1
Fork 0
mirror of https://github.com/pds-nest/nest.git synced 2024-11-26 23:14:19 +00:00
pds-2021-g2-nest/nest_backend/routes/repository/alerts/alert.py

174 lines
6.5 KiB
Python
Raw Normal View History

2021-05-07 17:15:14 +00:00
from flask import render_template, abort, jsonify, request
from nest_backend.database import *
2021-05-12 20:22:42 +00:00
from flask_jwt_extended import jwt_required, get_jwt_identity
2021-05-07 17:15:14 +00:00
from nest_backend.gestione import *
from flask_cors import cross_origin
import datetime
from nest_backend.errors import *
2021-05-07 17:15:14 +00:00
@cross_origin()
@jwt_required()
@repository_auth
2021-05-07 17:31:57 +00:00
def page_alert(aid):
2021-05-07 17:15:14 +00:00
"""
---
get:
2021-05-07 17:31:57 +00:00
summary: Get details about an alert.
2021-05-07 17:15:14 +00:00
parameters:
- in: path
2021-05-07 17:31:57 +00:00
schema: AlertParameterSchema
2021-05-07 17:15:14 +00:00
security:
- jwt: []
responses:
'200':
2021-05-07 17:31:57 +00:00
description: The details about the requested alert. The schema is incapsulated in Success.
2021-05-07 17:15:14 +00:00
content:
application/json:
2021-05-07 17:31:57 +00:00
schema: Alert
2021-05-07 17:15:14 +00:00
'404':
description: Could not find the requested repository.
content:
application/json:
schema: Error
'403':
description: The user is not authorized.
content:
application/json:
schema: Error
'401':
description: The user is not logged in.
content:
application/json:
schema: Error
tags:
2021-05-07 17:31:57 +00:00
- alert-related
2021-05-07 17:15:14 +00:00
delete:
2021-05-07 17:31:57 +00:00
summary: Deletes an alert.
2021-05-07 17:15:14 +00:00
parameters:
- in: path
2021-05-07 17:31:57 +00:00
schema: AlertParameterSchema
2021-05-07 17:15:14 +00:00
security:
- jwt: []
responses:
'204':
2021-05-07 17:15:14 +00:00
description: The repository has been deleted successfully.
'404':
description: Could not find the requested repository.
content:
application/json:
schema: Error
'403':
description: The user is not authorized.
content:
application/json:
schema: Error
'401':
description: The user is not logged in.
content:
application/json:
schema: Error
'500':
description: Could not delete the repository.
content:
application/json:
schema: Error
tags:
2021-05-07 17:31:57 +00:00
- alert-related
2021-05-07 17:15:14 +00:00
patch:
2021-05-10 09:00:21 +00:00
summary: Updates an alert and the boolops structure.
2021-05-07 17:15:14 +00:00
security:
- jwt: []
requestBody:
required: true
content:
application/json:
2021-05-10 09:00:21 +00:00
schema: Alert
2021-05-07 17:15:14 +00:00
parameters:
- in: path
2021-05-07 17:31:57 +00:00
schema: AlertParameterSchema
2021-05-07 17:15:14 +00:00
responses:
'204':
2021-05-10 09:00:21 +00:00
description: The alert has been updated successfully.
2021-05-07 17:15:14 +00:00
content:
application/json:
2021-05-07 17:31:57 +00:00
schema: Alert
2021-05-07 17:15:14 +00:00
'404':
description: Could not find the requested repository.
content:
application/json:
schema: Error
'403':
description: The user is not authorized.
content:
application/json:
schema: Error
'401':
description: The user is not logged in.
content:
application/json:
schema: Error
tags:
2021-05-07 17:31:57 +00:00
- alert-related
2021-05-07 17:15:14 +00:00
"""
user = find_user(get_jwt_identity())
alert = Alert.query.filter_by(id=aid).first()
if not alert:
return json_error("Could not find alert.", ALERT_NOT_FOUND), 404
2021-05-07 17:15:14 +00:00
if alert.repository not in [a.repository for a in user.authorizations] + user.owner_of:
return json_error("You are not authorized to proceed.", USER_NOT_AUTHORIZED), 403
2021-05-07 17:15:14 +00:00
if request.method == "GET":
return json_success(alert.to_json()), 200
if alert.repository not in user.owner_of:
return json_error("You are not authorized to proceed.", REPOSITORY_NOT_OWNER), 403
2021-05-07 17:15:14 +00:00
if request.method == "PATCH":
if 'name' in request.json:
alert.name = request.json['name']
if 'limit' in request.json:
alert.limit = request.json['limit']
if 'window_size' in request.json:
alert.window_size = request.json['window_size']
2021-05-07 17:51:03 +00:00
ext.session.commit()
return json_success(alert.to_json()), 204
2021-05-07 17:15:14 +00:00
elif request.method == "DELETE":
try:
2021-05-07 17:51:03 +00:00
ext.session.delete(alert)
ext.session.commit()
2021-05-07 17:15:14 +00:00
except Exception:
return json_error("Something went wrong while deleting alert.", ALERT_DELETION_FAILURE), 500
return json_success("Deletion completed."), 204
2021-05-07 17:15:14 +00:00
elif request.method == "PUT":
2021-05-10 09:00:21 +00:00
if not json_request_authorizer(request.json, alert):
return json_error("Missing one or more parameters in repository json.", GENERIC_MISSING_FIELDS), 400
2021-05-10 09:00:21 +00:00
alert.limit = request.json['limit']
alert.name = request.json['name']
alert.window_size = request.json['window_size']
2021-05-17 13:29:08 +00:00
if (mode := request.json.get("evaluation_mode")) is not None:
try:
alert.evaluation_mode = ConditionMode(mode)
except KeyError:
return json_error("Unknown `type` specified.", GENERIC_ENUM_INVALID), 400
2021-05-17 13:29:08 +00:00
except Exception as e:
return json_error("Unknown error:" + str(e), GENERIC_UFO), 400
2021-05-17 13:29:08 +00:00
if request.json['conditions'] is not None:
# Possibile vulnearabilità! Un utente potrebbe aggiungere conditions non del suo repo!
for c in request.json['conditions']:
if c['id'] not in alert.repository.conditions:
return json_error("Stop! You violated the law!", USER_NOT_AUTHORIZED), 403
2021-05-17 13:29:08 +00:00
# Wow very pythonic so much wow
# Obtain list of no longer needed connections
to_be_deleted = [c.cid for c in alert.conditions if
c.cid not in [json['id'] for json in request.json['conditions']]]
# RIP AND TEAR UNTIL ITS DONE
for elem in to_be_deleted:
conn = MadeOf.query.filter_by(cid=elem, aid=alert.id).first()
if conn:
ext.session.delete(conn)
ext.session.commit()
for c in request.json['conditions']:
conn = MadeOf(cid=c['id'], aid=alert.id)
ext.session.add(conn)
2021-05-10 09:00:21 +00:00
ext.session.commit()
return json_success(alert.to_json()), 200