From 10eeefc1f5e01489bf9633fb1381f013717f633c Mon Sep 17 00:00:00 2001 From: Sylvain MATHIEU OBS Date: Tue, 12 Sep 2023 15:24:54 +0200 Subject: [PATCH 1/2] API: add endpoint to expose availables privileges to web UI --- gns3server/api/routes/controller/__init__.py | 7 +++ .../api/routes/controller/privileges.py | 43 +++++++++++++++++++ .../api/routes/controller/test_privileges.py | 25 +++++++++++ 3 files changed, 75 insertions(+) create mode 100644 gns3server/api/routes/controller/privileges.py create mode 100644 tests/api/routes/controller/test_privileges.py diff --git a/gns3server/api/routes/controller/__init__.py b/gns3server/api/routes/controller/__init__.py index 28ad9b01..0ebaeb32 100644 --- a/gns3server/api/routes/controller/__init__.py +++ b/gns3server/api/routes/controller/__init__.py @@ -32,6 +32,7 @@ from . import users from . import groups from . import roles from . import acl +from . import privileges from .dependencies.authentication import get_current_active_user @@ -60,6 +61,12 @@ router.include_router( tags=["Roles"] ) +router.include_router( + privileges.router, + prefix="/access/privileges", + tags=["Privileges"] +) + router.include_router( acl.router, prefix="/access/acl", diff --git a/gns3server/api/routes/controller/privileges.py b/gns3server/api/routes/controller/privileges.py new file mode 100644 index 00000000..a1dfb77a --- /dev/null +++ b/gns3server/api/routes/controller/privileges.py @@ -0,0 +1,43 @@ +# +# Software Name : GNS3 server +# Version: 3 +# SPDX-FileCopyrightText: Copyright (c) 2023 Orange Business Services +# SPDX-License-Identifier: GPL-3.0-or-later +# +# This software is distributed under the GPL-3.0 or any later version, +# the text of which is available at https://www.gnu.org/licenses/gpl-3.0.txt +# or see the "LICENSE" file for more details. +# +# Author: Sylvain MATHIEU +# + + +""" +API route for privileges +""" +from typing import List +from gns3server.db.repositories.rbac import RbacRepository +from .dependencies.database import get_repository +from fastapi import APIRouter, Depends +import logging + +from gns3server import schemas + +log = logging.getLogger(__name__) +router = APIRouter() + + +@router.get( + "", + response_model=List[schemas.Privilege], +) +async def get_privileges( + rbac_repo: RbacRepository = Depends(get_repository(RbacRepository)) +) -> List[schemas.Privilege]: + """ + Get all privileges. + + Required privilege: None + """ + + return await rbac_repo.get_privileges() diff --git a/tests/api/routes/controller/test_privileges.py b/tests/api/routes/controller/test_privileges.py new file mode 100644 index 00000000..273ac1be --- /dev/null +++ b/tests/api/routes/controller/test_privileges.py @@ -0,0 +1,25 @@ +# +# Software Name : GNS3 server +# Version: 3 +# SPDX-FileCopyrightText: Copyright (c) 2023 Orange Business Services +# SPDX-License-Identifier: GPL-3.0-or-later +# +# This software is distributed under the GPL-3.0 or any later version, +# the text of which is available at https://www.gnu.org/licenses/gpl-3.0.txt +# or see the "LICENSE" file for more details. +# +# Author: Sylvain MATHIEU +# + +import pytest +from fastapi import FastAPI, status +from httpx import AsyncClient + +pytestmark = pytest.mark.asyncio + + +class TestPrivilegesRoute: + + async def test_get_privileges(self, app: FastAPI, client: AsyncClient) -> None: + response = await client.get(app.url_path_for("get_privileges")) + assert response.status_code == status.HTTP_200_OK From 1f90bb14b62361dc6b8b631b61908a21e55d8259 Mon Sep 17 00:00:00 2001 From: grossmj Date: Thu, 14 Sep 2023 22:36:21 +0700 Subject: [PATCH 2/2] Require users to be logged in for privilege API endpoints --- gns3server/api/routes/controller/__init__.py | 1 + gns3server/api/routes/controller/privileges.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/gns3server/api/routes/controller/__init__.py b/gns3server/api/routes/controller/__init__.py index 0ebaeb32..9ce8f839 100644 --- a/gns3server/api/routes/controller/__init__.py +++ b/gns3server/api/routes/controller/__init__.py @@ -63,6 +63,7 @@ router.include_router( router.include_router( privileges.router, + dependencies=[Depends(get_current_active_user)], prefix="/access/privileges", tags=["Privileges"] ) diff --git a/gns3server/api/routes/controller/privileges.py b/gns3server/api/routes/controller/privileges.py index a1dfb77a..45d250e6 100644 --- a/gns3server/api/routes/controller/privileges.py +++ b/gns3server/api/routes/controller/privileges.py @@ -11,10 +11,10 @@ # Author: Sylvain MATHIEU # - """ API route for privileges """ + from typing import List from gns3server.db.repositories.rbac import RbacRepository from .dependencies.database import get_repository