more precise permission control

This commit is contained in:
Inex Code 2022-06-24 20:12:32 +03:00
parent 517a769e5b
commit 07e723dec8
4 changed files with 23 additions and 18 deletions

View file

@ -23,7 +23,7 @@ from selfprivacy_api.migrations import run_migrations
from selfprivacy_api.utils.auth import is_token_valid
from selfprivacy_api.graphql import schema
from selfprivacy_api.graphql.schema import schema
swagger_blueprint = get_swaggerui_blueprint(
"/api/docs", "/api/swagger.json", config={"app_name": "SelfPrivacy API"}

View file

@ -1,13 +1,10 @@
"""GraphQL API for SelfPrivacy."""
# pylint: disable=too-few-public-methods
import typing
import strawberry
from strawberry.permission import BasePermission
from strawberry.types import Info
from flask import request
from selfprivacy_api.graphql.queries.api import Api
from selfprivacy_api.graphql.queries.system import System
from selfprivacy_api.utils.auth import is_token_valid
class IsAuthenticated(BasePermission):
@ -23,15 +20,3 @@ class IsAuthenticated(BasePermission):
if not is_token_valid(auth):
return False
return True
@strawberry.type
class Query:
"""Root schema for queries"""
system: System
@strawberry.field(permission_classes=[IsAuthenticated])
def api(self) -> Api:
"""API access status"""
return Api()
schema = strawberry.Schema(query=Query)

View file

@ -4,6 +4,7 @@ import datetime
import typing
from flask import request
import strawberry
from selfprivacy_api.graphql import IsAuthenticated
from selfprivacy_api.utils import parse_date
from selfprivacy_api.utils.auth import (
@ -74,5 +75,5 @@ def get_recovery_key_status() -> ApiRecoveryKeyStatus:
class Api:
"""API access status"""
version: str = strawberry.field(resolver=get_api_version)
devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices)
recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status)
devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices, permission_classes=[IsAuthenticated])
recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status, permission_classes=[IsAuthenticated])

View file

@ -0,0 +1,19 @@
"""GraphQL API for SelfPrivacy."""
# pylint: disable=too-few-public-methods
import typing
import strawberry
from selfprivacy_api.graphql.queries.api import Api
from selfprivacy_api.graphql.queries.system import System
@strawberry.type
class Query:
"""Root schema for queries"""
system: System
@strawberry.field
def api(self) -> Api:
"""API access status"""
return Api()
schema = strawberry.Schema(query=Query)