Merge pull request #39 from eReuse/feature/27-permission-posting-action

feature/27-permission-posting-action
This commit is contained in:
Jordi Nadeu 2020-08-17 16:52:00 +02:00 committed by GitHub
commit 450817e430
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
35 changed files with 1127 additions and 517 deletions

View file

@ -9,8 +9,8 @@ import ereuse_utils.cli
from ereuse_utils.session import DevicehubClient
from flask.globals import _app_ctx_stack, g
from flask_sqlalchemy import SQLAlchemy
from teal.teal import Teal
from teal.db import SchemaSQLAlchemy
from teal.teal import Teal
from ereuse_devicehub.auth import Auth
from ereuse_devicehub.client import Client, UserClient
@ -19,7 +19,6 @@ from ereuse_devicehub.db import db
from ereuse_devicehub.dummy.dummy import Dummy
from ereuse_devicehub.resources.device.search import DeviceSearch
from ereuse_devicehub.resources.inventory import Inventory, InventoryDef
from ereuse_devicehub.resources.user import User
from ereuse_devicehub.templating import Environment
@ -117,7 +116,6 @@ class Devicehub(Teal):
self.db.session.commit()
print('done.')
def _init_db(self, exclude_schema=None) -> bool:
if exclude_schema:
assert isinstance(self.db, SchemaSQLAlchemy)

View file

@ -1,13 +1,9 @@
from __future__ import with_statement
import os
from logging.config import fileConfig
from sqlalchemy import engine_from_config
from sqlalchemy import pool
from sqlalchemy import create_engine
from sqlalchemy.ext.declarative import declarative_base
from alembic import context
from sqlalchemy import create_engine
from ereuse_devicehub.config import DevicehubConfig
@ -24,10 +20,11 @@ fileConfig(config.config_file_name)
# from myapp import mymodel
# target_metadata = mymodel.Base.metadata
# target_metadata = None
from ereuse_devicehub.db import db
from ereuse_devicehub.resources.models import Thing
target_metadata = Thing.metadata
# other values from the config, defined by the needs of env.py,
# can be acquired:
# my_important_option = config.get_main_option("my_important_option")

View file

@ -5,14 +5,10 @@ Revises: 151253ac5c55
Create Date: 2020-06-30 17:41:28.611314
"""
from alembic import op
from alembic import context
import sqlalchemy as sa
import sqlalchemy_utils
from alembic import context
from alembic import op
from sqlalchemy.dialects import postgresql
import citext
import teal
# revision identifiers, used by Alembic.
revision = 'b9b0ee7d9dca'
@ -27,6 +23,7 @@ def get_inv():
raise ValueError("Inventory value is not specified")
return INV
def upgrade():
op.add_column('tag', sa.Column('owner_id', postgresql.UUID(), nullable=True), schema=f'{get_inv()}')
op.create_foreign_key("fk_tag_owner_id_user_id",

File diff suppressed because one or more lines are too long

View file

@ -552,5 +552,6 @@ class MigrateTo(Migrate):
class MigrateFrom(Migrate):
pass
class Transferred(ActionWithMultipleDevices):
pass

View file

@ -1,6 +1,5 @@
from typing import Iterable
import math
from typing import Iterable
from ereuse_devicehub.resources.device.models import Device

View file

@ -3,7 +3,7 @@ from itertools import groupby
from typing import Dict, Iterable, Tuple
from ereuse_devicehub.resources.action.models import BenchmarkDataStorage, BenchmarkProcessor, \
BenchmarkProcessorSysbench, RateComputer, VisualTest
BenchmarkProcessorSysbench, RateComputer
from ereuse_devicehub.resources.action.rate.rate import BaseRate
from ereuse_devicehub.resources.device.models import Computer, DataStorage, Processor, \
RamModule

View file

@ -457,5 +457,3 @@ class MigrateFrom(Migrate):
class Transferred(ActionWithMultipleDevices):
__doc__ = m.Transferred.__doc__

