flaschengeist/flaschengeist/plugins/roles/__init__.py

"""Roles plugin

Provides routes used to configure roles and permissions of users / roles.
"""

from werkzeug.exceptions import BadRequest
from flask import Blueprint, request, jsonify
from http.client import NO_CONTENT

from flaschengeist.plugins import Plugin
from flaschengeist.utils.decorators import login_required
from flaschengeist.controller import roleController
from flaschengeist.utils.HTTP import created

roles_bp = Blueprint("roles", __name__)
_permission_edit = "roles_edit"
_permission_delete = "roles_delete"


class RolesPlugin(Plugin):
    def __init__(self, config):
        super().__init__(config, roles_bp, permissions=[_permission_edit, _permission_delete])


@roles_bp.route("/roles", methods=["GET"])
@login_required()
def list_roles(current_session):
    """List all existing roles

    Route: ``/roles`` | Method: ``GET``

    Args:
        current_session: Session sent with Authorization Header

    Returns:
        JSON encoded array of `flaschengeist.models.user.Role`
    """
    roles = roleController.get_all()
    return jsonify(roles)


@roles_bp.route("/roles", methods=["POST"])
@login_required(permission=_permission_edit)
def create_role(current_session):
    """Create new role

    Route: ``/roles`` | Method: ``POST``

    POST-data: ``{name: string, permissions?: string[]}``

    Args:
        current_session: Session sent with Authorization Header

    Returns:
        HTTP-201 and json encoded created Role or HTTP error
    """
    data = request.get_json()
    if not data or "name" not in data:
        raise BadRequest
    if "permissions" in data:
        permissions = data["permissions"]
    return created(roleController.create_role(data["name"], permissions))


@roles_bp.route("/roles/permissions", methods=["GET"])
@login_required()
def list_permissions(current_session):
    """List all existing permissions

    Route: ``/roles/permissions`` | Method: ``GET``

    Args:
        current_session: Session sent with Authorization Header

    Returns:
        JSON encoded list of `flaschengeist.models.user.Permission`
    """
    permissions = roleController.get_permissions()
    return jsonify(permissions)


@roles_bp.route("/roles/<role_name>", methods=["GET"])
@login_required()
def get_role(role_name, current_session):
    """Get role by name

    Route: ``/roles/<role_name>`` | Method: ``GET``

    Args:
        role_name: Name of role to retrieve
        current_session: Session sent with Authorization Header

    Returns:
        JSON encoded `flaschengeist.models.user.Role` or HTTP error
    """
    role = roleController.get(role_name)
    return jsonify(role)


@roles_bp.route("/roles/<int:role_id>", methods=["PUT"])
@login_required(permission=_permission_edit)
def edit_role(role_id, current_session):
    """Edit role, rename and / or set permissions

    Route: ``/roles/<role_id>`` | Method: ``PUT``

    POST-data: ``{name?: string, permissions?: string[]}``

    Args:
        role_id: Identifier of the role
        current_session: Session sent with Authorization Header

    Returns:
            HTTP-200 or HTTP error
    """
    role = roleController.get(role_id)

    data = request.get_json()
    if "permissions" in data:
        roleController.set_permissions(role, data["permissions"])
    if "name" in data:
        roleController.update_role(role, data["name"])
    return "", NO_CONTENT


@roles_bp.route("/roles/<int:role_id>", methods=["DELETE"])
@login_required(permission=_permission_delete)
def delete_role(role_id, current_session):
    """Delete role

    Route: ``/roles/<role_id>`` | Method: ``DELETE``

    Args:
        role_id: Identifier of the role
        current_session: Session sent with Authorization Header

    Returns:
        HTTP-204 or HTTP error
    """
    role = roleController.get(role_id)
    roleController.delete(role)
    return "", NO_CONTENT
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`"""Roles plugin`

			`Provides routes used to configure roles and permissions of users / roles.`
			`"""`

[Plugin] Fixed return values for balance and roles routes 2020-10-31 14:23:49 +00:00			`from werkzeug.exceptions import BadRequest`
Added Role controller 2020-10-03 23:25:50 +00:00			`from flask import Blueprint, request, jsonify`
[System][Plugin] moved decorator 2021-02-10 16:40:47 +00:00			`from http.client import NO_CONTENT`
Added Role controller 2020-10-03 23:25:50 +00:00
Restructured project, renamed modules, removed geruecht as it is dead. 2020-10-30 02:30:46 +00:00			`from flaschengeist.plugins import Plugin`
[System][Plugin] moved decorator 2021-02-10 16:40:47 +00:00			`from flaschengeist.utils.decorators import login_required`
Restructured project, renamed modules, removed geruecht as it is dead. 2020-10-30 02:30:46 +00:00			`from flaschengeist.controller import roleController`
[System][Plugin] Improved Hooks, roles and auth_ldap improvements * Hooks now allow multiple hooked functions * Hooks can now be called before and after a function call * Fixed issue in datetime util when string is None or empty * Roles: Return new created role as json * auth_ldap: Use new Hooks * auth_ldap: Fixed an issue where ldap response is not checked (when role gets renamed) 2020-11-17 23:39:25 +00:00			`from flaschengeist.utils.HTTP import created`
Added Role controller 2020-10-03 23:25:50 +00:00
			`roles_bp = Blueprint("roles", __name__)`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00			`_permission_edit = "roles_edit"`
[Plugin] roles: New permission needed for deleting roles 2020-11-16 13:21:19 +00:00			`_permission_delete = "roles_delete"`
Added Role controller 2020-10-03 23:25:50 +00:00

Only use one plugin system, load auth and "normal" plugins at once. * Added Plugin class, where to inheritate from 2020-10-15 19:58:56 +00:00			`class RolesPlugin(Plugin):`
			`def __init__(self, config):`
[Plugin] roles: New permission needed for deleting roles 2020-11-16 13:21:19 +00:00			`super().__init__(config, roles_bp, permissions=[_permission_edit, _permission_delete])`
Added Role controller 2020-10-03 23:25:50 +00:00
Some more on autodetection API interfaces for frontend * Breaks API for Session and User 2020-10-19 14:48:34 +00:00
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`@roles_bp.route("/roles", methods=["GET"])`
			`@login_required()`
			`def list_roles(current_session):`
			`"""List all existing roles`

			Route: ``/roles`` \| Method: ``GET``

			`Args:`
			`current_session: Session sent with Authorization Header`

			`Returns:`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			JSON encoded array of `flaschengeist.models.user.Role`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`"""`
			`roles = roleController.get_all()`
			`return jsonify(roles)`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00

			`@roles_bp.route("/roles", methods=["POST"])`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00			`@login_required(permission=_permission_edit)`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`def create_role(current_session):`
			`"""Create new role`

			Route: ``/roles`` \| Method: ``POST``

			POST-data: ``{name: string, permissions?: string[]}``

			`Args:`
			`current_session: Session sent with Authorization Header`

			`Returns:`
[System][Plugin] Improved Hooks, roles and auth_ldap improvements * Hooks now allow multiple hooked functions * Hooks can now be called before and after a function call * Fixed issue in datetime util when string is None or empty * Roles: Return new created role as json * auth_ldap: Use new Hooks * auth_ldap: Fixed an issue where ldap response is not checked (when role gets renamed) 2020-11-17 23:39:25 +00:00			`HTTP-201 and json encoded created Role or HTTP error`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`"""`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`data = request.get_json()`
			`if not data or "name" not in data:`
			`raise BadRequest`
			`if "permissions" in data:`
			`permissions = data["permissions"]`
[System][Plugin] Improved Hooks, roles and auth_ldap improvements * Hooks now allow multiple hooked functions * Hooks can now be called before and after a function call * Fixed issue in datetime util when string is None or empty * Roles: Return new created role as json * auth_ldap: Use new Hooks * auth_ldap: Fixed an issue where ldap response is not checked (when role gets renamed) 2020-11-17 23:39:25 +00:00			`return created(roleController.create_role(data["name"], permissions))`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00

