Add widgets to dashboard object

develop
esensar 2018-10-23 00:31:09 +02:00
parent a0a0e5b085
commit 7ede1ed119
2 changed files with 47 additions and 65 deletions

View File

@ -1,6 +1,6 @@
from flask import g, request from flask import g, request
from flask_restful import abort from flask_restful import abort
from marshmallow import fields from marshmallow import fields, Schema
from webargs.flaskparser import use_args from webargs.flaskparser import use_args
from flasgger import swag_from from flasgger import swag_from
import app.dashboards.api as dashboard import app.dashboards.api as dashboard
@ -9,14 +9,7 @@ from app.api.auth_protection import ProtectedResource
from app.api.schemas import BaseResourceSchema from app.api.schemas import BaseResourceSchema
class DashboardSchema(BaseResourceSchema): class BasicDashboardWidgetSchema(Schema):
id = fields.Integer(dump_only=True)
active = fields.Boolean(required=False)
dashboard_data = fields.Raw()
name = fields.String()
class DashboardWidgetSchema(BaseResourceSchema):
id = fields.Integer(dump_only=True) id = fields.Integer(dump_only=True)
device_id = fields.Integer() device_id = fields.Integer()
height = fields.Integer() height = fields.Integer()
@ -27,22 +20,43 @@ class DashboardWidgetSchema(BaseResourceSchema):
filters = fields.Raw() filters = fields.Raw()
class DashboardWidgetSchema(BaseResourceSchema, BasicDashboardWidgetSchema):
pass
class DashboardSchema(BaseResourceSchema):
id = fields.Integer(dump_only=True)
active = fields.Boolean(required=False)
dashboard_data = fields.Raw()
name = fields.String()
widgets = fields.Nested(BasicDashboardWidgetSchema, dump_only=True,
many=True)
def validate_dashboard_ownership(dashboard_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
return requested_dashboard
def validate_device_ownership(device_id):
if not device.can_user_access_device(g.current_account.id, device_id):
abort(403, message='You are not allowed to access this device',
status='error')
class DashboardResource(ProtectedResource): class DashboardResource(ProtectedResource):
@swag_from('swagger/get_dashboard_spec.yaml') @swag_from('swagger/get_dashboard_spec.yaml')
def get(self, dashboard_id): def get(self, dashboard_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) requested_dashboard = validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
return DashboardSchema().dump(requested_dashboard), 200 return DashboardSchema().dump(requested_dashboard), 200
@use_args(DashboardSchema(), locations=('json',)) @use_args(DashboardSchema(), locations=('json',))
@swag_from('swagger/update_dashboard_spec.yaml') @swag_from('swagger/update_dashboard_spec.yaml')
def put(self, args, dashboard_id): def put(self, args, dashboard_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
success = dashboard.patch_dashboard( success = dashboard.patch_dashboard(
g.current_account.id, g.current_account.id,
dashboard_id, dashboard_id,
@ -55,10 +69,7 @@ class DashboardResource(ProtectedResource):
@use_args(DashboardSchema(partial=True), locations=('json',)) @use_args(DashboardSchema(partial=True), locations=('json',))
@swag_from('swagger/update_dashboard_spec.yaml') @swag_from('swagger/update_dashboard_spec.yaml')
def patch(self, args, dashboard_id): def patch(self, args, dashboard_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
success = dashboard.patch_dashboard( success = dashboard.patch_dashboard(
g.current_account.id, g.current_account.id,
dashboard_id, dashboard_id,
@ -70,10 +81,7 @@ class DashboardResource(ProtectedResource):
@swag_from('swagger/delete_dashboard_spec.yaml') @swag_from('swagger/delete_dashboard_spec.yaml')
def delete(self, dashboard_id): def delete(self, dashboard_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
dashboard.delete_dashboard(dashboard_id) dashboard.delete_dashboard(dashboard_id)
return '', 204 return '', 204
@ -102,14 +110,8 @@ class DashboardWidgetListResource(ProtectedResource):
@use_args(DashboardWidgetSchema(), locations=('json',)) @use_args(DashboardWidgetSchema(), locations=('json',))
@swag_from('swagger/create_dashboard_widget_spec.yaml') @swag_from('swagger/create_dashboard_widget_spec.yaml')
def post(self, args, dashboard_id): def post(self, args, dashboard_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id: validate_dashboard_ownership(args['device_id'])
abort(403, message='You are not allowed to access this dashboard',
status='error')
if not device.can_user_access_device(g.current_account.id,
args['device_id']):
abort(403, message='You are not allowed to access this device',
status='error')
success = dashboard.create_widget( success = dashboard.create_widget(
