udata 9.1.2.dev30355__py2.py3-none-any.whl → 9.1.2.dev30454__py2.py3-none-any.whl

udata/api/fields.py

@@ -1,5 +1,5 @@
-import logging
 import datetime
+import logging
 
 import pytz
 from dateutil.parser import parse
@@ -13,51 +13,57 @@ log = logging.getLogger(__name__)
 
 
 class ISODateTime(String):
-    __schema_format__ = 'date-time'
+    __schema_format__ = "date-time"
 
     def format(self, value):
         if isinstance(value, str):
             value = parse(value)
-        if isinstance(value, datetime.date) and not isinstance(value, datetime.datetime) or value.tzinfo:
+        if (
+            isinstance(value, datetime.date)
+            and not isinstance(value, datetime.datetime)
+            or value.tzinfo
+        ):
             return value.isoformat()
         return pytz.utc.localize(value).isoformat()
 
 
 class Markdown(String):
-    __schema_format__ = 'markdown'
+    __schema_format__ = "markdown"
 
 
 class UrlFor(String):
     def __init__(self, endpoint, mapper=None, **kwargs):
         super(UrlFor, self).__init__(**kwargs)
         self.endpoint = endpoint
-        self.fallback_endpoint = kwargs.pop('fallback_endpoint', None)
+        self.fallback_endpoint = kwargs.pop("fallback_endpoint", None)
         self.mapper = mapper or self.default_mapper
 
     def default_mapper(self, obj):
-        return {'id': str(obj.id)}
+        return {"id": str(obj.id)}
 
     def output(self, key, obj, **kwargs):
-        return endpoint_for(self.endpoint, self.fallback_endpoint, _external=True, **self.mapper(obj))
+        return endpoint_for(
+            self.endpoint, self.fallback_endpoint, _external=True, **self.mapper(obj)
+        )
 
 
 class NextPageUrl(String):
     def output(self, key, obj, **kwargs):
-        if not getattr(obj, 'has_next', None):
+        if not getattr(obj, "has_next", None):
             return None
         args = multi_to_dict(request.args)
         args.update(request.view_args)
-        args['page'] = obj.page + 1
+        args["page"] = obj.page + 1
         return url_for(request.endpoint, _external=True, **args)
 
 
 class PreviousPageUrl(String):
     def output(self, key, obj, **kwargs):
-        if not getattr(obj, 'has_prev', None):
+        if not getattr(obj, "has_prev", None):
             return None
         args = multi_to_dict(request.args)
         args.update(request.view_args)
-        args['page'] = obj.page - 1
+        args["page"] = obj.page - 1
         return url_for(request.endpoint, _external=True, **args)
 
 
@@ -81,15 +87,11 @@ class ImageField(String):
 
 def pager(page_fields):
     pager_fields = {
-        'data': List(Nested(page_fields), attribute='objects',
-                     description='The page data'),
-        'page': Integer(description='The current page', required=True, min=1),
-        'page_size': Integer(description='The page size used for pagination',
-                             required=True, min=0),
-        'total': Integer(description='The total paginated items',
-                         required=True, min=0),
-        'next_page': NextPageUrl(description='The next page URL if exists'),
-        'previous_page': PreviousPageUrl(
-            description='The previous page URL if exists')
+        "data": List(Nested(page_fields), attribute="objects", description="The page data"),
+        "page": Integer(description="The current page", required=True, min=1),
+        "page_size": Integer(description="The page size used for pagination", required=True, min=0),
+        "total": Integer(description="The total paginated items", required=True, min=0),
+        "next_page": NextPageUrl(description="The next page URL if exists"),
+        "previous_page": PreviousPageUrl(description="The previous page URL if exists"),
     }
     return pager_fields

udata/api/oauth2.py

@@ -1,4 +1,4 @@
-'''
+"""
 OAuth 2 serveur implementation based on Authlib.
 
