seba
/
k4ever
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Api2 with multiple auth handlers (for ajax reqs)

This commit is contained in:
seba 2011-10-01 18:48:40 +02:00
parent 3aa0339387
commit 0f6c60020c
4 changed files with 35 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
devel/TODO
View File

@ -10,6 +10,7 @@ Noch zu tun:
[x] Ldap anbindung fuer login [x] Ldap anbindung fuer login
[ ] doku [ ] doku
[ ] API(wget)-Beispiele [ ] API(wget)-Beispiele
[ ] Authblob erlaubt momentan beliebige größe - beschrängen auf 10kb o.ä.
Nice-to-haf: Nice-to-haf:

5
k4ever/api2/decorators.py
View File

@ -57,6 +57,7 @@ def manglePluginPerms(apiFunc):
# 3. put stuff into the request # 3. put stuff into the request
request.user = user request.user = user
request.plugin = plugin request.plugin = plugin
request.pluginperms = perms
return apiFunc(self, request, *args, **kwargs) return apiFunc(self, request, *args, **kwargs)
return wrapper return wrapper
@ -78,7 +79,7 @@ def requirePlugin(apiFunc):
except Group.DoesNotExist: except Group.DoesNotExist:
pass pass
ret = rc.FORBIDDEN ret = rc.FORBIDDEN
ret.write("\nA plugin is required for this api function\n")
return rc.FORBIDDEN return ret
return wrapper return wrapper

28
k4ever/api2/handlers.py
View File

@ -132,9 +132,31 @@ class AccountBalanceHandler(BaseHandler):
return {'balance': balance} return {'balance': balance}
class AuthBlobHandler(BaseHandler): class AuthBlobHandler(BaseHandler):
# allowed_methods = ('GET', 'POST') allowed_methods = ('GET', 'POST')
# model =
pass @requirePlugin
@manglePluginPerms
def read(self, request):
if not request.plugin.pluginCanReadAuthblob:
ret = rc.FORBIDDEN
ret.write("\nThis plugin is not allowed to read the users authblob\n")
return ret
return request.pluginperms.authblob
@requirePlugin
@manglePluginPerms
def create(self, request):
if not request.plugin.pluginCanWriteAuthblob:
ret = rc.FORBIDDEN
ret.write("\nThis plugin is not allowed to write the users authblob\n")
return ret
if not request.data.has_key('authblob'):
ret = rc.BAD_REQUEST
ret.write("\nTo change the users auth blob you actually need to provide one\n")
request.pluginperms.authblob = request.data['authblob']
request.pluginperms.authblob.save()
return rc.ALL_OK
class AuthUserHandler(BaseHandler): class AuthUserHandler(BaseHandler):
allowed_methods = ('GET') allowed_methods = ('GET')

8
k4ever/api2/urls.py
View File

@ -1,6 +1,7 @@
from django.conf.urls.defaults import * from django.conf.urls.defaults import *
from piston.resource import Resource from piston.resource import Resource
from piston.authentication import HttpBasicAuthentication from piston.authentication import HttpBasicAuthentication
from api2.authentication import DjangoAuthentication, MultiAuthentication
from api2.handlers import * from api2.handlers import *
# taken from # taken from
@ -10,8 +11,11 @@ class CsrfExemptResource( Resource ):
super( CsrfExemptResource, self ).__init__( handler, authentication ) super( CsrfExemptResource, self ).__init__( handler, authentication )
self.csrf_exempt = getattr( self.handler, 'csrf_exempt', True ) self.csrf_exempt = getattr( self.handler, 'csrf_exempt', True )
auth = HttpBasicAuthentication(realm="Freitagsrundenkassensystemapi") # build authenticatiooors
ad = {'authentication': auth} basicAuth = HttpBasicAuthentication(realm="Freitagsrundenkassensystemapi")
djangoAuth = DjangoAuthentication()
multiAuth = MultiAuthentication([basicAuth, djangoAuth])
ad = {'authentication': multiAuth}
buyableItemRes = CsrfExemptResource(handler=BuyableItemHandler, **ad) buyableItemRes = CsrfExemptResource(handler=BuyableItemHandler, **ad)
buyableTypeRes = CsrfExemptResource(handler=BuyableTypeHandler, **ad) buyableTypeRes = CsrfExemptResource(handler=BuyableTypeHandler, **ad)