View file

@ -2,7 +2,7 @@ from distutils.version import StrictVersion
from typing import List
from uuid import UUID
from flask import current_app as app, request
from flask import current_app as app, request, g
from sqlalchemy.util import OrderedSet
from teal.marshmallow import ValidationError
from teal.resource import View
@ -13,6 +13,7 @@ from ereuse_devicehub.resources.action.models import Action, RateComputer, Snaps
from ereuse_devicehub.resources.action.rate.v1_0 import CannotRate
from ereuse_devicehub.resources.device.models import Component, Computer
from ereuse_devicehub.resources.enums import SnapshotSoftware, Severity
from ereuse_devicehub.resources.user.exceptions import InsufficientPermission
SUPPORTED_WORKBENCH = StrictVersion('11.0')
@ -56,6 +57,7 @@ class ActionView(View):
# Note that if we set the device / components into the snapshot
# model object, when we flush them to the db we will flush
# snapshot, and we want to wait to flush snapshot at the end
device = snapshot_json.pop('device') # type: Computer
components = None
if snapshot_json['software'] == (SnapshotSoftware.Workbench or SnapshotSoftware.WorkbenchAndroid):
@ -73,6 +75,7 @@ class ActionView(View):
assert not device.actions_one
assert all(not c.actions_one for c in components) if components else True
db_device, remove_actions = resource_def.sync.run(device, components)
del device # Do not use device anymore
snapshot.device = db_device
snapshot.actions |= remove_actions | actions_device # Set actions to snapshot
@ -87,8 +90,11 @@ class ActionView(View):
component.actions_one |= actions
snapshot.actions |= actions
# Compute ratings
if snapshot.software == SnapshotSoftware.Workbench:
# Check ownership of (non-component) device to from current.user
if db_device.owner_id != g.user.id:
raise InsufficientPermission()
# Compute ratings
try:
rate_computer, price = RateComputer.compute(db_device)
except CannotRate:

View file

@ -1,9 +1,7 @@
import pathlib
from typing import Callable, Iterable, Tuple
from teal.resource import Converters, Resource
from ereuse_devicehub.db import db
from ereuse_devicehub.resources.deliverynote import schemas
from ereuse_devicehub.resources.deliverynote.views import DeliverynoteView

View file

@ -1,20 +1,19 @@
import uuid
from datetime import datetime
from typing import Iterable
from boltons import urlutils
from citext import CIText
from flask import g
from typing import Iterable
from sqlalchemy.types import ARRAY
from sqlalchemy.dialects.postgresql import UUID, JSONB
from teal.db import CASCADE_OWN, check_range, IntEnum
from teal.db import check_range, IntEnum
from teal.resource import url_for_resource
from ereuse_devicehub.db import db, f
from ereuse_devicehub.db import db
from ereuse_devicehub.resources.enums import TransferState
from ereuse_devicehub.resources.lot.models import Lot
from ereuse_devicehub.resources.models import Thing
from ereuse_devicehub.resources.user.models import User
from ereuse_devicehub.resources.lot.models import Lot
from ereuse_devicehub.resources.enums import TransferState
class Deliverynote(Thing):

View file

@ -1,13 +1,12 @@
from marshmallow import fields as f
from teal.marshmallow import SanitizedStr, URL, EnumField
from teal.marshmallow import SanitizedStr, EnumField
from ereuse_devicehub.marshmallow import NestedOn
from ereuse_devicehub.resources.deliverynote import models as m
from ereuse_devicehub.resources.user import schemas as s_user
from ereuse_devicehub.resources.device import schemas as s_device
from ereuse_devicehub.resources.enums import TransferState
from ereuse_devicehub.resources.models import STR_SIZE
from ereuse_devicehub.resources.schemas import Thing
from ereuse_devicehub.resources.enums import TransferState
from ereuse_devicehub.resources.user import schemas as s_user
class Deliverynote(Thing):

View file

@ -1,22 +1,12 @@
import datetime
import uuid
from collections import deque
from enum import Enum
from typing import Dict, List, Set, Union
import marshmallow as ma
import teal.cache
from flask import Response, jsonify, request
from marshmallow import Schema as MarshmallowSchema, fields as f
from teal.marshmallow import EnumField
from flask import Response, request
from teal.resource import View
from sqlalchemy.orm import joinedload
from ereuse_devicehub.db import db
from ereuse_devicehub.query import things_response
from ereuse_devicehub.resources.deliverynote.models import Deliverynote
from ereuse_devicehub.resources.lot.models import Lot
from ereuse_devicehub.resources.device.models import Computer
class DeliverynoteView(View):

View file

@ -7,17 +7,17 @@ from typing import Dict, List, Set
from boltons import urlutils
from citext import CIText
from flask import g
from ereuse_utils.naming import HID_CONVERSION_DOC, Naming
from flask import g
from more_itertools import unique_everseen
from sqlalchemy import BigInteger, Boolean, Column, Enum as DBEnum, Float, ForeignKey, Integer, \
Sequence, SmallInteger, Unicode, inspect, text
from sqlalchemy.dialects.postgresql import UUID
from sqlalchemy.ext.declarative import declared_attr
from sqlalchemy.ext.hybrid import hybrid_property
from sqlalchemy.orm import ColumnProperty, backref, relationship, validates
from sqlalchemy.util import OrderedSet
from sqlalchemy_utils import ColorType
from sqlalchemy.dialects.postgresql import UUID
from stdnum import imei, meid
from teal.db import CASCADE_DEL, POLYMORPHIC_ID, POLYMORPHIC_ON, ResourceNotFound, URL, \
check_lower, check_range, IntEnum
@ -382,7 +382,7 @@ class Computer(Device):
It is a subset of the Linux definition of DMI / DMI decode.
"""
ethereum_address = Column(CIText(), unique=True, default=None)
deposit = Column(Integer, check_range('deposit',min=0,max=100), default=0)
deposit = Column(Integer, check_range('deposit', min=0, max=100), default=0)
owner_id = db.Column(UUID(as_uuid=True),
db.ForeignKey(User.id),
nullable=False,

View file

@ -14,7 +14,6 @@ from ereuse_devicehub.resources import enums
from ereuse_devicehub.resources.device import models as m, states
from ereuse_devicehub.resources.models import STR_BIG_SIZE, STR_SIZE
from ereuse_devicehub.resources.schemas import Thing, UnitCodes
from ereuse_devicehub.resources.user import schemas as s_user
class Device(Thing):

View file

@ -6,8 +6,7 @@ import marshmallow
from flask import g, current_app as app, render_template, request, Response
from flask.json import jsonify
from flask_sqlalchemy import Pagination
from marshmallow import fields, fields as f, validate as v, ValidationError, \
Schema as MarshmallowSchema
from marshmallow import fields, fields as f, validate as v, Schema as MarshmallowSchema
from teal import query
from teal.cache import cache
from teal.resource import View
@ -20,9 +19,9 @@ from ereuse_devicehub.resources.action import models as actions
from ereuse_devicehub.resources.device import states
from ereuse_devicehub.resources.device.models import Device, Manufacturer, Computer
from ereuse_devicehub.resources.device.search import DeviceSearch
from ereuse_devicehub.resources.enums import SnapshotSoftware
from ereuse_devicehub.resources.lot.models import LotDeviceDescendants
from ereuse_devicehub.resources.tag.model import Tag
from ereuse_devicehub.resources.enums import SnapshotSoftware
class OfType(f.Str):
@ -103,14 +102,15 @@ class DeviceView(View):
if isinstance(dev, Computer):
resource_def = app.resources['Computer']
# TODO check how to handle the 'actions_one'
patch_schema = resource_def.SCHEMA(only=['ethereum_address', 'transfer_state', 'deliverynote_address', 'actions_one'], partial=True)
patch_schema = resource_def.SCHEMA(
only=['ethereum_address', 'transfer_state', 'deliverynote_address', 'actions_one'], partial=True)
json = request.get_json(schema=patch_schema)
# TODO check how to handle the 'actions_one'
json.pop('actions_one')
if not dev:
raise ValueError('Device non existent')
for key, value in json.items():
setattr(dev,key,value)
setattr(dev, key, value)
db.session.commit()
return Response(status=204)
raise ValueError('Cannot patch a non computer')
@ -157,7 +157,6 @@ class DeviceView(View):
query = self.visibility_filter(query)
return query.filter(*args['filter']).order_by(*args['sort'])
def visibility_filter(self, query):
filterqs = request.args.get('filter', None)
if (filterqs and
@ -166,11 +165,12 @@ class DeviceView(View):
pass
return query
class DeviceMergeView(View):
class DeviceMergeView(View):
"""View for merging two devices
Ex. ``device/<id>/merge/id=X``.
"""
class FindArgs(MarshmallowSchema):
id = fields.Integer()
@ -197,10 +197,13 @@ class DeviceMergeView(View):
This operation is highly costly as it forces refreshing
many models in session.
"""
snapshots = sorted(filterfalse(lambda x: not isinstance(x, actions.Snapshot), (base_device.actions + with_device.actions)))
workbench_snapshots = [ s for s in snapshots if s.software == (SnapshotSoftware.Workbench or SnapshotSoftware.WorkbenchAndroid)]
latest_snapshot_device = [ d for d in (base_device, with_device) if d.id == snapshots[-1].device.id][0]
latest_snapshotworkbench_device = [ d for d in (base_device, with_device) if d.id == workbench_snapshots[-1].device.id][0]
snapshots = sorted(
filterfalse(lambda x: not isinstance(x, actions.Snapshot), (base_device.actions + with_device.actions)))
workbench_snapshots = [s for s in snapshots if
s.software == (SnapshotSoftware.Workbench or SnapshotSoftware.WorkbenchAndroid)]
latest_snapshot_device = [d for d in (base_device, with_device) if d.id == snapshots[-1].device.id][0]
latest_snapshotworkbench_device = \
[d for d in (base_device, with_device) if d.id == workbench_snapshots[-1].device.id][0]
# Adding actions of with_device
with_actions_one = [a for a in with_device.actions if isinstance(a, actions.ActionWithOneDevice)]
with_actions_multiple = [a for a in with_device.actions if isinstance(a, actions.ActionWithMultipleDevices)]

View file

@ -20,7 +20,6 @@ from ereuse_devicehub.resources.device import models as devs
from ereuse_devicehub.resources.device.views import DeviceView
from ereuse_devicehub.resources.documents.device_row import DeviceRow
from flask import g, request
class Format(enum.Enum):
HTML = 'HTML'
@ -155,6 +154,7 @@ class DocumentDef(Resource):
SCHEMA = None
VIEW = None # We do not want to create default / documents endpoint
AUTH = False
def __init__(self, app,
import_name=__name__,
static_folder='static',

View file

@ -370,6 +370,7 @@ class ErasureStandards(Enum):
standards.add(cls.HMG_IS5)
return standards
@unique
class TransferState(IntEnum):
"""State of transfer for a given Lot of devices.

View file

@ -5,7 +5,7 @@ from typing import Union
from boltons import urlutils
from citext import CIText
from flask import g
from sqlalchemy import TEXT, Enum as DBEnum
from sqlalchemy import TEXT
from sqlalchemy.dialects.postgresql import UUID
from sqlalchemy_utils import LtreeType
from sqlalchemy_utils.types.ltree import LQUERY
@ -14,9 +14,9 @@ from teal.resource import url_for_resource
from ereuse_devicehub.db import create_view, db, exp, f
from ereuse_devicehub.resources.device.models import Component, Device
from ereuse_devicehub.resources.enums import TransferState
from ereuse_devicehub.resources.models import Thing
from ereuse_devicehub.resources.user.models import User
from ereuse_devicehub.resources.enums import TransferState
class Lot(Thing):

