kiwi-vpn/api/kiwi_vpn_api/routers/admin.py

"""
/admin endpoints.
"""

from fastapi import APIRouter, Depends, HTTPException, status
from sqlmodel import select

from ..config import Config
from ..db import Connection, TagValue, User, UserCreate
from ._common import Responses, get_current_config, get_current_user

router = APIRouter(prefix="/admin", tags=["admin"])


@router.put(
    "/install/config",
    responses={
        status.HTTP_200_OK: Responses.OK,
        status.HTTP_400_BAD_REQUEST: Responses.INSTALLED,
    },
)
async def initial_configure(
    config: Config,
    current_config: Config | None = Depends(Config.load),
):
    """
    PUT ./install/config: Configure `kiwi-vpn`.
    """

    # fail if already configured
    if current_config is not None:
        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)

    # create config file, connect to database
    config.save()
    Connection.connect(config.db.uri)


@router.put(
    "/install/admin",
    responses={
        status.HTTP_200_OK: Responses.OK,
        status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED,
        status.HTTP_409_CONFLICT: Responses.ENTRY_EXISTS,
    },
)
async def create_initial_admin(
    admin_user: UserCreate,
    current_config: Config = Depends(get_current_config),
):
    """
    PUT ./install/admin: Create the first administrative user.
    """

    # fail if any user exists
    with Connection.session as db:
        if db.exec(select(User).limit(1)).first() is not None:
            raise HTTPException(status_code=status.HTTP_409_CONFLICT)

    # create an administrative user
    new_user = User.create(user=admin_user)
    new_user.add_tags([TagValue.admin])
    new_user.update()


@router.put(
    "/config",
    responses={
        status.HTTP_200_OK: Responses.OK,
        status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED,
        status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER,
        status.HTTP_403_FORBIDDEN: Responses.NEEDS_PERMISSION,
    },
)
async def set_config(
    config: Config,
    current_user: User = Depends(get_current_user),
):
    """
    PUT ./config: Edit `kiwi-vpn` main config.
    """

    # check permissions
    if not current_user.has_tag(TagValue.admin):
        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)

    # update config file, reconnect to database
    config.save()
    Connection.connect(config.db.uri)
documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`"""`
			`/admin endpoints.`
			`"""`

adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`from fastapi import APIRouter, Depends, HTTPException, status`
repaired admin routes 2022-03-28 01:52:56 +00:00			`from sqlmodel import select`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00
pydantic settings, improved scoping 2022-03-18 22:43:02 +00:00			`from ..config import Config`
rename "capability" -> "tag" 2022-03-29 19:57:33 +00:00			`from ..db import Connection, TagValue, User, UserCreate`
get_current_config dependable 2022-03-30 20:57:09 +00:00			`from ._common import Responses, get_current_config, get_current_user`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00
router tags 2022-03-24 23:45:01 +00:00			`router = APIRouter(prefix="/admin", tags=["admin"])`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00

			`@router.put(`
repaired admin routes 2022-03-28 01:52:56 +00:00			`"/install/config",`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`responses={`
documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`status.HTTP_200_OK: Responses.OK,`
			`status.HTTP_400_BAD_REQUEST: Responses.INSTALLED,`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`},`
			`)`
repaired admin routes 2022-03-28 01:52:56 +00:00			`async def initial_configure(`
"install" endpoint 2022-03-19 17:11:52 +00:00			`config: Config,`
some renames 2022-03-19 02:38:32 +00:00			`current_config: Config \| None = Depends(Config.load),`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`):`
documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`"""`
repaired admin routes 2022-03-28 01:52:56 +00:00			PUT ./install/config: Configure `kiwi-vpn`.
documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`"""`

repaired admin routes 2022-03-28 01:52:56 +00:00			`# fail if already configured`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`if current_config is not None:`
"install" endpoint 2022-03-19 17:11:52 +00:00			`raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00
documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`# create config file, connect to database`
Config.load_sync -> Config._ 2022-03-28 02:15:42 +00:00			`config.save()`
typo/regression 2022-03-30 10:53:52 +00:00			`Connection.connect(config.db.uri)`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00
repaired admin routes 2022-03-28 01:52:56 +00:00
			`@router.put(`
			`"/install/admin",`
			`responses={`
			`status.HTTP_200_OK: Responses.OK,`
			`status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED,`
			`status.HTTP_409_CONFLICT: Responses.ENTRY_EXISTS,`
			`},`
			`)`
			`async def create_initial_admin(`
			`admin_user: UserCreate,`
get_current_config dependable 2022-03-30 20:57:09 +00:00			`current_config: Config = Depends(get_current_config),`
repaired admin routes 2022-03-28 01:52:56 +00:00			`):`
			`"""`
			`PUT ./install/admin: Create the first administrative user.`
			`"""`

comment 2022-03-28 22:25:37 +00:00			`# fail if any user exists`
repaired admin routes 2022-03-28 01:52:56 +00:00			`with Connection.session as db:`
limit query 2022-03-28 02:03:31 +00:00			`if db.exec(select(User).limit(1)).first() is not None:`
repaired admin routes 2022-03-28 01:52:56 +00:00			`raise HTTPException(status_code=status.HTTP_409_CONFLICT)`

			`# create an administrative user`
use kwarg in User.create 2022-03-29 15:34:50 +00:00			`new_user = User.create(user=admin_user)`
rework User methods 2022-03-30 01:51:43 +00:00			`new_user.add_tags([TagValue.admin])`
repaired admin routes 2022-03-28 01:52:56 +00:00			`new_user.update()`
User update 2022-03-20 13:14:12 +00:00
"install" endpoint 2022-03-19 17:11:52 +00:00
			`@router.put(`
			`"/config",`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`responses={`
documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`status.HTTP_200_OK: Responses.OK,`
			`status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED,`
			`status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER,`
remove NEEDS_ADMIN 2022-03-30 02:07:22 +00:00			`status.HTTP_403_FORBIDDEN: Responses.NEEDS_PERMISSION,`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`},`
			`)`
"install" endpoint 2022-03-19 17:11:52 +00:00			`async def set_config(`
simplify set_config 2022-03-28 02:38:52 +00:00			`config: Config,`
remove get_current_user_if_admin 2022-03-30 02:02:45 +00:00			`current_user: User = Depends(get_current_user),`
adhere to a plan for a change :) 2022-03-18 18:22:17 +00:00			`):`
documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`"""`
			PUT ./config: Edit `kiwi-vpn` main config.
			`"""`

remove get_current_user_if_admin 2022-03-30 02:02:45 +00:00			`# check permissions`
			`if not current_user.has_tag(TagValue.admin):`
			`raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)`

documentation & some minor refactoring 2022-03-20 03:45:40 +00:00			`# update config file, reconnect to database`
simplify set_config 2022-03-28 02:38:52 +00:00			`config.save()`
			`Connection.connect(config.db.uri)`