Loading portal/rest/client.py +9 −1 Original line number Diff line number Diff line Loading @@ -21,6 +21,7 @@ class ClientController(CustomResource): def get(self): client = self.permissions.client_owner schema = SCHEMAS.user() if client.type == ClientType.USER else SCHEMAS.worker() log.debug(f"[REST] Get current client {client.log_name} by {self.client.log_name}") return schema.dump(client)[0], 200 Loading @@ -33,7 +34,7 @@ class ClientController(CustomResource): def get(self, cid: str): self.permissions.require.sysadmin_or_self(cid) client = self.rest.find.client(cid) log.debug(f"[REST] Get client {client.log_name} by {self.client.log_name}") schema = SCHEMAS.user() if client.type == ClientType.USER else SCHEMAS.worker() return schema.dump(client)[0], 200 Loading @@ -47,6 +48,7 @@ class ClientSecretsController(CustomResource): def get(self, cid: str): self.permissions.require.sysadmin_or_self(cid) client = self.rest.find.client(cid) log.debug(f"[REST] Get client secrets {client.log_name} by {self.client.log_name}") return SCHEMAS.dump('secrets', client.secrets) @jwt_required Loading @@ -56,6 +58,8 @@ class ClientSecretsController(CustomResource): self.permissions.require.sysadmin_or_self(cid) data = rest_helpers.parse_request_data(action='create', resource='secret') client = self.find.client(cid) log.info(f"[REST] Create new secret by {self.client.log_name} " f"for {client.log_name}: {data} ") new_secret, value = self.rest.secrets(client=client).create(**data) return {'id': new_secret.id, 'value': value}, 201 Loading @@ -70,6 +74,7 @@ class ClientSecretController(CustomResource): def get(self, cid: str, sid: str): self.rest.permissions.require.sysadmin_or_self(cid) client = self.rest.find.client(cid) log.debug(f"[REST] Get secret for {client.log_name} by {self.client.log_name}: {sid}") secret = self.rest.find.secret(client, sid) return SCHEMAS.dump('secret', secret) Loading @@ -80,6 +85,8 @@ class ClientSecretController(CustomResource): self.rest.permissions.require.sysadmin_or_self(cid) client = self.find.client(cid) secret = self.find.secret(client, sid) log.info(f"[REST] Delete a secret by {self.client.log_name}: {secret.log_name} ") self.rest.secrets(secret).delete() return '', 204 Loading @@ -94,5 +101,6 @@ class ClientSecretController(CustomResource): client = self.find.client(cid) secret = self.find.secret(client, sid) log.info(f"[REST] Update a secret {secret.log_name} by {self.client.log_name}: {data} ") self.rest.secrets(secret).update(**data) return '', 204 portal/rest/courses.py +11 −1 Original line number Diff line number Diff line Loading @@ -23,7 +23,7 @@ class CourseList(CustomResource): def get(self): # authorization self.permissions.require.sysadmin() log.debug(f"[REST] Get Courses by {self.client.log_name}") courses_list = self.rest.courses.find_all() return SCHEMAS.dump('courses', courses_list) Loading Loading @@ -51,6 +51,7 @@ class CourseResource(CustomResource): client = self.rest.auth.client course = self.rest.find.course(cid) # authorization log.debug(f"[REST] Get course {course.log_name} by {self.client.log_name}") perm_service = self.permissions(course=course) if perm_service.check.permissions(['view_course_full']): return SCHEMAS.dump('course', course) Loading Loading @@ -99,6 +100,7 @@ class CourseNotesToken(CustomResource): def get(self, cid): course = self.find.course(cid) # authorization log.debug(f"[REST] Get course notes token in {course.log_name} by {self.client.log_name}") self.permissions(course=course).require.course_access_token() return course.notes_access_token Loading Loading @@ -173,6 +175,9 @@ class CourseClients(CustomResource): group_ids = request.args.getlist('group') role_ids = request.args.getlist('role') client_type = extract_client_type() log.debug(f"[REST] Get course clients in {course.log_name} " f"by {self.client.log_name}: roles={role_ids}, groups={group_ids}, " f"type={client_type}") clients = self.rest.courses(course).get_clients_filtered(group_ids, role_ids, client_type=client_type) return SCHEMAS.dump('clients', clients) Loading @@ -189,8 +194,11 @@ class CourseClients(CustomResource): self.permissions(course=course).require.permissions(['view_course_full']) group_ids = request.args.getlist('group') role_ids = request.args.getlist('role') log.debug(f"[REST] Get course users in {course.log_name} " f"by {self.client.log_name}: roles={role_ids}, groups={group_ids}") users = self.rest.courses(course).get_clients_filtered(group_ids, role_ids, client_type=ClientType.USER) return SCHEMAS.dump('users', users) @courses_namespace.route('/<string:cid>/workers') Loading @@ -205,6 +213,8 @@ class CourseClients(CustomResource): self.permissions(course=course).require.permissions(['view_course_full']) group_ids = request.args.getlist('group') role_ids = request.args.getlist('role') log.debug(f"[REST] Get course workers in {course.log_name} " f"by {self.client.log_name}: roles={role_ids}, groups={group_ids}") workers = self.rest.courses(course).get_clients_filtered(group_ids, role_ids, client_type=ClientType.WORKER) return SCHEMAS.dump('workers', workers) portal/rest/groups.py +4 −2 Original line number Diff line number Diff line Loading @@ -21,6 +21,7 @@ class GroupsList(CustomResource): # @groups_namespace.response(200, 'List of all groups', model=groups_schema) def get(self, cid: str): course = self.find.course(cid) log.debug(f"[REST] Get groups in {course.log_name} by {self.client.log_name}") groups = self.rest.groups.find_all(course) return SCHEMAS.dump('groups', groups) Loading Loading @@ -51,8 +52,8 @@ class GroupResource(CustomResource): def get(self, cid: str, gid: str): course = self.find.course(cid) # authorization log.debug(f"[REST] Get group in {course.log_name} by {self.client.log_name}: {gid}") self.permissions(course=course).require.view_course() group = self.find.group(course, gid) return SCHEMAS.dump('group', group) Loading Loading @@ -97,6 +98,7 @@ class GroupUsersList(CustomResource): group = self.find.group(course, gid) # authorization log.debug(f"[REST] Get group users in {group.log_name} by {self.client.log_name}") self.permissions(course=course).require.belongs_to_group(group) users = self.rest.groups(group).find_users_by_role(role_id=role_id) Loading Loading @@ -179,7 +181,7 @@ class GroupProjectsList(CustomResource): group = self.find.group(course, gid) # authorization self.permissions(course=course).require.belongs_to_group(group) log.debug(f"[REST] Get group projects in {group.log_name} by {self.client.log_name}") projects = self.rest.groups(group).find_projects() return SCHEMAS.dump('projects', projects) Loading portal/rest/projects.py +8 −1 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ class ProjectsList(CustomResource): # @projects_namespace.response(200, 'Projects list', model=projects_schema) def get(self, cid: str): course = self.find.course(cid) log.debug(f"[REST] Get projects in {course.log_name} by {self.client.log_name}") projects = self.rest.projects.find_all(course) return SCHEMAS.dump('projects', projects) Loading Loading @@ -56,7 +57,7 @@ class ProjectResource(CustomResource): course = self.find.course(cid) # authorization self.permissions(course=course).require.view_course() log.debug(f"[REST] Get project in {course.log_name} by {self.client.log_name}: {pid}") project = self.find.project(course, pid) return SCHEMAS.dump('project', project) Loading Loading @@ -102,6 +103,8 @@ class ProjectConfigResource(CustomResource): course = self.find.course(cid) project = self.find.project(course, pid) # authorization log.debug(f"[REST] Get project config in {project.log_name}" f" by {self.client.log_name}") schema = self.get_config_schema_based_on_permissions(course) return schema.dump(project.config) Loading Loading @@ -167,6 +170,8 @@ class ProjectSubmissions(CustomResource): user_id = request.args.get('user') project = self.find.project(course, pid) log.debug(f"[REST] Get project submissions in {project.log_name}" f" by {self.client.log_name} for user {user_id}") submissions = self.rest.projects(project).find_project_submissions(user_id) return SCHEMAS.dump('submissions', submissions) Loading Loading @@ -211,6 +216,8 @@ class ProjectTestFiles(CustomResource): course = self.find.course(cid) self.permissions(course=course).require.view_course_full() project = self.find.project(course, pid) log.debug(f"[REST] Get project test files in {project.log_name}" f" by {self.client.log_name}") service = self.rest.storage(project=project) storage_entity = service.get_test_files_entity_from_storage() return service.send_file_or_zip(storage_entity) portal/rest/roles.py +4 −3 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ class RoleList(CustomResource): def get(self, cid): course = self.find.course(cid) roles = self.rest.roles.find_all(course) log.debug(f"[REST] Get roles in {course.log_name} by {self.client.log_name}") return SCHEMAS.dump('roles', roles) @jwt_required Loading Loading @@ -51,7 +52,7 @@ class RoleResource(CustomResource): course = self.find.course(cid) # authorization self.permissions(course=course).require.view_course() log.debug(f"[REST] Get role in {course.log_name} by {self.client.log_name}: {rid}") role = self.find.role(course, rid) return SCHEMAS.dump('role', role) Loading Loading @@ -95,7 +96,7 @@ class RolePermissions(CustomResource): def get(self, cid: str, rid: str): course = self.find.course(cid) role = self.find.role(course, rid) log.debug(f"[REST] Get role permissions in {role.log_name} by {self.client.log_name}") # authorization self.permissions(course=course).require.belongs_to_role(role) Loading Loading @@ -130,7 +131,7 @@ class RoleUsersList(CustomResource): role = self.find.role(course, rid) type = request.args.get('type') # authorization log.debug(f"[REST] Get role clients in {role.log_name} by {self.client.log_name}") self.permissions(course=course).require.belongs_to_role(role) users = [client for client in role.clients if client.type == ClientType[type.upper()]] Loading Loading
portal/rest/client.py +9 −1 Original line number Diff line number Diff line Loading @@ -21,6 +21,7 @@ class ClientController(CustomResource): def get(self): client = self.permissions.client_owner schema = SCHEMAS.user() if client.type == ClientType.USER else SCHEMAS.worker() log.debug(f"[REST] Get current client {client.log_name} by {self.client.log_name}") return schema.dump(client)[0], 200 Loading @@ -33,7 +34,7 @@ class ClientController(CustomResource): def get(self, cid: str): self.permissions.require.sysadmin_or_self(cid) client = self.rest.find.client(cid) log.debug(f"[REST] Get client {client.log_name} by {self.client.log_name}") schema = SCHEMAS.user() if client.type == ClientType.USER else SCHEMAS.worker() return schema.dump(client)[0], 200 Loading @@ -47,6 +48,7 @@ class ClientSecretsController(CustomResource): def get(self, cid: str): self.permissions.require.sysadmin_or_self(cid) client = self.rest.find.client(cid) log.debug(f"[REST] Get client secrets {client.log_name} by {self.client.log_name}") return SCHEMAS.dump('secrets', client.secrets) @jwt_required Loading @@ -56,6 +58,8 @@ class ClientSecretsController(CustomResource): self.permissions.require.sysadmin_or_self(cid) data = rest_helpers.parse_request_data(action='create', resource='secret') client = self.find.client(cid) log.info(f"[REST] Create new secret by {self.client.log_name} " f"for {client.log_name}: {data} ") new_secret, value = self.rest.secrets(client=client).create(**data) return {'id': new_secret.id, 'value': value}, 201 Loading @@ -70,6 +74,7 @@ class ClientSecretController(CustomResource): def get(self, cid: str, sid: str): self.rest.permissions.require.sysadmin_or_self(cid) client = self.rest.find.client(cid) log.debug(f"[REST] Get secret for {client.log_name} by {self.client.log_name}: {sid}") secret = self.rest.find.secret(client, sid) return SCHEMAS.dump('secret', secret) Loading @@ -80,6 +85,8 @@ class ClientSecretController(CustomResource): self.rest.permissions.require.sysadmin_or_self(cid) client = self.find.client(cid) secret = self.find.secret(client, sid) log.info(f"[REST] Delete a secret by {self.client.log_name}: {secret.log_name} ") self.rest.secrets(secret).delete() return '', 204 Loading @@ -94,5 +101,6 @@ class ClientSecretController(CustomResource): client = self.find.client(cid) secret = self.find.secret(client, sid) log.info(f"[REST] Update a secret {secret.log_name} by {self.client.log_name}: {data} ") self.rest.secrets(secret).update(**data) return '', 204
portal/rest/courses.py +11 −1 Original line number Diff line number Diff line Loading @@ -23,7 +23,7 @@ class CourseList(CustomResource): def get(self): # authorization self.permissions.require.sysadmin() log.debug(f"[REST] Get Courses by {self.client.log_name}") courses_list = self.rest.courses.find_all() return SCHEMAS.dump('courses', courses_list) Loading Loading @@ -51,6 +51,7 @@ class CourseResource(CustomResource): client = self.rest.auth.client course = self.rest.find.course(cid) # authorization log.debug(f"[REST] Get course {course.log_name} by {self.client.log_name}") perm_service = self.permissions(course=course) if perm_service.check.permissions(['view_course_full']): return SCHEMAS.dump('course', course) Loading Loading @@ -99,6 +100,7 @@ class CourseNotesToken(CustomResource): def get(self, cid): course = self.find.course(cid) # authorization log.debug(f"[REST] Get course notes token in {course.log_name} by {self.client.log_name}") self.permissions(course=course).require.course_access_token() return course.notes_access_token Loading Loading @@ -173,6 +175,9 @@ class CourseClients(CustomResource): group_ids = request.args.getlist('group') role_ids = request.args.getlist('role') client_type = extract_client_type() log.debug(f"[REST] Get course clients in {course.log_name} " f"by {self.client.log_name}: roles={role_ids}, groups={group_ids}, " f"type={client_type}") clients = self.rest.courses(course).get_clients_filtered(group_ids, role_ids, client_type=client_type) return SCHEMAS.dump('clients', clients) Loading @@ -189,8 +194,11 @@ class CourseClients(CustomResource): self.permissions(course=course).require.permissions(['view_course_full']) group_ids = request.args.getlist('group') role_ids = request.args.getlist('role') log.debug(f"[REST] Get course users in {course.log_name} " f"by {self.client.log_name}: roles={role_ids}, groups={group_ids}") users = self.rest.courses(course).get_clients_filtered(group_ids, role_ids, client_type=ClientType.USER) return SCHEMAS.dump('users', users) @courses_namespace.route('/<string:cid>/workers') Loading @@ -205,6 +213,8 @@ class CourseClients(CustomResource): self.permissions(course=course).require.permissions(['view_course_full']) group_ids = request.args.getlist('group') role_ids = request.args.getlist('role') log.debug(f"[REST] Get course workers in {course.log_name} " f"by {self.client.log_name}: roles={role_ids}, groups={group_ids}") workers = self.rest.courses(course).get_clients_filtered(group_ids, role_ids, client_type=ClientType.WORKER) return SCHEMAS.dump('workers', workers)
portal/rest/groups.py +4 −2 Original line number Diff line number Diff line Loading @@ -21,6 +21,7 @@ class GroupsList(CustomResource): # @groups_namespace.response(200, 'List of all groups', model=groups_schema) def get(self, cid: str): course = self.find.course(cid) log.debug(f"[REST] Get groups in {course.log_name} by {self.client.log_name}") groups = self.rest.groups.find_all(course) return SCHEMAS.dump('groups', groups) Loading Loading @@ -51,8 +52,8 @@ class GroupResource(CustomResource): def get(self, cid: str, gid: str): course = self.find.course(cid) # authorization log.debug(f"[REST] Get group in {course.log_name} by {self.client.log_name}: {gid}") self.permissions(course=course).require.view_course() group = self.find.group(course, gid) return SCHEMAS.dump('group', group) Loading Loading @@ -97,6 +98,7 @@ class GroupUsersList(CustomResource): group = self.find.group(course, gid) # authorization log.debug(f"[REST] Get group users in {group.log_name} by {self.client.log_name}") self.permissions(course=course).require.belongs_to_group(group) users = self.rest.groups(group).find_users_by_role(role_id=role_id) Loading Loading @@ -179,7 +181,7 @@ class GroupProjectsList(CustomResource): group = self.find.group(course, gid) # authorization self.permissions(course=course).require.belongs_to_group(group) log.debug(f"[REST] Get group projects in {group.log_name} by {self.client.log_name}") projects = self.rest.groups(group).find_projects() return SCHEMAS.dump('projects', projects) Loading
portal/rest/projects.py +8 −1 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ class ProjectsList(CustomResource): # @projects_namespace.response(200, 'Projects list', model=projects_schema) def get(self, cid: str): course = self.find.course(cid) log.debug(f"[REST] Get projects in {course.log_name} by {self.client.log_name}") projects = self.rest.projects.find_all(course) return SCHEMAS.dump('projects', projects) Loading Loading @@ -56,7 +57,7 @@ class ProjectResource(CustomResource): course = self.find.course(cid) # authorization self.permissions(course=course).require.view_course() log.debug(f"[REST] Get project in {course.log_name} by {self.client.log_name}: {pid}") project = self.find.project(course, pid) return SCHEMAS.dump('project', project) Loading Loading @@ -102,6 +103,8 @@ class ProjectConfigResource(CustomResource): course = self.find.course(cid) project = self.find.project(course, pid) # authorization log.debug(f"[REST] Get project config in {project.log_name}" f" by {self.client.log_name}") schema = self.get_config_schema_based_on_permissions(course) return schema.dump(project.config) Loading Loading @@ -167,6 +170,8 @@ class ProjectSubmissions(CustomResource): user_id = request.args.get('user') project = self.find.project(course, pid) log.debug(f"[REST] Get project submissions in {project.log_name}" f" by {self.client.log_name} for user {user_id}") submissions = self.rest.projects(project).find_project_submissions(user_id) return SCHEMAS.dump('submissions', submissions) Loading Loading @@ -211,6 +216,8 @@ class ProjectTestFiles(CustomResource): course = self.find.course(cid) self.permissions(course=course).require.view_course_full() project = self.find.project(course, pid) log.debug(f"[REST] Get project test files in {project.log_name}" f" by {self.client.log_name}") service = self.rest.storage(project=project) storage_entity = service.get_test_files_entity_from_storage() return service.send_file_or_zip(storage_entity)
portal/rest/roles.py +4 −3 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ class RoleList(CustomResource): def get(self, cid): course = self.find.course(cid) roles = self.rest.roles.find_all(course) log.debug(f"[REST] Get roles in {course.log_name} by {self.client.log_name}") return SCHEMAS.dump('roles', roles) @jwt_required Loading Loading @@ -51,7 +52,7 @@ class RoleResource(CustomResource): course = self.find.course(cid) # authorization self.permissions(course=course).require.view_course() log.debug(f"[REST] Get role in {course.log_name} by {self.client.log_name}: {rid}") role = self.find.role(course, rid) return SCHEMAS.dump('role', role) Loading Loading @@ -95,7 +96,7 @@ class RolePermissions(CustomResource): def get(self, cid: str, rid: str): course = self.find.course(cid) role = self.find.role(course, rid) log.debug(f"[REST] Get role permissions in {role.log_name} by {self.client.log_name}") # authorization self.permissions(course=course).require.belongs_to_role(role) Loading Loading @@ -130,7 +131,7 @@ class RoleUsersList(CustomResource): role = self.find.role(course, rid) type = request.args.get('type') # authorization log.debug(f"[REST] Get role clients in {role.log_name} by {self.client.log_name}") self.permissions(course=course).require.belongs_to_role(role) users = [client for client in role.clients if client.type == ClientType[type.upper()]] Loading