[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`@roles_bp.route("/roles/permissions", methods=["GET"])`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`@login_required()`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`def list_permissions(current_session):`
			`"""List all existing permissions`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			Route: ``/roles/permissions`` \| Method: ``GET``
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`Args:`
			`current_session: Session sent with Authorization Header`

			`Returns:`
			JSON encoded list of `flaschengeist.models.user.Permission`
			`"""`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`permissions = roleController.get_permissions()`
			`return jsonify(permissions)`


[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`@roles_bp.route("/roles/<role_name>", methods=["GET"])`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`@login_required()`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`def get_role(role_name, current_session):`
			`"""Get role by name`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			Route: ``/roles/<role_name>`` \| Method: ``GET``
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`Args:`
			`role_name: Name of role to retrieve`
			`current_session: Session sent with Authorization Header`

			`Returns:`
			JSON encoded `flaschengeist.models.user.Role` or HTTP error
			`"""`
			`role = roleController.get(role_name)`
			`return jsonify(role)`


[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`@roles_bp.route("/roles/<int:role_id>", methods=["PUT"])`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00			`@login_required(permission=_permission_edit)`
[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`def edit_role(role_id, current_session):`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`"""Edit role, rename and / or set permissions`

[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			Route: ``/roles/<role_id>`` \| Method: ``PUT``
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00
			POST-data: ``{name?: string, permissions?: string[]}``

			`Args:`
[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`role_id: Identifier of the role`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`current_session: Session sent with Authorization Header`

			`Returns:`
			`HTTP-200 or HTTP error`
			`"""`
[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`role = roleController.get(role_id)`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00
			`data = request.get_json()`
			`if "permissions" in data:`
			`roleController.set_permissions(role, data["permissions"])`
[System][Plugin] Improved Hooks, roles and auth_ldap improvements * Hooks now allow multiple hooked functions * Hooks can now be called before and after a function call * Fixed issue in datetime util when string is None or empty * Roles: Return new created role as json * auth_ldap: Use new Hooks * auth_ldap: Fixed an issue where ldap response is not checked (when role gets renamed) 2020-11-17 23:39:25 +00:00			`if "name" in data:`
			`roleController.update_role(role, data["name"])`
[Plugin] Fixed return values for balance and roles routes 2020-10-31 14:23:49 +00:00			`return "", NO_CONTENT`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00

[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`@roles_bp.route("/roles/<int:role_id>", methods=["DELETE"])`
[Plugin] roles: New permission needed for deleting roles 2020-11-16 13:21:19 +00:00			`@login_required(permission=_permission_delete)`
[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`def delete_role(role_id, current_session):`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`"""Delete role`
Added Role controller 2020-10-03 23:25:50 +00:00
[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			Route: ``/roles/<role_id>`` \| Method: ``DELETE``
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00
			`Args:`
[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`role_id: Identifier of the role`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`current_session: Session sent with Authorization Header`

			`Returns:`
[Plugin] Remove redundant code, balance and roles 2020-10-31 17:03:04 +00:00			`HTTP-204 or HTTP error`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`"""`
[Plugin] Roles: Fixed controller and Model * Identify role by id not name, as name might change * Set permissions and Delete Role are fixed (db exception was thrown) 2020-11-09 02:44:35 +00:00			`role = roleController.get(role_id)`
[Doc] More documentation on decorator and plugins roles and auth* 2020-10-30 03:05:59 +00:00			`roleController.delete(role)`
[Plugin] Fixed return values for balance and roles routes 2020-10-31 14:23:49 +00:00			`return "", NO_CONTENT`