def __init__(self, request):
self.request = request
self._settings = request.registry.settings
self._data = self._settings['data']
self.authorisation = Authorisation()
self.authentication = AuthenticationManager()
self.token = Token()
def insert_default(self, username):
"""
Insert default authorisation for Favorites.
"""
authorisation = Authorisation()
return authorisation.create(username, 'Software', 'Favorites', 10)
class AuthorisationRestView:
"""
Implements the main REST API.
"""
def __init__(self, request):
self.request = request
self._settings = request.registry.settings
self._data = self._settings['data']
self.authorisation = Authorisation()
self.authentication = AuthenticationManager()
self.token = Token()
@view_config(route_name=Route.CREATE_AUTHORISATION,
request_method='POST',
renderer='json')
def create(self):
"""
This method is called from **/engine/api/create_authorisation_data**.
This method is used to create authorisation rules.
Arguments:
username (str): the username;
resource_name (str): the resource name;
rule (dict): rule.
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
LOG.info('#### entrou')
msg = ''
try:
username = self.request.params['username']
resource_category = self.request.params['resource_category']
resource_name = self.request.params['resource_name']
max_used = self.request.params['max']
token = self.request.params['token']
LOG.info('#### token: %s' % token)
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
auth = self.authorisation.create(
username,
resource_category,
resource_name,
max_used)
LOG.info('#### auth: %s' % auth)
if auth is not None:
return {'success': 'Rule successfully created.'}
else:
return {'error': 'Invalid rule'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.USE_RESOURCE,
request_method='POST',
renderer='json')
def use(self):
"""
This method is called from **/engine/api/use_resource_data**.
This method is called in order to get authorisation to use a determined
resource.
Arguments:
username (str): the username;
resource_name (str): the resource name.
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
resource_name = self.request.params['resource_name']
resource_category = self.request.params['resource_category']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
auth = self.authorisation.use_resource(
username,
resource_name,
resource_category)
if auth is not None:
return {'success': 'User is authorised.'}
else:
return {'error': 'User is not authorised.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.READ_AUTHORISATION,
request_method='POST',
renderer='json')
def read_authorisation(self):
"""
This method is called from **/engine/api/read_authorisation**.
This method is called in order to read authorisation rule.
Arguments:
username (str): the username;
resource_name (str): the resource name.
resource_category (str): the resource type.
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
LOG.info('entrou')
msg = ''
try:
LOG.info('params: %s' % self.request.params)
username = self.request.params['username']
resource_name = self.request.params['resource_name']
resource_category = self.request.params['resource_category']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
auth = self.authorisation.read(
username,
resource_name,
resource_category)
if auth is not None:
return {'success': 'Rule successfully read.',
'data': auth}
else:
return {'error': 'Rule not found.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.READ_AUTHORISATIONS,
request_method='POST',
renderer='json')
def read_authorisations(self):
"""
This method is called from **/engine/api/read_authorisations**.
This method is called in order to read authorisation rules.
Arguments:
username (str): the username;
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
auths = self.authorisation.read_authorisations(username)
if auths is not None:
return {'success': 'Rule successfully read.',
'data': auths}
else:
return {'error': 'Rule not found.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.UPDATE_AUTHORISATION,
request_method='POST',
renderer='json')
def update(self):
"""
This method is called from **/engine/api/update_authorisation**.
This method is called in order to update authorisation rule.
Arguments:
username (str): the username;
resource_name (str): the resource name.
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
resource_name = self.request.params['resource_name']
resource_category = self.request.params['resource_category']
max_allowed = self.request.params['max_allowed']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
auth = self.authorisation.update(
username,
resource_name,
resource_category,
max_allowed)
if auth is not None:
return {'success': 'Rule successfully updated.'}
else:
return {'error': 'Rule not found.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.DELETE_AUTHORISATION,
request_method='POST',
renderer='json')
def delete(self):
"""
This method is called from **/engine/api/delete_authorisation**.
This method is called in order to delete rule.
Arguments:
username (str): the username;
resource_name (str): the resource name.
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
resource_name = self.request.params['resource_name']
resource_category = self.request.params['resource_category']
max_allowed = self.request.params['max_allowed']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
auth = self.authorisation.delete(
username,
resource_name,
resource_category)
if auth is not None:
return {'success': 'Rule successfully deleted.'}
else:
return {'error': 'Rule not found.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
class FavoritesRestView:
"""
Implements favorites REST API.
"""
def __init__(self, request):
self.request = request
self._settings = request.registry.settings
self._data = self._settings['data']
self.favorites = Favorites()
self.authentication = AuthenticationManager()
self.authorisation = Authorisation()
self.token = Token()
@view_config(route_name=Route.CREATE_FAVORITE,
request_method='POST',
renderer='json')
def create(self):
"""
This method is called from **/engine/api/create_favorite**.
This method is used to create favorite association.
Arguments:
username (str): the username;
favorite_info (dict): favorite information.
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
item_id = self.request.params['item_id']
item_type = self.request.params['item_type']
city_id = int(self.request.params['city_id'])
country_id = int(self.request.params['country_id'])
favorite_id = self.request.params['favorite_id']
data = self.request.params['data']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
LOG.info('############ OK1')
auth, max_used = self.authorisation.use_resource(
username,
'Favorites',
'Software')
LOG.info('############ OK2: %s' % auth)
if auth is not None:
LOG.info('############ OK3')
result = self.favorites.create(
2,
username,
item_id,
item_type,
city_id,
country_id,
favorite_id,
data,
token)
if result is not None:
return {'success': 'Favorite association successfully created.'}
else:
return {'error': 'Invalid favorite.'}
else:
return {'error': 'Not authorized, max limit: ' + str(max_used)}
else:
return {'error': 'Invalid token.'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.READ_FAVORITE,
request_method='POST',
renderer='json')
def read(self):
"""
This method is called from **/engine/api/read_favorite**.
This method is used to read favorite association.
Arguments:
username (str): the username;
city_id (int): city id (external);
country_id (int): country id (external).
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
city_id = int(self.request.params['city_id'])
country_id = int(self.request.params['country_id'])
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
fav = self.favorites.read(2, username, city_id, country_id, token)
if fav is not None and 'data' in fav:
return {'success': 'Favorite association successfully read.',
'data': fav['data']
}
else:
return {'error': 'Invalid favorite.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.READ_FAVORITES,
request_method='POST',
renderer='json')
def read_all(self):
"""
This method is called from **/engine/api/read_favorites**.
This method is used to read favorite association.
Arguments:
username (str): the username;
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token':
if usr == username:
fav = self.favorites.read_all(2, username)
LOG.info('#### fav: %s' % fav)
if fav is not None:
return {'success': 'Favorite association successfully read.',
'data': fav
}
else:
return {'error': 'Invalid favorite.'}
else:
return {'error': 'Invalid username.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
@view_config(route_name=Route.DELETE_FAVORITE,
request_method='POST',
renderer='json')
def delete(self):
"""
This method is called from **/engine/api/delete_favorite**.
This method is used to delete favorite association.
Arguments:
username (str): the username;
item_id (int): country id (external).
Returns:
success (bool): True if sucessfully created and False
otherwise;
error (str): an error message if an error occured and an empty
string otherwise.
"""
msg = ''
try:
username = self.request.params['username']
item_id = self.request.params['item_id']
token = self.request.params['token']
usr = self.token.verify_token(2, token)
if usr != 'invalid token' and usr == username:
fav = self.favorites.delete(2, username, item_id, token)
if fav is not None:
return {'success': 'Favorite association successfully deleted.'}
else:
return {'error': 'Invalid favorite.'}
else:
return {'error': 'Invalid token'}
except KeyError as e:
msg = 'Missing mandatory parameter: ' + str(e)
raise e
except Exception as e:
msg = 'Unknown error occurred: ' + str(e)
raise e
LOG.info(msg)
return {'error': msg}
def step_impl(context):
with patch.object(BaseDB, 'insert', return_value=True) as mck_insert:
authorisation = Authorisation()
authorisation.create(context.username, context.resource_name,
context.rule)
assert mck_insert.called