Add more responses to the API.

This commit is contained in:
Tom Hacohen 2020-12-28 10:00:35 +02:00
parent a75d5479fa
commit 4b4be14d32
5 changed files with 18 additions and 14 deletions

View File

@ -14,7 +14,7 @@ from django.contrib.auth import get_user_model, user_logged_out, user_logged_in
from django.core import exceptions as django_exceptions
from django.db import transaction
from django.utils import timezone
from fastapi import APIRouter, Depends, status, Request, Response
from fastapi import APIRouter, Depends, status, Request
from fastapi.security import APIKeyHeader
from django_etebase import app_settings, models
@ -27,7 +27,7 @@ from django_etebase.utils import create_user, get_user_queryset, CallbackContext
from django_etebase.views import msgpack_encode, msgpack_decode
from .exceptions import AuthenticationFailed, transform_validation_error, HttpError
from .msgpack import MsgpackRoute
from .utils import BaseModel
from .utils import BaseModel, permission_responses
User = get_user_model()
token_scheme = APIKeyHeader(name="Authorization")
@ -250,21 +250,21 @@ async def login(data: Login, request: Request):
return data
@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT)
@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
async def logout(request: Request, auth_data: AuthData = Depends(get_auth_data)):
await sync_to_async(auth_data.token.delete)()
# XXX-TOM
await sync_to_async(user_logged_out.send)(sender=auth_data.user.__class__, request=None, user=auth_data.user)
@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT)
@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
async def change_password(data: ChangePassword, request: Request, user: User = Depends(get_authenticated_user)):
host = request.headers.get("Host")
await validate_login_request(data.response_data, data, user, "changePassword", host)
await sync_to_async(save_changed_password)(data, user)
@authentication_router.post("/dashboard_url/")
@authentication_router.post("/dashboard_url/", responses=permission_responses)
def dashboard_url(user: User = Depends(get_authenticated_user)):
# XXX-TOM
get_dashboard_url = app_settings.DASHBOARD_URL_FUNC

View File

@ -14,11 +14,11 @@ from .authentication import get_authenticated_user
from .exceptions import HttpError, transform_validation_error, PermissionDenied
from .msgpack import MsgpackRoute
from .stoken_handler import filter_by_stoken_and_limit, filter_by_stoken, get_stoken_obj, get_queryset_stoken
from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel
from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel, permission_responses
User = get_user_model()
collection_router = APIRouter(route_class=MsgpackRoute)
item_router = APIRouter(route_class=MsgpackRoute)
collection_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
item_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
default_queryset: QuerySet = models.Collection.objects.all()
default_item_queryset: QuerySet = models.CollectionItem.objects.all()

View File

@ -10,11 +10,11 @@ from django_etebase.utils import get_user_queryset, CallbackContext
from .authentication import get_authenticated_user
from .exceptions import HttpError, PermissionDenied
from .msgpack import MsgpackRoute
from .utils import get_object_or_404, Context, is_collection_admin, BaseModel
from .utils import get_object_or_404, Context, is_collection_admin, BaseModel, permission_responses
User = get_user_model()
invitation_incoming_router = APIRouter(route_class=MsgpackRoute)
invitation_outgoing_router = APIRouter(route_class=MsgpackRoute)
invitation_incoming_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
invitation_outgoing_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
default_queryset: QuerySet = models.CollectionInvitation.objects.all()

View File

@ -8,13 +8,13 @@ from fastapi import APIRouter, Depends, status
from django_etebase import models
from .authentication import get_authenticated_user
from .msgpack import MsgpackRoute
from .utils import get_object_or_404, BaseModel
from .utils import get_object_or_404, BaseModel, permission_responses
from .stoken_handler import filter_by_stoken_and_limit
from .collection import get_collection, verify_collection_admin
User = get_user_model()
member_router = APIRouter(route_class=MsgpackRoute)
member_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
default_queryset: QuerySet = models.CollectionMember.objects.all()

View File

@ -10,7 +10,7 @@ from django.contrib.auth import get_user_model
from django_etebase.models import AccessLevels
from .exceptions import HttpError
from .exceptions import HttpError, HttpErrorOut
User = get_user_model()
@ -41,3 +41,7 @@ def get_object_or_404(queryset: QuerySet, **kwargs):
def is_collection_admin(collection, user):
member = collection.members.filter(user=user).first()
return (member is not None) and (member.accessLevel == AccessLevels.ADMIN)
response_model_dict = {"model": HttpErrorOut}
permission_responses = {403: response_model_dict}