feat: Implement apikeys/<id> endpoint from swagger spec. (#864)

This commit is contained in:
jbe-dw 2021-01-16 20:49:41 +01:00 committed by GitHub
parent 718b41e3d1
commit 54b257768f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 0 deletions

View File

@ -391,6 +391,23 @@ def api_get_apikeys(domain_name):
return jsonify(apikey_schema.dump(apikeys)), 200 return jsonify(apikey_schema.dump(apikeys)), 200
@api_bp.route('/pdnsadmin/apikeys/<int:apikey_id>', methods=['GET'])
@api_basic_auth
def api_get_apikey(apikey_id):
apikey = ApiKey.query.get(apikey_id)
if not apikey:
abort(404)
current_app.logger.debug(current_user.role.name)
if current_user.role.name not in ['Administrator', 'Operator']:
if apikey_id not in [a.id for a in get_user_apikeys()]:
raise DomainAccessForbidden()
return jsonify(apikey_schema.dump([apikey])[0]), 200
@api_bp.route('/pdnsadmin/apikeys/<int:apikey_id>', methods=['DELETE']) @api_bp.route('/pdnsadmin/apikeys/<int:apikey_id>', methods=['DELETE'])
@api_basic_auth @api_basic_auth
def api_delete_apikey(apikey_id): def api_delete_apikey(apikey_id):

View File

@ -905,6 +905,8 @@ paths:
description: OK. description: OK.
schema: schema:
$ref: '#/definitions/ApiKey' $ref: '#/definitions/ApiKey'
'403':
description: 'The authenticated user has User role and is not allowed on any of the domains assigned to the key'
'404': '404':
description: 'Not found. The ApiKey with the specified apikey_id does not exist' description: 'Not found. The ApiKey with the specified apikey_id does not exist'
schema: schema: