本文整理汇总了Python中models.api_auth_access.ApiAuthAccess.get_by_id方法的典型用法代码示例。如果您正苦于以下问题:Python ApiAuthAccess.get_by_id方法的具体用法?Python ApiAuthAccess.get_by_id怎么用?Python ApiAuthAccess.get_by_id使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类models.api_auth_access.ApiAuthAccess的用法示例。
在下文中一共展示了ApiAuthAccess.get_by_id方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self, auth_id):
self._require_admin()
auth = ApiAuthAccess.get_by_id(auth_id)
auth_types_enum = []
if self.request.get('allow_edit_teams'):
auth_types_enum.append(AuthType.EVENT_TEAMS)
if self.request.get('allow_edit_matches'):
auth_types_enum.append(AuthType.EVENT_MATCHES)
if self.request.get('allow_edit_rankings'):
auth_types_enum.append(AuthType.EVENT_RANKINGS)
if self.request.get('allow_edit_alliances'):
auth_types_enum.append(AuthType.EVENT_ALLIANCES)
if self.request.get('allow_edit_awards'):
auth_types_enum.append(AuthType.EVENT_AWARDS)
if self.request.get('allow_edit_match_video'):
auth_types_enum.append(AuthType.MATCH_VIDEO)
if not auth:
auth = ApiAuthAccess(
id=auth_id,
description=self.request.get('description'),
secret=''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(64)),
event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')],
auth_types_enum=auth_types_enum,
)
else:
auth.description = self.request.get('description')
auth.event_list = event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')]
auth.auth_types_enum = auth_types_enum
auth.put()
self.redirect("/admin/api_auth/manage")示例2: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self, event_key):
auth_id = self.request.headers.get('X-TBA-Auth-Id')
if not auth_id:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Id'"})
self.abort(400)
auth_sig = self.request.headers.get('X-TBA-Auth-Sig')
if not auth_sig:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Sig'"})
self.abort(400)
auth = ApiAuthAccess.get_by_id(auth_id)
if not auth or md5.new('{}{}{}'.format(auth.secret, self.request.path, self.request.body)).hexdigest() != auth_sig:
self._errors = json.dumps({"Error": "Invalid X-TBA-Auth-Id and/or X-TBA-Auth-Sig!"})
self.abort(400)
allowed_event_keys = [ekey.id() for ekey in auth.event_list]
if event_key not in allowed_event_keys:
self._errors = json.dumps({"Error": "Only allowed to edit events: {}".format(', '.join(allowed_event_keys))})
self.abort(400)
missing_auths = self.REQUIRED_AUTH_TYPES.difference(set(auth.auth_types_enum))
if missing_auths != set():
self._errors = json.dumps({"Error": "You do not have permission to edit: {}. If this is incorrect, please contact TBA admin.".format(",".join([AuthType.type_names[ma] for ma in missing_auths]))})
self.abort(400)
try:
self._process_request(self.request, event_key)
except ParserInputException, e:
self._errors = json.dumps({"Error": e.message})
self.abort(400)示例3: _validate_tba_auth_key
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def _validate_tba_auth_key(self):
"""
Tests the presence of a X-TBA-Auth-Key header or URL param.
"""
x_tba_auth_key = self.request.headers.get("X-TBA-Auth-Key")
if x_tba_auth_key is None:
x_tba_auth_key = self.request.get('X-TBA-Auth-Key')
self.auth_owner = None
self.auth_owner_key = None
self.auth_description = None
if not x_tba_auth_key:
account = self._user_bundle.account
if account:
self.auth_owner = account.key.id()
self.auth_owner_key = account.key
elif 'thebluealliance.com' in self.request.headers.get("Origin", ""):
self.auth_owner = 'The Blue Alliance'
else:
self._errors = json.dumps({"Error": "X-TBA-Auth-Key is a required header or URL param. Please get an access key at http://www.thebluealliance.com/account."})
self.abort(401)
if self.auth_owner:
logging.info("Auth owner: {}, LOGGED IN".format(self.auth_owner))
else:
auth = ApiAuthAccess.get_by_id(x_tba_auth_key)
if auth and auth.is_read_key:
self.auth_owner = auth.owner.id()
self.auth_owner_key = auth.owner
self.auth_description = auth.description
logging.info("Auth owner: {}, X-TBA-Auth-Key: {}".format(self.auth_owner, x_tba_auth_key))
else:
self._errors = json.dumps({"Error": "X-TBA-Auth-Key is invalid. Please get an access key at http://www.thebluealliance.com/account."})
self.abort(401)示例4: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self, event_key):
auth_id = self.request.headers.get('X-TBA-Auth-Id')
if not auth_id:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Id'"})
self.abort(400)
auth_sig = self.request.headers.get('X-TBA-Auth-Sig')
if not auth_sig:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Sig'"})
self.abort(400)
auth = ApiAuthAccess.get_by_id(auth_id)
if not auth or md5.new('{}{}{}'.format(auth.secret, self.request.path, self.request.body)).hexdigest() != auth_sig:
self._errors = json.dumps({"Error": "Invalid X-TBA-Auth-Id and/or X-TBA-Auth-Sig!"})
self.abort(400)
allowed_event_keys = [ekey.id() for ekey in auth.event_list]
if event_key not in allowed_event_keys:
self._errors = json.dumps({"Error": "Only allowed to edit events: {}".format(', '.join(allowed_event_keys))})
self.abort(400)
try:
