Add more responses to the API.
This commit is contained in:
parent
a75d5479fa
commit
4b4be14d32
@ -14,7 +14,7 @@ from django.contrib.auth import get_user_model, user_logged_out, user_logged_in
|
|||||||
from django.core import exceptions as django_exceptions
|
from django.core import exceptions as django_exceptions
|
||||||
from django.db import transaction
|
from django.db import transaction
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
from fastapi import APIRouter, Depends, status, Request, Response
|
from fastapi import APIRouter, Depends, status, Request
|
||||||
from fastapi.security import APIKeyHeader
|
from fastapi.security import APIKeyHeader
|
||||||
|
|
||||||
from django_etebase import app_settings, models
|
from django_etebase import app_settings, models
|
||||||
@ -27,7 +27,7 @@ from django_etebase.utils import create_user, get_user_queryset, CallbackContext
|
|||||||
from django_etebase.views import msgpack_encode, msgpack_decode
|
from django_etebase.views import msgpack_encode, msgpack_decode
|
||||||
from .exceptions import AuthenticationFailed, transform_validation_error, HttpError
|
from .exceptions import AuthenticationFailed, transform_validation_error, HttpError
|
||||||
from .msgpack import MsgpackRoute
|
from .msgpack import MsgpackRoute
|
||||||
from .utils import BaseModel
|
from .utils import BaseModel, permission_responses
|
||||||
|
|
||||||
User = get_user_model()
|
User = get_user_model()
|
||||||
token_scheme = APIKeyHeader(name="Authorization")
|
token_scheme = APIKeyHeader(name="Authorization")
|
||||||
@ -250,21 +250,21 @@ async def login(data: Login, request: Request):
|
|||||||
return data
|
return data
|
||||||
|
|
||||||
|
|
||||||
@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT)
|
@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
|
||||||
async def logout(request: Request, auth_data: AuthData = Depends(get_auth_data)):
|
async def logout(request: Request, auth_data: AuthData = Depends(get_auth_data)):
|
||||||
await sync_to_async(auth_data.token.delete)()
|
await sync_to_async(auth_data.token.delete)()
|
||||||
# XXX-TOM
|
# XXX-TOM
|
||||||
await sync_to_async(user_logged_out.send)(sender=auth_data.user.__class__, request=None, user=auth_data.user)
|
await sync_to_async(user_logged_out.send)(sender=auth_data.user.__class__, request=None, user=auth_data.user)
|
||||||
|
|
||||||
|
|
||||||
@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT)
|
@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
|
||||||
async def change_password(data: ChangePassword, request: Request, user: User = Depends(get_authenticated_user)):
|
async def change_password(data: ChangePassword, request: Request, user: User = Depends(get_authenticated_user)):
|
||||||
host = request.headers.get("Host")
|
host = request.headers.get("Host")
|
||||||
await validate_login_request(data.response_data, data, user, "changePassword", host)
|
await validate_login_request(data.response_data, data, user, "changePassword", host)
|
||||||
await sync_to_async(save_changed_password)(data, user)
|
await sync_to_async(save_changed_password)(data, user)
|
||||||
|
|
||||||
|
|
||||||
@authentication_router.post("/dashboard_url/")
|
@authentication_router.post("/dashboard_url/", responses=permission_responses)
|
||||||
def dashboard_url(user: User = Depends(get_authenticated_user)):
|
def dashboard_url(user: User = Depends(get_authenticated_user)):
|
||||||
# XXX-TOM
|
# XXX-TOM
|
||||||
get_dashboard_url = app_settings.DASHBOARD_URL_FUNC
|
get_dashboard_url = app_settings.DASHBOARD_URL_FUNC
|
||||||
|
@ -14,11 +14,11 @@ from .authentication import get_authenticated_user
|
|||||||
from .exceptions import HttpError, transform_validation_error, PermissionDenied
|
from .exceptions import HttpError, transform_validation_error, PermissionDenied
|
||||||
from .msgpack import MsgpackRoute
|
from .msgpack import MsgpackRoute
|
||||||
from .stoken_handler import filter_by_stoken_and_limit, filter_by_stoken, get_stoken_obj, get_queryset_stoken
|
