Add more responses to the API.
This commit is contained in:
parent
a75d5479fa
commit
4b4be14d32
@ -14,7 +14,7 @@ from django.contrib.auth import get_user_model, user_logged_out, user_logged_in
|
||||
from django.core import exceptions as django_exceptions
|
||||
from django.db import transaction
|
||||
from django.utils import timezone
|
||||
from fastapi import APIRouter, Depends, status, Request, Response
|
||||
from fastapi import APIRouter, Depends, status, Request
|
||||
from fastapi.security import APIKeyHeader
|
||||
|
||||
from django_etebase import app_settings, models
|
||||
@ -27,7 +27,7 @@ from django_etebase.utils import create_user, get_user_queryset, CallbackContext
|
||||
from django_etebase.views import msgpack_encode, msgpack_decode
|
||||
from .exceptions import AuthenticationFailed, transform_validation_error, HttpError
|
||||
from .msgpack import MsgpackRoute
|
||||
from .utils import BaseModel
|
||||
from .utils import BaseModel, permission_responses
|
||||
|
||||
User = get_user_model()
|
||||
token_scheme = APIKeyHeader(name="Authorization")
|
||||
@ -250,21 +250,21 @@ async def login(data: Login, request: Request):
|
||||
return data
|
||||
|
||||
|
||||
@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT)
|
||||
@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
|
||||
async def logout(request: Request, auth_data: AuthData = Depends(get_auth_data)):
|
||||
await sync_to_async(auth_data.token.delete)()
|
||||
# XXX-TOM
|
||||
await sync_to_async(user_logged_out.send)(sender=auth_data.user.__class__, request=None, user=auth_data.user)
|
||||
|
||||
|
||||
@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT)
|
||||
@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
|
||||
async def change_password(data: ChangePassword, request: Request, user: User = Depends(get_authenticated_user)):
|
||||
host = request.headers.get("Host")
|
||||
await validate_login_request(data.response_data, data, user, "changePassword", host)
|
||||
await sync_to_async(save_changed_password)(data, user)
|
||||
|
||||
|
||||
@authentication_router.post("/dashboard_url/")
|
||||
@authentication_router.post("/dashboard_url/", responses=permission_responses)
|
||||
def dashboard_url(user: User = Depends(get_authenticated_user)):
|
||||
# XXX-TOM
|
||||
get_dashboard_url = app_settings.DASHBOARD_URL_FUNC
|
||||
|
@ -14,11 +14,11 @@ from .authentication import get_authenticated_user
|
||||
from .exceptions import HttpError, transform_validation_error, PermissionDenied
|
||||
from .msgpack import MsgpackRoute
|
||||
from .stoken_handler import filter_by_stoken_and_limit, filter_by_stoken, get_stoken_obj, get_queryset_stoken
|
||||
from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel
|
||||
from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel, permission_responses
|
||||
|
||||
User = get_user_model()
|
||||
collection_router = APIRouter(route_class=MsgpackRoute)
|
||||
item_router = APIRouter(route_class=MsgpackRoute)
|
||||
collection_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||
item_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||
default_queryset: QuerySet = models.Collection.objects.all()
|
||||
default_item_queryset: QuerySet = models.CollectionItem.objects.all()
|
||||
|
||||
|
@ -10,11 +10,11 @@ from django_etebase.utils import get_user_queryset, CallbackContext
|
||||
from .authentication import get_authenticated_user
|
||||
from .exceptions import HttpError, PermissionDenied
|
||||
from .msgpack import MsgpackRoute
|
||||
from .utils import get_object_or_404, Context, is_collection_admin, BaseModel
|
||||
from .utils import get_object_or_404, Context, is_collection_admin, BaseModel, permission_responses
|
||||
|
||||
User = get_user_model()
|
||||
invitation_incoming_router = APIRouter(route_class=MsgpackRoute)
|
||||
invitation_outgoing_router = APIRouter(route_class=MsgpackRoute)
|
||||
invitation_incoming_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||
invitation_outgoing_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||
default_queryset: QuerySet = models.CollectionInvitation.objects.all()
|
||||
|
||||
|
||||
|
@ -8,13 +8,13 @@ from fastapi import APIRouter, Depends, status
|
||||
from django_etebase import models
|
||||
from .authentication import get_authenticated_user
|
||||
from .msgpack import MsgpackRoute
|
||||
from .utils import get_object_or_404, BaseModel
|
||||
from .utils import get_object_or_404, BaseModel, permission_responses
|
||||
from .stoken_handler import filter_by_stoken_and_limit
|
||||
|
||||
from .collection import get_collection, verify_collection_admin
|
||||
|
||||
User = get_user_model()
|
||||
member_router = APIRouter(route_class=MsgpackRoute)
|
||||
member_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
|
||||
default_queryset: QuerySet = models.CollectionMember.objects.all()
|
||||
|
||||
|
||||
|
@ -10,7 +10,7 @@ from django.contrib.auth import get_user_model
|
||||
|
||||
from django_etebase.models import AccessLevels
|
||||
|
||||
from .exceptions import HttpError
|
||||
from .exceptions import HttpError, HttpErrorOut
|
||||
|
||||
User = get_user_model()
|
||||
|
||||
@ -41,3 +41,7 @@ def get_object_or_404(queryset: QuerySet, **kwargs):
|
||||
def is_collection_admin(collection, user):
|
||||
member = collection.members.filter(user=user).first()
|
||||
return (member is not None) and (member.accessLevel == AccessLevels.ADMIN)
|
||||
|
||||
|
||||
response_model_dict = {"model": HttpErrorOut}
|
||||
permission_responses = {403: response_model_dict}
|
||||
|
Loading…
Reference in New Issue
Block a user