View file

@ -2,12 +2,12 @@ from marshmallow import fields as f
from teal.marshmallow import SanitizedStr, URL, EnumField
from ereuse_devicehub.marshmallow import NestedOn
from ereuse_devicehub.resources.device import schemas as s_device
from ereuse_devicehub.resources.lot import models as m
from ereuse_devicehub.resources.deliverynote import schemas as s_deliverynote
from ereuse_devicehub.resources.device import schemas as s_device
from ereuse_devicehub.resources.enums import TransferState
from ereuse_devicehub.resources.lot import models as m
from ereuse_devicehub.resources.models import STR_SIZE
from ereuse_devicehub.resources.schemas import Thing
from ereuse_devicehub.resources.enums import TransferState
class Lot(Thing):

View file

@ -1,24 +1,20 @@
import datetime
import uuid
from collections import deque
from enum import Enum
from typing import Dict, List, Set, Union
import marshmallow as ma
import teal.cache
from flask import Response, jsonify, request, g
from marshmallow import Schema as MarshmallowSchema, fields as f
from sqlalchemy import or_
from teal.marshmallow import EnumField
from teal.resource import View
from sqlalchemy import or_
from sqlalchemy.orm import joinedload
from ereuse_devicehub import auth
from ereuse_devicehub.db import db
from ereuse_devicehub.query import things_response
from ereuse_devicehub.resources.deliverynote.models import Deliverynote
from ereuse_devicehub.resources.device.models import Device, Computer
from ereuse_devicehub.resources.lot.models import Lot, Path
from ereuse_devicehub.resources.deliverynote.models import Deliverynote
class LotFormat(Enum):
@ -44,7 +40,9 @@ class LotView(View):
return ret
def patch(self, id):
patch_schema = self.resource_def.SCHEMA(only=('name', 'description', 'transfer_state', 'receiver_address', 'deposit', 'deliverynote_address', 'devices', 'owner_address'), partial=True)
patch_schema = self.resource_def.SCHEMA(only=(
'name', 'description', 'transfer_state', 'receiver_address', 'deposit', 'deliverynote_address', 'devices',
'owner_address'), partial=True)
l = request.get_json(schema=patch_schema)
lot = Lot.query.filter_by(id=id).one()
device_fields = ['transfer_state', 'receiver_address', 'deposit', 'deliverynote_address', 'owner_address']

View file

@ -2,30 +2,22 @@
"""
from collections import Iterable
from datetime import datetime
from typing import Optional, Set, Union
from uuid import uuid4
from boltons import urlutils
from citext import CIText
from flask import current_app as app, g
from sortedcontainers import SortedSet
from sqlalchemy import BigInteger, Column, Enum as DBEnum, \
ForeignKey, Integer, Unicode
from flask import g
from sqlalchemy import BigInteger, Column, ForeignKey, Unicode
from sqlalchemy.dialects.postgresql import UUID
from sqlalchemy.ext.declarative import declared_attr
from sqlalchemy.ext.orderinglist import ordering_list
from sqlalchemy.orm import backref, relationship, validates
from sqlalchemy.util import OrderedSet
from sqlalchemy.orm import backref, relationship
from teal.db import CASCADE_OWN, INHERIT_COND, POLYMORPHIC_ID, \
POLYMORPHIC_ON, StrictVersionType, URL
from teal.marshmallow import ValidationError
POLYMORPHIC_ON
from teal.resource import url_for_resource
from ereuse_devicehub.db import db
from ereuse_devicehub.resources.action.models import Action, DisposeProduct, \
EraseBasic, Rate, Trade
from ereuse_devicehub.resources.action.models import EraseBasic, Rate
from ereuse_devicehub.resources.device.models import Device
from ereuse_devicehub.resources.models import Thing
from ereuse_devicehub.resources.user import User
@ -83,7 +75,6 @@ class Proof(Thing):
return '<{0.t} {0.id} >'.format(self)
class ProofTransfer(JoinedTableMixin, Proof):
supplier_id = db.Column(UUID(as_uuid=True),
db.ForeignKey(User.id),

