Revision ee7a2b87 snf-astakos-app/astakos/im/api/user.py
b/snf-astakos-app/astakos/im/api/user.py | ||
---|---|---|
31 | 31 |
# interpreted as representing official policies, either expressed |
32 | 32 |
# or implied, of GRNET S.A. |
33 | 33 |
|
34 |
import logging |
|
35 |
|
|
36 | 34 |
from functools import wraps |
37 | 35 |
from time import time, mktime |
38 | 36 |
|
... | ... | |
40 | 38 |
from django.utils import simplejson as json |
41 | 39 |
from django.views.decorators.csrf import csrf_exempt |
42 | 40 |
|
41 |
from snf_django.lib import api |
|
43 | 42 |
from snf_django.lib.api import faults |
44 |
from . import render_fault, __get_uuid_displayname_catalogs, __send_feedback
|
|
43 |
from . import __get_uuid_displayname_catalogs, __send_feedback |
|
45 | 44 |
|
46 | 45 |
from astakos.im.models import AstakosUser |
47 | 46 |
from astakos.im.util import epoch |
... | ... | |
49 | 48 |
from astakos.im.api.callpoint import AstakosCallpoint |
50 | 49 |
callpoint = AstakosCallpoint() |
51 | 50 |
|
51 |
import logging |
|
52 | 52 |
logger = logging.getLogger(__name__) |
53 | 53 |
format = ('%a, %d %b %Y %H:%M:%S GMT') |
54 | 54 |
|
55 | 55 |
|
56 |
def api_method(http_method=None, token_required=False, perms=None): |
|
57 |
"""Decorator function for views that implement an API method.""" |
|
58 |
if not perms: |
|
59 |
perms = [] |
|
60 |
|
|
61 |
def decorator(func): |
|
62 |
@wraps(func) |
|
63 |
def wrapper(request, *args, **kwargs): |
|
64 |
try: |
|
65 |
if http_method and request.method != http_method: |
|
66 |
raise faults.BadRequest('Method not allowed.') |
|
67 |
x_auth_token = request.META.get('HTTP_X_AUTH_TOKEN') |
|
68 |
if token_required: |
|
69 |
if not x_auth_token: |
|
70 |
raise faults.Unauthorized('Access denied') |
|
71 |
try: |
|
72 |
user = AstakosUser.objects.get(auth_token=x_auth_token) |
|
73 |
if not user.has_perms(perms): |
|
74 |
raise faults.Forbidden('Unauthorized request') |
|
75 |
except AstakosUser.DoesNotExist, e: |
|
76 |
raise faults.Unauthorized('Invalid X-Auth-Token') |
|
77 |
kwargs['user'] = user |
|
78 |
response = func(request, *args, **kwargs) |
|
79 |
return response |
|
80 |
except faults.Fault, fault: |
|
81 |
return render_fault(request, fault) |
|
82 |
except BaseException, e: |
|
83 |
logger.exception('Unexpected error: %s' % e) |
|
84 |
fault = faults.InternalServerError('Unexpected error') |
|
85 |
return render_fault(request, fault) |
|
86 |
return wrapper |
|
87 |
return decorator |
|
88 |
|
|
89 |
|
|
90 |
@api_method(http_method='GET', token_required=True) |
|
56 |
def user_from_token(func): |
|
57 |
@wraps(func) |
|
58 |
def wrapper(request, *args, **kwargs): |
|
59 |
try: |
|
60 |
token = request.x_auth_token |
|
61 |
except AttributeError: |
|
62 |
raise faults.Unauthorized("No authentication token") |
|
63 |
|
|
64 |
if not token: |
|
65 |
raise faults.Unauthorized("Invalid X-Auth-Token") |
|
66 |
|
|
67 |
try: |
|
68 |
user = AstakosUser.objects.get(auth_token=token) |
|
69 |
except AstakosUser.DoesNotExist: |
|
70 |
raise faults.Unauthorized('Invalid X-Auth-Token') |
|
71 |
|
|
72 |
return func(request, user, *args, **kwargs) |
|
73 |
return wrapper |
|
74 |
|
|
75 |
|
|
76 |
@api.api_method(http_method="GET", token_required=True, user_required=False, |
|
77 |
logger=logger) |
|
78 |
@user_from_token # Authenticate user!! |
|
91 | 79 |
def authenticate(request, user=None): |
92 | 80 |
# Normal Response Codes: 200 |
93 | 81 |
# Error Response Codes: internalServerError (500) |
... | ... | |
136 | 124 |
|
137 | 125 |
|
138 | 126 |
@csrf_exempt |
139 |
@api_method(http_method='POST', token_required=True) |
|
127 |
@api.api_method(http_method="POST", token_required=True, user_required=False, |
|
128 |
logger=logger) |
|
129 |
@user_from_token # Authenticate user!! |
|
140 | 130 |
def get_uuid_displayname_catalogs(request, user=None): |
141 | 131 |
# Normal Response Codes: 200 |
142 | 132 |
# Error Response Codes: internalServerError (500) |
... | ... | |
147 | 137 |
|
148 | 138 |
|
149 | 139 |
@csrf_exempt |
150 |
@api_method(http_method='POST', token_required=True) |
|
140 |
@api.api_method(http_method="POST", token_required=True, user_required=False, |
|
141 |
logger=logger) |
|
142 |
@user_from_token # Authenticate user!! |
|
151 | 143 |
def send_feedback(request, email_template_name='im/feedback_mail.txt', |
152 | 144 |
user=None): |
153 | 145 |
# Normal Response Codes: 200 |
Also available in: Unified diff