locked user rejection from most api endpoints

This commit is contained in:
andy 2022-08-16 18:00:38 +01:00
parent 127544ddc1
commit 00092ce0b7
8 changed files with 47 additions and 7 deletions

View File

@ -5,7 +5,7 @@ from datetime import datetime
from google.cloud import tasks_v2 from google.cloud import tasks_v2
from music.api.decorators import login_or_jwt, admin_required from music.api.decorators import login_or_jwt, admin_required, no_locked_users
blueprint = Blueprint('admin-api', __name__) blueprint = Blueprint('admin-api', __name__)
@ -18,6 +18,7 @@ logger = logging.getLogger(__name__)
@blueprint.route('/tasks', methods=['GET']) @blueprint.route('/tasks', methods=['GET'])
@login_or_jwt @login_or_jwt
@admin_required @admin_required
@no_locked_users
def get_tasks(auth=None, user=None): def get_tasks(auth=None, user=None):
tasks = list(tasker.list_tasks(parent=task_path)) tasks = list(tasker.list_tasks(parent=task_path))

View File

@ -8,7 +8,7 @@ import logging
from datetime import datetime from datetime import datetime
from music.api.decorators import login_or_jwt, login_required, login_or_jwt, \ from music.api.decorators import login_or_jwt, login_required, login_or_jwt, \
admin_required, cloud_task, validate_json, validate_args, spotify_link_required admin_required, cloud_task, validate_json, validate_args, spotify_link_required, no_locked_users
from music.cloud import queue_run_user_playlist, offload_or_run_user_playlist from music.cloud import queue_run_user_playlist, offload_or_run_user_playlist
from music.cloud.tasks import update_all_user_playlists, update_playlists from music.cloud.tasks import update_all_user_playlists, update_playlists
@ -29,6 +29,7 @@ logger = logging.getLogger(__name__)
@blueprint.route('/playlists', methods=['GET']) @blueprint.route('/playlists', methods=['GET'])
@login_or_jwt @login_or_jwt
@no_locked_users
def all_playlists_route(auth=None, user=None): def all_playlists_route(auth=None, user=None):
"""Retrieve all playlists for a given user """Retrieve all playlists for a given user
@ -47,6 +48,7 @@ def all_playlists_route(auth=None, user=None):
@blueprint.route('/playlist', methods=['GET', 'DELETE']) @blueprint.route('/playlist', methods=['GET', 'DELETE'])
@login_or_jwt @login_or_jwt
@no_locked_users
@validate_args(('name', str)) @validate_args(('name', str))
def playlist_get_delete_route(auth=None,user=None): def playlist_get_delete_route(auth=None,user=None):
@ -65,6 +67,7 @@ def playlist_get_delete_route(auth=None,user=None):
@blueprint.route('/playlist', methods=['POST', 'PUT']) @blueprint.route('/playlist', methods=['POST', 'PUT'])
@login_or_jwt @login_or_jwt
@no_locked_users
@validate_json(('name', str)) @validate_json(('name', str))
def playlist_post_put_route(auth=None, user=None): def playlist_post_put_route(auth=None, user=None):
@ -162,6 +165,7 @@ def playlist_post_put_route(auth=None, user=None):
@blueprint.route('/user', methods=['GET', 'POST']) @blueprint.route('/user', methods=['GET', 'POST'])
@login_or_jwt @login_or_jwt
@no_locked_users
def user_route(auth=None, user=None): def user_route(auth=None, user=None):
assert user is not None assert user is not None
@ -220,6 +224,7 @@ def user_delete_route(auth=None, user=None):
@blueprint.route('/users', methods=['GET']) @blueprint.route('/users', methods=['GET'])
@login_or_jwt @login_or_jwt
@admin_required @admin_required
@no_locked_users
def all_users_route(auth=None, user=None): def all_users_route(auth=None, user=None):
return jsonify({ return jsonify({
'accounts': [i.to_dict() for i in User.collection.fetch()] 'accounts': [i.to_dict() for i in User.collection.fetch()]
@ -228,6 +233,7 @@ def all_users_route(auth=None, user=None):
@blueprint.route('/user/password', methods=['POST']) @blueprint.route('/user/password', methods=['POST'])
@login_required @login_required
@no_locked_users
@validate_json(('new_password', str), ('current_password', str)) @validate_json(('new_password', str), ('current_password', str))
def change_password(user=None): def change_password(user=None):
request_json = request.get_json() request_json = request.get_json()
@ -251,6 +257,7 @@ def change_password(user=None):
@blueprint.route('/playlist/run', methods=['GET']) @blueprint.route('/playlist/run', methods=['GET'])
@login_or_jwt @login_or_jwt
@no_locked_users
@validate_args(('name', str)) @validate_args(('name', str))
def run_playlist(auth=None, user=None): def run_playlist(auth=None, user=None):
@ -281,6 +288,7 @@ def run_playlist_task(): # receives cloud tasks request for update
@blueprint.route('/playlist/run/user', methods=['GET']) @blueprint.route('/playlist/run/user', methods=['GET'])
@login_or_jwt @login_or_jwt
@no_locked_users
def run_user(auth=None, user=None): def run_user(auth=None, user=None):
if user.type == 'admin': if user.type == 'admin':
@ -306,6 +314,7 @@ def run_user_task():
@blueprint.route('/playlist/run/users', methods=['GET']) @blueprint.route('/playlist/run/users', methods=['GET'])
@login_or_jwt @login_or_jwt
@admin_required @admin_required
@no_locked_users
def run_users(auth=None, user=None): def run_users(auth=None, user=None):
update_all_user_playlists() update_all_user_playlists()
@ -315,6 +324,7 @@ def run_users(auth=None, user=None):
@blueprint.route('/playlist/image', methods=['GET']) @blueprint.route('/playlist/image', methods=['GET'])
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@no_locked_users
@validate_args(('name', str)) @validate_args(('name', str))
def image(auth=None, user=None): def image(auth=None, user=None):

View File

@ -132,6 +132,22 @@ def admin_required(func):
return admin_required_wrapper return admin_required_wrapper
def no_locked_users(func):
@functools.wraps(func)
def no_locked_users_wrapper(*args, **kwargs):
db_user = kwargs.get('user')
if db_user is not None:
if not db_user.locked:
return func(*args, **kwargs)
else:
logger.warning('user locked')
return jsonify({'status': 'error', 'message': 'user locked'}), 401
else:
logger.warning('user not logged in')
return jsonify({'error': 'not logged in'}), 401
return no_locked_users_wrapper
def spotify_link_required(func): def spotify_link_required(func):
@functools.wraps(func) @functools.wraps(func)

View File

@ -2,7 +2,7 @@ from flask import Blueprint, jsonify
from datetime import date from datetime import date
import logging import logging
from music.api.decorators import login_or_jwt, lastfm_username_required from music.api.decorators import login_or_jwt, lastfm_username_required, no_locked_users
import music.db.database as database import music.db.database as database
@ -12,6 +12,7 @@ logger = logging.getLogger(__name__)
@blueprint.route('/today', methods=['GET']) @blueprint.route('/today', methods=['GET'])
@login_or_jwt @login_or_jwt
@no_locked_users
@lastfm_username_required @lastfm_username_required
def daily_scrobbles(auth=None, user=None): def daily_scrobbles(auth=None, user=None):

View File

@ -2,7 +2,7 @@ from flask import Blueprint, request, jsonify
import logging import logging
from music.api.decorators import login_or_jwt, spotify_link_required, validate_json from music.api.decorators import login_or_jwt, spotify_link_required, validate_json, no_locked_users
import music.db.database as database import music.db.database as database
from spotframework.net.network import SpotifyNetworkException from spotframework.net.network import SpotifyNetworkException
@ -18,6 +18,7 @@ logger = logging.getLogger(__name__)
@blueprint.route('/play', methods=['POST']) @blueprint.route('/play', methods=['POST'])
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@no_locked_users
def play(auth=None, user=None): def play(auth=None, user=None):
request_json = request.get_json() request_json = request.get_json()
@ -80,6 +81,7 @@ def play(auth=None, user=None):
@blueprint.route('/next', methods=['POST']) @blueprint.route('/next', methods=['POST'])
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@no_locked_users
def next_track(auth=None, user=None): def next_track(auth=None, user=None):
net = database.get_authed_spotify_network(user) net = database.get_authed_spotify_network(user)
player = Player(net) player = Player(net)
@ -91,6 +93,7 @@ def next_track(auth=None, user=None):
@blueprint.route('/shuffle', methods=['POST']) @blueprint.route('/shuffle', methods=['POST'])
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@no_locked_users
@validate_json(('state', bool)) @validate_json(('state', bool))
def shuffle(auth=None, user=None): def shuffle(auth=None, user=None):
request_json = request.get_json() request_json = request.get_json()
@ -105,6 +108,7 @@ def shuffle(auth=None, user=None):
@blueprint.route('/volume', methods=['POST']) @blueprint.route('/volume', methods=['POST'])
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@no_locked_users
@validate_json(('volume', int)) @validate_json(('volume', int))
def volume(auth=None, user=None): def volume(auth=None, user=None):
request_json = request.get_json() request_json = request.get_json()

View File

@ -4,7 +4,7 @@ import json
import os import os
from music.api.decorators import admin_required, login_or_jwt, lastfm_username_required, \ from music.api.decorators import admin_required, login_or_jwt, lastfm_username_required, \
spotify_link_required, cloud_task, validate_args spotify_link_required, cloud_task, validate_args, no_locked_users
import music.db.database as database import music.db.database as database
from music.cloud.tasks import refresh_all_user_playlist_stats, refresh_user_playlist_stats, refresh_playlist_task from music.cloud.tasks import refresh_all_user_playlist_stats, refresh_user_playlist_stats, refresh_playlist_task
from music.tasks.refresh_lastfm_stats import refresh_lastfm_track_stats, \ from music.tasks.refresh_lastfm_stats import refresh_lastfm_track_stats, \
@ -23,6 +23,7 @@ logger = logging.getLogger(__name__)
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@lastfm_username_required @lastfm_username_required
@no_locked_users
def count(auth=None, user=None): def count(auth=None, user=None):
uri = request.args.get('uri', None) uri = request.args.get('uri', None)
@ -72,6 +73,7 @@ def count(auth=None, user=None):
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@lastfm_username_required @lastfm_username_required
@no_locked_users
@validate_args(('name', str)) @validate_args(('name', str))
def playlist_refresh(auth=None, user=None): def playlist_refresh(auth=None, user=None):
@ -135,6 +137,7 @@ def run_playlist_artist_task():
@blueprint.route('/playlist/refresh/users', methods=['GET']) @blueprint.route('/playlist/refresh/users', methods=['GET'])
@login_or_jwt @login_or_jwt
@admin_required @admin_required
@no_locked_users
def run_users(auth=None, user=None): def run_users(auth=None, user=None):
refresh_all_user_playlist_stats() refresh_all_user_playlist_stats()
return jsonify({'message': 'executed all users', 'status': 'success'}), 200 return jsonify({'message': 'executed all users', 'status': 'success'}), 200
@ -142,6 +145,7 @@ def run_users(auth=None, user=None):
@blueprint.route('/playlist/refresh/user', methods=['GET']) @blueprint.route('/playlist/refresh/user', methods=['GET'])
@login_or_jwt @login_or_jwt
@no_locked_users
def run_user(auth=None, user=None): def run_user(auth=None, user=None):
if user.type == 'admin': if user.type == 'admin':

View File

@ -1,7 +1,7 @@
from flask import Blueprint, request, jsonify from flask import Blueprint, request, jsonify
import logging import logging
from music.api.decorators import login_or_jwt, spotify_link_required from music.api.decorators import login_or_jwt, spotify_link_required, no_locked_users
import music.db.database as database import music.db.database as database
from spotframework.engine.playlistengine import PlaylistEngine from spotframework.engine.playlistengine import PlaylistEngine
@ -14,6 +14,7 @@ logger = logging.getLogger(__name__)
@blueprint.route('/sort', methods=['POST']) @blueprint.route('/sort', methods=['POST'])
@login_or_jwt @login_or_jwt
@spotify_link_required @spotify_link_required
@no_locked_users
def sort(auth=None, user=None): def sort(auth=None, user=None):
request_json = request.get_json() request_json = request.get_json()

View File

@ -4,7 +4,7 @@ import logging
import os import os
import json import json
from music.api.decorators import login_or_jwt, cloud_task from music.api.decorators import login_or_jwt, cloud_task, no_locked_users
from music.cloud.function import update_tag as serverless_update_tag from music.cloud.function import update_tag as serverless_update_tag
from music.tasks.update_tag import update_tag from music.tasks.update_tag import update_tag
@ -16,6 +16,7 @@ logger = logging.getLogger(__name__)
@blueprint.route('/tag', methods=['GET']) @blueprint.route('/tag', methods=['GET'])
@login_or_jwt @login_or_jwt
@no_locked_users
def tags(auth=None, user=None): def tags(auth=None, user=None):
logger.info(f'retrieving tags for {user.username}') logger.info(f'retrieving tags for {user.username}')
return jsonify({ return jsonify({
@ -25,6 +26,7 @@ def tags(auth=None, user=None):
@blueprint.route('/tag/<tag_id>', methods=['GET', 'PUT', 'POST', "DELETE"]) @blueprint.route('/tag/<tag_id>', methods=['GET', 'PUT', 'POST', "DELETE"])
@login_or_jwt @login_or_jwt
@no_locked_users
def tag_route(tag_id, auth=None, user=None): def tag_route(tag_id, auth=None, user=None):
if request.method == 'GET': if request.method == 'GET':
return get_tag(tag_id, user) return get_tag(tag_id, user)
@ -127,6 +129,7 @@ def delete_tag(tag_id, user):
@blueprint.route('/tag/<tag_id>/update', methods=['GET']) @blueprint.route('/tag/<tag_id>/update', methods=['GET'])
@login_or_jwt @login_or_jwt
@no_locked_users
def tag_refresh(tag_id, auth=None, user=None): def tag_refresh(tag_id, auth=None, user=None):
logger.info(f'updating {tag_id} tag for {user.username}') logger.info(f'updating {tag_id} tag for {user.username}')