1

我正在为我的应用程序寻求帮助。首先是示例代码(从大约 2k 行中删除...),稍后我将尝试解释我正在寻找的内容:

from google.appengine.ext import ndb
import webapp2
import json

class User(ndb.Model):
  company_              = ndb.KeyProperty(repeated=True)

  @property
  def company(self):
    return {} if not self.company_ else self.company_

  @company.setter
  def company(self, value):
    if value:
      self.company_ = self.company_.expand(value) if self.company_ else [value]
    else:
      self.company_ = []
    self.put()

class Company(ndb.Model):
  administrator         = ndb.KeyProperty(kind=User, repeated=True)
  manager               = ndb.KeyProperty(kind=User, repeated=True)

  # FAKE decorator
  @staticmethod
  def administrator(handler):
    def check_requirements(self, *a, **kw):
      if True:
        return
      else:
        return handler(self, *a, **kw)
    return check_requirements

class BaseHandler(webapp2.RequestHandler):
  def jwrite(self, **kw):
    return self.response.out.write( json.dumps(kw) )

class require(BaseHandler):
  @staticmethod
  def login(handler):
    def check_requirements(self, *a, **kw):
      if not self.auth.get_user_by_session():
        self.redirect('/', abort=True)
      else:
        return handler(self, *a, **kw)
    return check_requirements

class ApiHandler(BaseHandler):
  @require.login
  def post(self, model, action, key=''):
    method = '_post_%s' % model
    try:
      getattr(self, method)(action, key)
    except Exception as error:
      return self.jwrite( error = error)

  def _post_company(self, action, key):

    if action == 'create':
      data = dict(self.request.POST)
      """ Company.create( data ) method:
          Populates Company instance with POST data.
          Assigns first user that created the company
            both administrator and manager roles.
      """
      key_ = Company.create( data ) 
      if key_:
        self.user.company = key_
      return

    elif action == 'delete':

      @Company.administrator
      def delete_all_user_companies(self):
        ndb.delete_multi( self.user.company )
        self.user.company = None
        return

      companies = ndb.get_multi( self.user.company )
      if self.user.key in map( lambda c: c.administrator, companies):
        delete_all_user_companies(self)

    elif action == 'update':

      @Company.manager
      def update_company(self, key):
        data = dict(self.request.POST)
        """ Company.update( key, data ) method:
            Populates Company instance with POST data
        """
        key_ = Company.update( key, data )
        if key_:
          return

      company = ndb.Key(Company, key).get()
      if self.user.key in company.manager.extend(company.administrator):
        update_company(self)

如您所见,我有用户和公司模型。用户可以有多个公司,公司可以有多个用户,可以是管理员或经理。你会注意到一些装饰器和嵌套函数——它们中的大多数都是假的 (; 但这就是我要找的......

我正在使用@require.login装饰器进行基本的登录检查(我将它放在单独的类中,只是因为它在代码中看起来更清晰 - @require.login 与 @BaseHandler.require_login)。有了它,我已经“保护”了我的 API 的发布方法,现在我需要对角色进行额外的检查——管理员可以做一些经理不能做的事情。我将需要在其他几个地方进行此检查,所以我认为这将是装饰器功能的好地方,但我不知道如何编写它们。我的第一个问题是:

  1. 这个装饰器的好地方是什么?我应该把它放在 Company 类还是 ApiHandler 类的某个地方?我的第一直觉是将它放在 Company 类中,但我不确定如何处理范围 - 我需要以某种方式在其中获取用户实例(self.user.company 列表)......

  2. 接下来是经理装饰器。我如何将其编写为装饰器:

      company = ndb.Key(Company, key).get()
      if self.user.key in company.manager.extend(company.administrator):
        update_company(self)
    

    并将其用作@Company.manager@requre.manager,具体取决于我的第一个问题的答案?

  3. 另一个更复杂的管理员装饰器- 我必须检查用户是否是他所有公司的管理员,并删除他所在的地方,同时保留他不在的地方:

      companies = ndb.get_multi( self.user.company )
      if self.user.key in map( lambda c: c.administrator, companies ):
        delete_all_user_companies(self)
    

    我什至不确定这个 map() 函数是否正确以及代码是否可以工作,还没有尝试过 - 它现在只是一个伪代码占位符......

  4. 最后一个问题:我应该担心 POST 请求黑客攻击吗?根据上面的示例代码,是否有可能某些用户可以发出自定义 POST 请求并删除或更新不属于他的公司?

任何帮助、评论或见解将不胜感激(;谢谢!

4

1 回答 1

3

我相信我已经解决了这个问题:

from google.appengine.ext import ndb
import webapp2
import json

class User(ndb.Model):
  company_              = ndb.KeyProperty(repeated=True)

  @property
  def company(self):
    return {} if not self.company_ else self.company_

  @company.setter
  def company(self, value):
    if value:
      # self.company_ = self.company_.expand(value) if self.company_ else [value]
      # Lists mutate when expanded. Code above was returning None
      self.company_ = self.company_ + [value] if self.company_ else [value]
    else:
      self.company_ = []
    self.put()

class Company(ndb.Model):
  administrator         = ndb.KeyProperty(kind=User, repeated=True)
  manager               = ndb.KeyProperty(kind=User, repeated=True)

class BaseHandler(webapp2.RequestHandler):
  def jwrite(self, **kw):
    return self.response.out.write( json.dumps(kw) )

class require(BaseHandler):
  @staticmethod
  def login(handler):
    def check_requirements(self, *a, **kw):
      if not self.auth.get_user_by_session():
        self.redirect('/', abort=True)
      else:
        return handler(self, *a, **kw)
    return check_requirements

class role(BaseHandler):
  @staticmethod
  def administrator(handler):
    def check_requirements(self, *a, **kw):
      # I didn't care much about optimizing queries
      # since this isn't frequent operation.
      # For more frequent calls, I'd consider projections.
      companies = ndb.get_multi( *a )
      # Next lines checks if current user is administrator 
      # for all companies passed to the function
      if not self.user.key in reduce(lambda x, y: x if x != y else y, map(lambda c: c.administrator, companies)):
        return self.jwrite( error = 'Permission denied. Administrator required.' )
      else:
        return handler(self, *a, **kw)
    return check_requirements

  @staticmethod
  def manager(handler):
    def check_requirements(self, *a, **kw):
      companies = ndb.get_multi( *a )
      # Next lines checks if current user is manager
      # or administrator (since admin has higher privileges) 
      # for all companies passed to the function
      if not self.user.key in reduce(lambda x, y: x if x != y else y, map(lambda c: c.manager + c.administrator, companies)):
        return self.jwrite( error = 'Permission denied. Manager or Administrator required.' )
      else:
        return handler(self, *a, **kw)
    return check_requirements

class ApiHandler(BaseHandler):
  @require.login
  def post(self, model, action, key=''):
    method = '_post_%s' % model
    try:
      getattr(self, method)(action, key)
    except Exception as error:
      return self.jwrite( error = error)

  def _post_company(self, action, key):

    if action == 'create':
      data = dict(self.request.POST)
      """ Company.create( data ) method:
          Populates Company instance with POST data.
          Assigns first user that created the company
            both administrator and manager roles.
      """
      key_ = Company.create( data ) 
      if key_:
        self.user.company = key_
      return

    elif action == 'delete':

      @role.administrator
      def delete_all_user_companies(self, *a):
        ndb.delete_multi( *a )
        self.user.company = None
        return

      delete_all_user_companies( self, self.user.company )

    elif action == 'update':

      @role.manager
      def update_company(self, *a ):
        data = dict(self.request.POST)
        """ Company.update( key, data ) method:
            Populates Company instance with POST data
        """
        key_ = Company.update( key, data )
        if key_:
          return

      update_company(self, ndb.Key(Company, key))

并回答我自己的问题:

  1. 我在 Company 类中命名时遇到问题 - 有同名的属性管理员和装饰器。因此,为了方便起见,我将装饰器移到了 API 中,移到了新的类(角色)中。当我编写装饰器时,我意识到我可以将它们用于任何其他模型(带有管理器和管理员字段),所以我想这是一个很好的调用 (;

  2. 编写装饰器需要一些时间并尝试映射和减少数组,但我已经设法完成了。我不确定是否将参数传递给装饰器。也许我应该在装饰器之外进行查询?或者将匹配的项目传递给处理函数?我得调查一下...

  3. ...并删除他所在的位置,同时保留他不是管理员的位置这就是为什么我首先在​​装饰器中进行查询的原因。但仍然不确定它是否聪明 (;

  4. 我仍然可以使用这个答案。

希望这可以帮助某人...

于 2013-05-28T19:28:43.257 回答