def addFlaskApiResources(
apiInstance,
appInstance,
controllerList,
schedulerList,
serviceList,
clientList,
repositoryList,
validatorList,
mapperList,
helperList,
converterList
) :
addResourceAttibutes(apiInstance)
addRepositoryTo(apiInstance, repositoryList)
addSchedulerListTo(apiInstance, schedulerList)
addClientListTo(apiInstance, clientList)
addServiceListTo(apiInstance, serviceList)
addControllerListTo(apiInstance, controllerList)
addValidatorListTo(apiInstance, validatorList)
addMapperListTo(apiInstance, mapperList)
addHelperListTo(apiInstance, helperList)
addConverterListTo(apiInstance, converterList)
SqlAlchemyProxy.initialize(apiInstance, appInstance)
SchedulerManager.initialize(apiInstance, appInstance)
SecurityManager.initialize(apiInstance, appInstance)
ApiKeyManager.initialize(apiInstance, appInstance)
SessionManager.initialize(apiInstance, appInstance)
OpenApiManager.addSwagger(apiInstance, appInstance)
def initialize(
rootName,
refferenceModel,
staticPackage = 'static',
viewsPackage = 'views'
) :
app = Flask(
rootName,
static_folder = staticPackage,
template_folder = viewsPackage
)
api = Api(app)
api.app = app
api.app.api = api
api.cors = CORS(app)
api.cors.api = api
addGlobalsTo(api)
OpenApiManager.newDocumentation(api, app)
SqlAlchemyProxy.addResource(api, app, baseModel=refferenceModel, echo=False)
SchedulerManager.addResource(api, app)
SessionManager.addResource(api, app)
ApiKeyManager.addResource(api, app)
SecurityManager.addResource(api, app)
addFlaskApiResources(*[api, app, *[getResourceList(api, resourceType) for resourceType in FlaskManager.KW_RESOURCE_LIST]])
SessionManager.onHttpRequestCompletion(api, app)
ApiKeyManager.onHttpRequestCompletion(api, app)
SecurityManager.onHttpRequestCompletion(api, app)
SchedulerManager.onHttpRequestCompletion(api, app)
SqlAlchemyProxy.onHttpRequestCompletion(api, app)
return app
def get(self):
assert 'other headers' == SecurityManager.getJwtHeaders().get(
'some'
), f"other headers == {SecurityManager.getJwtHeaders().get('some')} should be equals. Headers: {SecurityManager.getJwtHeaders()}"
return {
'secured': 'information',
'after': 'refresh',
'currentUser': SecurityManager.getCurrentUser()
}, HttpStatus.OK
def patch(self, dto):
assert 'headers' == SecurityManager.getJwtHeaders().get(
'some'
), f"headers == {SecurityManager.getJwtHeaders().get('some')} should be equals. Headers: {SecurityManager.getJwtHeaders()}"
headers = {'some': 'other headers'}
data = {'some': 'other data'}
return {
'accessToken':
SecurityManager.patchAccessToken(
newContextList=['TEST_ROLE', 'TEST_ROLE_REFRESH'],
headers=headers,
data=data)
}, HttpStatus.OK
def handleSecuredControllerMethod(args, kwargs, contentType, resourceInstance,
resourceInstanceMethod, contextRequired,
apiKeyRequired, roleRequired,
requestHeaderClass, requestParamClass,
requestClass, logRequest,
muteStacktraceOnBusinessRuleException):
contextList = SecurityManager.getContext()
if not any(role in set(contextList) for role in roleRequired):
raise GlobalException(
message='Role not allowed',
logMessage=
f'''Roles {contextList} trying to access denied resourse. Allowed roles {roleRequired}''',
status=HttpStatus.FORBIDDEN)
elif ObjectHelper.isNotEmptyCollection(apiKeyRequired):
return handleLockedByApiKeyControllerMethod(
args, kwargs, contentType, resourceInstance,
resourceInstanceMethod, contextRequired, apiKeyRequired,
requestHeaderClass, requestParamClass, requestClass, logRequest,
muteStacktraceOnBusinessRuleException)
elif ObjectHelper.isNotEmptyCollection(contextRequired):
return handleSessionedControllerMethod(
args, kwargs, contentType, resourceInstance,
resourceInstanceMethod, contextRequired, requestHeaderClass,
requestParamClass, requestClass, logRequest,
muteStacktraceOnBusinessRuleException)
return handleControllerMethod(args, kwargs, contentType, resourceInstance,
resourceInstanceMethod, requestHeaderClass,
requestParamClass, requestClass, logRequest,
muteStacktraceOnBusinessRuleException)
def post(self, dto):
headers = {'some': 'headers'}
data = {'some': 'data'}
return {
'accessToken':
SecurityManager.createAccessToken(
dto['id'], ['TEST_ROLE'],
deltaMinutes=VALID_TOKEN_MINUTES_DURATION,
headers=headers,
data=data)
}, HttpStatus.OK
def runApi(*args, api=None, **kwargs):
if ObjectHelper.isNone(api):
api = FlaskUtil.getApi()
muteLogs(api)
if 'host' not in kwargs and api.host:
kwargs['host'] = api.host if not 'localhost' == api.host else '0.0.0.0'
if 'port' not in kwargs and api.port:
kwargs['port'] = api.port
apiUrl = getApiUrl(api)
documentationUrl = OpenApiManager.getDocumentationUrl(api)
healthCheckUrl = f'{documentationUrl[:-len(OpenApiManager.DOCUMENTATION_ENDPOINT)]}{HealthCheckConstant.URI}'
log.success(runApi, f'Api will run at {apiUrl}')
log.success(runApi, f'Health check will be available at {healthCheckUrl}')
log.success(runApi,
f'Documentation will be available at {documentationUrl}')
api.app.run(*args, **kwargs)
SessionManager.onShutdown(api, api.app)
ApiKeyManager.onShutdown(api, api.app)
SecurityManager.onShutdown(api, api.app)
SchedulerManager.onShutdown(api, api.app)
SqlAlchemyProxy.onShutdown(api, api.app)
log.success(runApi, f'{api.globals.apiName} successfully shutdown')
def put(self, dto):
SecurityManager.addAccessTokenToBlackList()
return {'message': 'Logged out'}, HttpStatus.ACCEPTED
def get(self):
return {
'secured': 'information',
'currentUser': SecurityManager.getCurrentUser()
}, HttpStatus.OK