Remove code from api __init__.py into separate modules
esensar
parent
b83a6cf70e
commit
f63137cb39
|
|
@ -1,106 +0,0 @@
|
|||
import sys
|
||||
from flask import Blueprint, request, g
|
||||
from flask_restful import Api, Resource, abort
|
||||
from functools import wraps
|
||||
from marshmallow import ValidationError
|
||||
from app.accounts.api import validate_token
|
||||
|
||||
|
||||
api_bp = Blueprint('api', __name__)
|
||||
api = Api(api_bp)
|
||||
|
||||
|
||||
def protected(func):
|
||||
@wraps(func)
|
||||
def protected_function(*args, **kwargs):
|
||||
try:
|
||||
token = request.headers['Authorization'] or None
|
||||
|
||||
if not token:
|
||||
abort(401, message='Unauthorized', status='error')
|
||||
|
||||
g.current_account = validate_token(token.replace("Bearer ", ""))
|
||||
if not g.current_account:
|
||||
abort(401, message='Unauthorized', status='error')
|
||||
except Exception:
|
||||
error_type, error_instance, traceback = sys.exc_info()
|
||||
print(str(error_type))
|
||||
print(str(error_instance))
|
||||
abort(401, message='Unauthorized', status='error')
|
||||
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return protected_function
|
||||
|
||||
|
||||
def requires_permission(permission, action_name='Action'):
|
||||
def requires_permission_decorator(func):
|
||||
@wraps(func)
|
||||
def permission_protected_function(*args, **kwargs):
|
||||
if permission not in g.current_account.role.permissions:
|
||||
abort(403,
|
||||
message=(action_name+' is not allowed'),
|
||||
status='error')
|
||||
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return permission_protected_function
|
||||
|
||||
return requires_permission_decorator
|
||||
|
||||
|
||||
class ProtectedResource(Resource):
|
||||
method_decorators = [protected]
|
||||
|
||||
|
||||
def add_resources():
|
||||
from .resources.account import (AccountResource,
|
||||
AccountListResource,
|
||||
AccountRoleResource,
|
||||
RoleResource,
|
||||
RolesResource)
|
||||
from .resources.token import TokenResource, ValidateTokenResource
|
||||
from .resources.device import (DeviceResource,
|
||||
DeviceRecordingResource,
|
||||
DeviceListResource,
|
||||
DeviceTypeResource,
|
||||
DeviceTypeListResource,
|
||||
DeviceConfigurationResource)
|
||||
from .resources.dashboard import DashboardResource, DashboardListResource
|
||||
|
||||
api.add_resource(AccountResource, '/v1/accounts/<int:account_id>')
|
||||
api.add_resource(AccountListResource, '/v1/accounts')
|
||||
api.add_resource(AccountRoleResource, '/v1/accounts/<int:account_id>/role')
|
||||
api.add_resource(RoleResource, '/v1/roles/<int:role_id>')
|
||||
api.add_resource(RolesResource, '/v1/roles')
|
||||
api.add_resource(TokenResource, '/v1/token')
|
||||
api.add_resource(ValidateTokenResource, '/v1/token/validate')
|
||||
api.add_resource(DeviceResource, '/v1/devices/<int:device_id>')
|
||||
api.add_resource(DeviceRecordingResource,
|
||||
'/v1/devices/<int:device_id>/recordings')
|
||||
api.add_resource(DeviceListResource, '/v1/devices')
|
||||
api.add_resource(DeviceTypeResource,
|
||||
'/v1/devices/types/<int:device_type_id>')
|
||||
api.add_resource(DeviceTypeListResource, '/v1/devices/types')
|
||||
api.add_resource(DeviceConfigurationResource,
|
||||
'/v1/devices/<int:device_id>/configuration')
|
||||
api.add_resource(DashboardListResource, '/v1/dashboards')
|
||||
api.add_resource(DashboardResource,
|
||||
'/v1/dashboards/<int:dashboard_id>')
|
||||
|
||||
|
||||
add_resources()
|
||||
|
||||
|
||||
@api_bp.errorhandler(ValidationError)
|
||||
@api_bp.errorhandler(422)
|
||||
def handle_validation_error(e):
|
||||
return {'status': 'error', 'message': str(e)}, 422
|
||||
|
||||
|
||||
@api_bp.errorhandler(Exception)
|
||||
def handle_unknown_errors(e):
|
||||
return ({
|
||||
'status': 'failed',
|
||||
'message': 'Unknown error has occurred! ({0})'.format(str(e))
|
||||
}, 500)
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
import sys
|
||||
from functools import wraps
|
||||
from flask import request, g
|
||||
from flask_restful import Resource, abort
|
||||
from app.accounts.api import validate_token
|
||||
|
||||
|
||||
def protected(func):
|
||||
@wraps(func)
|
||||
def protected_function(*args, **kwargs):
|
||||
try:
|
||||
token = request.headers['Authorization'] or None
|
||||
|
||||
if not token:
|
||||
abort(401, message='Unauthorized', status='error')
|
||||
|
||||
g.current_account = validate_token(token.replace("Bearer ", ""))
|
||||
if not g.current_account:
|
||||
abort(401, message='Unauthorized', status='error')
|
||||
except Exception:
|
||||
error_type, error_instance, traceback = sys.exc_info()
|
||||
print(str(error_type))
|
||||
print(str(error_instance))
|
||||
abort(401, message='Unauthorized', status='error')
|
||||
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return protected_function
|
||||
|
||||
|
||||
class ProtectedResource(Resource):
|
||||
method_decorators = [protected]
|
||||