 See the documentatiosn here:
@@ -12,22 +12,23 @@ Authlib provides SQLAlchemny mixins which help understanding:
 
 As well as a sample application:
  - https://github.com/authlib/example-oauth2-server
-'''
-import fnmatch
-
-from bson import ObjectId
+"""
 
+import fnmatch
 from datetime import datetime, timedelta
 
-from authlib.integrations.flask_oauth2.errors import _HTTPException as AuthlibFlaskException
 from authlib.integrations.flask_oauth2 import AuthorizationServer, ResourceProtector
-from authlib.oauth2.rfc6749 import grants, ClientMixin
+from authlib.integrations.flask_oauth2.errors import (
+    _HTTPException as AuthlibFlaskException,
+)
+from authlib.oauth2 import OAuth2Error
+from authlib.oauth2.rfc6749 import ClientMixin, grants
+from authlib.oauth2.rfc6749.util import list_to_scope, scope_to_list
 from authlib.oauth2.rfc6750 import BearerTokenValidator
 from authlib.oauth2.rfc7009 import RevocationEndpoint
 from authlib.oauth2.rfc7636 import CodeChallenge
-from authlib.oauth2.rfc6749.util import scope_to_list, list_to_scope
-from authlib.oauth2 import OAuth2Error
-from flask import request, render_template, current_app
+from bson import ObjectId
+from flask import current_app, render_template, request
 from flask_security.utils import verify_password
 from werkzeug.exceptions import Unauthorized
 from werkzeug.security import gen_salt
@@ -35,12 +36,12 @@ from werkzeug.security import gen_salt
 from udata.app import csrf
 from udata.auth import current_user, login_required, login_user
 from udata.core.organization.models import Organization
-from udata.i18n import I18nBlueprint, lazy_gettext as _
+from udata.core.storages import default_image_basename, images
+from udata.i18n import I18nBlueprint
+from udata.i18n import lazy_gettext as _
 from udata.mongo import db
-from udata.core.storages import images, default_image_basename
-
 
-blueprint = I18nBlueprint('oauth', __name__, url_prefix='/oauth')
+blueprint = I18nBlueprint("oauth", __name__, url_prefix="/oauth")
 oauth = AuthorizationServer()
 require_oauth = ResourceProtector()
 
@@ -51,13 +52,10 @@ REFRESH_EXPIRATION = 30  # days
 EPOCH = datetime.fromtimestamp(0)
 
 TOKEN_TYPES = {
-    'Bearer': _('Bearer Token'),
+    "Bearer": _("Bearer Token"),
 }
 
-SCOPES = {
-    'default': _('Default scope'),
-    'admin': _('System administrator rights')
-}
+SCOPES = {"default": _("Default scope"), "admin": _("System administrator rights")}
 
 
 class OAuth2Client(ClientMixin, db.Datetimed, db.Document):
@@ -66,22 +64,19 @@ class OAuth2Client(ClientMixin, db.Datetimed, db.Document):
     name = db.StringField(required=True)
     description = db.StringField()
 
-    owner = db.ReferenceField('User')
+    owner = db.ReferenceField("User")
     organization = db.ReferenceField(Organization, reverse_delete_rule=db.NULLIFY)
-    image = db.ImageField(fs=images, basename=default_image_basename,
-                          thumbnails=[150, 25])
+    image = db.ImageField(fs=images, basename=default_image_basename, thumbnails=[150, 25])
 
     redirect_uris = db.ListField(db.StringField())
-    scope = db.StringField(default='default')
+    scope = db.StringField(default="default")
     grant_types = db.ListField(db.StringField())
     response_types = db.ListField(db.StringField())
 
     confidential = db.BooleanField(default=False)
     internal = db.BooleanField(default=False)
 
-    meta = {
-        'collection': 'oauth2_client'
-    }
+    meta = {"collection": "oauth2_client"}
 
     def get_client_id(self):
         return str(self.id)
@@ -103,15 +98,13 @@ class OAuth2Client(ClientMixin, db.Datetimed, db.Document):
 
     def get_allowed_scope(self, scope):
         if not scope:
-            return ''
+            return ""
         allowed = set(scope_to_list(self.scope))
         return list_to_scope([s for s in scope.split() if s in allowed])
 
     def check_redirect_uri(self, redirect_uri):
         if current_app.config.get("OAUTH2_ALLOW_WILDCARD_IN_REDIRECT_URI"):
-            return any(
-                fnmatch.fnmatch(redirect_uri, pattern) for pattern in self.redirect_uris
-            )
+            return any(fnmatch.fnmatch(redirect_uri, pattern) for pattern in self.redirect_uris)
         else:
             return redirect_uri in self.redirect_uris
 
@@ -120,8 +113,8 @@ class OAuth2Client(ClientMixin, db.Datetimed, db.Document):
 
     def check_token_endpoint_auth_method(self, method):
         if not self.has_client_secret():
-            return method == 'none'
-        return method in ('client_secret_post', 'client_secret_basic')
+            return method == "none"
+        return method in ("client_secret_post", "client_secret_basic")
 
     def check_response_type(self, response_type):
         return True
@@ -138,25 +131,23 @@ class OAuth2Client(ClientMixin, db.Datetimed, db.Document):
 
 
 class OAuth2Token(db.Document):
-    client = db.ReferenceField('OAuth2Client', required=True)
-    user = db.ReferenceField('User')
+    client = db.ReferenceField("OAuth2Client", required=True)
+    user = db.ReferenceField("User")
 
     # currently only bearer is supported
-    token_type = db.StringField(choices=list(TOKEN_TYPES), default='Bearer')
+    token_type = db.StringField(choices=list(TOKEN_TYPES), default="Bearer")
 
     access_token = db.StringField(unique=True)
     refresh_token = db.StringField(unique=True, sparse=True)
     created_at = db.DateTimeField(default=datetime.utcnow, required=True)
     expires_in = db.IntField(required=True, default=TOKEN_EXPIRATION)
-    scope = db.StringField(default='')
+    scope = db.StringField(default="")
     revoked = db.BooleanField(default=False)
 
-    meta = {
-        'collection': 'oauth2_token'
-    }
+    meta = {"collection": "oauth2_token"}
 
     def __str__(self):
-        return '<OAuth2Token({0.client.name})>'.format(self)
+        return "<OAuth2Token({0.client.name})>".format(self)
 
     def get_scope(self):
         return self.scope
@@ -179,24 +170,22 @@ class OAuth2Token(db.Document):
 
 
 class OAuth2Code(db.Document):
-    user = db.ReferenceField('User', required=True)
-    client = db.ReferenceField('OAuth2Client', required=True)
+    user = db.ReferenceField("User", required=True)
+    client = db.ReferenceField("OAuth2Client", required=True)
 
     code = db.StringField(required=True)
 
     redirect_uri = db.StringField()
     expires = db.DateTimeField()
 
-    scope = db.StringField(default='')
+    scope = db.StringField(default="")
     code_challenge = db.StringField()
     code_challenge_method = db.StringField()
 
-    meta = {
-        'collection': 'oauth2_code'
-    }
+    meta = {"collection": "oauth2_code"}
 
     def __str__(self):
-        return '<OAuth2Code({0.client.name}, {0.user.fullname})>'.format(self)
+        return "<OAuth2Code({0.client.name}, {0.user.fullname})>".format(self)
 
     def is_expired(self):
         return self.expires < datetime.utcnow()
@@ -209,14 +198,11 @@ class OAuth2Code(db.Document):
 
 
 class AuthorizationCodeGrant(grants.AuthorizationCodeGrant):
-    TOKEN_ENDPOINT_AUTH_METHODS = [
-        'client_secret_basic',
-        'client_secret_post'
-    ]
+    TOKEN_ENDPOINT_AUTH_METHODS = ["client_secret_basic", "client_secret_post"]
 
     def save_authorization_code(self, code, request):
-        code_challenge = request.data.get('code_challenge')
-        code_challenge_method = request.data.get('code_challenge_method')
+        code_challenge = request.data.get("code_challenge")
+        code_challenge_method = request.data.get("code_challenge_method")
         expires = datetime.utcnow() + timedelta(seconds=GRANT_EXPIRATION)
         auth_code = OAuth2Code.objects.create(
             code=code,
@@ -268,9 +254,9 @@ class RefreshTokenGrant(grants.RefreshTokenGrant):
 class RevokeToken(RevocationEndpoint):
     def query_token(self, token, token_type_hint, client):
         qs = OAuth2Token.objects(client=client)
-        if token_type_hint == 'access_token':
+        if token_type_hint == "access_token":
             return qs.filter(access_token=token).first()
-        elif token_type_hint == 'refresh_token':
+        elif token_type_hint == "refresh_token":
             return qs.filter(refresh_token=token).first()
         else:
             qs = qs(db.Q(access_token=token) | db.Q(refresh_token=token))
@@ -292,22 +278,22 @@ class BearerToken(BearerTokenValidator):
         return token.revoked
 
 
-@blueprint.route('/token', methods=['POST'], localize=False, endpoint='token')
+@blueprint.route("/token", methods=["POST"], localize=False, endpoint="token")
 @csrf.exempt
 def access_token():
     return oauth.create_token_response()
 
