-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(refactor): Move all custom API errors to errors.py #7019
Changes from 6 commits
ffa1ab0
eb1a214
1166cec
87ff209
4baae07
8403c58
62ff327
273a4ce
03e7689
017e681
1d8eb8f
460acaf
2e8fdc1
0314a56
e7cdcc3
1570a48
476d004
a31ca64
ef44187
a22f904
1ac899a
68a3d4e
321cb19
3f8b202
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,14 @@ | ||
from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship | ||
from flask_rest_jsonapi.exceptions import ObjectNotFound | ||
from sqlalchemy.orm.exc import NoResultFound | ||
|
||
from app.api.bootstrap import api | ||
from app.api.helpers.db import safe_query | ||
from app.api.helpers.exceptions import ( | ||
ConflictException, | ||
ForbiddenException, | ||
UnprocessableEntity, | ||
ConflictException | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why is this left? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I didn't find conflictException in other file(error.py). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Then move it there There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. so I should remove all exceptions from exception.py and move to error.py.there are only two left ConflictException and MethodNotAllowed? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @iamareebjamal Shall I move all exception from exception.py to error.py ??? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yup There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yup |
||
) | ||
from app.api.helpers.errors import ( | ||
UnprocessableEntityError, | ||
ForbiddenError | ||
) | ||
from app.api.helpers.permission_manager import has_access | ||
from app.api.helpers.permissions import jwt_required | ||
|
@@ -36,7 +37,7 @@ def before_post(self, args, kwargs, data): | |
""" | ||
require_relationship(['event', 'user'], data) | ||
if not has_access('is_coorganizer', event_id=data['event']): | ||
raise ForbiddenException({'source': ''}, "Minimum Organizer access required") | ||
raise ForbiddenError({'source': ''}, "Minimum Organizer access required") | ||
|
||
def before_create_object(self, data, view_kwargs): | ||
""" | ||
|
@@ -93,12 +94,12 @@ def query(self, view_kwargs): | |
if view_kwargs.get('user_id'): | ||
user = safe_query(User, 'id', view_kwargs['user_id'], 'user_id') | ||
if not has_access('is_user_itself', user_id=user.id): | ||
raise ForbiddenException({'source': ''}, 'Access Forbidden') | ||
raise ForbiddenError({'source': ''}, 'Access Forbidden') | ||
query_ = query_.join(User).filter(User.id == user.id) | ||
if view_kwargs.get('ticket_id'): | ||
ticket = safe_query(Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') | ||
if not has_access('is_coorganizer', event_id=ticket.event_id): | ||
raise ForbiddenException({'source': ''}, 'Access Forbidden') | ||
raise ForbiddenError({'source': ''}, 'Access Forbidden') | ||
# access_code - ticket :: many-to-many relationship | ||
query_ = AccessCode.query.filter(AccessCode.tickets.any(id=ticket.id)) | ||
query_ | ||
|
@@ -112,7 +113,7 @@ def query(self, view_kwargs): | |
data_layer = { | ||
'session': db.session, | ||
'model': AccessCode, | ||
'methods': {'query': query,}, | ||
'methods': {'query': query, }, | ||
} | ||
|
||
|
||
|
@@ -160,7 +161,8 @@ def before_get(self, args, kwargs): | |
raise ObjectNotFound({'parameter': '{id}'}, "Access Code: not found") | ||
|
||
if not has_access('is_coorganizer', event_id=access.event_id): | ||
raise UnprocessableEntity({'source': ''}, "Please verify your permission") | ||
raise UnprocessableEntityError( | ||
{'source': ''}, "Please verify your permission") | ||
|
||
decorators = ( | ||
api.has_permission( | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,13 +3,14 @@ | |
from flask_jwt_extended import current_user | ||
from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship | ||
from sqlalchemy import and_, or_ | ||
|
||
from app.api.bootstrap import api | ||
from app.api.helpers.db import safe_query | ||
from app.api.helpers.exceptions import ( | ||
ConflictException, | ||
ForbiddenException, | ||
UnprocessableEntity, | ||
ConflictException | ||
) | ||
from app.api.helpers.errors import ( | ||
ForbiddenError, | ||
UnprocessableEntityError | ||
) | ||
from app.api.helpers.permission_manager import has_access | ||
from app.api.helpers.permissions import jwt_required | ||
|
@@ -76,11 +77,11 @@ def before_post(self, args, kwargs, data): | |
.first() | ||
) | ||
if ticket is None: | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/relationships/ticket'}, "Invalid Ticket" | ||
) | ||
if ticket.event_id != int(data['event']): | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/relationships/ticket'}, | ||
