Change allowed endpoint to use inventory api

This commit is contained in:
Madis Mägi 2023-07-30 13:05:02 +03:00
parent 55061baea0
commit e7a0496f4e
3 changed files with 15 additions and 19 deletions

View File

@ -1,4 +1,5 @@
FROM harbor.k-space.ee/k-space/microservice-base FROM harbor.k-space.ee/k-space/microservice-base
RUN pip3 install httpx
WORKDIR /app WORKDIR /app
COPY app /app COPY app /app
CMD /app/doorboy-proxy.py CMD /app/doorboy-proxy.py

View File

@ -3,6 +3,7 @@ from sanic import Sanic
from sanic.response import text, json from sanic.response import text, json
from sanic_prometheus import monitor from sanic_prometheus import monitor
from motor.motor_asyncio import AsyncIOMotorClient from motor.motor_asyncio import AsyncIOMotorClient
import httpx
import pymongo import pymongo
import os import os
@ -10,6 +11,7 @@ app = Sanic(__name__)
monitor(app).expose_endpoint() monitor(app).expose_endpoint()
DOORBOY_SECRET = os.environ["DOORBOY_SECRET"] DOORBOY_SECRET = os.environ["DOORBOY_SECRET"]
CARD_KUBE_GROUP = os.environ["CARD_KUBE_GROUP"]
MONGO_URI = os.getenv("MONGO_URI", MONGO_URI = os.getenv("MONGO_URI",
"mongodb://127.0.0.1:27017/default?replicaSet=rs0") "mongodb://127.0.0.1:27017/default?replicaSet=rs0")
@ -22,29 +24,21 @@ async def setup_db(app, loop):
# https://github.com/sanic-org/sanic/issues/919 # https://github.com/sanic-org/sanic/issues/919
app.ctx.db = AsyncIOMotorClient(MONGO_URI).get_default_database() app.ctx.db = AsyncIOMotorClient(MONGO_URI).get_default_database()
@app.route("/allowed") @app.route("/allowed")
async def view_doorboy_uids(request): async def view_doorboy_uids(request):
if request.headers.get("KEY") != DOORBOY_SECRET: if request.headers.get("KEY") != DOORBOY_SECRET:
return text("how about no") return text("how about no")
allowed_names = []
async for obj in app.ctx.db.member.find({"enabled": True}): async with httpx.AsyncClient() as client:
allowed_names.append(obj["_id"]) r = await client.get("https://inventory-app-72zn4.codemowers.ee/cards", params={
"group": CARD_KUBE_GROUP
})
j = r.json()
allowed_uids = [] allowed_uids = []
flt = { for obj in j:
"token.uid_hash": {"$exists": True}, allowed_uids.append({
"inventory.owner": {"$exists": True}, "token": obj["token"]
"token.enabled": {"$exists": True} })
}
prj = {
"inventory.owner": True,
"token.uid_hash": True
}
async for obj in app.ctx.db.inventory.find(flt, prj):
if obj["inventory"].pop("owner").get("foreign_id") in allowed_names:
del obj["_id"]
del obj["inventory"]
allowed_uids.append(obj)
return json({"allowed_uids": allowed_uids}) return json({"allowed_uids": allowed_uids})

View File

@ -24,6 +24,7 @@ services:
doorboy_proxy: doorboy_proxy:
network_mode: host network_mode: host
environment: environment:
DOORBOY_SECRET: 0123456789 DOORBOY_SECRET: "0123456789"
CARD_KUBE_GROUP: "codemowers:admins"
build: build:
context: . context: .