View file

@ -1,17 +1,15 @@
from flask import current_app as app
from marshmallow import Schema as MarshmallowSchema, ValidationError, fields as f, validates_schema
from marshmallow.fields import Boolean, DateTime, Integer, Nested, String, UUID
from marshmallow import fields as f
from marshmallow import fields as f
from marshmallow.fields import Boolean, DateTime, Integer, String, UUID
from marshmallow.validate import Length
from sqlalchemy.util import OrderedSet
from teal.marshmallow import SanitizedStr, URL
from teal.resource import Schema
from ereuse_devicehub.marshmallow import NestedOn
from ereuse_devicehub.resources.proof import models as m
from ereuse_devicehub.resources.models import STR_BIG_SIZE, STR_SIZE
from ereuse_devicehub.resources.schemas import Thing
from ereuse_devicehub.resources.action import schemas as s_action
from ereuse_devicehub.resources.device import schemas as s_device
from ereuse_devicehub.resources.models import STR_BIG_SIZE, STR_SIZE
from ereuse_devicehub.resources.proof import models as m
from ereuse_devicehub.resources.schemas import Thing
from ereuse_devicehub.resources.user import schemas as s_user

View file

@ -1,18 +1,10 @@
from distutils.version import StrictVersion
from typing import List
from uuid import UUID
from flask import current_app as app, request, jsonify
from sqlalchemy.util import OrderedSet
from teal.marshmallow import ValidationError
from teal.resource import View
from ereuse_devicehub.db import db
from ereuse_devicehub.query import things_response
from ereuse_devicehub.resources.action.models import Action, RateComputer, Snapshot, VisualTest
from ereuse_devicehub.resources.action.rate.v1_0 import CannotRate
from ereuse_devicehub.resources.device.models import Component, Computer
from ereuse_devicehub.resources.enums import SnapshotSoftware
SUPPORTED_WORKBENCH = StrictVersion('11.0')

View file

@ -1,8 +1,8 @@
from contextlib import suppress
from typing import Set
from flask import g
from boltons import urlutils
from flask import g
from sqlalchemy import BigInteger, Column, ForeignKey, UniqueConstraint
from sqlalchemy.dialects.postgresql import UUID
from sqlalchemy.orm import backref, relationship, validates
@ -13,8 +13,8 @@ from teal.resource import url_for_resource
from ereuse_devicehub.db import db
from ereuse_devicehub.resources.agent.models import Organization
from ereuse_devicehub.resources.device.models import Device
from ereuse_devicehub.resources.user.models import User
from ereuse_devicehub.resources.models import Thing
from ereuse_devicehub.resources.user.models import User
class Tags(Set['Tag']):

View file

@ -3,11 +3,11 @@ from sqlalchemy.util import OrderedSet
from teal.marshmallow import SanitizedStr, URL
from ereuse_devicehub.marshmallow import NestedOn
from ereuse_devicehub.resources.user.schemas import User
from ereuse_devicehub.resources.agent.schemas import Organization
from ereuse_devicehub.resources.device.schemas import Device
from ereuse_devicehub.resources.schemas import Thing
from ereuse_devicehub.resources.tag import model as m
from ereuse_devicehub.resources.user.schemas import User
def without_slash(x: str) -> bool:

View file

@ -3,8 +3,8 @@ from flask_sqlalchemy import Pagination
from teal.marshmallow import ValidationError
from teal.resource import View, url_for_resource
from ereuse_devicehub.db import db
from ereuse_devicehub import auth
from ereuse_devicehub.db import db
from ereuse_devicehub.query import things_response
from ereuse_devicehub.resources.device.models import Device
from ereuse_devicehub.resources.tag import Tag

View file

@ -1,5 +1,13 @@
from werkzeug.exceptions import Unauthorized
from werkzeug.exceptions import Unauthorized, Forbidden
class WrongCredentials(Unauthorized):
description = 'There is not an user with the matching username/password'
class InsufficientPermission(Forbidden):
description = (
"You don't have the permissions to access the requested"
"resource. It is either read-protected or not readable by the"
"server."
)

View file

@ -1,10 +1,10 @@
from uuid import uuid4
from citext import CIText
from flask import current_app as app
from sqlalchemy import Column
from sqlalchemy.dialects.postgresql import UUID
from sqlalchemy_utils import EmailType, PasswordType
from citext import CIText
from ereuse_devicehub.db import db
from ereuse_devicehub.resources.inventory.model import Inventory