本文整理汇总了Python中models.api_auth_access.ApiAuthAccess类的典型用法代码示例。如果您正苦于以下问题:Python ApiAuthAccess类的具体用法?Python ApiAuthAccess怎么用?Python ApiAuthAccess使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了ApiAuthAccess类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: setUp
def setUp(self):
self.testapp = webtest.TestApp(api_main.app)
self.testbed = testbed.Testbed()
self.testbed.activate()
self.testbed.init_datastore_v3_stub()
self.testbed.init_urlfetch_stub()
self.testbed.init_memcache_stub()
self.testbed.init_taskqueue_stub(root_path=".")
self.aaa = ApiAuthAccess(id='tEsT_id_1',
secret='321tEsTsEcReT',
description='test',
event_list=[ndb.Key(Event, '2014casj')],
auth_types_enum=[AuthType.EVENT_DATA])
self.aaa2 = ApiAuthAccess(id='tEsT_id_2',
secret='321tEsTsEcReT',
description='test',
event_list=[ndb.Key(Event, '2014casj')],
auth_types_enum=[AuthType.MATCH_VIDEO])
self.event = Event(
id='2014casj',
event_type_enum=EventType.REGIONAL,
event_short='casj',
year=2014,
)
self.event.put()示例2: post
def post(self, event_key):
event_key = event_key.lower() # Normalize keys to lower case (TBA convention)
# Start by allowing admins to edit any event
user_has_auth = self._user_bundle.user and self._user_bundle.is_current_user_admin
if not user_has_auth and self._user_bundle.user:
# See if this user has any auth keys granted to its account
now = datetime.datetime.now()
auth_tokens = ApiAuthAccess.query(
ApiAuthAccess.owner == self._user_bundle.account.key,
ApiAuthAccess.event_list == ndb.Key(Event, event_key),
ndb.OR(ApiAuthAccess.expiration == None, ApiAuthAccess.expiration >= now),
).fetch()
user_has_auth = any(self._validate_auth(auth, event_key) is None for auth in auth_tokens)
if not user_has_auth:
# If not, check if auth id/secret were passed as headers
auth_id = self.request.headers.get("X-TBA-Auth-Id")
if not auth_id:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Id'"})
self.abort(400)
auth_sig = self.request.headers.get("X-TBA-Auth-Sig")
if not auth_sig:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Sig'"})
self.abort(400)
auth = ApiAuthAccess.get_by_id(auth_id)
expected_sig = md5.new(
"{}{}{}".format(auth.secret if auth else None, self.request.path, self.request.body)
).hexdigest()
if not auth or expected_sig != auth_sig:
logging.info("Auth sig: {}, Expected sig: {}".format(auth_sig, expected_sig))
self._errors = json.dumps({"Error": "Invalid X-TBA-Auth-Id and/or X-TBA-Auth-Sig!"})
self.abort(401)
# Checks event key is valid, correct auth types, and expiration
error = self._validate_auth(auth, event_key)
if error:
self._errors = json.dumps({"Error": error})
self.abort(401)
try:
self._process_request(self.request, event_key)
except ParserInputException, e:
self._errors = json.dumps({"Error": e.message})
self.abort(400)示例3: get
def get(self, event_key):
self._require_admin()
event = Event.get_by_id(event_key)
if not event:
self.abort(404)
event.prepAwardsMatchesTeams()
reg_sitevar = Sitevar.get_by_id("cmp_registration_hacks")
api_keys = ApiAuthAccess.query(ApiAuthAccess.event_list == ndb.Key(Event, event_key)).fetch()
event_medias = Media.query(Media.references == event.key).fetch(500)
self.template_values.update({
"event": event,
"medias": event_medias,
"cache_key": event_controller.EventDetail('2016nyny').cache_key.format(event.key_name),
"flushed": self.request.get("flushed"),
"playoff_types": PlayoffType.type_names,
"write_auths": api_keys,
"event_sync_disable": reg_sitevar and event_key in reg_sitevar.contents.get('divisions_to_skip', []),
"set_start_day_to_last": reg_sitevar and event_key in reg_sitevar.contents.get('set_start_to_last_day', []),
"skip_eventteams": reg_sitevar and event_key in reg_sitevar.contents.get('skip_eventteams', []),
"event_name_override": next(iter(filter(lambda e: e.get("event") == event_key, reg_sitevar.contents.get("event_name_override", []))), {}).get("name", "")
})
path = os.path.join(os.path.dirname(__file__), '../../templates/admin/event_details.html')
self.response.out.write(template.render(path, self.template_values))示例4: post
def post(self, event_key):
auth_id = self.request.headers.get('X-TBA-Auth-Id')
if not auth_id:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Id'"})
self.abort(400)
auth_sig = self.request.headers.get('X-TBA-Auth-Sig')
if not auth_sig:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Sig'"})
self.abort(400)
auth = ApiAuthAccess.get_by_id(auth_id)
if not auth or md5.new('{}{}{}'.format(auth.secret, self.request.path, self.request.body)).hexdigest() != auth_sig:
self._errors = json.dumps({"Error": "Invalid X-TBA-Auth-Id and/or X-TBA-Auth-Sig!"})
self.abort(400)
allowed_event_keys = [ekey.id() for ekey in auth.event_list]
if event_key not in allowed_event_keys:
self._errors = json.dumps({"Error": "Only allowed to edit events: {}".format(', '.join(allowed_event_keys))})
self.abort(400)
try:
self._process_request(self.request, event_key)
except ParserInputException, e:
self._errors = json.dumps({"Error": e.message})
self.abort(400)示例5: post
def post(self, event_key):
auth_id = self.request.headers.get('X-TBA-Auth-Id')
if not auth_id:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Id'"})
self.abort(400)
auth_sig = self.request.headers.get('X-TBA-Auth-Sig')
if not auth_sig:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Sig'"})
self.abort(400)
auth = ApiAuthAccess.get_by_id(auth_id)
if not auth or md5.new('{}{}{}'.format(auth.secret, self.request.path, self.request.body)).hexdigest() != auth_sig:
self._errors = json.dumps({"Error": "Invalid X-TBA-Auth-Id and/or X-TBA-Auth-Sig!"})
self.abort(400)
allowed_event_keys = [ekey.id() for ekey in auth.event_list]
if event_key not in allowed_event_keys:
self._errors = json.dumps({"Error": "Only allowed to edit events: {}".format(', '.join(allowed_event_keys))})
self.abort(400)
missing_auths = self.REQUIRED_AUTH_TYPES.difference(set(auth.auth_types_enum))
if missing_auths != set():
self._errors = json.dumps({"Error": "You do not have permission to edit: {}. If this is incorrect, please contact TBA admin.".format(",".join([AuthType.type_names[ma] for ma in missing_auths]))})
self.abort(400)
try:
self._process_request(self.request, event_key)
except ParserInputException, e:
self._errors = json.dumps({"Error": e.message})
self.abort(400)示例6: _validate_tba_auth_key
def _validate_tba_auth_key(self):
"""
Tests the presence of a X-TBA-Auth-Key header or URL param.
"""
x_tba_auth_key = self.request.headers.get("X-TBA-Auth-Key")
if x_tba_auth_key is None:
x_tba_auth_key = self.request.get('X-TBA-Auth-Key')
self.auth_owner = None
self.auth_owner_key = None
self.auth_description = None
if not x_tba_auth_key:
account = self._user_bundle.account
if account:
self.auth_owner = account.key.id()
self.auth_owner_key = account.key
elif 'thebluealliance.com' in self.request.headers.get("Origin", ""):
self.auth_owner = 'The Blue Alliance'
else:
self._errors = json.dumps({"Error": "X-TBA-Auth-Key is a required header or URL param. Please get an access key at http://www.thebluealliance.com/account."})
self.abort(401)
if self.auth_owner:
logging.info("Auth owner: {}, LOGGED IN".format(self.auth_owner))
else:
auth = ApiAuthAccess.get_by_id(x_tba_auth_key)
if auth and auth.is_read_key:
self.auth_owner = auth.owner.id()
self.auth_owner_key = auth.owner
self.auth_description = auth.description
logging.info("Auth owner: {}, X-TBA-Auth-Key: {}".format(self.auth_owner, x_tba_auth_key))
else:
self._errors = json.dumps({"Error": "X-TBA-Auth-Key is invalid. Please get an access key at http://www.thebluealliance.com/account."})
self.abort(401)示例7: _process_accepted
def _process_accepted(self, suggestion_id, message):
suggestion = Suggestion.get_by_id(suggestion_id)
event_key = suggestion.contents['event_key']
user = suggestion.author.get()
event = Event.get_by_id(event_key)
auth_id = ''.join(
random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in
range(16))
auth_types = self.request.get_all("auth_types", [])
expiration_offset = int(self.request.get("expiration_days"))
if expiration_offset != -1:
expiration_event_end = event.end_date + timedelta(days=expiration_offset + 1)
expiration_now = datetime.now() + timedelta(days=expiration_offset)
expiration = max(expiration_event_end, expiration_now)
else:
expiration = None
auth = ApiAuthAccess(
id=auth_id,
description="{} @ {}".format(user.display_name, suggestion.contents['event_key']),
secret=''.join(
random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _
in range(64)),
event_list=[ndb.Key(Event, event_key)],
auth_types_enum=[int(type) for type in auth_types],
owner=suggestion.author,
expiration=expiration
)
auth.put()
suggestion.review_state = Suggestion.REVIEW_ACCEPTED
suggestion.reviewer = self.user_bundle.account.key
suggestion.reviewed_at = datetime.now()
suggestion.put()
return auth_id, user, event_key, """Hi {},
We graciously accept your request for auth tokens so you can add data to the following event: {} {}
You can find the keys on your account overview page: https://www.thebluealliance.com/account
{}
If you have any questions, please don't heasitate to reach out to us at [email protected]
Thanks,
TBA Admins
