more precise permission control

2022-06-24 20:12:32 +03:00 · 2022-06-24 20:12:32 +03:00 · 07e723dec8
parent 517a769e5b
commit 07e723dec8
4 changed files with 23 additions and 18 deletions
--- a/selfprivacy_api/app.py
+++ b/selfprivacy_api/app.py
@ -23,7 +23,7 @@ from selfprivacy_api.migrations import run_migrations

 from selfprivacy_api.utils.auth import is_token_valid

-from selfprivacy_api.graphql import schema
+from selfprivacy_api.graphql.schema import schema

 swagger_blueprint = get_swaggerui_blueprint(
    "/api/docs", "/api/swagger.json", config={"app_name": "SelfPrivacy API"}
--- a/selfprivacy_api/graphql/init.py
+++ b/selfprivacy_api/graphql/init.py
@ -1,13 +1,10 @@
 """GraphQL API for SelfPrivacy."""
 # pylint: disable=too-few-public-methods
 import typing
-import strawberry
 from strawberry.permission import BasePermission
 from strawberry.types import Info
 from flask import request

-from selfprivacy_api.graphql.queries.api import Api
-from selfprivacy_api.graphql.queries.system import System
 from selfprivacy_api.utils.auth import is_token_valid

 class IsAuthenticated(BasePermission):
@ -23,15 +20,3 @@ class IsAuthenticated(BasePermission):
        if not is_token_valid(auth):
            return False
        return True
-
-
-@strawberry.type
-class Query:
-    """Root schema for queries"""
-    system: System
-    @strawberry.field(permission_classes=[IsAuthenticated])
-    def api(self) -> Api:
-        """API access status"""
-        return Api()
-
-schema = strawberry.Schema(query=Query)
--- a/selfprivacy_api/graphql/queries/api.py
+++ b/selfprivacy_api/graphql/queries/api.py
@ -4,6 +4,7 @@ import datetime
 import typing
 from flask import request
 import strawberry
+from selfprivacy_api.graphql import IsAuthenticated
 from selfprivacy_api.utils import parse_date

 from selfprivacy_api.utils.auth import (
@ -74,5 +75,5 @@ def get_recovery_key_status() -> ApiRecoveryKeyStatus:
 class Api:
    """API access status"""
    version: str = strawberry.field(resolver=get_api_version)
-    devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices)
-    recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status)
+    devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices, permission_classes=[IsAuthenticated])
+    recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status, permission_classes=[IsAuthenticated])
--- a/selfprivacy_api/graphql/schema.py
+++ b/selfprivacy_api/graphql/schema.py
@ -0,0 +1,19 @@
+"""GraphQL API for SelfPrivacy."""
+# pylint: disable=too-few-public-methods
+import typing
+import strawberry
+
+from selfprivacy_api.graphql.queries.api import Api
+from selfprivacy_api.graphql.queries.system import System
+
+
+@strawberry.type
+class Query:
+    """Root schema for queries"""
+    system: System
+    @strawberry.field
+    def api(self) -> Api:
+        """API access status"""
+        return Api()
+
+schema = strawberry.Schema(query=Query)