"Ticket belongs to a different Event", | ||
) | ||
|
@@ -92,19 +93,19 @@ def before_post(self, args, kwargs, data): | |
|
||
if 'device_name_checkin' in data and data['device_name_checkin'] is not None: | ||
if 'is_checked_in' not in data or not data['is_checked_in']: | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/attributes/device_name_checkin'}, | ||
"Attendee needs to be checked in first", | ||
) | ||
elif 'checkin_times' not in data or data['checkin_times'] is None: | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/attributes/device_name_checkin'}, | ||
"Check in Times missing", | ||
) | ||
elif len(data['checkin_times'].split(",")) != len( | ||
data['device_name_checkin'].split(",") | ||
): | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/attributes/device_name_checkin'}, | ||
"Check in Times missing for the corresponding device name", | ||
) | ||
|
@@ -139,19 +140,19 @@ def query(self, view_kwargs): | |
if not has_access('is_registrar', event_id=order.event_id) and not has_access( | ||
'is_user_itself', user_id=order.user_id | ||
): | ||
raise ForbiddenException({'source': ''}, 'Access Forbidden') | ||
raise ForbiddenError({'source': ''}, 'Access Forbidden') | ||
query_ = query_.join(Order).filter(Order.id == order.id) | ||
|
||
if view_kwargs.get('ticket_id'): | ||
ticket = safe_query(Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') | ||
# if not has_access('is_registrar', event_id=ticket.event_id): | ||
# raise ForbiddenException({'source': ''}, 'Access Forbidden') | ||
# raise ForbiddenError({'source': ''}, 'Access Forbidden') | ||
query_ = query_.join(Ticket).filter(Ticket.id == ticket.id) | ||
|
||
if view_kwargs.get('user_id'): | ||
user = safe_query(User, 'id', view_kwargs['user_id'], 'user_id') | ||
if not has_access('is_user_itself', user_id=user.id): | ||
raise ForbiddenException({'source': ''}, 'Access Forbidden') | ||
raise ForbiddenError({'source': ''}, 'Access Forbidden') | ||
query_ = query_.join(User, User.email == TicketHolder.email).filter( | ||
User.id == user.id | ||
) | ||
|
@@ -188,7 +189,7 @@ def before_get_object(self, view_kwargs): | |
user_id=current_user.id, | ||
event_id=attendee.event_id, | ||
): | ||
raise ForbiddenException( | ||
raise ForbiddenError( | ||
{'source': 'User'}, 'You are not authorized to access this.' | ||
) | ||
|
||
|
@@ -200,7 +201,7 @@ def before_delete_object(self, obj, kwargs): | |
:return: | ||
""" | ||
if not has_access('is_registrar', event_id=obj.event_id): | ||
raise ForbiddenException( | ||
raise ForbiddenError( | ||
{'source': 'User'}, 'You are not authorized to access this.' | ||
) | ||
|
||
|
@@ -213,7 +214,7 @@ def before_update_object(self, obj, data, kwargs): | |
:return: | ||
""" | ||
# if not has_access('is_registrar', event_id=obj.event_id): | ||
# raise ForbiddenException({'source': 'User'}, 'You are not authorized to access this.') | ||
# raise ForbiddenError({'source': 'User'}, 'You are not authorized to access this.') | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. line too long (100 > 90 characters) |
||
|
||
if 'ticket' in data: | ||
ticket = ( | ||
|
@@ -222,20 +223,20 @@ def before_update_object(self, obj, data, kwargs): | |
.first() | ||
) | ||
if ticket is None: | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/relationships/ticket'}, "Invalid Ticket" | ||
) | ||
|
||
if 'device_name_checkin' in data: | ||
if 'checkin_times' not in data or data['checkin_times'] is None: | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/attributes/device_name_checkin'}, | ||
"Check in Times missing", | ||
) | ||
|
||
if 'is_checked_in' in data and data['is_checked_in']: | ||
if 'checkin_times' not in data or data['checkin_times'] is None: | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/attributes/checkin_times'}, | ||
"Check in time missing while trying to check in attendee", | ||
) | ||
|
@@ -249,7 +250,7 @@ def before_update_object(self, obj, data, kwargs): | |
elif obj.checkin_times and data[ | ||
'checkin_times' | ||
] in obj.checkin_times.split(","): | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/attributes/checkin_times'}, | ||
"Check in time already present", | ||
) | ||
|
@@ -266,7 +267,7 @@ def before_update_object(self, obj, data, kwargs): | |
if len(data['checkin_times'].split(",")) != len( | ||
data['device_name_checkin'].split(",") | ||
): | ||
raise UnprocessableEntity( | ||
raise UnprocessableEntityError( | ||
{'pointer': '/data/attributes/device_name_checkin'}, | ||
"Check in Time missing for the corresponding device name", | ||
) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why remove this line?