Add more responses to the API.

This commit is contained in:
Tom Hacohen 2020-12-28 10:00:35 +02:00
parent a75d5479fa
commit 4b4be14d32
5 changed files with 18 additions and 14 deletions

View File

@ -14,7 +14,7 @@ from django.contrib.auth import get_user_model, user_logged_out, user_logged_in
from django.core import exceptions as django_exceptions from django.core import exceptions as django_exceptions
from django.db import transaction from django.db import transaction
from django.utils import timezone from django.utils import timezone
from fastapi import APIRouter, Depends, status, Request, Response from fastapi import APIRouter, Depends, status, Request
from fastapi.security import APIKeyHeader from fastapi.security import APIKeyHeader
from django_etebase import app_settings, models from django_etebase import app_settings, models
@ -27,7 +27,7 @@ from django_etebase.utils import create_user, get_user_queryset, CallbackContext
from django_etebase.views import msgpack_encode, msgpack_decode from django_etebase.views import msgpack_encode, msgpack_decode
from .exceptions import AuthenticationFailed, transform_validation_error, HttpError from .exceptions import AuthenticationFailed, transform_validation_error, HttpError
from .msgpack import MsgpackRoute from .msgpack import MsgpackRoute
from .utils import BaseModel from .utils import BaseModel, permission_responses
User = get_user_model() User = get_user_model()
token_scheme = APIKeyHeader(name="Authorization") token_scheme = APIKeyHeader(name="Authorization")
@ -250,21 +250,21 @@ async def login(data: Login, request: Request):
return data return data
@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT) @authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
async def logout(request: Request, auth_data: AuthData = Depends(get_auth_data)): async def logout(request: Request, auth_data: AuthData = Depends(get_auth_data)):
await sync_to_async(auth_data.token.delete)() await sync_to_async(auth_data.token.delete)()
# XXX-TOM # XXX-TOM
await sync_to_async(user_logged_out.send)(sender=auth_data.user.__class__, request=None, user=auth_data.user) await sync_to_async(user_logged_out.send)(sender=auth_data.user.__class__, request=None, user=auth_data.user)
@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT) @authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
async def change_password(data: ChangePassword, request: Request, user: User = Depends(get_authenticated_user)): async def change_password(data: ChangePassword, request: Request, user: User = Depends(get_authenticated_user)):
host = request.headers.get("Host") host = request.headers.get("Host")
await validate_login_request(data.response_data, data, user, "changePassword", host) await validate_login_request(data.response_data, data, user, "changePassword", host)
await sync_to_async(save_changed_password)(data, user) await sync_to_async(save_changed_password)(data, user)
@authentication_router.post("/dashboard_url/") @authentication_router.post("/dashboard_url/", responses=permission_responses)
def dashboard_url(user: User = Depends(get_authenticated_user)): def dashboard_url(user: User = Depends(get_authenticated_user)):
# XXX-TOM # XXX-TOM
get_dashboard_url = app_settings.DASHBOARD_URL_FUNC get_dashboard_url = app_settings.DASHBOARD_URL_FUNC

View File

@ -14,11 +14,11 @@ from .authentication import get_authenticated_user
from .exceptions import HttpError, transform_validation_error, PermissionDenied from .exceptions import HttpError, transform_validation_error, PermissionDenied
from .msgpack import MsgpackRoute from .msgpack import MsgpackRoute
from .stoken_handler import filter_by_stoken_and_limit, filter_by_stoken, get_stoken_obj, get_queryset_stoken from .stoken_handler import filter_by_stoken_and_limit, filter_by_stoken, get_stoken_obj, get_queryset_stoken
from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel, permission_responses
User = get_user_model() User = get_user_model()
collection_router = APIRouter(route_class=MsgpackRoute) collection_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
item_router = APIRouter(route_class=MsgpackRoute) item_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
default_queryset: QuerySet = models.Collection.objects.all() default_queryset: QuerySet = models.Collection.objects.all()
default_item_queryset: QuerySet = models.CollectionItem.objects.all() default_item_queryset: QuerySet = models.CollectionItem.objects.all()

View File

@ -10,11 +10,11 @@ from django_etebase.utils import get_user_queryset, CallbackContext
from .authentication import get_authenticated_user from .authentication import get_authenticated_user
from .exceptions import HttpError, PermissionDenied from .exceptions import HttpError, PermissionDenied
from .msgpack import MsgpackRoute from .msgpack import MsgpackRoute
from .utils import get_object_or_404, Context, is_collection_admin, BaseModel from .utils import get_object_or_404, Context, is_collection_admin, BaseModel, permission_responses
User = get_user_model() User = get_user_model()
invitation_incoming_router = APIRouter(route_class=MsgpackRoute) invitation_incoming_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
invitation_outgoing_router = APIRouter(route_class=MsgpackRoute) invitation_outgoing_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
default_queryset: QuerySet = models.CollectionInvitation.objects.all() default_queryset: QuerySet = models.CollectionInvitation.objects.all()

View File

@ -8,13 +8,13 @@ from fastapi import APIRouter, Depends, status
from django_etebase import models from django_etebase import models
from .authentication import get_authenticated_user from .authentication import get_authenticated_user
from .msgpack import MsgpackRoute from .msgpack import MsgpackRoute
from .utils import get_object_or_404, BaseModel from .utils import get_object_or_404, BaseModel, permission_responses
from .stoken_handler import filter_by_stoken_and_limit from .stoken_handler import filter_by_stoken_and_limit
from .collection import get_collection, verify_collection_admin from .collection import get_collection, verify_collection_admin
User = get_user_model() User = get_user_model()
member_router = APIRouter(route_class=MsgpackRoute) member_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
default_queryset: QuerySet = models.CollectionMember.objects.all() default_queryset: QuerySet = models.CollectionMember.objects.all()

View File

@ -10,7 +10,7 @@ from django.contrib.auth import get_user_model
from django_etebase.models import AccessLevels from django_etebase.models import AccessLevels
from .exceptions import HttpError from .exceptions import HttpError, HttpErrorOut
User = get_user_model() User = get_user_model()
@ -41,3 +41,7 @@ def get_object_or_404(queryset: QuerySet, **kwargs):
def is_collection_admin(collection, user): def is_collection_admin(collection, user):
member = collection.members.filter(user=user).first() member = collection.members.filter(user=user).first()
return (member is not None) and (member.accessLevel == AccessLevels.ADMIN) return (member is not None) and (member.accessLevel == AccessLevels.ADMIN)
response_model_dict = {"model": HttpErrorOut}
permission_responses = {403: response_model_dict}