dashboard_id, dashboard_id,
args['device_id'], args['device_id'],
@ -124,10 +126,7 @@ class DashboardWidgetListResource(ProtectedResource):
@swag_from('swagger/get_dashboard_widgets_spec.yaml') @swag_from('swagger/get_dashboard_widgets_spec.yaml')
def get(self, dashboard_id): def get(self, dashboard_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
return DashboardWidgetSchema().dump( return DashboardWidgetSchema().dump(
dashboard.get_widgets(dashboard_id), many=True), 200 dashboard.get_widgets(dashboard_id), many=True), 200
@ -135,28 +134,15 @@ class DashboardWidgetListResource(ProtectedResource):
class DashboardWidgetResource(ProtectedResource): class DashboardWidgetResource(ProtectedResource):
@swag_from('swagger/get_dashboard_widget_spec.yaml') @swag_from('swagger/get_dashboard_widget_spec.yaml')
def get(self, dashboard_id, widget_id): def get(self, dashboard_id, widget_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this widget',
status='error')
requested_widget = dashboard.get_widget(widget_id) requested_widget = dashboard.get_widget(widget_id)
return DashboardWidgetSchema().dump(requested_widget), 200 return DashboardWidgetSchema().dump(requested_widget), 200
@use_args(DashboardWidgetSchema(), locations=('json',)) @use_args(DashboardWidgetSchema(), locations=('json',))
@swag_from('swagger/update_dashboard_widget_spec.yaml') @swag_from('swagger/update_dashboard_widget_spec.yaml')
def put(self, args, dashboard_id, widget_id): def put(self, args, dashboard_id, widget_id):
print("Received stuff!") validate_dashboard_ownership(dashboard_id)
print("Args: " + str(args)) validate_dashboard_ownership(args['device_id'])
print("Dashboard_id: " + str(dashboard_id))
print("Widget_id: " + str(widget_id))
requested_dashboard = dashboard.get_dashboard(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
if not device.can_user_access_device(g.current_account.id,
args['device_id']):
abort(403, message='You are not allowed to access this device',
status='error')
success = dashboard.patch_widget( success = dashboard.patch_widget(
widget_id, widget_id,
args['device_id'], args['device_id'],
@ -172,15 +158,9 @@ class DashboardWidgetResource(ProtectedResource):
@use_args(DashboardWidgetSchema(partial=True), locations=('json',)) @use_args(DashboardWidgetSchema(partial=True), locations=('json',))
@swag_from('swagger/update_dashboard_widget_spec.yaml') @swag_from('swagger/update_dashboard_widget_spec.yaml')
def patch(self, args, dashboard_id, widget_id): def patch(self, args, dashboard_id, widget_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
if args.get('device_id') is not None: if args.get('device_id') is not None:
if not device.can_user_access_device(g.current_account.id, validate_dashboard_ownership(args['device_id'])
args['device_id']):
abort(403, message='You are not allowed to access this device',
status='error')
success = dashboard.patch_widget( success = dashboard.patch_widget(
widget_id, widget_id,
args.get('device_id'), args.get('device_id'),
@ -195,9 +175,6 @@ class DashboardWidgetResource(ProtectedResource):
@swag_from('swagger/delete_dashboard_widget_spec.yaml') @swag_from('swagger/delete_dashboard_widget_spec.yaml')
def delete(self, dashboard_id, widget_id): def delete(self, dashboard_id, widget_id):
requested_dashboard = dashboard.get_dashboard(dashboard_id) validate_dashboard_ownership(dashboard_id)
if requested_dashboard.account_id != g.current_account.id:
abort(403, message='You are not allowed to access this dashboard',
status='error')
dashboard.delete_widget(widget_id) dashboard.delete_widget(widget_id)
return '', 204 return '', 204

View File

@ -19,6 +19,9 @@ class Dashboard(db.Model):
default=db.func.current_timestamp(), default=db.func.current_timestamp(),
onupdate=db.func.current_timestamp()) onupdate=db.func.current_timestamp())
widgets = db.relationship("DashboardWidget",
cascade="save-update, merge, delete")
def __init__(self, account_id, dashboard_data, name): def __init__(self, account_id, dashboard_data, name):
self.account_id = account_id self.account_id = account_id
self.dashboard_data = dashboard_data self.dashboard_data = dashboard_data
@ -135,6 +138,8 @@ class DashboardWidget(db.Model):
default=db.func.current_timestamp(), default=db.func.current_timestamp(),
onupdate=db.func.current_timestamp()) onupdate=db.func.current_timestamp())
dashboard = db.relationship("Dashboard", foreign_keys=[dashboard_id])
def __init__(self, dashboard_id, device_id, height, width, x, y, def __init__(self, dashboard_id, device_id, height, width, x, y,
chart_type, filters): chart_type, filters):
self.dashboard_id = dashboard_id self.dashboard_id = dashboard_id