissions
    current_user_id = access_token_payload.get("sub")
    are_published_allowed = "ARTICLE_VIEW_ALL_PUBLISHED" in permissions or "ARTICLE_VIEW_OWN_PUBLISHED" in permissions
    are_published_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_PUBLISHED" not in permissions
    are_archived_allowed = "ARTICLE_VIEW_ALL_ARCHIVED" in permissions or "ARTICLE_VIEW_OWN_ARCHIVED" in permissions
    are_archived_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_ARCHIVED" not in permissions

    articles_count = execute_query_with_connection(
        lambda db_connection: get_articles_count(
            db_connection=db_connection,
            are_draft_allowed=are_draft_allowed,
            are_draft_allowed_for_current_user_id=are_draft_allowed_for_current_user_id,
            current_user_id=current_user_id,
            are_published_allowed=are_published_allowed,
            are_published_allowed_for_current_user_id=are_published_allowed_for_current_user_id,
            are_archived_allowed=are_archived_allowed,
            are_archived_allowed_for_current_user_id=are_archived_allowed_for_current_user_id,
            status=status,
        )
    )
    articles = execute_query_with_connection(
        lambda db_connection: get_articles(
            db_connection=db_connection,
            are_draft_allowed=are_draft_allowed,
            are_draft_allowed_for_current_user_id=are_draft_allowed_for_current_user_id,
            current_user_id=current_user_id,
            are_published_allowed=are_published_allowed,
            are_published_allowed_for_current_user_id=are_published_allowed_for_current_user_id,
            are_archived_allowed=are_archived_allowed,
            are_archived_allowed_for_current_user_id=are_archived_allowed_for_current_user_id,
            page=page,
            page_size=page_size,
            status=status,
        )
    )

    return ArticlesPagination(
        page=page,
        page_size=page_size,
        items_count=articles_count,
        items=articles
    )
Exemplo n.º 14
0
async def get_salary_group_report_handler(
        group_by: GroupByEnum) -> List[SalaryReportData]:
    group_report = execute_query_with_connection(
        lambda db_connection: get_group_report(db_connection, group_by))

    return group_report
Exemplo n.º 15
0
async def post_salary_handler(salary_report: PostSalaryReportData) -> None:
    execute_query_with_connection(lambda db_connection: insert_salary(
        db_connection,
        salary_report,
        datetime.now(),
    ))