Add more responses to the API.

4 years ago · 4b4be14d32
parent a75d5479fa
commit 4b4be14d32
5 changed files with 18 additions and 14 deletions
--- a/etebase_fastapi/authentication.py
+++ b/etebase_fastapi/authentication.py
@ -14,7 +14,7 @@ from django.contrib.auth import get_user_model, user_logged_out, user_logged_in
 from django.core import exceptions as django_exceptions
 from django.db import transaction
 from django.utils import timezone
-from fastapi import APIRouter, Depends, status, Request, Response
+from fastapi import APIRouter, Depends, status, Request
 from fastapi.security import APIKeyHeader

 from django_etebase import app_settings, models
@ -27,7 +27,7 @@ from django_etebase.utils import create_user, get_user_queryset, CallbackContext
 from django_etebase.views import msgpack_encode, msgpack_decode
 from .exceptions import AuthenticationFailed, transform_validation_error, HttpError
 from .msgpack import MsgpackRoute
-from .utils import BaseModel
+from .utils import BaseModel, permission_responses

 User = get_user_model()
 token_scheme = APIKeyHeader(name="Authorization")
@ -250,21 +250,21 @@ async def login(data: Login, request: Request):
    return data


-@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT)
+@authentication_router.post("/logout/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
 async def logout(request: Request, auth_data: AuthData = Depends(get_auth_data)):
    await sync_to_async(auth_data.token.delete)()
    # XXX-TOM
    await sync_to_async(user_logged_out.send)(sender=auth_data.user.__class__, request=None, user=auth_data.user)


-@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT)
+@authentication_router.post("/change_password/", status_code=status.HTTP_204_NO_CONTENT, responses=permission_responses)
 async def change_password(data: ChangePassword, request: Request, user: User = Depends(get_authenticated_user)):
    host = request.headers.get("Host")
    await validate_login_request(data.response_data, data, user, "changePassword", host)
    await sync_to_async(save_changed_password)(data, user)


-@authentication_router.post("/dashboard_url/")
+@authentication_router.post("/dashboard_url/", responses=permission_responses)
 def dashboard_url(user: User = Depends(get_authenticated_user)):
    # XXX-TOM
    get_dashboard_url = app_settings.DASHBOARD_URL_FUNC
--- a/etebase_fastapi/collection.py
+++ b/etebase_fastapi/collection.py
@ -14,11 +14,11 @@ from .authentication import get_authenticated_user
 from .exceptions import HttpError, transform_validation_error, PermissionDenied
 from .msgpack import MsgpackRoute
 from .stoken_handler import filter_by_stoken_and_limit, filter_by_stoken, get_stoken_obj, get_queryset_stoken
-from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel
+from .utils import get_object_or_404, Context, Prefetch, PrefetchQuery, is_collection_admin, BaseModel, permission_responses

 User = get_user_model()
-collection_router = APIRouter(route_class=MsgpackRoute)
-item_router = APIRouter(route_class=MsgpackRoute)
+collection_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
+item_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
 default_queryset: QuerySet = models.Collection.objects.all()
 default_item_queryset: QuerySet = models.CollectionItem.objects.all()

--- a/etebase_fastapi/invitation.py
+++ b/etebase_fastapi/invitation.py
@ -10,11 +10,11 @@ from django_etebase.utils import get_user_queryset, CallbackContext
 from .authentication import get_authenticated_user
 from .exceptions import HttpError, PermissionDenied
 from .msgpack import MsgpackRoute
-from .utils import get_object_or_404, Context, is_collection_admin, BaseModel
+from .utils import get_object_or_404, Context, is_collection_admin, BaseModel, permission_responses

 User = get_user_model()
-invitation_incoming_router = APIRouter(route_class=MsgpackRoute)
-invitation_outgoing_router = APIRouter(route_class=MsgpackRoute)
+invitation_incoming_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
+invitation_outgoing_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
 default_queryset: QuerySet = models.CollectionInvitation.objects.all()


--- a/etebase_fastapi/member.py
+++ b/etebase_fastapi/member.py
@ -8,13 +8,13 @@ from fastapi import APIRouter, Depends, status
 from django_etebase import models
 from .authentication import get_authenticated_user
 from .msgpack import MsgpackRoute
-from .utils import get_object_or_404, BaseModel
+from .utils import get_object_or_404, BaseModel, permission_responses
 from .stoken_handler import filter_by_stoken_and_limit

 from .collection import get_collection, verify_collection_admin

 User = get_user_model()
-member_router = APIRouter(route_class=MsgpackRoute)
+member_router = APIRouter(route_class=MsgpackRoute, responses=permission_responses)
 default_queryset: QuerySet = models.CollectionMember.objects.all()


--- a/etebase_fastapi/utils.py
+++ b/etebase_fastapi/utils.py
@ -10,7 +10,7 @@ from django.contrib.auth import get_user_model

 from django_etebase.models import AccessLevels

-from .exceptions import HttpError
+from .exceptions import HttpError, HttpErrorOut

 User = get_user_model()

@ -41,3 +41,7 @@ def get_object_or_404(queryset: QuerySet, **kwargs):
 def is_collection_admin(collection, user):
    member = collection.members.filter(user=user).first()
    return (member is not None) and (member.accessLevel == AccessLevels.ADMIN)
+
+
+response_model_dict = {"model": HttpErrorOut}
+permission_responses = {403: response_model_dict}