mirror of
https://github.com/pds-nest/nest.git
synced 2024-11-22 21:14:18 +00:00
180 lines
6.9 KiB
Python
180 lines
6.9 KiB
Python
from flask import render_template, abort, jsonify, request
|
|
from nest_backend.database import *
|
|
from flask_jwt_extended import jwt_required, get_jwt_identity
|
|
from nest_backend.gestione import *
|
|
from flask_cors import cross_origin
|
|
import datetime
|
|
from nest_backend.errors import *
|
|
|
|
|
|
@cross_origin()
|
|
@jwt_required()
|
|
@repository_auth
|
|
def page_alert(aid):
|
|
"""
|
|
---
|
|
get:
|
|
summary: Get details about an alert.
|
|
parameters:
|
|
- in: path
|
|
schema: AlertParameterSchema
|
|
security:
|
|
- jwt: []
|
|
responses:
|
|
'200':
|
|
description: The details about the requested alert. The schema is incapsulated in Success.
|
|
content:
|
|
application/json:
|
|
schema: Alert
|
|
'404':
|
|
description: Could not find the requested repository.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
'403':
|
|
description: The user is not authorized.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
'401':
|
|
description: The user is not logged in.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
tags:
|
|
- alert-related
|
|
delete:
|
|
summary: Deletes an alert.
|
|
parameters:
|
|
- in: path
|
|
schema: AlertParameterSchema
|
|
security:
|
|
- jwt: []
|
|
responses:
|
|
'204':
|
|
description: The repository has been deleted successfully.
|
|
'404':
|
|
description: Could not find the requested repository.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
'403':
|
|
description: The user is not authorized.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
'401':
|
|
description: The user is not logged in.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
'500':
|
|
description: Could not delete the repository.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
tags:
|
|
- alert-related
|
|
patch:
|
|
summary: Updates an alert and the boolops structure.
|
|
security:
|
|
- jwt: []
|
|
requestBody:
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema: Alert
|
|
parameters:
|
|
- in: path
|
|
schema: AlertParameterSchema
|
|
|
|
responses:
|
|
'204':
|
|
description: The alert has been updated successfully.
|
|
content:
|
|
application/json:
|
|
schema: Alert
|
|
'404':
|
|
description: Could not find the requested repository.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
'403':
|
|
description: The user is not authorized.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
'401':
|
|
description: The user is not logged in.
|
|
content:
|
|
application/json:
|
|
schema: Error
|
|
tags:
|
|
- alert-related
|
|
"""
|
|
user = find_user(get_jwt_identity())
|
|
alert = Alert.query.filter_by(id=aid).first()
|
|
if not alert:
|
|
return json_error("Could not find alert.", ALERT_NOT_FOUND), 404
|
|
if alert.repository not in [a.repository for a in user.authorizations] + user.owner_of:
|
|
return json_error("You are not authorized to proceed.", USER_NOT_AUTHORIZED), 403
|
|
if request.method == "GET":
|
|
return json_success(alert.to_json()), 200
|
|
if alert.repository not in user.owner_of:
|
|
return json_error("You are not authorized to proceed.", REPOSITORY_NOT_OWNER), 403
|
|
if request.method == "PATCH":
|
|
if 'name' in request.json:
|
|
alert.name = request.json['name']
|
|
if 'limit' in request.json:
|
|
alert.limit = request.json['limit']
|
|
if 'window_size' in request.json:
|
|
alert.window_size = request.json['window_size']
|
|
if 'evaluation_mode' in request.json:
|
|
try:
|
|
alert.evaluation_mode = ConditionMode(request.json['evaluation_mode'])
|
|
except KeyError:
|
|
return json_error("Unknown `type` specified.", GENERIC_ENUM_INVALID), 400
|
|
except Exception as e:
|
|
return json_error("Unknown error:" + str(e), GENERIC_UFO), 400
|
|
ext.session.commit()
|
|
return json_success(alert.to_json()), 204
|
|
elif request.method == "DELETE":
|
|
try:
|
|
ext.session.delete(alert)
|
|
ext.session.commit()
|
|
except Exception:
|
|
return json_error("Something went wrong while deleting alert.", ALERT_DELETION_FAILURE), 500
|
|
return json_success("Deletion completed."), 204
|
|
elif request.method == "PUT":
|
|
if not json_request_authorizer(request.json, alert):
|
|
return json_error("Missing one or more parameters in repository json.", GENERIC_MISSING_FIELDS), 400
|
|
alert.limit = request.json['limit']
|
|
alert.name = request.json['name']
|
|
alert.window_size = request.json['window_size']
|
|
if (mode := request.json.get("evaluation_mode")) is not None:
|
|
try:
|
|
alert.evaluation_mode = ConditionMode(mode)
|
|
except KeyError:
|
|
return json_error("Unknown `type` specified.", GENERIC_ENUM_INVALID), 400
|
|
except Exception as e:
|
|
return json_error("Unknown error:" + str(e), GENERIC_UFO), 400
|
|
if request.json['conditions'] is not None:
|
|
# Possibile vulnearabilità! Un utente potrebbe aggiungere conditions non del suo repo!
|
|
for c in request.json['conditions']:
|
|
if c['id'] not in alert.repository.conditions:
|
|
return json_error("Stop! You violated the law!", USER_NOT_AUTHORIZED), 403
|
|
# Wow very pythonic so much wow
|
|
# Obtain list of no longer needed connections
|
|
to_be_deleted = [c.cid for c in alert.conditions if
|
|
c.cid not in [json['id'] for json in request.json['conditions']]]
|
|
# RIP AND TEAR UNTIL ITS DONE
|
|
for elem in to_be_deleted:
|
|
conn = MadeOf.query.filter_by(cid=elem, aid=alert.id).first()
|
|
if conn:
|
|
ext.session.delete(conn)
|
|
ext.session.commit()
|
|
for c in request.json['conditions']:
|
|
conn = MadeOf(cid=c['id'], aid=alert.id)
|
|
ext.session.add(conn)
|
|
ext.session.commit()
|
|
return json_success(alert.to_json()), 200
|