PyPI - flask-appbuilder - Versions diffs - 3.2.1rc1__py3-none-any.whl → 5.0.2__py3-none-any.whl - Mend

flask-appbuilder 3.2.1rc1py3-none-any.whl → 5.0.2py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (228) hide show

flask_appbuilder/security/sqla/apis/role/api.py ADDED Viewed

@@ -0,0 +1,306 @@
+from flask import current_app, request
+from flask_appbuilder import ModelRestApi
+from flask_appbuilder.api import expose, safe
+from flask_appbuilder.const import API_RESULT_RES_KEY
+from flask_appbuilder.models.sqla.interface import SQLAInterface
+from flask_appbuilder.security.decorators import permission_name, protect
+from flask_appbuilder.security.sqla.apis.role.schema import (
+    RoleGroupPutSchema,
+    RolePermissionListSchema,
+    RolePermissionPostSchema,
+    RoleUserPutSchema,
+)
+from flask_appbuilder.security.sqla.models import Group, PermissionView, Role, User
+from marshmallow import ValidationError
+from sqlalchemy.exc import IntegrityError
+class RoleApi(ModelRestApi):
+    resource_name = "security/roles"
+    openapi_spec_tag = "Security Roles"
+    class_permission_name = "Role"
+    datamodel = SQLAInterface(Role)
+    allow_browser_login = True
+    list_columns = ["id", "name"]
+    show_columns = list_columns
+    add_columns = ["name"]
+    edit_columns = ["name"]
+    search_columns = list_columns
+    update_role_group_schema = RoleGroupPutSchema()
+    list_role_permission_schema = RolePermissionListSchema()
+    add_role_permission_schema = RolePermissionPostSchema()
+    update_role_user_schema = RoleUserPutSchema()
+    openapi_spec_component_schemas = (
+        RolePermissionListSchema,
+        RolePermissionPostSchema,
+        RoleUserPutSchema,
+        RoleGroupPutSchema,
+    )
+    @expose("/<int:role_id>/permissions/", methods=["GET"])
+    @protect()
+    @safe
+    @permission_name("list_role_permissions")
+    def list_role_permissions(self, role_id):
+        """list role permissions
+        ---
+        get:
+          parameters:
+          - in: path
+            schema:
+              type: integer
+            name: role_id
+          responses:
+            200:
+              description: List of permissions
+              content:
+                application/json:
+                  schema:
+                    type: object
+                    properties:
+                      result:
+                        items:
+                          $ref: '#/components/schemas/RolePermissionListSchema'
+                        type: array
+            400:
+              $ref: '#/components/responses/400'
+            401:
+              $ref: '#/components/responses/401'
+            404:
+              $ref: '#/components/responses/404'
+            422:
+              $ref: '#/components/responses/422'
+            500:
+              $ref: '#/components/responses/500'
+        """
+        role = self.datamodel.get(role_id, select_columns=["permissions"])
+        if not role:
+            return self.response_404()
+        permissions = [
+            {
+                "id": p.id,
+                "permission_name": p.permission.name,
+                "view_menu_name": p.view_menu.name,
+            }
+            for p in role.permissions
+        ]
+        return self.response(200, **{API_RESULT_RES_KEY: permissions})
+    @expose("/<int:role_id>/permissions", methods=["POST"])
+    @protect()
+    @safe
+    @permission_name("add_role_permissions")
+    def add_role_permissions(self, role_id):
+        """add role permissions
+        ---
+        post:
+          parameters:
+          - in: path
+            schema:
+              type: integer
+            name: role_id
+          requestBody:
+            description: Add role permissions schema
+            required: true
+            content:
+              application/json:
+                schema:
+                  $ref: '#/components/schemas/RolePermissionPostSchema'
+          responses:
+            200:
+              description: Permissions added
+              content:
+                application/json:
+                  schema:
+                    type: object
+                    properties:
+                      result:
+                        $ref: '#/components/schemas/RolePermissionPostSchema'
+            400:
+              $ref: '#/components/responses/400'
+            401:
+              $ref: '#/components/responses/401'
+            404:
+              $ref: '#/components/responses/404'
+            422:
+              $ref: '#/components/responses/422'
+            500:
+              $ref: '#/components/responses/500'
+        """
+        try:
+            item = self.add_role_permission_schema.load(request.json)
+            role = self.datamodel.get(role_id)
+            if not role:
+                return self.response_404()
+            permissions = []
+            for id in item["permission_view_menu_ids"]:
+                permission = (
+                    current_app.appbuilder.session.query(PermissionView)
+                    .filter_by(id=id)
+                    .one_or_none()
+                )
+                if permission:
+                    permissions.append(permission)
