added stub for server settings
we can now modify the default permissions for unauthenticated users it doesn't do anything yet, though
This commit is contained in:
parent
f49d47fda6
commit
743c8b9eaa
@ -1,6 +1,6 @@
|
|||||||
attrs==22.2.0
|
attrs==22.2.0
|
||||||
bcrypt==4.0.1
|
bcrypt==4.0.1
|
||||||
bitmask @ git+https://github.com/dogeystamp/bitmask@8524113fcdc22a570bda77d440374f5f269fdb79
|
bitmask @ git+https://github.com/dogeystamp/bitmask@e3726f069c24f1db6ecb2e3d3143c9c930c83fa5
|
||||||
black==23.3.0
|
black==23.3.0
|
||||||
click==8.1.3
|
click==8.1.3
|
||||||
coverage==7.2.1
|
coverage==7.2.1
|
||||||
|
@ -27,5 +27,9 @@ from sachet.server.users.views import users_blueprint
|
|||||||
|
|
||||||
app.register_blueprint(users_blueprint)
|
app.register_blueprint(users_blueprint)
|
||||||
|
|
||||||
|
from sachet.server.admin.views import admin_blueprint
|
||||||
|
|
||||||
|
app.register_blueprint(admin_blueprint)
|
||||||
|
|
||||||
with app.app_context():
|
with app.app_context():
|
||||||
db.create_all()
|
db.create_all()
|
||||||
|
0
sachet/server/admin/__init__.py
Normal file
0
sachet/server/admin/__init__.py
Normal file
41
sachet/server/admin/views.py
Normal file
41
sachet/server/admin/views.py
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
from flask import Blueprint, request, jsonify
|
||||||
|
from flask.views import MethodView
|
||||||
|
from sachet.server.models import ServerSettings
|
||||||
|
from sachet.server import db
|
||||||
|
from sachet.server.views_common import auth_required, ModelAPI
|
||||||
|
|
||||||
|
|
||||||
|
admin_blueprint = Blueprint("admin_blueprint", __name__)
|
||||||
|
|
||||||
|
|
||||||
|
class ServerSettingsAPI(ModelAPI):
|
||||||
|
def get_settings(self):
|
||||||
|
rows = ServerSettings.query.all()
|
||||||
|
if len(rows) == 0:
|
||||||
|
settings = ServerSettings()
|
||||||
|
db.session.add(settings)
|
||||||
|
db.session.commit()
|
||||||
|
return settings
|
||||||
|
return rows[-1]
|
||||||
|
|
||||||
|
@auth_required(require_admin=True)
|
||||||
|
def get(self, auth_user=None):
|
||||||
|
settings = self.get_settings()
|
||||||
|
return super().get(settings)
|
||||||
|
|
||||||
|
@auth_required(require_admin=True)
|
||||||
|
def patch(self, auth_user=None):
|
||||||
|
settings = self.get_settings()
|
||||||
|
return super().patch(settings)
|
||||||
|
|
||||||
|
@auth_required(require_admin=True)
|
||||||
|
def put(self, auth_user=None):
|
||||||
|
settings = self.get_settings()
|
||||||
|
return super().put(settings)
|
||||||
|
|
||||||
|
|
||||||
|
admin_blueprint.add_url_rule(
|
||||||
|
"/admin/settings",
|
||||||
|
view_func=ServerSettingsAPI.as_view("server_settings_api"),
|
||||||
|
methods=["PATCH", "GET", "PUT"],
|
||||||
|
)
|
@ -129,7 +129,7 @@ class User(db.Model):
|
|||||||
|
|
||||||
username = ma.auto_field()
|
username = ma.auto_field()
|
||||||
register_date = ma.auto_field()
|
register_date = ma.auto_field()
|
||||||
permissions = PermissionField(data_key="permissions")
|
permissions = PermissionField()
|
||||||
|
|
||||||
return Schema()
|
return Schema()
|
||||||
|
|
||||||
@ -167,3 +167,24 @@ class BlacklistToken(db.Model):
|
|||||||
if entry.expires < datetime.datetime.utcnow():
|
if entry.expires < datetime.datetime.utcnow():
|
||||||
db.session.delete(entry)
|
db.session.delete(entry)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
class ServerSettings(db.Model):
|
||||||
|
__tablename__ = "server_settings"
|
||||||
|
|
||||||
|
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
|
||||||
|
|
||||||
|
default_permissions_number = db.Column(db.BigInteger, nullable=False, default=0)
|
||||||
|
default_permissions = PermissionProperty()
|
||||||
|
|
||||||
|
def __init__(self, default_permissions=Bitmask(AllFlags=Permissions)):
|
||||||
|
self.default_permissions = default_permissions
|
||||||
|
|
||||||
|
def get_schema(self):
|
||||||
|
class Schema(ma.SQLAlchemySchema):
|
||||||
|
class Meta:
|
||||||
|
model = self
|
||||||
|
|
||||||
|
default_permissions = PermissionField()
|
||||||
|
|
||||||
|
return Schema()
|
||||||
|
111
tests/test_serversettings.py
Normal file
111
tests/test_serversettings.py
Normal file
@ -0,0 +1,111 @@
|
|||||||
|
from bitmask import Bitmask
|
||||||
|
from sachet.server.models import Permissions, ServerSettings
|
||||||
|
|
||||||
|
server_settings_schema = ServerSettings.get_schema(ServerSettings)
|
||||||
|
|
||||||
|
|
||||||
|
def test_default_perms(client, tokens):
|
||||||
|
"""Test the default permissions."""
