Commit 77bdb221 authored by Arnaud Vergnet's avatar Arnaud Vergnet
Browse files

feat: add decorator to check for authenticated users

parent aef0ffcd1ce0
Pipeline #133720 passed with stages
in 1 minute and 34 seconds
......@@ -17,6 +17,7 @@
def register_openapi_routes(config: Configurator):
config.include("pyramid_openapi3")
# TODO block access if anonymous access is disabled and user is not connected
config.pyramid_openapi3_spec(
f"{path.dirname(__file__)}/openapi.yaml",
route=f"{API_ROUTE_PREFIX}openapi.yaml",
......
......@@ -60,6 +60,13 @@
return req_or_conf.registry["cubicweb.repository"]
def is_user_allowed(request: Request):
return (
request.authenticated_userid is not None
or get_cw_repo(request).config["anonymous-user"] is not None
)
def cw_view_config(route_name: str, **kwargs):
return view_config(
route_name=f"{API_PATTERN_PREFIX}{route_name}",
......@@ -91,5 +98,21 @@
return request_wrapper
def authorized_users_only(func):
"""
Raise an AuthenticationError if no user is detected and anonymous access is disabled.
:param func: The pyramid view function
:return:
"""
def request_wrapper(request: Request):
if is_user_allowed(request):
return func(request)
raise AuthenticationError
return request_wrapper
@cw_view_config(route_name=ApiRoutes.schema, request_method="GET")
@view_exception_handler
......@@ -94,6 +117,7 @@
@cw_view_config(route_name=ApiRoutes.schema, request_method="GET")
@view_exception_handler
@authorized_users_only
def schema_route(request: Request):
"""
Returns this instance's Schema
"""
......@@ -96,8 +120,7 @@
def schema_route(request: Request):
"""
Returns this instance's Schema
"""
# TODO block this if we are not connected and anon is disabled
repo = get_cw_repo(request)
exporter = JSONSchemaExporter()
exported_schema = exporter.export_as_dict(repo.schema)
......@@ -106,6 +129,7 @@
@cw_view_config(route_name=ApiRoutes.rql)
@view_exception_handler
@authorized_users_only
def rql_route(request: Request):
"""
Executes the given rql query
......@@ -153,6 +177,7 @@
@cw_view_config(route_name=ApiRoutes.transaction_begin)
@view_exception_handler
@authorized_users_only
def transaction_begin_route(request: Request):
"""
Starts a new transaction
......@@ -164,6 +189,7 @@
@cw_view_config(route_name=ApiRoutes.transaction_execute)
@view_exception_handler
@authorized_users_only
def transaction_execute_route(request: Request):
"""
Executes the given rql query as part of a transaction
......@@ -184,6 +210,7 @@
@cw_view_config(route_name=ApiRoutes.transaction_commit)
@view_exception_handler
@authorized_users_only
def transaction_commit_route(request: Request):
"""
Commits a transaction
......@@ -203,6 +230,7 @@
@cw_view_config(route_name=ApiRoutes.transaction_rollback)
@view_exception_handler
@authorized_users_only
def transaction_rollback_route(request: Request):
"""
Rollback a transaction
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment