tobias/lrc-backend
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added permissions api and websocket stuff

Browse Source
This commit is contained in:
Tobias Kurze
2019-11-28 19:39:53 +01:00
parent c4b54357f7
commit a709dbcaef
14 changed files with 229 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/api/__init__.py
View File

@@ -27,6 +27,7 @@ api_v1 = Api(api_bp, prefix="/v1", version='0.1', title='Vue Test API',
api_user = Namespace('user', description="User management namespace", authorizations=api_authorizations)
api_group = Namespace('group', description="Group management namespace", authorizations=api_authorizations)
api_permissions = Namespace('permissions', description="Permissions management namespace", authorizations=api_authorizations)
api_room = Namespace('room', description="Room management namespace", authorizations=api_authorizations)
api_recorder = Namespace('recorder', description="Recorder management namespace", authorizations=api_authorizations)
api_virtual_command = Namespace('virtual_command', description="Virtual command namespace",
@@ -38,6 +39,7 @@ api_control = Namespace('control', description="Control namespace",
api_v1.add_namespace(api_user)
api_v1.add_namespace(api_group)
api_v1.add_namespace(api_permissions)
api_v1.add_namespace(api_room)
api_v1.add_namespace(api_recorder)
api_v1.add_namespace(api_virtual_command)
@@ -58,6 +60,7 @@ auth_api_v1.add_namespace(auth_api_register_ns)
from .example_api import *
from .auth_api import *
from .user_api import *
from .permission_api import *
from .group_api import *
from .room_api import *
from .recorder_api import *

4
backend/api/models.py
View File

@@ -20,7 +20,9 @@ user_model = api_user.model('User', {
fields.Nested(api_user.model('user_group', {'id': fields.Integer(), 'name': fields.String()})),
required=False, description='Group memberships.'),
'favorite_recorders': fields.List(
fields.Nested(api_user.model('favorite_recorder', {'id': fields.Integer(), 'name': fields.String()})),
fields.Nested(api_user.model('favorite_recorder',
{'id': fields.Integer(), 'name': fields.String(), 'offline': fields.Boolean(),
'created_at': fields.DateTime(), 'last_time_modified': fields.DateTime()})),
required=False, description='Favorite recorders.'),
})

91
backend/api/permission_api.py Normal file
View File

@@ -0,0 +1,91 @@
# Copyright (c) 2019. Tobias Kurze
"""
This module provides functions related to authentication through the API.
For example: listing of available auth providers or registration of users.
Login through API does not start a new session, but instead returns JWT.
"""
from flask_jwt_extended import jwt_required
from flask_restplus import fields, Resource
from backend import db
from backend.api import api_permissions
from backend.models.user_model import Permission
permission_model = api_permissions.model('Permission', {
'id': fields.String(required=False, description='The permission\'s identifier'),
'name': fields.String(required=True, description='The permission\'s name'),
'description': fields.String(required=False, description='The permission\'s description'),
'groups': fields.List(fields.Nested(api_permissions.model('group_member',
{'id': fields.Integer(),
'name': fields.String(),
'description': fields.String()})),
required=False, description='Groups having the permission.'),
'access_control_entry': fields.Nested(api_permissions.model('group_member',
{'id': fields.Integer(),
'name': fields.String(),
'url': fields.String()}),
required=False, description="Access Control Entry"),
})
@api_permissions.route('/<int:id>')
@api_permissions.response(404, 'permission not found')
@api_permissions.param('id', 'The permission identifier')
class PermissionResource(Resource):
@jwt_required
@api_permissions.doc('get_permission')
@api_permissions.marshal_with(permission_model)
def get(self, id):
"""Fetch a user given its identifier"""
permission = Permission.get_by_id(id)
if permission is not None:
return permission
api_permissions.abort(404)
@jwt_required
@api_permissions.doc('delete_permission')
@api_permissions.response(204, 'permission deleted')
def delete(self, id):
"""Delete a permission given its identifier"""
permission = Permission.get_by_id(id)
if permission is not None:
permission.delete()
return '', 204
api_permissions.abort(404)
@jwt_required
@api_permissions.doc('update_permission')
@api_permissions.expect(permission_model)
@api_permissions.marshal_with(permission_model)
def put(self, id):
"""Update a task given its identifier"""
permission = Permission.get_by_id(id)
if permission is not None:
permission.name = api_permissions["name"]
db.session.commit()
return permission
api_permissions.abort(404)
@api_permissions.route('')
class PermissionList(Resource):
@jwt_required
@api_permissions.doc('permissions')
@api_permissions.marshal_list_with(permission_model)
def get(self):
"""
List all permissions
:return: permissions
"""
return Permission.get_all()
@jwt_required
@api_permissions.doc('create_permission')
@api_permissions.expect(permission_model)
@api_permissions.marshal_with(permission_model, code=201)
def post(self):
permission = Permission(**api_permissions.payload)
db.session.add(permission)
db.session.commit()
return permission

2
backend/api/user_api.py
View File

@@ -70,7 +70,7 @@ class UserFavoriteRecorders(Resource):
args = generic_id_parser.parse_args()
current_user_id = get_jwt_identity()
user = User.get_by_identifier(current_user_id)
print(user)
print(args)
recorder = Recorder.get_by_identifier(args["id"])
print(recorder)
if recorder is None: