PyPI - zrb - Versions diffs - 0.0.50__py3-none-any.whl → 0.0.52__py3-none-any.whl - Mend

zrb 0.0.50py3-none-any.whl → 0.0.52py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/user/model.py CHANGED Viewed

@@ -1,4 +1,4 @@
-from typing import Optional
+from typing import Optional, List, Mapping
 from core.model import RepoModel
 from module.auth.schema.user import (
     User, UserData, UserResult, UserLogin
@@ -33,10 +33,7 @@ class UserModel(
         self.admin_user_pasword = admin_user_password
     async def insert(self, data: UserData) -> User:
-        if (
-            self.admin_user is not None and
-            data.username == self.admin_user.username
-        ):
+        if self.admin_user is not None and self.is_admin(id):
             raise ValueError(
                 'Invalid username: {data.username} is used by admin'
             )
@@ -48,7 +45,7 @@ class UserModel(
     async def update(self, id: str, data: UserData) -> User:
         if self.admin_user is not None:
-            if id == self.admin_user.id:
+            if self.is_admin(id):
                 raise ValueError(
                     'Forbidden: editting admin user is not permitted'
                 )
@@ -56,7 +53,7 @@ class UserModel(
                 raise ValueError(
                     'Invalid username: {data.username} is used by admin'
                 )
-        if id == self.guest_user.id:
+        if self.is_guest(id):
             raise ValueError(
                 'Forbidden: editting guest user is not permitted'
             )
@@ -67,70 +64,65 @@ class UserModel(
         return await super().update(id, data)
     async def delete(self, id: str) -> User:
-        if (
-            self.admin_user is not None and
-            id == self.admin_user.id
-        ):
+        if self.admin_user is not None and self.is_admin(id):
             raise ValueError(
                 'Forbidden: deleting admin user is not permitted'
             )
-        if id == self.guest_user.id:
+        if self.is_guest(id):
             raise ValueError(
                 'Forbidden: deleting guest user is not permitted'
             )
         return await super().delete(id)
-    async def is_having_permission(
-        self, id: str, permission_name: str
-    ) -> bool:
-        if await self.is_admin(id):
-            return True
-        if self.is_guest(id):
-            return self._is_user_having_permission(
-                self.guest_user, permission_name
-            )
+    async def get_by_id(self, id: str) -> User:
+        if self.admin_user is not None and self.is_admin(id):
+            return self.admin_user
+        if id == self.guest_user.id:
+            return self.guest_user
+        return await super().get_by_id(id)
+    async def is_authorized(
+        self, id: str, *permission_names: str
+    ) -> Mapping[str, bool]:
         user = await self.get_by_id(id)
-        return self._is_user_having_permission(user, permission_name)
+        if self.is_admin(user.id):
+            return {
+                permission_name: True for permission_name in permission_names
+            }
+        user_permission_names = self._get_permission_names(user)
+        return {
+            permission_name: permission_name in user_permission_names
+            for permission_name in permission_names
+        }
+    def _get_permission_names(self, user: User) -> List[str]:
+        permission_names = [
+            permission.name for permission in user.permissions
+        ]
+        for group in user.groups:
+            additional_permission_names = [
+                permission.name
+                for permission in group.permissions
+                if permission.name not in permission_names
+            ]
+            permission_names += additional_permission_names
+        return permission_names
-    async def is_guest(self, id: str) -> bool:
+    def is_guest(self, id: str) -> bool:
         return id == self.guest_user.id
-    async def is_admin(self, id: str) -> bool:
+    def is_admin(self, id: str) -> bool:
         if self.admin_user is None:
             return False
         return id == self.admin_user.id
-    async def login(self, user_login: UserLogin) -> str:
-        if user_login.identity == '':
-            raise ValueError('Invalid identity: Identity is not provided')
-        if (
-            self.admin_user is not None
-            and user_login.password == self.admin_user_pasword
-            and (
-                user_login.identity == self.admin_user.username or
-                user_login.identity == self.admin_user.email or
-                user_login.identity == self.admin_user.phone
-            )
-        ):
-            return self._get_token(self.admin_user)
+    async def create_token(self, user_login: UserLogin) -> str:
         user = await self._get_user_by_user_login(user_login)
         return self._get_token(user)
-    def _is_user_having_permission(
-        self, user: User, permission_name: str
-    ) -> bool:
-        user_permission_names = [
-            permission.name for permission in user.permissions
-        ]
-        if permission_name in user_permission_names:
-            return True
-        for group in user.groups:
-            group_permission_names = [
-                permission.name for permission in group.permissions
-            ]
-            if permission_name in group_permission_names:
-                return True
-        return False
+    async def refresh_token(self, auth_token_str: str) -> str:
+        user = await self._get_user_by_token(auth_token_str)
+        return self._get_token(user)
     def _get_token(self, user: User) -> str:
         token_data = TokenData(
@@ -141,4 +133,20 @@ class UserModel(
         return self.token_util.encode(token_data)
     async def _get_user_by_user_login(self, user_login: UserLogin) -> User:
+        if user_login.identity == '':
+            raise ValueError('Invalid identity: Identity is empty')
+        if (
+            self.admin_user is not None
+            and user_login.password == self.admin_user_pasword
+            and (
+                user_login.identity == self.admin_user.username or
+                user_login.identity == self.admin_user.email or
+                user_login.identity == self.admin_user.phone
+            )
+        ):
+            return self.admin_user
         return await self.repo.get_by_user_login(user_login)
+    async def _get_user_by_token(self, token: str) -> User:
+        token_data = self.token_util.decode(token)
+        return await self.get_by_id(token_data.user_id)

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/user/rpc.py CHANGED Viewed

@@ -17,20 +17,35 @@ def register_rpc(
     logger.info('🥪 Register RPC handlers for "auth.user"')
     @rpc_server.register('auth_user_is_admin')
-    async def is_admin(id: str) -> bool:
+    async def user_is_admin(id: str) -> bool:
+        '''
+        Used by RPC Authenticator
+        '''
         return await user_model.is_admin(id)
     @rpc_server.register('auth_user_is_guest')
-    async def is_guest(id: str) -> bool:
+    async def user_is_guest(id: str) -> bool:
+        '''
+        Used by RPC Authenticator
+        '''
         return await user_model.is_guest(id)
-    @rpc_server.register('auth_user_is_having_permission')
-    async def is_having_permission(id: str, permission_name: str) -> bool:
-        return await user_model.is_having_permission(id, permission_name)
+    @rpc_server.register('auth_is_user_authorized')
+    async def is_user_having_permission(
+        id: str, *permission_names: str
+    ) -> Mapping[str, bool]:
+        '''
+        Used by RPC Authenticator
+        '''
+        return await user_model.is_authorized(id, *permission_names)
-    @rpc_server.register('auth_login')
-    async def login(login_data: Mapping[str, str]) -> str:
-        return await user_model.login(UserLogin(**login_data))
+    @rpc_server.register('auth_create_token')
+    async def create_token(login_data: Mapping[str, str]) -> str:
+        return await user_model.create_token(UserLogin(**login_data))
+    @rpc_server.register('auth_refresh_token')
+    async def refresh_token(token: str) -> str:
+        return await user_model.refresh_token(token)
     @rpc_server.register('auth_get_user')
     async def get(

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/schema/request.py ADDED Viewed

@@ -0,0 +1,10 @@
+from typing import List
+from pydantic import BaseModel
+class RefreshTokenRequest(BaseModel):
+    token: str
+class IsAuthorizedRequest(BaseModel):
+    permission_names: List[str]

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/template.env CHANGED Viewed

@@ -5,6 +5,10 @@ APP_PORT=httpPort
 APP_RELOAD=true
 APP_MAX_NOT_READY=10
+PUBLIC_BRAND=PascalAppName
+PUBLIC_TITLE=PascalAppName
+PUBLIC_AUTH_TOKEN_COOKIE_KEY=auth_token
 APP_AUTH_TOKEN_EXPIRE_SECONDS=300
 APP_AUTH_TOKEN_TYPE=jwt
 APP_AUTH_JWT_TOKEN_SECRET_KEY=Alch3mist

zrb/builtin/generator/fastapp/template/src/kebab-app-name/test/auth/test_group_crud.py CHANGED Viewed

@@ -32,7 +32,7 @@ async def test_insert_group_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -94,7 +94,7 @@ async def test_update_group_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password,
@@ -172,7 +172,7 @@ async def test_delete_group_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password

zrb/builtin/generator/fastapp/template/src/kebab-app-name/test/auth/test_permission_crud.py CHANGED Viewed

@@ -28,7 +28,7 @@ async def test_insert_permission_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -90,7 +90,7 @@ async def test_update_permission_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password,
@@ -169,7 +169,7 @@ async def test_delete_permission_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password

zrb/builtin/generator/fastapp/template/src/kebab-app-name/test/auth/test_user_crud.py CHANGED Viewed

@@ -48,7 +48,7 @@ async def test_insert_user_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -110,7 +110,7 @@ async def test_update_user_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password,
@@ -188,7 +188,7 @@ async def test_delete_user_and_get_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password

zrb/builtin/generator/fastapp/template/src/kebab-app-name/test/auth/test_user_login.py CHANGED Viewed

@@ -10,7 +10,7 @@ async def test_admin_user_login_success(
 ):
     async for client in test_client_generator:
         login_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -28,7 +28,7 @@ async def test_admin_user_login_empty_identity_failed(
 ):
     async for client in test_client_generator:
         login_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': '',
                 'password': app_auth_admin_password
@@ -43,7 +43,7 @@ async def test_admin_user_login_invalid_identity_failed(
 ):
     async for client in test_client_generator:
         login_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': 'invalid-identity',
                 'password': app_auth_admin_password
@@ -58,7 +58,7 @@ async def test_admin_user_failed_invalid_password(
 ):
     async for client in test_client_generator:
         login_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': 'invalid-password'
@@ -74,7 +74,7 @@ async def test_create_normal_user_and_login_with_username_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -104,7 +104,7 @@ async def test_create_normal_user_and_login_with_username_success(
         assert create_response.status_code == 200
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': 'test-login-user-with-username-success',
                 'password': 'test-password'
@@ -123,7 +123,7 @@ async def test_create_normal_user_and_login_with_phone_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -153,7 +153,7 @@ async def test_create_normal_user_and_login_with_phone_success(
         assert create_response.status_code == 200
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': '+628123456789',
                 'password': 'test-password'
@@ -172,7 +172,7 @@ async def test_create_normal_user_and_login_with_email_success(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -202,7 +202,7 @@ async def test_create_normal_user_and_login_with_email_success(
         assert create_response.status_code == 200
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': 'test-login-user-with-email-success@test.com',
                 'password': 'test-password'
@@ -221,7 +221,7 @@ async def test_create_normal_user_and_login_failed(
     async for client in test_client_generator:
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': app_auth_admin_username,
                 'password': app_auth_admin_password
@@ -251,7 +251,7 @@ async def test_create_normal_user_and_login_failed(
         assert create_response.status_code == 200
         # login
         login_admin_response = await client.post(
-            '/api/v1/login',
+            '/api/v1/auth/login',
             json={
                 'identity': 'test-login-user-with-email-failed',
                 'password': 'invalid-password'

zrb/builtin/generator/fastapp_crud/add.py CHANGED Viewed

@@ -2,6 +2,7 @@ from typing import Any
 from ..._group import project_add_group
 from ....task.task import Task
 from ....task.decorator import python_task
+from ....task.cmd_task import CmdTask
 from ....task.resource_maker import ResourceMaker
 from ....runner import runner
 from .._common.input import (
@@ -18,6 +19,7 @@ import asyncio
 import os
 current_dir = os.path.dirname(__file__)
+codemod_dir = os.path.join(current_dir, 'nodejs', 'codemod')
 @python_task(
@@ -79,8 +81,7 @@ copy_resource = ResourceMaker(
 @python_task(
-    name='fastapp-crud',
-    group=project_add_group,
+    name='register-crud',
     inputs=[
         project_dir_input,
         app_name_input,
@@ -91,10 +92,9 @@ copy_resource = ResourceMaker(
     ],
     upstreams=[
         copy_resource,
-    ],
-    runner=runner
+    ]
 )
-async def add_fastapp_crud(*args: Any, **kwargs: Any):
+async def register_crud(*args: Any, **kwargs: Any):
     task: Task = kwargs.get('_task')
     project_dir = kwargs.get('project_dir', '.')
     app_name = kwargs.get('app_name')
@@ -112,7 +112,56 @@ async def add_fastapp_crud(*args: Any, **kwargs: Any):
             task, project_dir, kebab_app_name, snake_module_name,
             snake_entity_name
         )),
+        asyncio.create_task(register_permission(
+            task, project_dir, kebab_app_name, snake_module_name,
+            snake_entity_name
+        )),
     )
+prepare_codemod = CmdTask(
+    name='prepare-codemod',
+    cwd=codemod_dir,
+    cmd=[
+        'npm install --save-dev',
+        'node_modules/.bin/tsc'
+    ]
+)
+nav_file_path = '{{input.project_dir}}/src/{{util.to_kebab_case(input.app_name)}}/src/frontend/src/lib/config/navData.ts' # noqa
+var_name = 'navData'
+title = '{{util.to_pascal_case(input.entity_name)}}'
+url = '{{util.to_kebab_case(input.module_name)}}/{{util.to_kebab_case(input.entity_name)}}' # noqa
+permission = ''
+add_navigation = CmdTask(
+    name='add-navigation',
+    inputs=[
+        project_dir_input,
+        app_name_input,
+        module_name_input,
+        entity_name_input,
+    ],
+    upstreams=[
+        copy_resource,
+        prepare_codemod,
+    ],
+    retry=0,
+    cmd=f'node {codemod_dir}/dist/addNav.js "{nav_file_path}" "{var_name}" "{title}" "{url}" "{permission}"' # noqa
+)
+@python_task(
+    name='fastapp-crud',
+    group=project_add_group,
+    upstreams=[
+        register_crud,
+        add_navigation
+    ],
+    runner=runner
+)
+async def add_fastapp_crud(*args: Any, **kwargs: Any):
+    task: Task = kwargs.get('_task')
     task.print_out('Success')
@@ -188,3 +237,35 @@ async def register_rpc(
     )
     task.print_out(f'Write modified code to: {module_rpc_file_path}')
     await write_text_file_async(module_rpc_file_path, code)
+async def register_permission(
+    task: Task,
+    project_dir: str,
+    kebab_app_name: str,
+    snake_module_name: str,
+    snake_entity_name: str
+):
+    module_register_permission_file_path = os.path.join(
+        project_dir, 'src', kebab_app_name, 'src', 'module', 'auth',
+        'register_permission.py'
+    )
+    task.print_out(f'Read code from: {module_register_permission_file_path}')
+    code = await read_text_file_async(module_register_permission_file_path)
+    code = append_code_to_function(
+        code=code,
+        function_name='register_permission',
+        new_code='\n'.join([
+            'await ensure_entity_permission(',
+            f"    module_name='{snake_module_name}', entity_name='{snake_entity_name}'", # noqa
+            ')'
+        ])
+    )
+    task.print_out(
+        f'Add "ensure_entity_permission" call for {snake_entity_name} ' +
+        'to the code'
+    )
+    task.print_out(
+        f'Write modified code to: {module_register_permission_file_path}'
+    )
+    await write_text_file_async(module_register_permission_file_path, code)

zrb/builtin/generator/fastapp_crud/nodejs/codemod/.gitignore ADDED Viewed

	@@ -0,0 +1 @@
1	+ node_modules

zrb 0.0.50__py3-none-any.whl → 0.0.52__py3-none-any.whl

zrb 0.0.50py3-none-any.whl → 0.0.52py3-none-any.whl