more precise permission control

This commit is contained in:
Inex Code 2022-06-24 20:12:32 +03:00
parent 517a769e5b
commit 07e723dec8
4 changed files with 23 additions and 18 deletions

View file

@ -23,7 +23,7 @@ from selfprivacy_api.migrations import run_migrations
from selfprivacy_api.utils.auth import is_token_valid from selfprivacy_api.utils.auth import is_token_valid
from selfprivacy_api.graphql import schema from selfprivacy_api.graphql.schema import schema
swagger_blueprint = get_swaggerui_blueprint( swagger_blueprint = get_swaggerui_blueprint(
"/api/docs", "/api/swagger.json", config={"app_name": "SelfPrivacy API"} "/api/docs", "/api/swagger.json", config={"app_name": "SelfPrivacy API"}

View file

@ -1,13 +1,10 @@
"""GraphQL API for SelfPrivacy.""" """GraphQL API for SelfPrivacy."""
# pylint: disable=too-few-public-methods # pylint: disable=too-few-public-methods
import typing import typing
import strawberry
from strawberry.permission import BasePermission from strawberry.permission import BasePermission
from strawberry.types import Info from strawberry.types import Info
from flask import request from flask import request
from selfprivacy_api.graphql.queries.api import Api
from selfprivacy_api.graphql.queries.system import System
from selfprivacy_api.utils.auth import is_token_valid from selfprivacy_api.utils.auth import is_token_valid
class IsAuthenticated(BasePermission): class IsAuthenticated(BasePermission):
@ -23,15 +20,3 @@ class IsAuthenticated(BasePermission):
if not is_token_valid(auth): if not is_token_valid(auth):
return False return False
return True return True
@strawberry.type
class Query:
"""Root schema for queries"""
system: System
@strawberry.field(permission_classes=[IsAuthenticated])
def api(self) -> Api:
"""API access status"""
return Api()
schema = strawberry.Schema(query=Query)

View file

@ -4,6 +4,7 @@ import datetime
import typing import typing
from flask import request from flask import request
import strawberry import strawberry
from selfprivacy_api.graphql import IsAuthenticated
from selfprivacy_api.utils import parse_date from selfprivacy_api.utils import parse_date
from selfprivacy_api.utils.auth import ( from selfprivacy_api.utils.auth import (
@ -74,5 +75,5 @@ def get_recovery_key_status() -> ApiRecoveryKeyStatus:
class Api: class Api:
"""API access status""" """API access status"""
version: str = strawberry.field(resolver=get_api_version) version: str = strawberry.field(resolver=get_api_version)
devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices) devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices, permission_classes=[IsAuthenticated])
recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status) recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status, permission_classes=[IsAuthenticated])

View file

@ -0,0 +1,19 @@
"""GraphQL API for SelfPrivacy."""
# pylint: disable=too-few-public-methods
import typing
import strawberry
from selfprivacy_api.graphql.queries.api import Api
from selfprivacy_api.graphql.queries.system import System
@strawberry.type
class Query:
"""Root schema for queries"""
system: System
@strawberry.field
def api(self) -> Api:
"""API access status"""
return Api()
schema = strawberry.Schema(query=Query)