app-MAIL-temp/app/api/views/sudo.py

from flask import jsonify, g, request
from sqlalchemy_utils.types.arrow import arrow

from app.api.base import api_bp, require_api_auth
from app.db import Session


@api_bp.route("/sudo", methods=["PATCH"])
@require_api_auth
def enter_sudo():
    """
    Enter sudo mode

    Input
    - password: user password to validate request to enter sudo mode
    """
    user = g.user
    data = request.get_json() or {}
    if "password" not in data:
        return jsonify(error="Invalid request"), 403
    if not user.check_password(data["password"]):
        return jsonify(error="Invalid request"), 403

    g.api_key.sudo_mode_at = arrow.now()
    Session.commit()

    return jsonify(ok=True)
Allow to set sudo mode for api requests (#1108) * Allow to set sudo mode for api requests * Rebase migration on top of master * PR comments * Added missing migration * Removed unused import * Apply suggestions from code review Co-authored-by: Adrià Casajús <adria.casajus@proton.ch> 2022-06-23 14:26:36 +02:00			`from flask import jsonify, g, request`
			`from sqlalchemy_utils.types.arrow import arrow`

			`from app.api.base import api_bp, require_api_auth`
			`from app.db import Session`


			`@api_bp.route("/sudo", methods=["PATCH"])`
			`@require_api_auth`
			`def enter_sudo():`
			`"""`
			`Enter sudo mode`

			`Input`
			`- password: user password to validate request to enter sudo mode`
			`"""`
			`user = g.user`
			`data = request.get_json() or {}`
			`if "password" not in data:`
			`return jsonify(error="Invalid request"), 403`
			`if not user.check_password(data["password"]):`
			`return jsonify(error="Invalid request"), 403`

			`g.api_key.sudo_mode_at = arrow.now()`
			`Session.commit()`

			`return jsonify(ok=True)`