Add authentication on view methods.
This commit is contained in:
Alexis Lahouze
parent
a49e00c8af
commit
cfec9b035f
@ -28,6 +28,8 @@ from ..models.accounts import Account
|
|||||||
|
|
||||||
from ..fields import Object
|
from ..fields import Object
|
||||||
|
|
||||||
|
from ..views.users import requires_auth
|
||||||
|
|
||||||
|
|
||||||
resource_fields = {
|
resource_fields = {
|
||||||
'id': fields.Integer(default=None),
|
'id': fields.Integer(default=None),
|
||||||
@ -54,6 +56,7 @@ date_parser.add_argument('end',
|
|||||||
|
|
||||||
|
|
||||||
class AccountListResource(Resource):
|
class AccountListResource(Resource):
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(fields.List(Object(resource_fields)))
|
@marshal_with_field(fields.List(Object(resource_fields)))
|
||||||
def get(self):
|
def get(self):
|
||||||
"""
|
"""
|
||||||
@ -61,6 +64,7 @@ class AccountListResource(Resource):
|
|||||||
"""
|
"""
|
||||||
return Account.query().all(), 200
|
return Account.query().all(), 200
|
||||||
|
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def post(self):
|
def post(self):
|
||||||
"""
|
"""
|
||||||
@ -88,6 +92,7 @@ class AccountListResource(Resource):
|
|||||||
|
|
||||||
|
|
||||||
class AccountResource(Resource):
|
class AccountResource(Resource):
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def get(self, account_id):
|
def get(self, account_id):
|
||||||
"""
|
"""
|
||||||
@ -104,6 +109,7 @@ class AccountResource(Resource):
|
|||||||
except NoResultFound:
|
except NoResultFound:
|
||||||
return None, 404
|
return None, 404
|
||||||
|
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def delete(self, account_id):
|
def delete(self, account_id):
|
||||||
# Need to get the object to update it.
|
# Need to get the object to update it.
|
||||||
@ -116,6 +122,7 @@ class AccountResource(Resource):
|
|||||||
|
|
||||||
return None, 204
|
return None, 204
|
||||||
|
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def post(self, account_id):
|
def post(self, account_id):
|
||||||
kwargs = parser.parse_args()
|
kwargs = parser.parse_args()
|
||||||
|
|||||||
@ -26,6 +26,8 @@ from ..models.operations import Operation
|
|||||||
|
|
||||||
from ..fields import Object
|
from ..fields import Object
|
||||||
|
|
||||||
|
from ..views.users import requires_auth
|
||||||
|
|
||||||
|
|
||||||
resource_fields = {
|
resource_fields = {
|
||||||
'id': fields.Integer(default=None),
|
'id': fields.Integer(default=None),
|
||||||
@ -62,6 +64,7 @@ range_parser.add_argument('end', type=lambda a: dateutil.parser.parse(a))
|
|||||||
|
|
||||||
|
|
||||||
class OperationListResource(Resource):
|
class OperationListResource(Resource):
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(fields.List(Object(resource_fields)))
|
@marshal_with_field(fields.List(Object(resource_fields)))
|
||||||
def get(self):
|
def get(self):
|
||||||
kwargs = range_parser.parse_args()
|
kwargs = range_parser.parse_args()
|
||||||
@ -73,6 +76,7 @@ class OperationListResource(Resource):
|
|||||||
Operation.account_id == kwargs['account']
|
Operation.account_id == kwargs['account']
|
||||||
).all()
|
).all()
|
||||||
|
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def post(self):
|
def post(self):
|
||||||
kwargs = parser.parse_args()
|
kwargs = parser.parse_args()
|
||||||
@ -85,6 +89,7 @@ class OperationListResource(Resource):
|
|||||||
|
|
||||||
|
|
||||||
class OperationResource(Resource):
|
class OperationResource(Resource):
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def get(self, operation_id):
|
def get(self, operation_id):
|
||||||
"""
|
"""
|
||||||
@ -97,6 +102,7 @@ class OperationResource(Resource):
|
|||||||
|
|
||||||
return operation
|
return operation
|
||||||
|
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def post(self, operation_id):
|
def post(self, operation_id):
|
||||||
kwargs = parser.parse_args()
|
kwargs = parser.parse_args()
|
||||||
@ -117,6 +123,7 @@ class OperationResource(Resource):
|
|||||||
|
|
||||||
return operation
|
return operation
|
||||||
|
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(Object(resource_fields))
|
@marshal_with_field(Object(resource_fields))
|
||||||
def delete(self, operation_id):
|
def delete(self, operation_id):
|
||||||
operation = db.session.query(Operation).get(operation_id)
|
operation = db.session.query(Operation).get(operation_id)
|
||||||
@ -137,6 +144,7 @@ category_resource_fields = {
|
|||||||
|
|
||||||
|
|
||||||
class CategoriesResource(Resource):
|
class CategoriesResource(Resource):
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(fields.List(Object(category_resource_fields)))
|
@marshal_with_field(fields.List(Object(category_resource_fields)))
|
||||||
def get(self):
|
def get(self):
|
||||||
kwargs = range_parser.parse_args()
|
kwargs = range_parser.parse_args()
|
||||||
@ -154,6 +162,7 @@ ohlc_resource_fields = {
|
|||||||
|
|
||||||
|
|
||||||
class SoldsResource(Resource):
|
class SoldsResource(Resource):
|
||||||
|
@requires_auth
|
||||||
@marshal_with_field(fields.List(Object(ohlc_resource_fields)))
|
@marshal_with_field(fields.List(Object(ohlc_resource_fields)))
|
||||||
def get(self):
|
def get(self):
|
||||||
kwargs = range_parser.parse_args()
|
kwargs = range_parser.parse_args()
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user