tobias/lrc-backend
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

some changes to virtual command api, but its not yet clear how this should function

Browse Source
This commit is contained in:
Tobias
2020-07-31 16:33:02 +02:00
parent cc334f1727
commit dc142bca0c
10 changed files with 294 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
backend/models/user_model.py
View File

@@ -4,8 +4,9 @@ Example user model and related models
"""
import json
import sqlalchemy
from sqlalchemy.orm import relation
from sqlalchemy import MetaData
from sqlalchemy import MetaData, any_
from backend import db, app, login_manager
from backend.config import Config
@@ -74,16 +75,16 @@ group_permission_table = db.Table('group_permission',
# This is the association table for the many-to-many relationship between
# users and permissions.
user_permission_table = db.Table('user_permission',
db.Column('user_id', db.Integer,
db.ForeignKey('user.id',
onupdate="CASCADE",
ondelete="CASCADE"),
primary_key=True),
db.Column('permission_id', db.Integer,
db.ForeignKey('permission.id',
onupdate="CASCADE",
ondelete="CASCADE"),
primary_key=True))
db.Column('user_id', db.Integer,
db.ForeignKey('user.id',
onupdate="CASCADE",
ondelete="CASCADE"),
primary_key=True),
db.Column('permission_id', db.Integer,
db.ForeignKey('permission.id',
onupdate="CASCADE",
ondelete="CASCADE"),
primary_key=True))
class User(UserMixin, db.Model):
@@ -108,6 +109,7 @@ class User(UserMixin, db.Model):
password = db.Column(db.String(255), nullable=True)
registered_on = db.Column(db.DateTime, nullable=False, default=datetime.utcnow())
external_user = db.Column(db.Boolean, default=False)
external_user_id = db.Column(db.Unicode(63), unique=True, nullable=True, default=None)
last_seen = db.Column(db.DateTime, default=datetime.utcnow())
last_time_modified = db.Column(db.DateTime, default=datetime.utcnow())
jwt_exp_delta_seconds = db.Column(db.Integer, nullable=True)
@@ -200,6 +202,8 @@ class User(UserMixin, db.Model):
return None
user = cls.query.filter_by(email=email).first()
if not user:
user = cls.query.filter_by(nickname=email).first() # be nice and allow nickname as well...
if not user or not user.verify_password(password):
return None
@@ -243,12 +247,10 @@ class User(UserMixin, db.Model):
@property
def effective_permissions(self):
permissions = Config.ROLE_PERMISSION_MAPPINGS.get(self.role, [])
permissions = Config.ROLE_PERMISSION_MAPPINGS.get(self.role, set())
for g in self.groups:
print(g)
for p in g.permissions:
print(p)
permissions.append(p)
permissions.add(p)
return permissions
@staticmethod
@@ -497,14 +499,13 @@ class Permission(db.Model):
id = db.Column(db.Integer, autoincrement=True, primary_key=True)
name = db.Column(db.Unicode(63), unique=True, nullable=False)
description = db.Column(db.Unicode(511))
#read_only = db.Column(db.Boolean, default=False)
# read_only = db.Column(db.Boolean, default=False)
groups = db.relationship(Group, secondary=group_permission_table,
back_populates='permissions')
users = db.relationship(User, secondary=user_permission_table,
back_populates='permissions')
back_populates='permissions')
access_control_entry = db.relationship('AccessControlEntry', back_populates='required_permission')
@staticmethod
def get_by_name(name):
"""
@@ -514,6 +515,17 @@ class Permission(db.Model):
"""
return Permission.query.filter(Permission.name == name).first()
@staticmethod
def get_by_names(names: list):
"""
Find permissions by their names
:param names:
:return:
"""
if len(names) < 1:
return []
return Permission.query.filter(or_(*[Permission.name.like(name) for name in names])).all()
@staticmethod
def get_all():
"""
@@ -522,22 +534,42 @@ class Permission(db.Model):
"""
return Permission.query.all()
@event.listens_for(Permission.__table__, 'after_create')
def insert_initial_permissions(*args, **kwargs):
print("DB: inserting default permissions:")
for p in app.config.get("PERMISSIONS", []):
print(p)
db.session.add(Permission(name=p))
db.session.commit()
# insert_initial_groups() # call this function here again, as often (always?) permission table does not yet exist
@event.listens_for(User.__table__, 'after_create')
def insert_initial_users(*args, **kwargs):
print("DB: inserting default users:")
for u in app.config.get("USERS", []):
db.session.add(User(**u))
db.session.commit()
# The following initialization does not work as it depends on the existence of multiple tables
# This initialization has now been moved to manage.py!
"""
@event.listens_for(Group.__table__, 'after_create')
def insert_initial_groups(*args, **kwargs):
for g in app.config.get("GROUPS", []):
db.session.add(Group(**g))
db.session.commit()
@event.listens_for(Permission.__table__, 'after_create')
def insert_initial_permissions(*args, **kwargs):
for p in app.config.get("PERMISSIONS", []):
db.session.add(Permission(name=p))
db.session.commit()
print("DB: inserting default groups:")
try:
for g in app.config.get("GROUPS", []):
print(g['name'])
g_permissions = g.pop('permissions', [])
g['permissions'] = Permission.get_by_names(g_permissions)
print(g['permissions'])
db.session.add(Group(**g))
db.session.commit()
except sqlalchemy.exc.OperationalError as e:
first_error_line = str(e).split('\n')[0]
if "no such table" not in first_error_line:
raise
print(f"Permission table probably does not exist yet: {first_error_line} - you can probably ignore this!")
"""