+            role.permissions = permissions
+            self.datamodel.edit(role)
+            return self.response(
+                200,
+                **{
+                    API_RESULT_RES_KEY: self.add_role_permission_schema.dump(
+                        item, many=False
+                    )
+                },
+            )
+        except ValidationError as error:
+            return self.response_400(message=error.messages)
+        except IntegrityError as e:
+            return self.response_422(message=str(e.orig))
+    @expose("/<int:role_id>/users", methods=["PUT"])
+    @protect()
+    @safe
+    @permission_name("update_role_users")
+    def update_role_users(self, role_id):
+        """update role users
+        ---
+        put:
+          parameters:
+          - in: path
+            schema:
+              type: integer
+            name: role_id
+          requestBody:
+            description: Update role users schema
+            required: true
+            content:
+              application/json:
+                schema:
+                  $ref: '#/components/schemas/RoleUserPutSchema'
+          responses:
+            200:
+              description: Role users updated
+              content:
+                application/json:
+                  schema:
+                    type: object
+                    properties:
+                      result:
+                        $ref: '#/components/schemas/RoleUserPutSchema'
+            400:
+              $ref: '#/components/responses/400'
+            401:
+              $ref: '#/components/responses/401'
+            404:
+              $ref: '#/components/responses/404'
+            422:
+              $ref: '#/components/responses/422'
+            500:
+              $ref: '#/components/responses/500'
+        """
+        try:
+            item = self.update_role_user_schema.load(request.json)
+            role = self.datamodel.get(role_id)
+            if not role:
+                return self.response_404()
+            users = (
+                current_app.appbuilder.session.query(User)
+                .filter(User.id.in_(item["user_ids"]))
+                .all()
+            )
+            if len(users) != len(item["user_ids"]):
+                return self.response_404()  # Some users were not found
+            role.user = users
+            self.datamodel.edit(role)
+            return self.response(
+                200,
+                **{
+                    API_RESULT_RES_KEY: self.update_role_user_schema.dump(
+                        item, many=False
+                    )
+                },
+            )
+        except ValidationError as error:
+            return self.response_400(message=error.messages)
+        except IntegrityError as e:
+            return self.response_422(message=str(e.orig))
+    @expose("/<int:role_id>/groups", methods=["PUT"])
+    @protect()
+    @safe
+    @permission_name("update_role_groups")
+    def update_role_groups(self, role_id):
+        """Update role groups
+        ---
+        put:
+          parameters:
+          - in: path
+            schema:
+              type: integer
+            name: role_id
+          requestBody:
+            description: Update role groups schema
+            required: true
+            content:
+              application/json:
+                schema:
+                  $ref: '#/components/schemas/RoleGroupPutSchema'
+          responses:
+            200:
+              description: Role groups updated
+              content:
+                application/json:
+                  schema:
+                    type: object
+                    properties:
+                      result:
+                        $ref: '#/components/schemas/RoleGroupPutSchema'
+            400:
+              $ref: '#/components/responses/400'
+            401:
+              $ref: '#/components/responses/401'
+            404:
+              $ref: '#/components/responses/404'
+            422:
+              $ref: '#/components/responses/422'
+            500:
+              $ref: '#/components/responses/500'
+        """
+        try:
+            item = self.update_role_group_schema.load(request.json)
+            role = self.datamodel.get(role_id)
+            if not role:
+                return self.response_404()
+            groups = (
+                current_app.appbuilder.session.query(Group)
+                .filter(Group.id.in_(item["group_ids"]))
+                .all()
+            )
+            if len(groups) != len(item["group_ids"]):
+                return self.response_404()  # Some groups were not found
+            role.groups = groups
+            self.datamodel.edit(role)
+            return self.response(
+                200,
+                **{
+                    API_RESULT_RES_KEY: self.update_role_group_schema.dump(
+                        item, many=False
+                    )
+                },
+            )
+        except ValidationError as error:
+            return self.response_400(message=error.messages)
+        except IntegrityError as e:
+            return self.response_422(message=str(e.orig))

