当前位置: 首页>>代码示例>>Python>>正文

Python PYLOAD.isAuthorized方法代码示例

本文整理汇总了Python中webinterface.PYLOAD.isAuthorized方法的典型用法代码示例。如果您正苦于以下问题:Python PYLOAD.isAuthorized方法的具体用法?Python PYLOAD.isAuthorized怎么用?Python PYLOAD.isAuthorized使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在webinterface.PYLOAD的用法示例。


在下文中一共展示了PYLOAD.isAuthorized方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: call_api

# 需要导入模块: from webinterface import PYLOAD [as 别名]
# 或者: from webinterface.PYLOAD import isAuthorized [as 别名]
def call_api(func, args=""):
    add_header(response)

    s = request.environ.get('beaker.session')
    auth = parse_auth(request.get_header('Authorization', ''))
    # TODO: session as GET
    if 'session' in request.POST:
        # removes "' so it works on json strings
        s = s.get_by_id(remove_chars(request.POST['session'], "'\""))
    elif auth:
        user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get('REMOTE_ADDR', None))
        # if auth is correct create a pseudo session
        if user: s = {'uid': user.uid}

    api = get_user_api(s)
    if not api:
        return HTTPError(403, dumps("Forbidden"))

    if not PYLOAD.isAuthorized(func, api.user):
        return HTTPError(401, dumps("Unauthorized"))

    args = args.split("/")[1:]
    kwargs = {}

    for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
        if x == "session": continue
        kwargs[x] = unquote(y)

    try:
        return callApi(api, func, *args, **kwargs)
    except ExceptionObject, e:
        return HTTPError(400, dumps(e))
开发者ID:4Christopher,项目名称:pyload,代码行数:34,代码来源:api_app.py

示例2: call_api

# 需要导入模块: from webinterface import PYLOAD [as 别名]
# 或者: from webinterface.PYLOAD import isAuthorized [as 别名]
def call_api(func, args=""):
    response.headers.replace("Content-type", "application/json")
    response.headers.append("Cache-Control", "no-cache, must-revalidate")

    s = request.environ.get('beaker.session')
    if 'session' in request.POST:
        s = s.get_by_id(request.POST['session'])

    if not s or not s.get("authenticated", False):
        return HTTPError(403, json.dumps("Forbidden"))

    if not PYLOAD.isAuthorized(func, {"role": s["role"], "permission": s["perms"]}):
        return HTTPError(401, json.dumps("Unauthorized"))

    args = args.split("/")[1:]
    kwargs = {}

    for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
        if x == "session": continue
        kwargs[x] = unquote(y)

    try:
        return callApi(func, *args, **kwargs)
    except Exception, e:
        print_exc()
        return HTTPError(500, json.dumps({"error": e.message, "traceback": format_exc()}))
开发者ID:EikeKre,项目名称:pyload,代码行数:28,代码来源:api_app.py

示例3: call_api

# 需要导入模块: from webinterface import PYLOAD [as 别名]
# 或者: from webinterface.PYLOAD import isAuthorized [as 别名]
def call_api(func, args=""):
    add_header(response)

    s = request.environ.get('beaker.session')
    if 'session' in request.POST:
        # removes "' so it works on json strings
        s = s.get_by_id(remove_chars(request.POST['session'], "'\""))

    api = get_user_api(s)
    if not api:
        return HTTPError(403, dumps("Forbidden"))

    if not PYLOAD.isAuthorized(func, api.user):
        return HTTPError(401, dumps("Unauthorized"))

    args = args.split("/")[1:]
    kwargs = {}

    for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
        if x == "session": continue
        kwargs[x] = unquote(y)

    try:
        return callApi(func, *args, **kwargs)
    except Exception, e:
        print_exc()
        return HTTPError(500, dumps({"error": e.message, "traceback": format_exc()}))
开发者ID:keat01,项目名称:pyLoad,代码行数:29,代码来源:api_app.py

示例4: call_api

# 需要导入模块: from webinterface import PYLOAD [as 别名]
# 或者: from webinterface.PYLOAD import isAuthorized [as 别名]
def call_api(func, args=""):
    add_json_header(response)

    s = request.environ.get('beaker.session')
    # Accepts standard http auth
    auth = parse_auth(request.get_header('Authorization', ''))
    if 'session' in request.POST or 'session' in request.GET:
        # removes "' so it works on json strings
        s = s.get_by_id(remove_chars(request.params.get('session'), "'\""))
    elif auth:
        user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get('REMOTE_ADDR', None))
        # if auth is correct create a pseudo session
        if user: s = {'uid': user.uid}

    api = get_user_api(s)
    if not api:
        return error(401, "Unauthorized")

    if not PYLOAD.isAuthorized(func, api.user):
        return error(403, "Forbidden")

    if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
        print "Invalid API call", func
        return error(404, "Not Found")

    # TODO: possible encoding
    # TODO Better error codes on invalid input

    args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
    kwargs = {}

    # accepts body as json dict
    if request.json:
        kwargs = request.json

    # file upload, reads whole file into memory
    for name, f in request.files.iteritems():
        kwargs["filename"] = f.filename
        content = StringIO()
        f.save(content)
        kwargs[name] = content.getvalue()
        content.close()

    # convert arguments from json to obj separately
    for x, y in request.params.iteritems():
        try:
            if not x or not y or x == "session": continue
            kwargs[x] = loads(unquote(y))
        except Exception, e:
            # Unsupported input
            msg = "Invalid Input %s, %s : %s" % (x, y, e.message)
            print_exc()
            print msg
            return error(415, msg)
开发者ID:ASCIIteapot,项目名称:pyload,代码行数:56,代码来源:api_app.py

示例5: call_api

# 需要导入模块: from webinterface import PYLOAD [as 别名]
# 或者: from webinterface.PYLOAD import isAuthorized [as 别名]
def call_api(func, args=""):
    add_header(response)

    s = request.environ.get("beaker.session")
    # Accepts standard http auth
    auth = parse_auth(request.get_header("Authorization", ""))
    if "session" in request.POST or "session" in request.GET:
        # removes "' so it works on json strings
        s = s.get_by_id(remove_chars(request.params.get("session"), "'\""))
    elif auth:
        user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get("REMOTE_ADDR", None))
        # if auth is correct create a pseudo session
        if user:
            s = {"uid": user.uid}

    api = get_user_api(s)
    if not api:
        return HTTPError(401, dumps("Unauthorized"), **response.headers)

    if not PYLOAD.isAuthorized(func, api.user):
        return HTTPError(403, dumps("Forbidden"), **response.headers)

    if not hasattr(PYLOAD.EXTERNAL, func) or func.startswith("_"):
        print "Invalid API call", func
        return HTTPError(404, dumps("Not Found"), **response.headers)

    # TODO: possible encoding
    # TODO Better error codes on invalid input

    args = [loads(unquote(arg)) for arg in args.split("/")[1:]]
    kwargs = {}

    # accepts body as json dict
    if request.json:
        kwargs = request.json

    # convert arguments from json to obj separately
    for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
        if not x or not y or x == "session":
            continue
        kwargs[x] = loads(unquote(y))

    try:
        result = getattr(api, func)(*args, **kwargs)
        # null is invalid json response
        if result is None:
            result = True
        return dumps(result)

    except ExceptionObject, e:
        return HTTPError(400, dumps(e), **response.headers)
开发者ID:japhigu,项目名称:pyload,代码行数:53,代码来源:api_app.py


注:本文中的webinterface.PYLOAD.isAuthorized方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。