dwindown/yellow-bank-soal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable Tortoise model pages in admin and use SQLAlchemy-safe links

Browse Source
This commit is contained in:
dwindown
2026-04-01 18:53:59 +07:00
parent b4514f6e53
commit cf0a62548a
1 changed files with 25 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
app/admin.py
View File

@@ -124,8 +124,9 @@ class EnvCredentialProvider(Provider):
""" """
Resolve a concrete admin page path. Resolve a concrete admin page path.
fastapi-admin 1.0.x does not expose a root "/" view by default; the This project uses SQLAlchemy models, while fastapi-admin's built-in
first usable page is a model list route: /{resource}/list. Model CRUD pages are Tortoise-oriented. Prefer custom Link resources
and known safe admin pages.
""" """
admin_path = request.app.admin_path.rstrip("/") admin_path = request.app.admin_path.rstrip("/")
for resource in getattr(request.app, "resources", []): for resource in getattr(request.app, "resources", []):
@@ -135,7 +136,15 @@ class EnvCredentialProvider(Provider):
return f"{admin_path}/{model_name}/list" return f"{admin_path}/{model_name}/list"
except TypeError: except TypeError:
continue continue
return f"{admin_path}{getattr(request.app.login_provider, 'login_path', '/login')}" for resource in getattr(request.app, "resources", []):
try:
if issubclass(resource, Link):
url = getattr(resource, "url", "")
if isinstance(url, str) and url.startswith("/"):
return url
except TypeError:
continue
return f"{admin_path}/password"
@staticmethod @staticmethod
def _login_url(request: Request) -> str: def _login_url(request: Request) -> str:
@@ -775,18 +784,24 @@ def create_admin_app() -> Any:
# NOTE: fastapi-admin 1.0.4 requires provider registration via app.configure(...). # NOTE: fastapi-admin 1.0.4 requires provider registration via app.configure(...).
# Keep provider implementation here for future integration during startup configure. # Keep provider implementation here for future integration during startup configure.
# Register model resources # NOTE:
admin_app.register(TryoutResource) # fastapi-admin Model resources rely on Tortoise ORM query APIs.
admin_app.register(ItemResource) # This codebase uses SQLAlchemy, so register only Link resources here.
admin_app.register(UserResource) # Keep Model resource classes in source for future migration work.
admin_app.register(SessionResource)
admin_app.register(TryoutStatsResource)
# Register dashboard links # Register dashboard links (safe for SQLAlchemy-backed custom views)
admin_app.register(CalibrationDashboardLink) admin_app.register(CalibrationDashboardLink)
admin_app.register(ItemStatisticsLink) admin_app.register(ItemStatisticsLink)
admin_app.register(SessionOverviewLink) admin_app.register(SessionOverviewLink)
calibration_link = CalibrationDashboardLink()
item_stats_link = ItemStatisticsLink()
session_overview_link = SessionOverviewLink()
admin_app.get("/calibration_status", dependencies=[Depends(get_current_admin)])(calibration_link.get)
admin_app.get("/item_statistics", dependencies=[Depends(get_current_admin)])(item_stats_link.get)
admin_app.get("/session_overview", dependencies=[Depends(get_current_admin)])(session_overview_link.get)
return admin_app return admin_app