def setup_app(app, api): api.add_resource( ReceiverEventListResource, '/api/hooks/receivers/<string:receiver_id>/events/', ) with app.app_context(): scopes.register(Scope( 'webhooks:event', group='Notifications', help_text='Allow notifications from external service.', internal=True, ))
def setup_app(app, api): api.add_resource( DepositionListResource, '/api/deposit/depositions/', ) api.add_resource( DepositionResource, '/api/deposit/depositions/<string:resource_id>', ) api.add_resource( DepositionFileListResource, '/api/deposit/depositions/<string:resource_id>/files/', ) api.add_resource( DepositionDraftListResource, '/api/deposit/depositions/<string:resource_id>/metadata/', ) api.add_resource( DepositionDraftResource, '/api/deposit/depositions/<string:resource_id>/metadata/' '<string:draft_id>', ) api.add_resource( DepositionActionResource, '/api/deposit/depositions/<string:resource_id>/actions/' '<string:action_id>', ) api.add_resource( DepositionFileResource, '/api/deposit/depositions/<string:resource_id>/files/<string:file_id>', ) # Register scopes with app.app_context(): from invenio.modules.oauth2server.models import Scope from invenio.modules.oauth2server.registry import scopes scopes.register( Scope( 'deposit:write', group='Deposit', help_text='Allow upload (but not publishing).', )) scopes.register( Scope( 'deposit:actions', group='Deposit', help_text='Allow publishing of uploads.', ))
def setup_app(app, api): api.add_resource( DepositionListResource, '/api/deposit/depositions/', ) api.add_resource( DepositionResource, '/api/deposit/depositions/<string:resource_id>', ) api.add_resource( DepositionFileListResource, '/api/deposit/depositions/<string:resource_id>/files/', ) api.add_resource( DepositionDraftListResource, '/api/deposit/depositions/<string:resource_id>/metadata/', ) api.add_resource( DepositionDraftResource, '/api/deposit/depositions/<string:resource_id>/metadata/' '<string:draft_id>', ) api.add_resource( DepositionActionResource, '/api/deposit/depositions/<string:resource_id>/actions/' '<string:action_id>', ) api.add_resource( DepositionFileResource, '/api/deposit/depositions/<string:resource_id>/files/<string:file_id>', ) # Register scopes with app.app_context(): from invenio.modules.oauth2server.models import Scope from invenio.modules.oauth2server.registry import scopes scopes.register(Scope( 'deposit:write', group='Deposit', help_text='Allow upload (but not publishing).', )) scopes.register(Scope( 'deposit:actions', group='Deposit', help_text='Allow publishing of uploads.', ))
def register_scopes(): """ Register OAuth2 scopes for webhooks module """ from invenio.modules.oauth2server.registry import scopes scopes.register('webhooks:read', dict(is_public=False, desc='')) scopes.register('webhooks:write', dict(is_public=False, desc='')) scopes.register('webhooks:event', dict(is_public=False, desc=''))
def setUp(self): from invenio.modules.accounts.models import User from invenio.modules.oauth2server.registry import scopes from invenio.modules.oauth2server.models import Token, Scope # Setup variables: self.called = dict() # Setup test scopes with self.app.app_context(): scopes.register( Scope( 'test:testscope', group='Test', help_text='Test scope', )) # Setup API resources class Test1Resource(Resource): # NOTE: Method decorators are applied in reverse order method_decorators = [ require_oauth_scopes('test:testscope'), require_api_auth(), ] def get(self): assert request.oauth.access_token return "success", 200 def post(self): assert request.oauth.access_token return "success", 200 @require_header('Content-Type', 'application/json') def put(self): return "success", 200 class Test2Resource(Resource): @require_api_auth() @require_oauth_scopes('test:testscope') def get(self): assert request.oauth.access_token return "success", 200 @require_api_auth() @require_oauth_scopes('test:testscope') def post(self): assert request.oauth.access_token return "success", 200 @require_header('Content-Type', 'text/html') def put(self): return "success", 200 # Register API resources api = self.app.extensions['restful'] api.add_resource(Test1Resource, '/api/test1/decoratorstestcase/') api.add_resource(Test2Resource, '/api/test2/decoratorstestcase/') # Create a user self.user = User(email='*****@*****.**', nickname='tester') self.user.password = "******" db.session.add(self.user) db.session.commit() # Create tokens self.token = Token.create_personal('test-', self.user.id, scopes=['test:testscope'], is_internal=True) self.token_noscope = Token.create_personal('test-', self.user.id, scopes=[], is_internal=True)
def setUp(self): from invenio.modules.accounts.models import User from invenio.modules.oauth2server.registry import scopes from invenio.modules.oauth2server.models import Token, Scope # Setup variables: self.called = dict() # Setup test scopes with self.app.app_context(): scopes.register(Scope( 'test:testscope', group='Test', help_text='Test scope', )) # Setup API resources class Test1Resource(Resource): # NOTE: Method decorators are applied in reverse order method_decorators = [ require_oauth_scopes('test:testscope'), require_api_auth(), ] def get(self): assert request.oauth.access_token return "success", 200 def post(self): assert request.oauth.access_token return "success", 200 @require_header('Content-Type', 'application/json') def put(self): return "success", 200 class Test2Resource(Resource): @require_api_auth() @require_oauth_scopes('test:testscope') def get(self): assert request.oauth.access_token return "success", 200 @require_api_auth() @require_oauth_scopes('test:testscope') def post(self): assert request.oauth.access_token return "success", 200 @require_header('Content-Type', 'text/html') def put(self): return "success", 200 # Register API resources api = self.app.extensions['restful'] api.add_resource( Test1Resource, '/api/test1/decoratorstestcase/' ) api.add_resource( Test2Resource, '/api/test2/decoratorstestcase/' ) # Create a user self.user = User( email='*****@*****.**', nickname='tester' ) self.user.password = "******" db.session.add(self.user) db.session.commit() # Create tokens self.token = Token.create_personal( 'test-', self.user.id, scopes=['test:testscope'], is_internal=True) self.token_noscope = Token.create_personal( 'test-', self.user.id, scopes=[], is_internal=True)