mbarakaja / saraki Goto Github PK
View Code? Open in Web Editor NEWA framework for multi-tenant applications
License: MIT License
saraki's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
saraki's Issues
Always return 404 when an organization does not exist
The code below is from auth._validate_request, which is called when an access token is being validated. Here, when an organization does not exist we are responding with 401 UNAUTHORIZED, but the response should be 404.
Line 294 in c0a03b8
If a URL does not belong to a valid resource (it does not exist) the response should be always 404. But, what happens if the toke is invalid (expired for instance), the function will just raise AuthorizationError and the response will be again 401.
So in one situation, a URL endpoint may return 401 and 404 in another one, which makes the behavior inconsistent.
Another thing is that I don't want to touch the database when a request has an invalid access token, but it looks like in the case of organization endpoint is inevitable anyway.
Include unique rule in schema generator
Currently, generate_schema does not map UNIQUE constraint to unique rule.
name = Column(String, unique=True)must generate:
{"name": {"unique": True}}ExportData is calling to the global instance of itself
ExportData uses recursive calls to export nested list of models, but the code is calling to the global instance of itself instead of calling to itself. ( I know, this does not make any sense ๐
)
Line 77 in a0c1552
In the above line the call is to export_from_sqla_object which is a global instance of ExportData.
That same thing happens in the line:
Line 117 in a0c1552
Persist resources to the database
Persist resources registered through require_auth decorator.
Also, for applications that want to customize this process, provide in the class Auth a decorator that register a function called to persist the resources.
AppUser.import_data fails to update persisted models
This fails when it comes to updating any other field that is not the password field.
Line 78 in 0d003f4
Persist actions to the database
Persist actions registered through require_auth decorator, Including those that are mapped to HTTP methods.
Also, for applications that want to customize this process, provide in the class Auth a decorator that registers a function called to persist the resources.
We are not using the custom Validator
We are using the built-in Cerberus Validator class.
Line 1 in 603feb1
There aren't any unit or integration test performing updates on columns with unique constraint. That's why I didn't see it before.
signup endpoint is not handling duplicate emails properly
When a request to signup a new user is made with a email that was already registered the next exception appears:
sqlalchemy.exc.IntegrityError: (psycopg2.IntegrityError) duplicate key value violates unique constraint "user_email_key"
DETAIL: Key (email)=(...) already exists.This endpoint should check first if the email is available and if not, give a property feedback to the client.
Rename internal blueprint to avoid collisions
- Saraki version:
- Python version:
- Operating System:
Description
Currently this package has a blueprint named app which is too generic and can collide with other projects blueprint names.
We should probably add a prefix like saraki:app
GET requests with payload must be considered a bad request
Signup endpoint accepts empty string ๐คฆ๐พโโ๏ธ
So basically a user can signup with a empty string as username.
Upgrade security alerted packages by Github
Some packages are being flagged as non secure versions by Github. Let's update them.
collection: Filter by user_id when the URL rule has the sub claim
This is pretty much like #12 but when retrieving information from the database.
assign user_id with current_user when elegible
If a tenant table has a user_id column and that column represent the member that is creating a new entry, I think the endpoint generated with add_resource must assign that column with the value of current_user.
Basic plan management
Initially only manage amount of users per plan
MySQL database support
Hi @mbarakaja ,
Hope you are all well !
I have several questions about your saraki project :-)
So, I forked it in order to dockerize it, and made PR #27, with mysql and postgresql as a datastore.
But, It triggers the following error with the mysql dsn:
saraki-server | Traceback (most recent call last):
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1276, in _execute_context
saraki-server | self.dialect.do_execute(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/default.py", line 593, in do_execute
saraki-server | cursor.execute(statement, parameters)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/mysql/connector/cursor.py", line 551, in execute
saraki-server | self._handle_result(self._connection.cmd_query(stmt))
saraki-server | File "/opt/venv/lib/python3.8/site-packages/mysql/connector/connection.py", line 490, in cmd_query
saraki-server | result = self._handle_result(self._send_cmd(ServerCmd.QUERY, query))
saraki-server | File "/opt/venv/lib/python3.8/site-packages/mysql/connector/connection.py", line 395, in _handle_result
saraki-server | raise errors.get_exception(packet)
saraki-server | mysql.connector.errors.ProgrammingError: 1067 (42000): Invalid default value for 'is_owner'
saraki-server |
saraki-server | The above exception was the direct cause of the following exception:
saraki-server |
saraki-server | Traceback (most recent call last):
saraki-server | File "app.py", line 37, in <module>
saraki-server | database.create_all()
saraki-server | File "/opt/venv/lib/python3.8/site-packages/flask_sqlalchemy/__init__.py", line 1039, in create_all
saraki-server | self._execute_for_all_tables(app, bind, 'create_all')
saraki-server | File "/opt/venv/lib/python3.8/site-packages/flask_sqlalchemy/__init__.py", line 1031, in _execute_for_all_tables
saraki-server | op(bind=self.get_engine(app, bind), **extra)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/sql/schema.py", line 4553, in create_all
saraki-server | bind._run_visitor(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 2095, in _run_visitor
saraki-server | conn._run_visitor(visitorcallable, element, **kwargs)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1656, in _run_visitor
saraki-server | visitorcallable(self.dialect, self, **kwargs).traverse_single(element)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/sql/visitors.py", line 145, in traverse_single
saraki-server | return meth(obj, **kw)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/sql/ddl.py", line 783, in visit_metadata
saraki-server | self.traverse_single(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/sql/visitors.py", line 145, in traverse_single
saraki-server | return meth(obj, **kw)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/sql/ddl.py", line 827, in visit_table
saraki-server | self.connection.execute(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1011, in execute
saraki-server | return meth(self, multiparams, params)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/sql/ddl.py", line 72, in _execute_on_connection
saraki-server | return connection._execute_ddl(self, multiparams, params)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1068, in _execute_ddl
saraki-server | ret = self._execute_context(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1316, in _execute_context
saraki-server | self._handle_dbapi_exception(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1510, in _handle_dbapi_exception
saraki-server | util.raise_(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/util/compat.py", line 182, in raise_
saraki-server | raise exception
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1276, in _execute_context
saraki-server | self.dialect.do_execute(
saraki-server | File "/opt/venv/lib/python3.8/site-packages/sqlalchemy/engine/default.py", line 593, in do_execute
saraki-server | cursor.execute(statement, parameters)
saraki-server | File "/opt/venv/lib/python3.8/site-packages/mysql/connector/cursor.py", line 551, in execute
saraki-server | self._handle_result(self._connection.cmd_query(stmt))
saraki-server | File "/opt/venv/lib/python3.8/site-packages/mysql/connector/connection.py", line 490, in cmd_query
saraki-server | result = self._handle_result(self._send_cmd(ServerCmd.QUERY, query))
saraki-server | File "/opt/venv/lib/python3.8/site-packages/mysql/connector/connection.py", line 395, in _handle_result
saraki-server | raise errors.get_exception(packet)
saraki-server | sqlalchemy.exc.ProgrammingError: (mysql.connector.errors.ProgrammingError) 1067 (42000): Invalid default value for 'is_owner'
saraki-server | [SQL:
saraki-server | CREATE TABLE membership (
saraki-server | user_id INTEGER NOT NULL,
saraki-server | org_id INTEGER NOT NULL,
saraki-server | is_owner BOOL NOT NULL DEFAULT 'FALSE',
saraki-server | enabled BOOL NOT NULL,
saraki-server | PRIMARY KEY (user_id, org_id),
saraki-server | FOREIGN KEY(user_id) REFERENCES user (id),
saraki-server | FOREIGN KEY(org_id) REFERENCES org (id),
saraki-server | CHECK (is_owner IN (0, 1)),
saraki-server | CHECK (enabled IN (0, 1))
saraki-server | )
saraki-server |
saraki-server | ]
saraki-server | (Background on this error at: http://sqlalche.me/e/13/f405)Goal
My aim is to extend saraki and migrate components from https://github.com/StanGirard/seo-audits-toolkit in order to allow seo audits per organization/team layers.
Questions
- Do you think it is worth to give a try to saraki for such purpose ? Either, do you know another flask/sqlalchemy framework for doing so ?
- Is it possible to support mysql with saraki ? Can you update the code ?
- Have you considered to create a front end to saraki ?
Thanks for any insights or inputs on these questions.
Cheers,
Luc Michalski
import_into_sqla_object does not work with hybrid properties
When a class uses hybrid_propety to proxy a column, the in operator does not work with a mapper c property. The line above fails to find the hybrid property by column name:
Line 29 in 2986537
Exclude table properties such as org_id, user_id or password from response payloads.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.