|
|
@ -0,0 +1,60 @@
|
|||
from flask_restful import Api
|
||||
from marshmallow import ValidationError
|
||||
from flask import Blueprint
|
||||
|
||||
|
||||
api_bp = Blueprint('api', __name__)
|
||||
api = Api(api_bp)
|
||||
|
||||
|
||||
def add_resources():
|
||||
from .resources.account import (AccountResource,
|
||||
AccountListResource,
|
||||
AccountRoleResource,
|
||||
RoleResource,
|
||||
RolesResource)
|
||||
from .resources.token import TokenResource, ValidateTokenResource
|
||||
from .resources.device import (DeviceResource,
|
||||
DeviceRecordingResource,
|
||||
DeviceListResource,
|
||||
DeviceTypeResource,
|
||||
DeviceTypeListResource,
|
||||
DeviceConfigurationResource)
|
||||
from .resources.dashboard import DashboardResource, DashboardListResource
|
||||
|
||||
api.add_resource(AccountResource, '/v1/accounts/<int:account_id>')
|
||||
api.add_resource(AccountListResource, '/v1/accounts')
|
||||
api.add_resource(AccountRoleResource, '/v1/accounts/<int:account_id>/role')
|
||||
api.add_resource(RoleResource, '/v1/roles/<int:role_id>')
|
||||
api.add_resource(RolesResource, '/v1/roles')
|
||||
api.add_resource(TokenResource, '/v1/token')
|
||||
api.add_resource(ValidateTokenResource, '/v1/token/validate')
|
||||
api.add_resource(DeviceResource, '/v1/devices/<int:device_id>')
|
||||
api.add_resource(DeviceRecordingResource,
|
||||
'/v1/devices/<int:device_id>/recordings')
|
||||
api.add_resource(DeviceListResource, '/v1/devices')
|
||||
api.add_resource(DeviceTypeResource,
|
||||
'/v1/devices/types/<int:device_type_id>')
|
||||
api.add_resource(DeviceTypeListResource, '/v1/devices/types')
|
||||
api.add_resource(DeviceConfigurationResource,
|
||||
'/v1/devices/<int:device_id>/configuration')
|
||||
api.add_resource(DashboardListResource, '/v1/dashboards')
|
||||
api.add_resource(DashboardResource,
|
||||
'/v1/dashboards/<int:dashboard_id>')
|
||||
|
||||
|
||||
add_resources()
|
||||
|
||||
|
||||
@api_bp.errorhandler(ValidationError)
|
||||
@api_bp.errorhandler(422)
|
||||
def handle_validation_error(e):
|
||||
return {'status': 'error', 'message': str(e)}, 422
|
||||
|
||||
|
||||
@api_bp.errorhandler(Exception)
|
||||
def handle_unknown_errors(e):
|
||||
return ({
|
||||
'status': 'failed',
|
||||
'message': 'Unknown error has occurred! ({0})'.format(str(e))
|
||||
}, 500)
|
||||
|
|
@ -0,0 +1,19 @@
|
|||
from flask import g
|
||||
from flask_restful import abort
|
||||
from functools import wraps
|
||||
|
||||
|
||||
def requires_permission(permission, action_name='Action'):
|
||||
def requires_permission_decorator(func):
|
||||
@wraps(func)
|
||||
def permission_protected_function(*args, **kwargs):
|
||||
if permission not in g.current_account.role.permissions:
|
||||
abort(403,
|
||||
message=(action_name+' is not allowed'),
|
||||
status='error')
|
||||
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return permission_protected_function
|
||||
|
||||
return requires_permission_decorator
|
||||
|
|
@ -4,7 +4,8 @@ from marshmallow import Schema, fields
|
|||
from webargs.flaskparser import use_args
|
||||
from flasgger import swag_from
|
||||
import app.accounts.api as accounts
|
||||
from app.api import ProtectedResource, requires_permission
|
||||
from app.api.auth_protection import ProtectedResource
|
||||
from app.api.permission_protection import requires_permission
|
||||
|
||||
|
||||
class UserSchema(Schema):
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ from marshmallow import Schema, fields
|
|||
from webargs.flaskparser import use_args
|
||||
from flasgger import swag_from
|
||||
import app.dashboards.api as dashboard
|
||||
from app.api import ProtectedResource
|
||||
from app.api.auth_protection import ProtectedResource
|
||||
|
||||
|
||||
class DashboardSchema(Schema):
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ from webargs.flaskparser import use_args
|
|||
from flasgger import swag_from
|
||||
from flask import g, request
|
||||
import app.devices.api as devices
|
||||
from app.api import ProtectedResource
|
||||
from app.api.auth_protection import ProtectedResource
|
||||
|
||||
|
||||
class DeviceTypeSchema(Schema):
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ from flask_restful import Resource, abort
|
|||
from webargs import fields
|
||||
from webargs.flaskparser import use_args
|
||||
from flasgger import swag_from
|
||||
from app.api import ProtectedResource
|
||||
from app.api.auth_protection import ProtectedResource
|
||||
import app.accounts.api as accounts
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ def setup_blueprints(app):
|
|||
from .accounts.blueprint import accounts_bp
|
||||
from .devices.blueprint import devices_bp
|
||||
from .dashboards.blueprint import dashboard_bp
|
||||
from .api import api_bp
|
||||
from .api.blueprint import api_bp
|
||||
from .mqtt.blueprint import mqtt_bp
|
||||
|
||||
app.register_blueprint(accounts_bp)
|
||||
|
|
|
|||
Loading…
Reference in New Issue