 
-@blueprint.route('/revoke', methods=['POST'], localize=False)
+@blueprint.route("/revoke", methods=["POST"], localize=False)
 @csrf.exempt
 def revoke_token():
     return oauth.create_endpoint_response(RevokeToken.ENDPOINT_NAME)
 
 
-@blueprint.route('/authorize', methods=['GET', 'POST'])
+@blueprint.route("/authorize", methods=["GET", "POST"])
 @login_required
 def authorize(*args, **kwargs):
-    if request.method == 'GET':
+    if request.method == "GET":
         try:
             grant = oauth.validate_consent_request(end_user=current_user)
         except OAuth2Error as error:
@@ -315,10 +301,10 @@ def authorize(*args, **kwargs):
         # Bypass authorization screen for internal clients
         if grant.client.internal:
             return oauth.create_authorization_response(grant_user=current_user)
-        return render_template('api/oauth_authorize.html', grant=grant)
-    elif request.method == 'POST':
-        accept = 'accept' in request.form
-        decline = 'decline' in request.form
+        return render_template("api/oauth_authorize.html", grant=grant)
+    elif request.method == "POST":
+        accept = "accept" in request.form
+        decline = "decline" in request.form
         if accept and not decline:
             grant_user = current_user
         else:
@@ -326,30 +312,25 @@ def authorize(*args, **kwargs):
         return oauth.create_authorization_response(grant_user=grant_user)
 
 
-@blueprint.route('/error')
+@blueprint.route("/error")
 def oauth_error():
-    return render_template('api/oauth_error.html')
+    return render_template("api/oauth_error.html")
 
 
 def query_client(client_id):
-    '''Fetch client by ID'''
+    """Fetch client by ID"""
     return OAuth2Client.objects(id=ObjectId(client_id)).first()
 
 
 def save_token(token, request):
-    scope = token.pop('scope', '')
-    if request.grant_type == 'refresh_token':
+    scope = token.pop("scope", "")
+    if request.grant_type == "refresh_token":
         credential = request.credential
         credential.update(scope=scope, **token)
     else:
         client = request.client
         user = request.user or client.owner
-        OAuth2Token.objects.create(
-            client=client,
-            user=user.id,
-            scope=scope,
-            **token
-        )
+        OAuth2Token.objects.create(client=client, user=user.id, scope=scope, **token)
 
 
 def check_credentials():

udata/api/parsers.py

@@ -9,28 +9,28 @@ class ModelApiParser:
     def __init__(self, paginate=True):
         self.parser = api.parser()
         # q parameter
-        self.parser.add_argument('q', type=str, location='args',
-                                 help='The search query')
+        self.parser.add_argument("q", type=str, location="args", help="The search query")
         # Sort arguments
         keys = list(self.sorts)
-        choices = keys + ['-' + k for k in keys]
-        help_msg = 'The field (and direction) on which sorting apply'
-        self.parser.add_argument('sort', type=str, location='args',
-                                 choices=choices, help=help_msg)
+        choices = keys + ["-" + k for k in keys]
+        help_msg = "The field (and direction) on which sorting apply"
+        self.parser.add_argument("sort", type=str, location="args", choices=choices, help=help_msg)
         if paginate:
-            self.parser.add_argument('page', type=int, location='args',
-                                     default=1, help='The page to display')
-            self.parser.add_argument('page_size', type=int, location='args',
-                                     default=20, help='The page size')
+            self.parser.add_argument(
+                "page", type=int, location="args", default=1, help="The page to display"
+            )
+            self.parser.add_argument(
+                "page_size", type=int, location="args", default=20, help="The page size"
+            )
 
     def parse(self):
         args = self.parser.parse_args()
-        if args['sort']:
-            if args['sort'].startswith('-'):
+        if args["sort"]:
+            if args["sort"].startswith("-"):
                 # Keyerror because of the '-' character in front of the argument.
                 # It is removed to find the value in dict and added back.
-                arg_sort = args['sort'][1:]
-                args['sort'] = '-' + self.sorts[arg_sort]
+                arg_sort = args["sort"][1:]
+                args["sort"] = "-" + self.sorts[arg_sort]
             else:
-                args['sort'] = self.sorts[args['sort']]
+                args["sort"] = self.sorts[args["sort"]]
         return args

udata/api/signals.py

@@ -3,4 +3,4 @@ from blinker import Namespace
 namespace = Namespace()
 
 #: Trigerred when an HTTP request is issued against the API
-on_api_call = namespace.signal('on-api-call')
+on_api_call = namespace.signal("on-api-call")