Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

23.04 #161

Merged
merged 11 commits into from
May 4, 2023
Merged

23.04 #161

Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,6 @@ dmypy.json
# bco_api/api/migrations/
.DS_Store*
*.vscode/*

server.conf
# JetBrains IDEs
.idea/
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
2 changes: 1 addition & 1 deletion bco_api/api/model/groups.py → api/model/groups.py
Original file line number Diff line number Diff line change
Expand Up @@ -434,7 +434,7 @@ def associate_user_group(sender, instance, created, **kwargs):
Group.objects.create(name=instance)
group = Group.objects.get(name=instance)
group.user_set.add(instance)
if instance.username not in ["anon", "bco_drafter", "bco_publisher"]:
if instance.username not in ["anon", "bco_drafter", "bco_publisher", "AnonymousUser"]:
User.objects.get(username=instance).groups.add(
Group.objects.get(name="bco_drafter")
)
Expand Down
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@

from api.models import BCO
from api.scripts.utilities import UserUtils
from rest_framework import status
from rest_framework import status, authtoken
from rest_framework.response import Response
from guardian.shortcuts import get_objects_for_user

from authentication.selectors import get_user_from_auth_token

def get_draft_object_by_id(do_id, request):
"""Get a draft object
Expand Down Expand Up @@ -40,7 +40,10 @@ def get_draft_object_by_id(do_id, request):
status=status.HTTP_400_BAD_REQUEST,
)
# Get the requestor's info.
user = UserUtils.UserUtils().user_from_request(request=request)
try:
user = UserUtils.UserUtils().user_from_request(request=request)
except authtoken.models.Token.DoesNotExist:
user = get_user_from_auth_token(request.META.get("HTTP_AUTHORIZATION").split(" ")[1])
user_perms = UserUtils.UserUtils().prefix_perms_for_user(
flatten=True, user_object=user, specific_permission=["view"]
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ def POST_api_accounts_describe(token):

# Instantiate UserUtils
uu = UserUtils.UserUtils()

# Get the user's information
return Response(
data=uu.get_user_info(username=Token.objects.get(key=processed).user.username),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@
from django.conf import settings
from django.contrib.auth.models import Group
from django.utils import timezone
from rest_framework import status
from rest_framework import status, authtoken
from rest_framework.response import Response

from authentication.selectors import get_user_from_auth_token

def post_api_objects_drafts_create(request):
"""Create BCO Draft
Expand All @@ -31,7 +31,10 @@ def post_api_objects_drafts_create(request):
"""

db_utils = DbUtils.DbUtils()
user = UserUtils.UserUtils().user_from_request(request=request)
try:
user = UserUtils.UserUtils().user_from_request(request=request)
except authtoken.models.Token.DoesNotExist:
user = get_user_from_auth_token(request.META.get("HTTP_AUTHORIZATION").split(" ")[1])
prefix_perms = UserUtils.UserUtils().prefix_perms_for_user(
flatten=True, user_object=user, specific_permission=["add"]
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -416,7 +416,7 @@ def activate_account(self, p_email):
r = requests.post(
data=json.dumps(uu.get_user_info(username=new_username), default=str),
headers=headers,
url="http://127.0.0.1:8181/users/add_api/",
url="http://127.0.0.1:8080/users/add_api/",
)

# Delete the record in the temporary table.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -220,7 +220,6 @@ def prefix_perms_for_user(
# if not flatten:
# bco_specific['user']['bco'] = { }

# import pdb; pdb.set_trace()
# for k, v in prefixed['groups']:
# if 'bco' in prefixed['groups'][k]:
# if flatten:
Expand Down
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,5 @@ def test_post_api_groups_delete(self):
response = view(request)

# print("\ttest_post_api_groups_delete response: {}".format(response.data))
# import pdb; pdb.set_trace()
# Assert the status code is as expected.
self.assertEqual(response.status_code, 200)
File renamed without changes.
File renamed without changes.
File renamed without changes.
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ def test_user_creation(self):
self.assertEqual(user.__token__(), self.token)
self.assertEqual(user.__hostname__(), self.hostname)
self.assertEqual(user.__temp_identifier__(), self.temp_identifier)
# import pdb; pdb.set_trace()

def test_activate_user(self):
"""Activate new user
Expand Down
File renamed without changes.
File renamed without changes.
File renamed without changes.
60 changes: 46 additions & 14 deletions bco_api/api/views.py → api/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,16 @@
Django views for BCODB API
"""

import jwt
from django.contrib.auth.models import User
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
from rest_framework import status
from rest_framework.permissions import IsAuthenticated
from rest_framework.renderers import TemplateHTMLRenderer
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework.authtoken.models import Token
from api.permissions import RequestorInPrefixAdminsGroup
from api.scripts.method_specific.GET_activate_account import GET_activate_account
from api.scripts.method_specific.GET_draft_object_by_id import get_draft_object_by_id
Expand Down Expand Up @@ -228,10 +231,17 @@ def post(self, request):
Pass the request to the handling function
Source: https://stackoverflow.com/a/31813810
"""
if "Authorization" in request.headers:

if request.headers["Authorization"].split(" ")[0] == "Token" or request.headers["Authorization"].split(" ")[0] == "TOKEN":
return POST_api_accounts_describe(
token=request.META.get("HTTP_AUTHORIZATION")
)
if request.headers["Authorization"].split(" ")[0] == "Bearer":
jw_token=request.META.get("HTTP_AUTHORIZATION").split(" ")[1]
unverified_payload = jwt.decode(jw_token, None, False)
user = User.objects.get(email=unverified_payload['email'])
token = "Thing "+ str(Token.objects.get(user=user))
return POST_api_accounts_describe(token)
else:
return Response(status=status.HTTP_400_BAD_REQUEST)

Expand Down Expand Up @@ -1009,39 +1019,61 @@ class ApiObjectsPublish(APIView):
def post(self, request) -> Response:
return check_post_and_process(request, post_api_objects_publish)


class ApiObjectsSearch(APIView):
"""
Search for BCO

--------------------

Search for available BCO objects that match criteria.

`type` can be one of 3 different values => mine | prefix | bco_id
`search` should be an empty string if you are doing the mine search as that is for "My BCOs"
For prefix `search` should be the name of the prefix.
For `bco_id` it should be some substring that is present in the desired `bco_id` or SET of `bco_ids`

Shell
```shell
curl -X POST "http://localhost:8000/api/objects/search/" -H "accept: application/json" -H "Authorization: Token ${token}" -H "Content-Type: application/json" -d "{\"POST_api_objects_search\":[{\"type\": \"prefix\",\"search\": \"TEST\"}]}"
```

JavaScript
```javascript
axios.post("http://localhost:8000/api/objects/search/", {
"POST_api_objects_search":[
{
"type": "prefix",
"search": "TEST"
}
]
}, {
headers: {
"Authorization": "Token ${token},
"Content-Type": "application/json"
}
});
```
"""

# authentication_classes = []
# permission_classes = []
# TODO: Need to get the schema that is being sent here from FE
request_body = openapi.Schema(
type=openapi.TYPE_OBJECT,
title="BCO Publication Schema",
description="Publish description.",
title="BCO Search Schema",
description="Search for BCOs",
properties={
"x": openapi.Schema(
type=openapi.TYPE_STRING, description="Description of X"
"type": openapi.Schema(
type=openapi.TYPE_STRING, description="Type of search to perform"
),
"y": openapi.Schema(
type=openapi.TYPE_STRING, description="Description of Y"
"search": openapi.Schema(
type=openapi.TYPE_STRING, description="Search value"
),
},
)

@swagger_auto_schema(
request_body=request_body,
responses={
200: "BCO publication is successful.",
400: "Bad request.",
403: "Invalid token.",
200: "Search successful.",
404: "That prefix was not found on this server."
},
tags=["BCO Management"],
)
Expand Down
File renamed without changes.
7 changes: 7 additions & 0 deletions authentication/admin.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
"""Authentication Admin Pannel
"""

from django.contrib import admin
from authentication.models import Authentication

admin.site.register(Authentication)
Loading