added / implemented group API

2019-04-10 15:11:21 +02:00
parent f0783d97c8
commit 2451a56403
5 changed files with 85 additions and 31 deletions
--- a/init.py
+++ b/init.py
@@ -4,6 +4,7 @@ Backend base module
 """
 import jwt
 import requests
 from flask import Flask, jsonify
 from flask_httpauth import HTTPTokenAuth, HTTPBasicAuth, MultiAuth
 from flask_jwt_extended import JWTManager, decode_token
@@ -46,7 +47,10 @@ multi_auth = MultiAuth(basic_auth, jwt_auth)
 from backend.auth import oidc_auth, auth_bp
 try:
    oidc_auth.init_app(app)
 except requests.exceptions.ConnectionError as err:
    app.logger.error("Could not connect to OIDC!!", err)
 # oidc_multi_auth = MultiAuth(oidc_auth, jwt_auth) <- can't work as OIDCAuthentication not implementing HTTPAuth
--- a/api/init.py
+++ b/api/init.py
@@ -26,12 +26,15 @@ api_v1 = Api(api_bp, prefix="/v1", version='0.1', title='Vue Test API',
             description='The Vue Test API', doc='/v1/doc/', authorizations=api_authorizations, security='bearerAuth')
 api_user = Namespace('user', description="User management namespace", authorizations=api_authorizations)
 api_group = Namespace('group', description="Group management namespace", authorizations=api_authorizations)
 api_v1.add_namespace(api_user)
 api_v1.add_namespace(api_group
                     )
 auth_api_bp = Blueprint('auth_api', __name__, url_prefix='/api/auth')
-user_api_bp = Blueprint('user_api', __name__, url_prefix='/api/user')
+# user_api_bp = Blueprint('user_api', __name__, url_prefix='/api/user')
-group_api_bp = Blueprint('group_api', __name__, url_prefix='/api/group')
+# group_api_bp = Blueprint('group_api', __name__, url_prefix='/api/group')
 from .example_api import *
 from .auth_api import *
--- a/api/group_api.py
+++ b/api/group_api.py
@@ -5,36 +5,76 @@ For example: listing of available auth providers or registration of users.
 Login through API does not start a new session, but instead returns JWT.
 """
 import flask
 from datetime import datetime, timedelta
 import jwt
 from flask import request, jsonify, current_app, url_for
 from flask_jwt_extended import jwt_required
-from functools import wraps
+from flask_restplus import fields, Resource
 from random import randint
-from flask_login import logout_user, login_user
+from backend import db
-from typing import Iterable
+from backend.api import api_group
 from werkzeug.routing import BuildError
 from backend import db, app
 from backend.api import auth_api_bp, group_api_bp
 from backend.auth import AUTH_PROVIDERS, oidc_auth
 from backend.models.user_model import User, Group
 group_model = api_group.model('Group', {
    'id': fields.String(required=False, description='The group\'s identifier'),
    'name': fields.String(required=True, description='The group\'s name'),
 })
-@group_api_bp.route('/<id>', methods=['GET'])
+
@api_group.route('/<int:id>')
@api_group.response(404, 'Group not found')
@api_group.param('id', 'The group identifier')
 class GroupResource(Resource):
    @jwt_required
-def get_group():
+    @api_group.doc('get_group')
    @api_group.marshal_with(group_model)
    def get(self, id):
        """Fetch a user given its identifier"""
        group = Group.get_by_id(id)
        if group is not None:
            return group
        api_group.abort(404)
-    user = create_or_retrieve_user_from_userinfo(flask.session['userinfo'])
+    @jwt_required
    @api_group.doc('delete_todo')
    @api_group.response(204, 'Todo deleted')
    def delete(self, id):
        '''Delete a task given its identifier'''
        group = Group.get_by_id(id)
        if group is not None:
            group.delete()
            return '', 204
        api_group.abort(404)
-    return jsonify(user.to_dict())
+    @jwt_required
-    if user is None:
+    @api_group.doc('update_group')
-        return "Could not authenticate: could not find or create user.", 401
+    @api_group.expect(group_model)
-    if current_app.config.get("AUTH_RETURN_EXTERNAL_JWT", False):
+    @api_group.marshal_with(group_model)
-        token = jwt.encode(flask.session['id_token'], current_app.config['SECRET_KEY'])
+    def put(self, id):
-    else:
+        '''Update a task given its identifier'''
-        token = create_jwt(user)
+        group = Group.get_by_id(id)
-    return token
+        if group is not None:
            group.name = api_group["name"]
            db.session.commit()
            return group
        api_group.abort(404)
@api_group.route('/')
 class GroupList(Resource):
    @jwt_required
    @api_group.doc('groups')
    @api_group.marshal_list_with(group_model)
    def get(self):
        """
        List all groups
        :return: groups
        """
        return Group.get_all()
    @jwt_required
    @api_group.doc('create_todo')
    @api_group.expect(group_model)
    @api_group.marshal_with(group_model, code=201)
    def post(self):
        group = Group(**api_group.payload)
        db.session.add(group)
        db.session.commit()
        return group
--- a/api/user_api.py
+++ b/api/user_api.py
@@ -12,7 +12,7 @@ from flask_jwt_extended import get_jwt_identity, jwt_optional, jwt_required
 from flask_restplus import Resource, fields
 from backend import db, app, jwt_auth
-from backend.api import user_api_bp, api_bp, api_user
+from backend.api import api_bp, api_user
 from backend.auth import oidc_auth
 from backend.models.user_model import User, Group
@@ -33,7 +33,6 @@ class Profile(Resource):
        return User.get_by_identifier(current_user_id)
@api_user.route('/')
 class UserList(Resource):
    """
--- a/models/user_model.py
+++ b/models/user_model.py
@@ -434,6 +434,14 @@ class Group(db.Model):
        """
        return Group.query.filter(Group.name == name).first()
    @staticmethod
    def get_all():
        """
        Return all groups
        :return:
        """
        return Group.query.all()
    def __str__(self):
        return self.name