smorest_crud package¶
Submodules¶
Module contents¶
-
class
smorest_crud.ResourceView[source]¶ Bases:
smorest_crud.view.CRUDViewOperations to perform on an item, identified in the URL route by a key.
GET /pet/42 – Fetch pet 42.
PATCH /pet/42 – Update pet 42.
DELETE /pet/42 – Delete pet 42.
Example:
from flask_smorest import Blueprint from smorest_crud import ResourceView pet_blp = Blueprint("pets", "pets", url_prefix="/pet") @pet_blp.route("/<int:pk>") class PetResource(ResourceView): model = Pet access_checks_enabled = True get_enabled = True update_enabled = True delete_enabled = True @pet_blp.response(PetSchema) def get(self, pk): return super().get(pk) @pet_blp.arguments(PetSchema) @pet_blp.response(PetSchema) def patch(self, args, pk): return super().patch(args, pk) @pet_blp.response(PetSchema) def delete(self, pk): return super().delete(pk)
-
delete_enabled: bool = False¶ Enable DELETE.
-
get(pk)[source]¶ Retreieve model by primary key.
- Parameters
pk – Primary key identifier.
- Return type
BaseQuery
-
get_enabled: bool = False¶ Enable GET.
-
methods= {'DELETE', 'GET', 'PATCH'}¶
-
patch(args=None, pk=None)[source]¶ Update model.
- Parameters
args – Deserialized request model args.
pk – Primary key identifier.
- Return type
BaseQuery- Returns
Updated model.
-
update_enabled: bool = False¶ Enable PATCH.
-
-
class
smorest_crud.CollectionView[source]¶ Bases:
smorest_crud.view.CRUDViewAPI view that can manage listing items in a collection or creating a new item.
Example:
from flask_smorest import Blueprint from smorest_crud import CollectionView pet_blp = Blueprint("pets", "pets", url_prefix="/pet") @pet_blp.route("") class PetCollection(CollectionView): model = Pet prefetch = [Pet.human, (Pet.human, Human.cars)] # joinedload access_checks_enabled = False create_enabled = True list_enabled = True @pet_blp.response(PetSchema(many=True)) def get(self): query = super().get() return query.filter_by(name='mischa') @pet_blp.arguments(PetSchema) @pet_blp.response(PetSchema(many=True)) def post(self, args): return super().post(args)
-
create_enabled: bool = False¶ Enable POST.
-
list_enabled: bool = False¶ Enable GET.
-
methods= {'GET', 'POST'}¶
-
-
class
smorest_crud.CRUD(app=None)[source]¶ Bases:
objectFlask extension to enable CRUD REST functionality.
Sample full app configuration:
from smorest_crud import CRUD from flask_jwt_extended import JWTManager, get_current_user app = Flask() JWTManager(app) CRUD(app) app.config.update( CRUD_GET_USER=get_current_user, CRUD_ACCESS_CHECKS_ENABLED=True, SECRET_KEY="wnt2die", )
-
access_control_enabled: bool = None¶
-
app: Flask = None¶
-
db: SQLAlchemy = None¶
-
get_user: Optional[Callable] = None¶
-
-
class
smorest_crud.AccessControlUser[source]¶ Bases:
objectA model mixin to implement access checks for a given model/user.
Required on all models for views with access checks enabled.
Example:
class Pet(Model, AccessControlUser): @classmethod def query_for_user(cls, user) -> Optional[BaseQuery]: return cls.query.filter_by(owner=user) def user_can_read(self, user) -> bool: return self.user_can_write(user) or self.owner.id == user.id def user_can_write(self, user) -> bool: return user.is_admin # only administrators can edit pets
-
classmethod
query_for_user(user)[source]¶ Filter list of items for user, or None if disallowed.
- Return type
Optional[BaseQuery]
-
user_can_create(user, args)[source]¶ Check if user is allowed to create.
TODO: not implemented.
- Return type
bool
-
classmethod