107 lines
3.8 KiB
Python
107 lines
3.8 KiB
Python
import sys
|
|
from flask import Blueprint, request, g
|
|
from flask_restful import Api, Resource, abort
|
|
from functools import wraps
|
|
from marshmallow import ValidationError
|
|
from app.accounts import validate_token
|
|
|
|
|
|
api_bp = Blueprint('api', __name__)
|
|
api = Api(api_bp)
|
|
|
|
|
|
def protected(func):
|
|
@wraps(func)
|
|
def protected_function(*args, **kwargs):
|
|
try:
|
|
token = request.headers['Authorization'] or None
|
|
|
|
if not token:
|
|
abort(401, message='Unauthorized', status='error')
|
|
|
|
g.current_account = validate_token(token.replace("Bearer ", ""))
|
|
if not g.current_account:
|
|
abort(401, message='Unauthorized', status='error')
|
|
except Exception:
|
|
error_type, error_instance, traceback = sys.exc_info()
|
|
print(str(error_type))
|
|
print(str(error_instance))
|
|
abort(401, message='Unauthorized', status='error')
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
return protected_function
|
|
|
|
|
|
def requires_permission(permission, action_name='Action'):
|
|
def requires_permission_decorator(func):
|
|
@wraps(func)
|
|
def permission_protected_function(*args, **kwargs):
|
|
if permission not in g.current_account.role.permissions:
|
|
abort(403,
|
|
message=(action_name+' is not allowed'),
|
|
status='error')
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
return permission_protected_function
|
|
|
|
return requires_permission_decorator
|
|
|
|
|
|
class ProtectedResource(Resource):
|
|
method_decorators = [protected]
|
|
|
|
|
|
def add_resources():
|
|
from .resources.account import (AccountResource,
|
|
AccountListResource,
|
|
AccountRoleResource,
|
|
RoleResource,
|
|
RolesResource)
|
|
from .resources.token import TokenResource, ValidateTokenResource
|
|
from .resources.device import (DeviceResource,
|
|
DeviceRecordingResource,
|
|
DeviceListResource,
|
|
DeviceTypeResource,
|
|
DeviceTypeListResource,
|
|
DeviceConfigurationResource)
|
|
from .resources.dashboard import DashboardResource, DashboardListResource
|
|
|
|
api.add_resource(AccountResource, '/v1/accounts/<int:account_id>')
|
|
api.add_resource(AccountListResource, '/v1/accounts')
|
|
api.add_resource(AccountRoleResource, '/v1/accounts/<int:account_id>/role')
|
|
api.add_resource(RoleResource, '/v1/roles/<int:role_id>')
|
|
api.add_resource(RolesResource, '/v1/roles')
|
|
api.add_resource(TokenResource, '/v1/token')
|
|
api.add_resource(ValidateTokenResource, '/v1/token/validate')
|
|
api.add_resource(DeviceResource, '/v1/devices/<int:device_id>')
|
|
api.add_resource(DeviceRecordingResource,
|
|
'/v1/devices/<int:device_id>/recordings')
|
|
api.add_resource(DeviceListResource, '/v1/devices')
|
|
api.add_resource(DeviceTypeResource,
|
|
'/v1/devices/types/<int:device_type_id>')
|
|
api.add_resource(DeviceTypeListResource, '/v1/devices/types')
|
|
api.add_resource(DeviceConfigurationResource,
|
|
'/v1/devices/<int:device_id>/configuration')
|
|
api.add_resource(DashboardListResource, '/v1/dashboards')
|
|
api.add_resource(DashboardResource,
|
|
'/v1/dashboards/<int:dashboard_id>')
|
|
|
|
|
|
add_resources()
|
|
|
|
|
|
@api_bp.errorhandler(ValidationError)
|
|
@api_bp.errorhandler(422)
|
|
def handle_validation_error(e):
|
|
return {'status': 'error', 'message': str(e)}, 422
|
|
|
|
|
|
@api_bp.errorhandler(Exception)
|
|
def handle_unknown_errors(e):
|
|
return ({
|
|
'status': 'failed',
|
|
'message': 'Unknown error has occurred! ({0})'.format(str(e))
|
|
}, 500)
|