|
||||||
|
|
||||||
|
# try with regular user to make sure it doesn't work
|
||||||
|
resp = client.get(
|
||||||
|
"/admin/settings",
|
||||||
|
headers={"Authorization": f"bearer {tokens['jeff']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 403
|
||||||
|
|
||||||
|
resp = client.get(
|
||||||
|
"/admin/settings",
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200
|
||||||
|
|
||||||
|
assert server_settings_schema.load(resp.get_json()) == dict(
|
||||||
|
default_permissions=Bitmask(AllFlags=Permissions)
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def test_patch_perms(client, tokens):
|
||||||
|
"""Test the PATCH endpoint for default server permissions."""
|
||||||
|
|
||||||
|
# try with regular user to make sure it doesn't work
|
||||||
|
resp = client.patch(
|
||||||
|
"/admin/settings",
|
||||||
|
json={"default_permissions": ["ADMIN"]},
|
||||||
|
headers={"Authorization": f"bearer {tokens['jeff']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 403
|
||||||
|
|
||||||
|
# test malformed patch
|
||||||
|
resp = client.patch(
|
||||||
|
"/admin/settings",
|
||||||
|
json="hurr durr",
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 400
|
||||||
|
|
||||||
|
resp = client.patch(
|
||||||
|
"/admin/settings",
|
||||||
|
json={"default_permissions": ["ADMIN"]},
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200
|
||||||
|
|
||||||
|
# request new info
|
||||||
|
resp = client.get(
|
||||||
|
"/admin/settings",
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200
|
||||||
|
|
||||||
|
assert server_settings_schema.load(resp.get_json()) == dict(
|
||||||
|
default_permissions=Bitmask(Permissions.ADMIN)
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def test_put_perms(client, tokens):
|
||||||
|
"""Test the PUT endpoint for default server permissions."""
|
||||||
|
|
||||||
|
# try with regular user to make sure it doesn't work
|
||||||
|
resp = client.put(
|
||||||
|
"/admin/settings",
|
||||||
|
json={"default_permissions": ["ADMIN"]},
|
||||||
|
headers={"Authorization": f"bearer {tokens['jeff']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 403
|
||||||
|
|
||||||
|
# test malformed put
|
||||||
|
resp = client.put(
|
||||||
|
"/admin/settings",
|
||||||
|
json="hurr durr",
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 400
|
||||||
|
|
||||||
|
# request current info (that we'll modify before putting back)
|
||||||
|
resp = client.get(
|
||||||
|
"/admin/settings",
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200
|
||||||
|
|
||||||
|
data = resp.get_json()
|
||||||
|
data["default_permissions"] = ["ADMIN"]
|
||||||
|
|
||||||
|
resp = client.put(
|
||||||
|
"/admin/settings",
|
||||||
|
json=data,
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200
|
||||||
|
|
||||||
|
# request new info
|
||||||
|
resp = client.get(
|
||||||
|
"/admin/settings",
|
||||||
|
headers={"Authorization": f"bearer {tokens['administrator']}"},
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200
|
||||||
|
|
||||||
|
assert server_settings_schema.load(resp.get_json()) == dict(
|
||||||
|
default_permissions=Bitmask(Permissions.ADMIN)
|
||||||
|
)
|
Loading…
Reference in New Issue
Block a user