From db52b28d6b249aa0fef0e0387da888eeda11e374 Mon Sep 17 00:00:00 2001 From: pycook Date: Thu, 6 Feb 2020 09:59:24 +0800 Subject: [PATCH] fix jwt decode --- cmdb-api/api/lib/cmdb/ci_type.py | 7 ++++++- cmdb-api/api/lib/database.py | 3 +++ cmdb-api/api/lib/perm/auth.py | 2 +- cmdb-api/api/models/cmdb.py | 16 ++++++++-------- 4 files changed, 18 insertions(+), 10 deletions(-) diff --git a/cmdb-api/api/lib/cmdb/ci_type.py b/cmdb-api/api/lib/cmdb/ci_type.py index bc50a7f..6a6885a 100644 --- a/cmdb-api/api/lib/cmdb/ci_type.py +++ b/cmdb-api/api/lib/cmdb/ci_type.py @@ -40,7 +40,9 @@ class CITypeManager(object): @staticmethod def check_is_existed(key): - return CITypeCache.get(key) or abort(404, "CIType <{0}> is not existed".format(key)) + ci_type = CITypeCache.get(key) or abort(404, "CIType <{0}> is not existed".format(key)) + + return CIType.get_by_id(ci_type.id) @staticmethod def get_ci_types(type_name=None): @@ -65,6 +67,9 @@ class CITypeManager(object): else: return + if not ci_type: + return + if type_id is not None and ci_type.id != type_id: return abort(400, "CIType <{0}> is already existed".format(name or alias)) diff --git a/cmdb-api/api/lib/database.py b/cmdb-api/api/lib/database.py index af89b6f..71a94fc 100644 --- a/cmdb-api/api/lib/database.py +++ b/cmdb-api/api/lib/database.py @@ -25,6 +25,9 @@ class FormatMixin(object): class CRUDMixin(FormatMixin): + def __init__(self, **kwargs): + super(CRUDMixin, self).__init__(**kwargs) + @classmethod def create(cls, flush=False, **kwargs): return cls(**kwargs).save(flush=flush) diff --git a/cmdb-api/api/lib/perm/auth.py b/cmdb-api/api/lib/perm/auth.py index 22d82d8..5c5d25f 100644 --- a/cmdb-api/api/lib/perm/auth.py +++ b/cmdb-api/api/lib/perm/auth.py @@ -47,7 +47,7 @@ def _auth_with_token(): try: token = auth_headers - data = jwt.decode(token, current_app.config['SECRET_KEY']) + data = jwt.decode(token, current_app.config['SECRET_KEY'], algorithms=['HS256']) user = User.query.filter_by(email=data['sub']).first() if not user: return False diff --git a/cmdb-api/api/models/cmdb.py b/cmdb-api/api/models/cmdb.py index 31a22dc..0c0a953 100644 --- a/cmdb-api/api/models/cmdb.py +++ b/cmdb-api/api/models/cmdb.py @@ -15,13 +15,13 @@ from api.lib.database import Model class RelationType(Model): __tablename__ = "c_relation_types" - name = db.Column(db.String(16), index=True) + name = db.Column(db.String(16), index=True, nullable=False) class CITypeGroup(Model): __tablename__ = "c_ci_type_groups" - name = db.Column(db.String(32)) + name = db.Column(db.String(32), nullable=False) class CITypeGroupItem(Model): @@ -35,12 +35,12 @@ class CITypeGroupItem(Model): class CIType(Model): __tablename__ = "c_ci_types" - name = db.Column(db.String(32)) - alias = db.Column(db.String(32)) + name = db.Column(db.String(32), nullable=False) + alias = db.Column(db.String(32), nullable=False) unique_id = db.Column(db.Integer, db.ForeignKey("c_attributes.id"), nullable=False) enabled = db.Column(db.Boolean, default=True, nullable=False) is_attached = db.Column(db.Boolean, default=False, nullable=False) - icon_url = db.Column(db.String(256)) + icon_url = db.Column(db.String(256), default='', nullable=False) order = db.Column(db.SmallInteger, default=0, nullable=False) unique_key = db.relationship("Attribute", backref="c_ci_types.unique_id") @@ -89,7 +89,7 @@ class CITypeAttribute(Model): class CITypeAttributeGroup(Model): __tablename__ = "c_ci_type_attribute_groups" - name = db.Column(db.String(64)) + name = db.Column(db.String(64), nullable=False) type_id = db.Column(db.Integer, db.ForeignKey("c_ci_types.id"), nullable=False) order = db.Column(db.SmallInteger, default=0) @@ -266,8 +266,8 @@ class OperationRecord(Model): __tablename__ = "c_records" uid = db.Column(db.Integer, index=True, nullable=False) - origin = db.Column(db.String(32)) - ticket_id = db.Column(db.String(32)) + origin = db.Column(db.String(32), nullable=False) + ticket_id = db.Column(db.String(32), nullable=False) reason = db.Column(db.Text)