Merged in feature/secret-algorithm-update (pull request #51)

Add update device secret route
develop
Ensar Sarajcic 2018-11-03 17:11:35 +00:00
commit b34a8f21ce
3 changed files with 68 additions and 1 deletions

View File

@ -47,7 +47,7 @@ class RecordingsQuerySchema(Schema):
class DeviceSecretSchema(BaseResourceSchema):
device_secret = fields.String(dump_only=True)
secret_algorithm = fields.String()
secret_algorithm = fields.String(required=True)
class DeviceShareSchema(BaseResourceSchema):
@ -173,6 +173,17 @@ class DeviceSecretResource(ProtectedResource):
validate_device_ownership(device_id)
return DeviceSecretSchema().dump(devices.get_device(device_id)), 200
@use_args(DeviceSecretSchema(), locations=('json',))
@swag_from('swagger/update_device_secret_spec.yaml')
def put(self, args, device_id):
validate_device_ownership(device_id)
return DeviceSecretSchema().dump(
devices.update_algorithm(
device_id,
args['secret_algorithm']
)
), 200
class DeviceSecretResetResource(ProtectedResource):
@swag_from('swagger/reset_device_secret_spec.yaml')

View File

@ -0,0 +1,26 @@
Updates device secret info (algorithm)
---
tags:
- Device
parameters:
- in: path
name: device_id
required: true
type: integer
description: Id of the device
- in: body
name: body
required: true
schema:
type: object
$ref: '#/definitions/DeviceSecretInfo'
responses:
200:
description: Success
schema:
type: object
required:
- content
properties:
content:
$ref: '#/definitions/DeviceSecretInfo'

View File

@ -2,6 +2,7 @@ import sys
import hmac
import urllib.parse
import datetime
import hashlib
from secrets import token_urlsafe
from .models import (Device,
Recording,
@ -155,6 +156,11 @@ def reset_device_secret(device_id):
"""
Resets device secret for device with given parameters. Raises error on
failure
:param device_id: Id of device
:type device_id: int
:returns: Requested device
:rtype: Device
"""
device = Device.get(id=device_id)
device.device_secret = token_urlsafe(32)
@ -162,6 +168,30 @@ def reset_device_secret(device_id):
return device
def update_algorithm(device_id, algorithm):
"""
Updates device secret algorithm for device with given parameters. Raises
error on failure
:param device_id: Id of device
:type device_id: int
:param algorithm: Name of new algorithm
:type algorithm: string
:returns: Requested device
:rtype: Device
"""
if algorithm not in hashlib.algorithms_available:
raise ValueError("Unsupported algorithm! Supported algorithms: " +
str(hashlib.algorithms_available) + ". Some of " +
"these may not work on all platforms. These are " +
"guaranteed to work on every platform: " +
str(hashlib.algorithms_guaranteed))
device = Device.get(id=device_id)
device.secret_algorithm = algorithm
device.save()
return device
def can_user_access_device(account_id, device_id):
"""
Checks if user with given account_id can access device with given device_id