university-final-iot-backend/app/api/resources/account.py

115 lines
3.8 KiB
Python
Raw Normal View History

from flask_restful import Resource, abort
2018-05-08 08:52:36 +00:00
from flask import g
2018-05-08 14:45:09 +00:00
from marshmallow import Schema, fields
from webargs.flaskparser import use_args
2018-05-07 14:13:07 +00:00
from flasgger import swag_from
import app.accounts.api as accounts
from app.api.auth_protection import ProtectedResource
2018-10-06 12:18:04 +00:00
from app.api.permission_protection import (requires_permission,
valid_permissions)
2018-05-06 19:42:21 +00:00
2018-05-08 14:45:09 +00:00
class UserSchema(Schema):
username = fields.Str(required=True)
email = fields.Email(required=True)
password = fields.Str(required=True, load_only=True)
2018-09-22 17:01:50 +00:00
class RoleUpdateSchema(Schema):
role_id = fields.Integer(required=True, load_only=True, location='json')
2018-10-06 12:18:04 +00:00
def validate_role_permissions(permissions_list):
return set(permissions_list).issubset(valid_permissions)
2018-09-22 23:22:19 +00:00
class RoleSchema(Schema):
2018-09-23 11:56:41 +00:00
id = fields.Integer(required=True, location='json')
2018-09-22 23:22:19 +00:00
display_name = fields.String(required=True, location='json')
permissions = fields.List(fields.String, required=True,
2018-10-06 12:18:04 +00:00
location='json', many=True,
validate=validate_role_permissions)
2018-09-22 23:22:19 +00:00
class RoleWrapperSchema(Schema):
role = fields.Nested(RoleSchema, required=True, location='json')
class RolesWrapperSchema(Schema):
roles = fields.Nested(RoleSchema, required=True,
location='json', many=True)
class RoleCreationSchema(Schema):
display_name = fields.String(required=True, location='json')
permissions = fields.List(fields.String, required=True,
location='json', many=True)
class RoleCreationWrapperSchema(Schema):
role = fields.Nested(RoleCreationSchema, required=True, location='json')
2018-05-08 14:45:09 +00:00
class UserWrapperSchema(Schema):
user = fields.Nested(UserSchema, required=True, location='json')
2018-05-06 19:42:21 +00:00
2018-05-08 08:52:36 +00:00
2018-05-08 14:45:09 +00:00
class AccountResource(ProtectedResource):
2018-05-08 08:52:36 +00:00
@swag_from('swagger/get_account_spec.yaml')
def get(self, account_id):
if g.current_account.id == account_id:
2018-05-08 14:45:09 +00:00
return UserWrapperSchema().dump({'user': g.current_account}), 200
2018-05-08 08:52:36 +00:00
abort(403, message='You can only get your own account', status='error')
2018-09-22 23:22:19 +00:00
class RoleResource(ProtectedResource):
@swag_from('swagger/get_role_spec.yaml')
def get(self, role_id):
return RoleWrapperSchema().dump(
{'role': accounts.get_role(role_id)}), 200
class RolesResource(ProtectedResource):
2018-09-23 11:56:41 +00:00
@requires_permission('CREATE_ROLE', 'Role creation')
2018-09-22 23:22:19 +00:00
@use_args(RoleCreationWrapperSchema())
@swag_from('swagger/create_role_spec.yaml')
def post(self, args):
args = args['role']
success = accounts.create_role(args['display_name'],
args['permissions'])
if success:
return '', 201
@swag_from('swagger/get_roles_spec.yaml')
def get(self):
return RolesWrapperSchema().dump(
{'roles': accounts.get_all_roles()}), 200
2018-09-22 17:01:50 +00:00
class AccountRoleResource(ProtectedResource):
@use_args(RoleUpdateSchema())
@swag_from('swagger/update_account_role_spec.yaml')
def put(self, args, account_id):
if g.current_account.id == account_id:
abort(403, message='You may not change your own roles',
status='error')
success = accounts.update_account_role(account_id, args['role_id'])
if success:
return '', 204
2018-05-08 08:52:36 +00:00
class AccountListResource(Resource):
2018-05-08 14:45:09 +00:00
@use_args(UserWrapperSchema())
2018-05-07 14:13:07 +00:00
@swag_from('swagger/create_account_spec.yaml')
def post(self, args):
2018-05-06 19:42:21 +00:00
try:
args = args['user']
2018-05-06 19:42:21 +00:00
success = accounts.create_account(
args['username'],
args['email'],
args['password'])
if success:
return '', 201
except ValueError:
abort(422, message='Account already exists', status='error')