flask_appbuilder/security/sqla/apis/role/schema.py ADDED Viewed

@@ -0,0 +1,27 @@
+from marshmallow import fields, Schema
+class RolePermissionPostSchema(Schema):
+    permission_view_menu_ids = fields.List(
+        fields.Integer,
+        required=True,
+        metadata={"description": "List of permission view menu id"},
+    )
+class RolePermissionListSchema(Schema):
+    id = fields.Integer()
+    permission_name = fields.String()
+    view_menu_name = fields.String()
+class RoleUserPutSchema(Schema):
+    user_ids = fields.List(
+        fields.Integer, required=True, metadata={"description": "List of user ids"}
+    )
+class RoleGroupPutSchema(Schema):
+    group_ids = fields.List(
+        fields.Integer, required=True, metadata={"description": "List of group ids"}
+    )

flask_appbuilder/security/sqla/apis/user/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ from .api import UserApi # noqa: F401

flask_appbuilder/security/sqla/apis/user/api.py ADDED Viewed

@@ -0,0 +1,292 @@
+from datetime import datetime
+from flask import current_app, request
+from flask_appbuilder import ModelRestApi
+from flask_appbuilder.api import expose, safe
+from flask_appbuilder.const import API_RESULT_RES_KEY
+from flask_appbuilder.models.sqla.interface import SQLAInterface
+from flask_appbuilder.security.decorators import permission_name, protect
+from flask_appbuilder.security.sqla.apis.user.schema import (
+    UserPostSchema,
+    UserPutSchema,
+)
+from flask_appbuilder.security.sqla.models import Group, Role, User
+from marshmallow import ValidationError
+from sqlalchemy.exc import IntegrityError
+from werkzeug.security import generate_password_hash
+class UserApi(ModelRestApi):
+    resource_name = "security/users"
+    openapi_spec_tag = "Security Users"
+    class_permission_name = "User"
+    datamodel = SQLAInterface(User)
+    allow_browser_login = True
+    list_columns = [
+        "id",
+        "roles.id",
+        "roles.name",
+        "first_name",
+        "last_name",
+        "username",
+        "active",
+        "email",
+        "last_login",
+        "login_count",
+        "fail_login_count",
+        "created_on",
+        "changed_on",
+        "created_by.id",
+        "changed_by.id",
+        "groups",
+    ]
+    show_columns = list_columns
+    add_columns = [
+        "roles",
+        "first_name",
+        "last_name",
+        "username",
+        "active",
+        "email",
+        "password",
+        "groups",
+    ]
+    edit_columns = add_columns
+    search_columns = [
+        "username",
+        "first_name",
+        "last_name",
+        "active",
+        "email",
+        "created_by",
+        "changed_by",
+        "roles",
+        "groups",
+    ]
+    add_model_schema = UserPostSchema()
+    edit_model_schema = UserPutSchema()
+    def pre_update(self, item, data):
+        item.changed_on = datetime.now()
+        item.changed_by_fk = self.appbuilder.sm.current_user.id
+        if "password" in data and data["password"]:
+            item.password = generate_password_hash(
+                password=data["password"],
+                method=current_app.config.get("FAB_PASSWORD_HASH_METHOD", "scrypt"),
+                salt_length=current_app.config.get("FAB_PASSWORD_HASH_SALT_LENGTH", 16),
+            )
+    def pre_add(self, item):
+        item.password = generate_password_hash(
+            password=item.password,
+            method=current_app.config.get("FAB_PASSWORD_HASH_METHOD", "scrypt"),
+            salt_length=current_app.config.get("FAB_PASSWORD_HASH_SALT_LENGTH", 16),
+        )
+    @expose("/", methods=["POST"])
+    @protect()
+    @safe
+    @permission_name("post")
+    def post(self):
+        """Create new user
+        ---
+        post:
+          requestBody:
+            description: Model schema
+            required: true
+            content:
+              application/json:
+                schema:
+                  $ref: '#/components/schemas/{{self.__class__.__name__}}.post'
+          responses:
+            201:
+              description: Item changed
+              content:
+                application/json:
+                  schema:
+                    type: object
+                    properties:
+                      result:
+                        $ref: '#/components/schemas/{{self.__class__.__name__}}.post'
+            400:
+              $ref: '#/components/responses/400'
+            401:
+              $ref: '#/components/responses/401'
+            404:
+              $ref: '#/components/responses/404'
+            422:
+              $ref: '#/components/responses/422'
+            500:
+              $ref: '#/components/responses/500'
+        """
+        try:
+            item = self.add_model_schema.load(request.json)
+            model = User()
+            roles = []
+            groups = []
+            for key, value in item.items():
+                if key not in ("roles", "groups"):
+                    setattr(model, key, value)
+                elif key == "roles":
+                    roles = self._fetch_entities(Role, value)
+                    missing_ids = set(value) - {r.id for r in roles}
+                    if missing_ids:
+                        return self.response_400(
+                            message={
+                                "roles": [
+                                    (
+                                        f"Role(s) with ID(s) {sorted(missing_ids)} "
+                                        "not found."
+                                    )
+                                ]
+                            }
+                        )
