evyos-center-server
/
wag-managment-api-service-version-2
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

single endpoint check

This commit is contained in:
berkay 2025-01-01 13:21:04 +03:00
parent 05c8af2310
commit 73645ce3ca
6 changed files with 65 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
api_configs/configs.py
View File

@ -33,6 +33,7 @@ class Config:
] ]
NOT_SECURE_PATHS = [ NOT_SECURE_PATHS = [
"/access/endpoints/available", "/access/endpoints/available",
"/access/endpoint/available"
"/validations/endpoint", "/validations/endpoint",
"/authentication/avatar", "/authentication/avatar",
] ]

2
api_validations/validations_request/__init__.py
View File

@ -120,6 +120,7 @@ from .rules import (
UpdateEndpointAccess, UpdateEndpointAccess,
UpdateEndpointAccessList, UpdateEndpointAccessList,
InsertEndpointAccess, InsertEndpointAccess,
CheckEndpointAccess,
) )
from .services import ( from .services import (
RegisterServices2Employee, RegisterServices2Employee,
@ -231,6 +232,7 @@ __all__ = [
"UpdateEndpointAccess", "UpdateEndpointAccess",
"UpdateEndpointAccessList", "UpdateEndpointAccessList",
"InsertEndpointAccess", "InsertEndpointAccess",
"CheckEndpointAccess",
"RegisterServices2Employee", "RegisterServices2Employee",
"RegisterServices2Occupant", "RegisterServices2Occupant",
"InsertStaff", "InsertStaff",

3
api_validations/validations_request/rules.py
View File

@ -6,6 +6,9 @@ from api_validations.validations_request import (
) )
class CheckEndpointAccess(BaseModelRegular):
endpoint: str
class InsertEndpointAccess(PydanticBaseModel): class InsertEndpointAccess(PydanticBaseModel):
duty_uu_id: str duty_uu_id: str
endpoint_restriction_list_uu_ids: list endpoint_restriction_list_uu_ids: list

1
databases/sql_models/postgres_database.py
View File

@ -1,4 +1,5 @@
from api_configs import WagDatabase from api_configs import WagDatabase
# from api_configs import TestDatabase as WagDatabase # from api_configs import TestDatabase as WagDatabase
from sqlalchemy import create_engine from sqlalchemy import create_engine

57
service_app/routers/rules/router.py
View File

@ -4,7 +4,7 @@ from fastapi.requests import Request
from api_objects import OccupantTokenObject, EmployeeTokenObject from api_objects import OccupantTokenObject, EmployeeTokenObject
from api_validations.validations_request import ( from api_validations.validations_request import (
UpdateEndpointAccessList, UpdateEndpointAccessList,
InsertEndpointAccess, InsertEndpointAccess, CheckEndpointAccess,
) )
from api_services.redis.auth_actions.token import parse_token_object_to_dict from api_services.redis.auth_actions.token import parse_token_object_to_dict
@ -14,6 +14,7 @@ from databases import (
Event2Employee, Event2Employee,
Events, Events,
) )
from databases.sql_models.event.event import Services, Service2Events
endpoint_restriction_route = APIRouter(prefix="/access", tags=["Endpoint Access"]) endpoint_restriction_route = APIRouter(prefix="/access", tags=["Endpoint Access"])
endpoint_restriction_route.include_router( endpoint_restriction_route.include_router(
@ -66,6 +67,60 @@ def endpoint_restriction_list(request: Request):
) )
@endpoint_restriction_route.post(
path="/endpoint/available", summary="List extra restriction to endpoints list"
)
def endpoint_restriction_available(request: Request, data: CheckEndpointAccess):
token_dict, records = parse_token_object_to_dict(request=request), []
endpoint = EndpointRestriction.filter_one(
EndpointRestriction.endpoint_name.ilike(f"%{str(data.endpoint)}%")
).data
if not endpoint:
EndpointRestriction.raise_http_exception(
status_code="HTTP_404_NOT_FOUND",
error_case="UNAUTHORIZED",
message="Only Occupant can see this data",
data={},
)
event = Events.filter_one(Events.id == endpoint.id).data
service = Service2Events.filter_one(
Service2Events.event_id == event.id,
).data
if isinstance(token_dict, OccupantTokenObject):
event_occupant = Event2Occupant.filter_one(
Event2Occupant.event_service_id == service.id,
Event2Occupant.build_living_space_id
== token_dict.selected_occupant.living_space_id,
).data
if not event_occupant:
EndpointRestriction.raise_http_exception(
status_code="HTTP_404_NOT_FOUND",
error_case="UNAUTHORIZED",
message="Only Occupant can see this data",
data={},
)
return dict(
completed=True,
message="Endpoint is available for this occupant",
)
elif isinstance(token_dict, EmployeeTokenObject):
event_employee = Event2Employee.filter_one(
Event2Employee.event_service_id == service.id,
Event2Employee.employee_id == token_dict.selected_company.employee_id,
).data
if not event_employee:
EndpointRestriction.raise_http_exception(
status_code="HTTP_404_NOT_FOUND",
error_case="UNAUTHORIZED",
message="Only Occupant can see this data",
data={},
)
return dict(
completed=True,
message="Endpoint is available for this occupant",
)
@endpoint_restriction_route.patch( @endpoint_restriction_route.patch(
path="/endpoint/bind/patch", summary="Patch extra restriction to endpoints list" path="/endpoint/bind/patch", summary="Patch extra restriction to endpoints list"
) )

3
test_environment/test_payment.py
View File

@ -88,8 +88,9 @@ def decision_book_payment_list():
Total=[{**item, "type": key} for key, item in dict_books.items()], Total=[{**item, "type": key} for key, item in dict_books.items()],
) )
result = decision_book_payment_list() result = decision_book_payment_list()
print('result', result) print("result", result)
pprint.pprint(result, indent=2) pprint.pprint(result, indent=2)
# for key, val in result.items(): # for key, val in result.items():
# print('key', key) # print('key', key)