Skip to content

Commit

Permalink
Reorganize LDAP and SQL implementation
Browse files Browse the repository at this point in the history
  • Loading branch information
mekanix committed Apr 17, 2024
1 parent bdd551e commit a26e1d1
Show file tree
Hide file tree
Showing 21 changed files with 426 additions and 360 deletions.
10 changes: 5 additions & 5 deletions freenit/api/auth.py → freenit/api/auth/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ async def login(credentials: LoginInput, response: Response):
}


async def register_ormar(credentials: LoginInput) -> User:
async def register_sql(credentials: LoginInput) -> User:
import ormar.exceptions
try:
user = await User.objects.get(email=credentials.email)
Expand All @@ -74,18 +74,18 @@ async def register_ormar(credentials: LoginInput) -> User:
return user


async def register_bonsai(credentials: LoginInput) -> User:
async def register_ldap(credentials: LoginInput) -> User:
user = await User.register(credentials)
await user.save()
return user


@api.post("/auth/register", tags=["auth"])
async def register(credentials: LoginInput, host=Header(default="")):
if User.dbtype() == "ormar":
user = await register_ormar(credentials)
if User.dbtype() == "sql":
user = await register_sql(credentials)
else:
user = await register_bonsai(credentials)
user = await register_ldap(credentials)
token = encode(user)
print(token)
mail = config.mail
Expand Down
187 changes: 0 additions & 187 deletions freenit/api/role.py

This file was deleted.

6 changes: 6 additions & 0 deletions freenit/api/role/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
from freenit.models.role import Role

if Role.dbtype() == "sql":
from .sql import RoleListAPI, RoleDetailAPI, RoleUserAPI
elif Role.dbtype() == "ldap":
from .ldap import RoleListAPI, RoleDetailAPI, RoleUserAPI
86 changes: 86 additions & 0 deletions freenit/api/role/ldap.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
import bonsai
from fastapi import Depends, Header, HTTPException

from freenit.api.router import route
from freenit.decorators import description
from freenit.models.ldap.base import get_client
from freenit.models.pagination import Page
from freenit.models.role import Role
from freenit.models.safe import RoleSafe, UserSafe
from freenit.models.user import User
from freenit.permissions import role_perms

tags = ["role"]


@route("/roles", tags=tags)
class RoleListAPI:
@staticmethod
@description("Get roles")
async def get(
page: int = Header(default=1),
_: int = Header(default=10),
user: User = Depends(role_perms),
) -> Page[RoleSafe]:
data = await Role.get_all()
total = len(data)
page = Page(total=total, page=1, pages=1, perpage=total, data=data)
return page

@staticmethod
async def post(role: Role, user: User = Depends(role_perms)) -> RoleSafe:
try:
await role.create(user)
except bonsai.errors.AlreadyExists:
raise HTTPException(status_code=409, detail="Role already exists")
return role


@route("/roles/{id}", tags=tags)
class RoleDetailAPI:
@staticmethod
async def get(id, _: User = Depends(role_perms)) -> RoleSafe:
role = await Role.get(id)
return role

@staticmethod
async def delete(id, _: User = Depends(role_perms)) -> RoleSafe:
client = get_client()
try:
async with client.connect(is_async=True) as conn:
res = await conn.search(
id, bonsai.LDAPSearchScope.SUB, "objectClass=groupOfUniqueNames"
)
if len(res) < 1:
raise HTTPException(status_code=404, detail="No such role")
if len(res) > 1:
raise HTTPException(status_code=409, detail="Multiple role found")
existing = res[0]
role = Role(
cn=existing["cn"][0],
dn=str(existing["dn"]),
users=existing["uniqueMember"],
)
await existing.delete()
return role
except bonsai.errors.AuthenticationError:
raise HTTPException(status_code=403, detail="Failed to login")


@route("/roles/{role_id}/{user_id}", tags=tags)
class RoleUserAPI:
@staticmethod
@description("Assign user to role")
async def post(role_id, user_id, _: User = Depends(role_perms)) -> UserSafe:
user = await User.get(user_id)
role = await Role.get(role_id)
await role.add(user)
return user

@staticmethod
@description("Deassign user to role")
async def delete(role_id, user_id, _: User = Depends(role_perms)) -> UserSafe:
user = await User.get(user_id)
role = await Role.get(role_id)
await role.remove(user)
return user
Loading

0 comments on commit a26e1d1

Please sign in to comment.