async def handle_list_alerts(request): if not request.app['conf'].development_mode_enabled: raise HTTPForbidden(text='Available only in development mode') return json_response({'current_alerts': request.app['current_alerts']})
async def put_queue(request): """You MUST enable redis key-space notifications in order for this to work. Add 'Kxg' to the 'notify-keyspace-events' in your redis.conf. You MIGHT want to increase 'active-expire-effort' value to improve notification schedule precision. """ payload = await request.json() validate(payload, schema) redis = request.app['redis'] sender = payload['sender'] uid = sender['id'] if sender['role'] not in daily_limit: raise HTTPForbidden(reason=UNKNOWN_ROLE) lim_send = f'lim_send:{uid}' sent_before = int(await redis.get(lim_send) or 0) if sent_before >= daily_limit[sender['role']]: raise HTTPTooManyRequests( reason=DAILY_LIMIT_EXCEEDED, headers={'Retry-After': str(await redis.ttl(lim_send))}) deliver_at = get_delivery_time(payload) payload['deliver_at'] = deliver_at.iso history_key = payload['history_key'] delivery_key = f'delivery:{history_key[8:]}' del payload['history_key'] for user in payload['recipients']: user['origin'] = await Group.query.where( (Allegiance.user == user['id']) & (Group.id == Allegiance.group) & (Group.is_virtual.isnot(True))).gino.all() user['received_in'] = [] payload['recipients'].sort(key=lambda user: user['id']) transaction = redis.multi_exec() transaction.set(history_key, dumps(payload)) transaction.set(delivery_key, 1) if not deliver_at.scheduled: transaction.delete(delivery_key) else: # EXPIREAT key <now / some time ago>, EXPIRE key 0 # don't trigger EXPIRE events consistently. # # Tested on Redis-server 6.0.4. transaction.expireat(delivery_key, round(deliver_at.unix)) transaction.incr(lim_send) if sent_before == 0: transaction.expire(lim_send, day) await transaction.execute() if deliver_at.scheduled: return json_response(deliver_at.iso, status=HTTPStatus.ACCEPTED.value) else: return deliver_at.iso
async def handle_token(request: Request) -> Response: raise HTTPForbidden()
async def decorator(*args): request = _get_request(args) response = await login_required(handler)(request) if request['user']['email'] not in cfg.ADMIN_EMAILS: raise HTTPForbidden(reason='You are not admin') return response
async def authenticate(self, request): auth_token = getattr(self.settings, self.auth_token_field) if not secrets.compare_digest( auth_token, request.headers.get('Authorization', '')): raise HTTPForbidden(text='Invalid Authorization header')
async def error(request): raise HTTPForbidden(reason="unauthorized")
async def return_403_handler(with_exception): """Return an HTTP403 error.""" if with_exception: raise HTTPForbidden() return Response(status=403)
async def wrapped(request): has_perm = await permits(request, permission) if not has_perm: message = "User has no permission \"{}\"".format(permission) raise HTTPForbidden(body=message) return await f(request)
def _check_client_authorization(self, request): token = self._get_authorization_token(request) if token not in self.configuration.client_tokens: logger.info('Invalid Authorization token: %s...', repr(token[:5])) raise HTTPForbidden(reason='Invalid Authorization token')