""".format(user.display_name, event.year, event.name, message)示例8: post
def post(self, auth_id):
self._require_admin()
auth = ApiAuthAccess.get_by_id(auth_id)
if not auth:
auth = ApiAuthAccess(
id=auth_id,
description=self.request.get('description'),
secret=''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(64)),
event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')],
)
else:
auth.description = self.request.get('description')
auth.event_list = event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')]
auth.put()
self.redirect("/admin/api_auth/manage")示例9: testExistingAuthKeys
def testExistingAuthKeys(self):
self.loginUser()
self.givePermission()
existing_auth = ApiAuthAccess(id='tEsT_id_0',
secret='321tEsTsEcReT',
description='test',
event_list=[ndb.Key(Event, '2016necmp')],
auth_types_enum=[AuthType.EVENT_TEAMS])
existing_auth.put()
suggestion_id = self.createSuggestion()
form = self.getSuggestionForm(suggestion_id)
response = form.submit('verdict', value='accept').follow()
self.assertEqual(response.status_int, 200)
auths = ApiAuthAccess.query().fetch()
self.assertTrue(len(auths), 2)示例10: post
def post(self):
self._require_registration()
key_id = self.request.get('key_id')
auth = ApiAuthAccess.get_by_id(key_id)
if auth and auth.owner == self.user_bundle.account.key:
auth.key.delete()
self.redirect('/account?status=read_key_delete_success')
else:
self.redirect('/account?status=read_key_delete_failure')示例11: get
def get(self, auth_id):
self._require_admin()
auth = ApiAuthAccess.get_by_id(auth_id)
self.template_values.update({
"auth": auth
})
path = os.path.join(os.path.dirname(__file__), '../../templates/admin/api_delete_auth.html')
self.response.out.write(template.render(path, self.template_values))示例12: post
def post(self, auth_id):
self._require_admin()
logging.warning("Deleting auth: %s at the request of %s / %s" % (
auth_id,
self.user_bundle.user.user_id(),
self.user_bundle.user.email()))
auth = ApiAuthAccess.get_by_id(auth_id)
auth.key.delete()
self.redirect("/admin/api_auth/manage")示例13: post
def post(self, auth_id):
self._require_admin()
auth = ApiAuthAccess.get_by_id(auth_id)
auth_types_enum = []
if self.request.get('allow_edit_teams'):
auth_types_enum.append(AuthType.EVENT_TEAMS)
if self.request.get('allow_edit_matches'):
auth_types_enum.append(AuthType.EVENT_MATCHES)
if self.request.get('allow_edit_rankings'):
auth_types_enum.append(AuthType.EVENT_RANKINGS)
if self.request.get('allow_edit_alliances'):
auth_types_enum.append(AuthType.EVENT_ALLIANCES)
if self.request.get('allow_edit_awards'):
auth_types_enum.append(AuthType.EVENT_AWARDS)
if self.request.get('allow_edit_match_video'):
auth_types_enum.append(AuthType.MATCH_VIDEO)
if self.request.get('owner', None):
owner = Account.query(Account.email == self.request.get('owner')).fetch()
owner_key = owner[0].key if owner else None
else:
owner_key = None
if self.request.get('expiration', None):
expiration = datetime.strptime(self.request.get('expiration'), '%Y-%m-%d')
else:
expiration = None
if not auth:
auth = ApiAuthAccess(
id=auth_id,
description=self.request.get('description'),
owner=owner_key,
expiration=expiration,
secret=''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(64)),
event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')],
auth_types_enum=auth_types_enum,
)
else:
auth.description = self.request.get('description')
auth.event_list = event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')]
auth.auth_types_enum = auth_types_enum
auth.owner = owner_key
auth.expiration = expiration
auth.put()
self.redirect("/admin/api_auth/manage")示例14: get
def get(self):
self._require_admin()
auths = ApiAuthAccess.query().fetch()
write_auths = filter(lambda auth: auth.is_write_key, auths)
read_auths = filter(lambda auth: auth.is_read_key, auths)
self.template_values.update({
'write_auths': write_auths,
'read_auths': read_auths,
})
path = os.path.join(os.path.dirname(__file__), '../../templates/admin/api_manage_auth.html')
self.response.out.write(template.render(path, self.template_values))示例15: testRejectSuggestion
def testRejectSuggestion(self):
self.loginUser()
self.givePermission()
suggestion_id = self.createSuggestion()
form = self.getSuggestionForm(suggestion_id)
response = form.submit('verdict', value='reject').follow()
self.assertEqual(response.status_int, 200)
auths = ApiAuthAccess.query().fetch()
self.assertEqual(len(auths), 0)
# Make sure we mark the Suggestion as REJECTED
suggestion = Suggestion.get_by_id(suggestion_id)
self.assertIsNotNone(suggestion)
self.assertEqual(suggestion.review_state, Suggestion.REVIEW_REJECTED)