self._process_request(self.request, event_key)
except ParserInputException, e:
self._errors = json.dumps({"Error": e.message})
self.abort(400)示例5: get
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def get(self, auth_id):
self._require_admin()
auth = ApiAuthAccess.get_by_id(auth_id)
self.template_values.update({
"auth": auth
})
path = os.path.join(os.path.dirname(__file__), '../../templates/admin/api_delete_auth.html')
self.response.out.write(template.render(path, self.template_values))示例6: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self):
self._require_registration()
key_id = self.request.get('key_id')
auth = ApiAuthAccess.get_by_id(key_id)
if auth and auth.owner == self.user_bundle.account.key:
auth.key.delete()
self.redirect('/account?status=read_key_delete_success')
else:
self.redirect('/account?status=read_key_delete_failure')示例7: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self, auth_id):
self._require_admin()
auth = ApiAuthAccess.get_by_id(auth_id)
auth_types_enum = []
if self.request.get('allow_edit_teams'):
auth_types_enum.append(AuthType.EVENT_TEAMS)
if self.request.get('allow_edit_matches'):
auth_types_enum.append(AuthType.EVENT_MATCHES)
if self.request.get('allow_edit_rankings'):
auth_types_enum.append(AuthType.EVENT_RANKINGS)
if self.request.get('allow_edit_alliances'):
auth_types_enum.append(AuthType.EVENT_ALLIANCES)
if self.request.get('allow_edit_awards'):
auth_types_enum.append(AuthType.EVENT_AWARDS)
if self.request.get('allow_edit_match_video'):
auth_types_enum.append(AuthType.MATCH_VIDEO)
if self.request.get('owner', None):
owner = Account.query(Account.email == self.request.get('owner')).fetch()
owner_key = owner[0].key if owner else None
else:
owner_key = None
if self.request.get('expiration', None):
expiration = datetime.strptime(self.request.get('expiration'), '%Y-%m-%d')
else:
expiration = None
if not auth:
auth = ApiAuthAccess(
id=auth_id,
description=self.request.get('description'),
owner=owner_key,
expiration=expiration,
secret=''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(64)),
event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')],
auth_types_enum=auth_types_enum,
)
else:
auth.description = self.request.get('description')
auth.event_list = event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')]
auth.auth_types_enum = auth_types_enum
auth.owner = owner_key
auth.expiration = expiration
auth.put()
self.redirect("/admin/api_auth/manage")示例8: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self, event_key):
event_key = event_key.lower() # Normalize keys to lower case (TBA convention)
# Start by allowing admins to edit any event
user_has_auth = self._user_bundle.user and self._user_bundle.is_current_user_admin
if not user_has_auth and self._user_bundle.user:
# See if this user has any auth keys granted to its account
now = datetime.datetime.now()
auth_tokens = ApiAuthAccess.query(
ApiAuthAccess.owner == self._user_bundle.account.key,
ApiAuthAccess.event_list == ndb.Key(Event, event_key),
ndb.OR(ApiAuthAccess.expiration == None, ApiAuthAccess.expiration >= now),
).fetch()
user_has_auth = any(self._validate_auth(auth, event_key) is None for auth in auth_tokens)
if not user_has_auth:
# If not, check if auth id/secret were passed as headers
auth_id = self.request.headers.get("X-TBA-Auth-Id")
if not auth_id:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Id'"})
self.abort(400)
auth_sig = self.request.headers.get("X-TBA-Auth-Sig")
if not auth_sig:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Sig'"})
self.abort(400)
auth = ApiAuthAccess.get_by_id(auth_id)
expected_sig = md5.new(
"{}{}{}".format(auth.secret if auth else None, self.request.path, self.request.body)
).hexdigest()
if not auth or expected_sig != auth_sig:
logging.info("Auth sig: {}, Expected sig: {}".format(auth_sig, expected_sig))
self._errors = json.dumps({"Error": "Invalid X-TBA-Auth-Id and/or X-TBA-Auth-Sig!"})
self.abort(401)
# Checks event key is valid, correct auth types, and expiration
error = self._validate_auth(auth, event_key)
if error:
self._errors = json.dumps({"Error": error})
self.abort(401)
try:
self._process_request(self.request, event_key)
except ParserInputException, e:
self._errors = json.dumps({"Error": e.message})
self.abort(400)示例9: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self, auth_id):
self._require_admin()
auth = ApiAuthAccess.get_by_id(auth_id)
if not auth:
auth = ApiAuthAccess(
id=auth_id,
description=self.request.get('description'),
secret=''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(64)),
event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')],
)
else:
auth.description = self.request.get('description')
auth.event_list = event_list=[ndb.Key(Event, event_key.strip()) for event_key in self.request.get('event_list_str').split(',')]
auth.put()
self.redirect("/admin/api_auth/manage")示例10: _validate_tba_auth_key
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def _validate_tba_auth_key(self):
"""
Tests the presence of a X-TBA-Auth-Key header or URL param.
"""
with TraceContext() as root:
with root.span("ApiBaseController._validate_tba_auth_key"):
x_tba_auth_key = self.request.headers.get("X-TBA-Auth-Key")
if x_tba_auth_key is None:
x_tba_auth_key = self.request.get('X-TBA-Auth-Key')
self.auth_owner = None
self.auth_owner_key = None
self.auth_description = None
if not x_tba_auth_key:
account = self._user_bundle.account
if account:
self.auth_owner = account.key.id()
self.auth_owner_key = account.key
elif 'thebluealliance.com' in self.request.headers.get("Origin", ""):
self.auth_owner = 'The Blue Alliance'
else:
self._errors = {"Error": "X-TBA-Auth-Key is a required header or URL param. Please get an access key at http://www.thebluealliance.com/account."}
self.abort(401)
if self.auth_owner:
logging.info("Auth owner: {}, LOGGED IN".format(self.auth_owner))
else:
auth = ApiAuthAccess.get_by_id(x_tba_auth_key)
if auth and auth.is_read_key:
self.auth_owner = auth.owner.id()
self.auth_owner_key = auth.owner
self.auth_description = auth.description
if self.REQUIRE_ADMIN_AUTH and not auth.allow_admin:
self._errors = {"Error": "X-TBA-Auth-Key does not have required permissions"}
self.abort(401)
logging.info("Auth owner: {}, X-TBA-Auth-Key: {}".format(self.auth_owner, x_tba_auth_key))
else:
self._errors = {"Error": "X-TBA-Auth-Key is invalid. Please get an access key at http://www.thebluealliance.com/account."}
self.abort(401)示例11: post
# 需要导入模块: from models.api_auth_access import ApiAuthAccess [as 别名]
# 或者: from models.api_auth_access.ApiAuthAccess import get_by_id [as 别名]
def post(self, event_key):
event_key = event_key.lower() # Normalize keys to lower case (TBA convention)
# Make sure we are processing for a valid event first
# (it's fine to do this before auth, since leaking the existence of an
# event isn't really that big a deal)
self.event = Event.get_by_id(event_key)
if not self.event:
self._errors = json.dumps({"Error": "Event {} not found".format(event_key)})
self.abort(404)
# Start by allowing admins to edit any event
user_is_admin = (self._user_bundle.user and self._user_bundle.is_current_user_admin)
# Also grant access if the user as the EVENTWIZARD permission and this
# is a current year offseason event
account = self._user_bundle.account
current_year = datetime.datetime.now().year
user_has_permission = (self.event.event_type_enum == EventType.OFFSEASON
and self.event.year == current_year
and account is not None
and AccountPermissions.OFFSEASON_EVENTWIZARD in account.permissions)
user_has_auth = (user_is_admin or user_has_permission)
if not user_has_auth and self._user_bundle.user:
# See if this user has any auth keys granted to its account
now = datetime.datetime.now()
auth_tokens = ApiAuthAccess.query(ApiAuthAccess.owner == account.key,
ApiAuthAccess.event_list == ndb.Key(Event, event_key),
ndb.OR(ApiAuthAccess.expiration == None, ApiAuthAccess.expiration >= now)).fetch()
user_has_auth = any(self._validate_auth(auth, event_key) is None for auth in auth_tokens)
if not user_has_auth:
# If not, check if auth id/secret were passed as headers
auth_id = self.request.headers.get('X-TBA-Auth-Id')
if not auth_id:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Id'"})
self.abort(400)
auth_sig = self.request.headers.get('X-TBA-Auth-Sig')
if not auth_sig:
self._errors = json.dumps({"Error": "Must provide a request header parameter 'X-TBA-Auth-Sig'"})
self.abort(400)
auth = ApiAuthAccess.get_by_id(auth_id)
expected_sig = md5.new('{}{}{}'.format(auth.secret if auth else None, self.request.path, self.request.body)).hexdigest()
if not auth or expected_sig != auth_sig:
logging.info("Auth sig: {}, Expected sig: {}".format(auth_sig, expected_sig))
self._errors = json.dumps({"Error": "Invalid X-TBA-Auth-Id and/or X-TBA-Auth-Sig!"})
self.abort(401)
# Checks event key is valid, correct auth types, and expiration
error = self._validate_auth(auth, event_key)
if error:
self._errors = json.dumps({"Error": error})
self.abort(401)
try:
self._process_request(self.request, event_key)
except ParserInputException, e:
self._errors = json.dumps({"Error": e.message})
self.abort(400)