def wrapper(*args, **kwargs):
if privilege and config.get_setting("authorization-enabled", True):
author = request.headers.get("Authorization")
if author:
succ, username = user_client.get_username_from_token(
author)
succ, tokens = user_client.validate_token_for_user(
username, author)
has_priv = user_client.token_has_privilege(
author, privilege)
if has_priv and succ:
return func(*args, **kwargs)
elif not has_priv:
return {
"error":
f"Insufficient privileges, resource requires '{privilege.lower()}' for access."
}, 403
elif not succ:
return {"error": f"Invalid token."}, 401
else:
return {
"error":
f"Must specify 'Authorization' header with token."
}, 401
return func(*args, **kwargs)
def get_account(number: int, token: str):
succ, username = user_client.get_username_from_token(token)
if not succ:
raise Exception(f"User {username} does not exist.")
if number in account_cache.cache:
return account_cache[number]
account = coll_accounts.find_one({"user": username, "number": number})
account_cache[number] = Account(**account)
return Account(**account) if account else None
def get(self):
succ, username = user_client.get_username_from_token(
request.headers.get("Authorization"))
if not succ:
return {"error": "Invalid token."}, 401
succ, check = user_client.validate_token_for_user(
username, request.headers.get("Authorization"))
if not succ:
return {"error": "Invalid token."}, 401
return {"success": True, "username": username}, 200
def resolve_accountant(self, info, transaction):
token = get_token_from_info(info, require_token=not dev_user
) or user_client.get_valid_token(dev_user)
succ, username = user_client.get_username_from_token(token)
if not succ:
raise Exception(f"User {username} does not exist")
if not user_client.token_has_privileges(
token, ["transactions", "economy", "accounts"]):
raise Exception(
f"User {username} does not have privileges to access this endpoint"
)
trans = predict_accounts(transaction.date_trans, transaction.amount,
transaction.is_outcome, transaction.is_swish,
transaction.desc)
return AccountantPrediction(**trans)
def resolve_transactions(self,
info,
start_date=0,
end_date=(2**53 - 1),
amount=None,
desc=None,
from_account=None,
to_account=None):
token = get_token_from_info(info, require_token=not dev_user
) or user_client.get_valid_token(dev_user)
succ, username = user_client.get_username_from_token(token)
if not succ:
raise Exception(f"User {username} does not exist")
if user_client.token_has_privileges(token,
["transactions", "economy"]):
query = {
"user": username,
"date_trans": {
"$gte": start_date,
"$lte": end_date
}
}
if amount:
query["amount"] = amount
if desc:
query["desc"] = {"$regex": ".*" + desc + ".*"}
if from_account:
query["from_account"] = from_account.number
if to_account:
query["to_account"] = to_account.number
return [
Transaction(**t) for t in list(
coll_trans.find(query, {"_id": 0},
sort=[("date_trans", 1)]))
]
raise Exception(
"User must have privileges 'transactions', 'accounts' and 'economy'"
)
def resolve_from_to(self, info, from_account=None, to_account=None):
token = get_token_from_info(info, require_token=not dev_user
) or user_client.get_valid_token(dev_user)
succ, username = user_client.get_username_from_token(token)
if not succ:
raise Exception(f"User {username} does not exist")
query = {
"user": username,
}
if from_account:
query["from_account"] = from_account.number
if to_account:
query["to_account"] = to_account.number
transactions = list(coll_trans.find(query, {"_id": 0}))
return FromToCounter(amount=sum([t["amount"] for t in transactions]),
amount_of_transactions=len(transactions))
def resolve_accounts(self, info, numbers=[]):
token = get_token_from_info(info, require_token=not dev_user
) or user_client.get_valid_token(dev_user)
succ, username = user_client.get_username_from_token(token)
if not succ:
raise Exception(f"User {username} does not exist")
if user_client.token_has_privileges(token, ["accounts", "economy"]):
query = {"user": username}
if numbers != []:
query["number"] = {"$in": numbers}
accounts = [
Account(**a)
for a in list(coll_accounts.find(query, sort=[("number", 1)]))
]
for acc in accounts:
account_cache[acc.number] = acc
return accounts
raise Exception("User must have privileges 'accounts' and 'economy'")
def resolve_periods(self, info, year=None, month=None):
token = get_token_from_info(info, require_token=not dev_user
) or user_client.get_valid_token(dev_user)
succ, username = user_client.get_username_from_token(token)
if not succ:
raise Exception(f"User {username} does not exist")
if user_client.token_has_privileges(token, ["periods", "economy"]):
if not year and not month:
s, e = get_dates_month_period(datetime.date.today())
return [
Period(year=e.year,
month=e.month,
start=s.isoformat(),
end=e.isoformat(),
start_timestamp=s.timestamp(),
end_timestamp=e.timestamp())
]
start_ends = [(y, m,
*get_dates_month_period(datetime.date(y, m, 1)))
for y in year for m in month]
return sorted([
Period(year=y,
month=m,
start=s.isoformat(),
end=e.isoformat(),
start_timestamp=s.timestamp(),
end_timestamp=e.timestamp())
for y, m, s, e in start_ends
],
key=lambda p: p.start_timestamp)
else:
raise Exception(
"User must have privileges 'periods' and 'economy'")