from .stoken_handler import filter_by_stoken_and_limit, filter_by_stoken, get_stoken_obj, get_queryset_stoken
|
||||||
from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel
|
from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel, permission_responses
|
||||||
|
|
||||||
User = get_user_model()
|
User = get_user_model()
|
||||||
collection_router = APIRouter(route_class=MsgpackRoute)
|
collection_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||||
item_router = APIRouter(route_class=MsgpackRoute)
|
item_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||||
default_queryset: QuerySet = models.Collection.objects.all()
|
default_queryset: QuerySet = models.Collection.objects.all()
|
||||||
default_item_queryset: QuerySet = models.CollectionItem.objects.all()
|
default_item_queryset: QuerySet = models.CollectionItem.objects.all()
|
||||||
|
|
||||||
|
@ -10,11 +10,11 @@ from django_etebase.utils import get_user_queryset, CallbackContext
|
|||||||
from .authentication import get_authenticated_user
|
from .authentication import get_authenticated_user
|
||||||
from .exceptions import HttpError, PermissionDenied
|
from .exceptions import HttpError, PermissionDenied
|
||||||
from .msgpack import MsgpackRoute
|
from .msgpack import MsgpackRoute
|
||||||
from .utils import get_object_or_404, Context, is_collection_admin, BaseModel
|
from .utils import get_object_or_404, Context, is_collection_admin, BaseModel, permission_responses
|
||||||
|
|
||||||
User = get_user_model()
|
User = get_user_model()
|
||||||
invitation_incoming_router = APIRouter(route_class=MsgpackRoute)
|
invitation_incoming_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||||
invitation_outgoing_router = APIRouter(route_class=MsgpackRoute)
|
invitation_outgoing_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||||
default_queryset: QuerySet = models.CollectionInvitation.objects.all()
|
default_queryset: QuerySet = models.CollectionInvitation.objects.all()
|
||||||
|
|
||||||
|
|
||||||
|
@ -8,13 +8,13 @@ from fastapi import APIRouter, Depends, status
|
|||||||
from django_etebase import models
|
from django_etebase import models
|
||||||
from .authentication import get_authenticated_user
|
from .authentication import get_authenticated_user
|
||||||
from .msgpack import MsgpackRoute
|
from .msgpack import MsgpackRoute
|
||||||
from .utils import get_object_or_404, BaseModel
|
from .utils import get_object_or_404, BaseModel, permission_responses
|
||||||
from .stoken_handler import filter_by_stoken_and_limit
|
from .stoken_handler import filter_by_stoken_and_limit
|
||||||
|
|
||||||
from .collection import get_collection, verify_collection_admin
|
from .collection import get_collection, verify_collection_admin
|
||||||
|
|
||||||
User = get_user_model()
|
User = get_user_model()
|
||||||
member_router = APIRouter(route_class=MsgpackRoute)
|
member_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||||
default_queryset: QuerySet = models.CollectionMember.objects.all()
|
default_queryset: QuerySet = models.CollectionMember.objects.all()
|
||||||
|
|
||||||
|
|
||||||
|
@ -10,7 +10,7 @@ from django.contrib.auth import get_user_model
|
|||||||
|
|
||||||
from django_etebase.models import AccessLevels
|
from django_etebase.models import AccessLevels
|
||||||
|
|
||||||
from .exceptions import HttpError
|
from .exceptions import HttpError, HttpErrorOut
|
||||||
|
|
||||||
User = get_user_model()
|
User = get_user_model()
|
||||||
|
|
||||||
@ -41,3 +41,7 @@ def get_object_or_404(queryset: QuerySet, **kwargs):
|
|||||||
def is_collection_admin(collection, user):
|
def is_collection_admin(collection, user):
|
||||||
member = collection.members.filter(user=user).first()
|
member = collection.members.filter(user=user).first()
|
||||||
return (member is not None) and (member.accessLevel == AccessLevels.ADMIN)
|
return (member is not None) and (member.accessLevel == AccessLevels.ADMIN)
|
||||||
|
|
||||||
|
|
||||||
|
response_model_dict = {"model": HttpErrorOut}
|
||||||
|
permission_responses = {403: response_model_dict}
|
||||||
|
Loading…
Reference in New Issue
Block a user