discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

updateShout

Browse Source
This commit is contained in:
knst-kotov 2021-08-18 19:53:55 +03:00
parent b8b7854c4c
commit 1ce88a3515
3 changed files with 83 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
auth/authenticate.py
View File

@ -62,8 +62,10 @@ class JWTAuthenticate(AuthenticationBackend):
except Exception as exc: except Exception as exc:
return AuthCredentials(scopes=[], error_message=str(exc)), AuthUser(user_id=None) return AuthCredentials(scopes=[], error_message=str(exc)), AuthUser(user_id=None)
if payload is None:
return AuthCredentials(scopes=[]), AuthUser(user_id=None)
scopes = User.get_permission(user_id=payload.user_id) scopes = User.get_permission(user_id=payload.user_id)
print(scopes)
return AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True), AuthUser(user_id=payload.user_id) return AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True), AuthUser(user_id=payload.user_id)

6
orm/user.py
View File

@ -17,7 +17,7 @@ class UserRole(Base):
class User(Base): class User(Base):
__tablename__ = 'user' __tablename__ = 'user'
email: str = Column(String, nullable=False) email: str = Column(String, unique=True, nullable=False)
username: str = Column(String, nullable=False, comment="Name") username: str = Column(String, nullable=False, comment="Name")
password: str = Column(String, nullable=True, comment="Password") password: str = Column(String, nullable=True, comment="Password")
@ -32,7 +32,9 @@ class User(Base):
user = session.query(User).filter(User.id == user_id).first() user = session.query(User).filter(User.id == user_id).first()
for role in user.roles: for role in user.roles:
for p in role.permissions: for p in role.permissions:
scope[p.resource_id] = p.operation_id if not p.resource_id in scope:
scope[p.resource_id] = set()
scope[p.resource_id].add(p.operation_id)
return scope return scope

31
resolvers/zine.py
View File

@ -1,4 +1,4 @@
from orm import Shout, User, Organization from orm import Shout, User, Organization, Resource
from orm.base import local_session from orm.base import local_session
from resolvers.base import mutation, query from resolvers.base import mutation, query
@ -119,13 +119,16 @@ async def create_shout(_, info, input):
@mutation.field("updateShout") @mutation.field("updateShout")
@login_required @login_required
async def update_shout(_, info, shout_id, input): async def update_shout(_, info, input):
auth = info.context["request"].auth auth = info.context["request"].auth
user_id = auth.user_id user_id = auth.user_id
slug = input["slug"]
org_id = org = input["org_id"]
with local_session() as session: with local_session() as session:
user = session.query(User).filter(User.id == user_id).first() user = session.query(User).filter(User.id == user_id).first()
shout = session.query(Shout).filter(Shout.id == shout_id).first() shout = session.query(Shout).filter(Shout.slug == slug).first()
org = session.query(Organization).filter(Organization.id == org_id).first()
if not shout: if not shout:
return { return {
@ -133,12 +136,30 @@ async def update_shout(_, info, shout_id, input):
} }
if shout.author_id != user_id: if shout.author_id != user_id:
scope = info.context["request"].scope scopes = auth.scopes
if not Resource.shout_id in scope: print(scopes)
if not Resource.shout_id in scopes:
return { return {
"error" : "access denied" "error" : "access denied"
} }
shout.body = input["body"],
shout.replyTo = input.get("replyTo"),
shout.versionOf = input.get("versionOf"),
shout.tags = input.get("tags"),
shout.topics = input.get("topics")
with local_session() as session:
session.commit()
task = GitTask(
input,
org.name,
user.username,
user.email,
"update shout %s" % (shout.slug)
)
return { return {
"shout" : shout "shout" : shout
} }