mirror of https://github.com/CIRCL/AIL-framework
fix: [API ACL] read_only user role
parent
e28326a6cf
commit
04bd78934d
|
@ -188,14 +188,14 @@ def one():
|
||||||
#
|
#
|
||||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
@restApi.route("api/v1/get/item", methods=['POST'])
|
@restApi.route("api/v1/get/item", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_item_id():
|
def get_item_id():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
res = Item.get_item(data)
|
res = Item.get_item(data)
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/item/default", methods=['POST'])
|
@restApi.route("api/v1/get/item/default", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_item_id_basic():
|
def get_item_id_basic():
|
||||||
|
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
|
@ -218,7 +218,7 @@ def get_item_id_basic():
|
||||||
#
|
#
|
||||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
@restApi.route("api/v1/get/item/tag", methods=['POST'])
|
@restApi.route("api/v1/get/item/tag", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_item_tag():
|
def get_item_tag():
|
||||||
|
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
|
@ -299,7 +299,7 @@ def delete_item_tags():
|
||||||
#
|
#
|
||||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
@restApi.route("api/v1/get/item/content", methods=['POST'])
|
@restApi.route("api/v1/get/item/content", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_item_content():
|
def get_item_content():
|
||||||
|
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
|
@ -314,7 +314,7 @@ def get_item_content():
|
||||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
|
|
||||||
@restApi.route("api/v1/get/tag/metadata", methods=['POST'])
|
@restApi.route("api/v1/get/tag/metadata", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_tag_metadata():
|
def get_tag_metadata():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
tag = data.get('tag', None)
|
tag = data.get('tag', None)
|
||||||
|
@ -324,7 +324,7 @@ def get_tag_metadata():
|
||||||
return Response(json.dumps(metadata, indent=2, sort_keys=True), mimetype='application/json'), 200
|
return Response(json.dumps(metadata, indent=2, sort_keys=True), mimetype='application/json'), 200
|
||||||
|
|
||||||
@restApi.route("api/v1/get/tag/all", methods=['GET'])
|
@restApi.route("api/v1/get/tag/all", methods=['GET'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_all_tags():
|
def get_all_tags():
|
||||||
res = {'tags': Tag.get_all_tags()}
|
res = {'tags': Tag.get_all_tags()}
|
||||||
return Response(json.dumps(res, indent=2, sort_keys=True), mimetype='application/json'), 200
|
return Response(json.dumps(res, indent=2, sort_keys=True), mimetype='application/json'), 200
|
||||||
|
@ -351,7 +351,7 @@ def delete_tracker_term():
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/tracker/item", methods=['POST'])
|
@restApi.route("api/v1/get/tracker/item", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_tracker_term_item():
|
def get_tracker_term_item():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
user_token = get_auth_from_header()
|
user_token = get_auth_from_header()
|
||||||
|
@ -364,7 +364,7 @@ def get_tracker_term_item():
|
||||||
# # # # # # # # # # # # CRYPTOCURRENCY # # # # # # # # # # # # # #
|
# # # # # # # # # # # # CRYPTOCURRENCY # # # # # # # # # # # # # #
|
||||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
@restApi.route("api/v1/get/cryptocurrency/bitcoin/metadata", methods=['POST'])
|
@restApi.route("api/v1/get/cryptocurrency/bitcoin/metadata", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_cryptocurrency_bitcoin_metadata():
|
def get_cryptocurrency_bitcoin_metadata():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
crypto_address = data.get('bitcoin', None)
|
crypto_address = data.get('bitcoin', None)
|
||||||
|
@ -373,7 +373,7 @@ def get_cryptocurrency_bitcoin_metadata():
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/cryptocurrency/bitcoin/item", methods=['POST'])
|
@restApi.route("api/v1/get/cryptocurrency/bitcoin/item", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_cryptocurrency_bitcoin_item():
|
def get_cryptocurrency_bitcoin_item():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
bitcoin_address = data.get('bitcoin', None)
|
bitcoin_address = data.get('bitcoin', None)
|
||||||
|
@ -385,7 +385,7 @@ def get_cryptocurrency_bitcoin_item():
|
||||||
# # # # # # # # # # # # # # # PGP # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # PGP # # # # # # # # # # # # # # # # #
|
||||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
@restApi.route("api/v1/get/pgp/key/metadata", methods=['POST'])
|
@restApi.route("api/v1/get/pgp/key/metadata", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_pgp_key_metadata():
|
def get_pgp_key_metadata():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
pgp_field = data.get('key', None)
|
pgp_field = data.get('key', None)
|
||||||
|
@ -394,7 +394,7 @@ def get_pgp_key_metadata():
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/pgp/mail/metadata", methods=['POST'])
|
@restApi.route("api/v1/get/pgp/mail/metadata", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_pgp_mail_metadata():
|
def get_pgp_mail_metadata():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
pgp_field = data.get('mail', None)
|
pgp_field = data.get('mail', None)
|
||||||
|
@ -403,7 +403,7 @@ def get_pgp_mail_metadata():
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/pgp/name/metadata", methods=['POST'])
|
@restApi.route("api/v1/get/pgp/name/metadata", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_pgp_name_metadata():
|
def get_pgp_name_metadata():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
pgp_field = data.get('name', None)
|
pgp_field = data.get('name', None)
|
||||||
|
@ -412,7 +412,7 @@ def get_pgp_name_metadata():
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/pgp/key/item", methods=['POST'])
|
@restApi.route("api/v1/get/pgp/key/item", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_pgp_key_item():
|
def get_pgp_key_item():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
pgp_field = data.get('key', None)
|
pgp_field = data.get('key', None)
|
||||||
|
@ -421,7 +421,7 @@ def get_pgp_key_item():
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/pgp/mail/item", methods=['POST'])
|
@restApi.route("api/v1/get/pgp/mail/item", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_pgp_mail_item():
|
def get_pgp_mail_item():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
pgp_mail = data.get('mail', None)
|
pgp_mail = data.get('mail', None)
|
||||||
|
@ -430,7 +430,7 @@ def get_pgp_mail_item():
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
@restApi.route("api/v1/get/pgp/name/item", methods=['POST'])
|
@restApi.route("api/v1/get/pgp/name/item", methods=['POST'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def get_pgp_name_item():
|
def get_pgp_name_item():
|
||||||
data = request.get_json()
|
data = request.get_json()
|
||||||
pgp_name = data.get('name', None)
|
pgp_name = data.get('name', None)
|
||||||
|
@ -609,7 +609,7 @@ def import_json_item():
|
||||||
#
|
#
|
||||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
@restApi.route("api/v1/ping", methods=['GET'])
|
@restApi.route("api/v1/ping", methods=['GET'])
|
||||||
@token_required('user')
|
@token_required('read_only')
|
||||||
def v1_ping():
|
def v1_ping():
|
||||||
return Response(json.dumps({'status': 'pong'}), mimetype='application/json'), 200
|
return Response(json.dumps({'status': 'pong'}), mimetype='application/json'), 200
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue