From 07e723dec8f61b9a987136f751809060db9f4df4 Mon Sep 17 00:00:00 2001 From: Inex Code Date: Fri, 24 Jun 2022 20:12:32 +0300 Subject: [PATCH] more precise permission control --- selfprivacy_api/app.py | 2 +- selfprivacy_api/graphql/__init__.py | 15 --------------- selfprivacy_api/graphql/queries/api.py | 5 +++-- selfprivacy_api/graphql/schema.py | 19 +++++++++++++++++++ 4 files changed, 23 insertions(+), 18 deletions(-) create mode 100644 selfprivacy_api/graphql/schema.py diff --git a/selfprivacy_api/app.py b/selfprivacy_api/app.py index 6deba7c..082ddee 100644 --- a/selfprivacy_api/app.py +++ b/selfprivacy_api/app.py @@ -23,7 +23,7 @@ from selfprivacy_api.migrations import run_migrations from selfprivacy_api.utils.auth import is_token_valid -from selfprivacy_api.graphql import schema +from selfprivacy_api.graphql.schema import schema swagger_blueprint = get_swaggerui_blueprint( "/api/docs", "/api/swagger.json", config={"app_name": "SelfPrivacy API"} diff --git a/selfprivacy_api/graphql/__init__.py b/selfprivacy_api/graphql/__init__.py index 762a324..c1ae87b 100644 --- a/selfprivacy_api/graphql/__init__.py +++ b/selfprivacy_api/graphql/__init__.py @@ -1,13 +1,10 @@ """GraphQL API for SelfPrivacy.""" # pylint: disable=too-few-public-methods import typing -import strawberry from strawberry.permission import BasePermission from strawberry.types import Info from flask import request -from selfprivacy_api.graphql.queries.api import Api -from selfprivacy_api.graphql.queries.system import System from selfprivacy_api.utils.auth import is_token_valid class IsAuthenticated(BasePermission): @@ -23,15 +20,3 @@ class IsAuthenticated(BasePermission): if not is_token_valid(auth): return False return True - - -@strawberry.type -class Query: - """Root schema for queries""" - system: System - @strawberry.field(permission_classes=[IsAuthenticated]) - def api(self) -> Api: - """API access status""" - return Api() - -schema = strawberry.Schema(query=Query) diff --git a/selfprivacy_api/graphql/queries/api.py b/selfprivacy_api/graphql/queries/api.py index a79222a..5431d7d 100644 --- a/selfprivacy_api/graphql/queries/api.py +++ b/selfprivacy_api/graphql/queries/api.py @@ -4,6 +4,7 @@ import datetime import typing from flask import request import strawberry +from selfprivacy_api.graphql import IsAuthenticated from selfprivacy_api.utils import parse_date from selfprivacy_api.utils.auth import ( @@ -74,5 +75,5 @@ def get_recovery_key_status() -> ApiRecoveryKeyStatus: class Api: """API access status""" version: str = strawberry.field(resolver=get_api_version) - devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices) - recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status) + devices: typing.List[ApiDevice] = strawberry.field(resolver=get_devices, permission_classes=[IsAuthenticated]) + recovery_key: ApiRecoveryKeyStatus = strawberry.field(resolver=get_recovery_key_status, permission_classes=[IsAuthenticated]) diff --git a/selfprivacy_api/graphql/schema.py b/selfprivacy_api/graphql/schema.py new file mode 100644 index 0000000..d3105a5 --- /dev/null +++ b/selfprivacy_api/graphql/schema.py @@ -0,0 +1,19 @@ +"""GraphQL API for SelfPrivacy.""" +# pylint: disable=too-few-public-methods +import typing +import strawberry + +from selfprivacy_api.graphql.queries.api import Api +from selfprivacy_api.graphql.queries.system import System + + +@strawberry.type +class Query: + """Root schema for queries""" + system: System + @strawberry.field + def api(self) -> Api: + """API access status""" + return Api() + +schema = strawberry.Schema(query=Query)