added stub for server settings

we can now modify the default permissions for unauthenticated users
it doesn't do anything yet, though
This commit is contained in:
dogeystamp 2023-04-02 14:00:11 -04:00
parent f49d47fda6
commit 743c8b9eaa
Signed by: dogeystamp
GPG Key ID: 7225FE3592EFFA38
6 changed files with 179 additions and 2 deletions

View File

@ -1,6 +1,6 @@
attrs==22.2.0 attrs==22.2.0
bcrypt==4.0.1 bcrypt==4.0.1
bitmask @ git+https://github.com/dogeystamp/bitmask@8524113fcdc22a570bda77d440374f5f269fdb79 bitmask @ git+https://github.com/dogeystamp/bitmask@e3726f069c24f1db6ecb2e3d3143c9c930c83fa5
black==23.3.0 black==23.3.0
click==8.1.3 click==8.1.3
coverage==7.2.1 coverage==7.2.1

View File

@ -27,5 +27,9 @@ from sachet.server.users.views import users_blueprint
app.register_blueprint(users_blueprint) app.register_blueprint(users_blueprint)
from sachet.server.admin.views import admin_blueprint
app.register_blueprint(admin_blueprint)
with app.app_context(): with app.app_context():
db.create_all() db.create_all()

View File

View File

@ -0,0 +1,41 @@
from flask import Blueprint, request, jsonify
from flask.views import MethodView
from sachet.server.models import ServerSettings
from sachet.server import db
from sachet.server.views_common import auth_required, ModelAPI
admin_blueprint = Blueprint("admin_blueprint", __name__)
class ServerSettingsAPI(ModelAPI):
def get_settings(self):
rows = ServerSettings.query.all()
if len(rows) == 0:
settings = ServerSettings()
db.session.add(settings)
db.session.commit()
return settings
return rows[-1]
@auth_required(require_admin=True)
def get(self, auth_user=None):
settings = self.get_settings()
return super().get(settings)
@auth_required(require_admin=True)
def patch(self, auth_user=None):
settings = self.get_settings()
return super().patch(settings)
@auth_required(require_admin=True)
def put(self, auth_user=None):
settings = self.get_settings()
return super().put(settings)
admin_blueprint.add_url_rule(
"/admin/settings",
view_func=ServerSettingsAPI.as_view("server_settings_api"),
methods=["PATCH", "GET", "PUT"],
)

View File

@ -129,7 +129,7 @@ class User(db.Model):
username = ma.auto_field() username = ma.auto_field()
register_date = ma.auto_field() register_date = ma.auto_field()
permissions = PermissionField(data_key="permissions") permissions = PermissionField()
return Schema() return Schema()
@ -167,3 +167,24 @@ class BlacklistToken(db.Model):
if entry.expires < datetime.datetime.utcnow(): if entry.expires < datetime.datetime.utcnow():
db.session.delete(entry) db.session.delete(entry)
return True return True
class ServerSettings(db.Model):
__tablename__ = "server_settings"
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
default_permissions_number = db.Column(db.BigInteger, nullable=False, default=0)
default_permissions = PermissionProperty()
def __init__(self, default_permissions=Bitmask(AllFlags=Permissions)):
self.default_permissions = default_permissions
def get_schema(self):
class Schema(ma.SQLAlchemySchema):
class Meta:
model = self
default_permissions = PermissionField()
return Schema()

View File

@ -0,0 +1,111 @@
from bitmask import Bitmask
from sachet.server.models import Permissions, ServerSettings
server_settings_schema = ServerSettings.get_schema(ServerSettings)
def test_default_perms(client, tokens):
"""Test the default permissions."""
# try with regular user to make sure it doesn't work
resp = client.get(
"/admin/settings",
headers={"Authorization": f"bearer {tokens['jeff']}"},
)
assert resp.status_code == 403
resp = client.get(
"/admin/settings",
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 200
assert server_settings_schema.load(resp.get_json()) == dict(
default_permissions=Bitmask(AllFlags=Permissions)
)
def test_patch_perms(client, tokens):
"""Test the PATCH endpoint for default server permissions."""
# try with regular user to make sure it doesn't work
resp = client.patch(
"/admin/settings",
json={"default_permissions": ["ADMIN"]},
headers={"Authorization": f"bearer {tokens['jeff']}"},
)
assert resp.status_code == 403
# test malformed patch
resp = client.patch(
"/admin/settings",
json="hurr durr",
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 400
resp = client.patch(
"/admin/settings",
json={"default_permissions": ["ADMIN"]},
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 200
# request new info
resp = client.get(
"/admin/settings",
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 200
assert server_settings_schema.load(resp.get_json()) == dict(
default_permissions=Bitmask(Permissions.ADMIN)
)
def test_put_perms(client, tokens):
"""Test the PUT endpoint for default server permissions."""
# try with regular user to make sure it doesn't work
resp = client.put(
"/admin/settings",
json={"default_permissions": ["ADMIN"]},
headers={"Authorization": f"bearer {tokens['jeff']}"},
)
assert resp.status_code == 403
# test malformed put
resp = client.put(
"/admin/settings",
json="hurr durr",
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 400
# request current info (that we'll modify before putting back)
resp = client.get(
"/admin/settings",
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 200
data = resp.get_json()
data["default_permissions"] = ["ADMIN"]
resp = client.put(
"/admin/settings",
json=data,
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 200
# request new info
resp = client.get(
"/admin/settings",
headers={"Authorization": f"bearer {tokens['administrator']}"},
)
assert resp.status_code == 200
assert server_settings_schema.load(resp.get_json()) == dict(
default_permissions=Bitmask(Permissions.ADMIN)
)