+                elif key == "groups":
+                    groups = self._fetch_entities(Group, value)
+                    missing_ids = set(value) - {g.id for g in groups}
+                    if missing_ids:
+                        return self.response_400(
+                            message={
+                                "groups": [
+                                    (
+                                        f"Group(s) with ID(s) {sorted(missing_ids)} "
+                                        "not found."
+                                    )
+                                ]
+                            }
+                        )
+            if "roles" in item.keys():
+                model.roles = roles
+            if "groups" in item.keys():
+                model.groups = groups
+            self.pre_add(model)
+            self.datamodel.add(model)
+            return self.response(201, id=model.id)
+        except ValidationError as error:
+            return self.response_400(message=error.messages)
+        except IntegrityError as e:
+            return self.response_422(message=str(e.orig))
+    @expose("/<pk>", methods=("PUT",))
+    @protect()
+    @safe
+    @permission_name("put")
+    def put(self, pk):
+        """Edit user
+        ---
+        put:
+          parameters:
+          - in: path
+            schema:
+              type: integer
+            name: pk
+          requestBody:
+            description: Model schema
+            required: true
+            content:
+              application/json:
+                schema:
+                  $ref: '#/components/schemas/{{self.__class__.__name__}}.put'
+          responses:
+            200:
+              description: Item changed
+              content:
+                application/json:
+                  schema:
+                    type: object
+                    properties:
+                      result:
+                        $ref: '#/components/schemas/{{self.__class__.__name__}}.put'
+            400:
+              $ref: '#/components/responses/400'
+            401:
+              $ref: '#/components/responses/401'
+            404:
+              $ref: '#/components/responses/404'
+            422:
+              $ref: '#/components/responses/422'
+            500:
+              $ref: '#/components/responses/500'
+        """
+        try:
+            item = self.edit_model_schema.load(request.json)
+            model = self.datamodel.get(pk, self._base_filters)
+            roles = []
+            groups = []
+            item_roles = item.get("roles")
+            item_groups = item.get("groups")
+            if item_roles == [] and item_groups == []:
+                return self.response_400(
+                    message="User must have at least one role or group!"
+                )
+            if item_roles == [] and (item_groups is None and not model.groups):
+                return self.response_400(
+                    message=(
+                        "Cannot clear all roles unless at least one group is \
+                             assigned!"
+                    )
+                )
+            if item_groups == [] and (item_roles is None and not model.roles):
+                return self.response_400(
+                    message=(
+                        "Cannot clear all groups unless at least one role is \
+                             assigned!"
+                    )
+                )
+            for key, value in item.items():
+                if key not in ("roles", "groups"):
+                    setattr(model, key, value)
+                elif key == "roles":
+                    roles = self._fetch_entities(Role, value)
+                    missing_ids = set(value) - {r.id for r in roles}
+                    if missing_ids:
+                        return self.response_404(
+                            message={
+                                "roles": [
+                                    (
+                                        f"Role(s) with ID(s) {sorted(missing_ids)} "
+                                        "not found."
+                                    )
+                                ]
+                            }
+                        )
+                elif key == "groups":
+                    groups = self._fetch_entities(Group, value)
+                    missing_ids = set(value) - {g.id for g in groups}
+                    if missing_ids:
+                        return self.response_404(
+                            message={
+                                "groups": [
+                                    (
+                                        f"Group(s) with ID(s) {sorted(missing_ids)} "
+                                        "not found."
+                                    )
+                                ]
+                            }
+                        )
+            if "roles" in item.keys():
+                model.roles = roles
+            if "groups" in item.keys():
+                model.groups = groups
+            self.pre_update(model, item)
+            self.datamodel.edit(model)
+            return self.response(
+                200,
+                **{API_RESULT_RES_KEY: self.edit_model_schema.dump(item, many=False)},
+            )
+        except ValidationError as e:
+            return self.response_400(message=e.messages)
+        except IntegrityError as e:
+            return self.response_422(message=str(e.orig))

flask-appbuilder 3.2.1rc1__py3-none-any.whl → 5.0.2__py3-none-any.whl

flask-appbuilder 3.2.1rc1py3-none-any.whl → 5.0.2py3-none-any.whl