-
Notifications
You must be signed in to change notification settings - Fork 19
Roles #52
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Roles #52
Changes from all commits
Commits
Show all changes
27 commits
Select commit
Hold shift + click to select a range
77fe850
roles endpoint
mohamed040406 6b2b83e
fix delete query
mohamed040406 2b9b2a8
fix docs
mohamed040406 a8c09b2
update submodules
mohamed040406 7521bc2
fix permissions check
mohamed040406 495c294
role members endpoints
mohamed040406 6756a13
update docs
mohamed040406 c8aa51b
update status code
mohamed040406 1ffc15c
fixes
mohamed040406 6450261
tests
mohamed040406 666d3f2
fix test
mohamed040406 19ef154
update user fixture scope
mohamed040406 6a41544
update auth dependency
mohamed040406 8042c94
reformat queries
mohamed040406 8f54d19
Check if role exists after checking permissions
mohamed040406 f59a4ff
fix
mohamed040406 00f55d9
update docstring
mohamed040406 0d922dd
docs
mohamed040406 4a8ab17
reformat queries
mohamed040406 821bddf
fix
mohamed040406 ced06b8
reorder responses
mohamed040406 4c7dc37
remove 422 from responses
mohamed040406 8aa0a9d
update docstring
mohamed040406 2cc466a
update dependency
mohamed040406 e11b800
update this
mohamed040406 403d39c
commit
mohamed040406 e0534b0
Merge branch 'feature/roles' of github.com:Tech-With-Tim/API into fea…
mohamed040406 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| import jwt | ||
| import utils | ||
| import config | ||
|
|
||
| from api.models import User | ||
| from typing import List, Union | ||
| from fastapi import Depends, HTTPException, Request | ||
|
|
||
| from api.models import Role | ||
| from api.models.permissions import BasePermission | ||
|
|
||
|
|
||
| def authorization(app_only: bool = False, user_only: bool = False): | ||
| if app_only and user_only: | ||
| raise ValueError("app_only and user_only are mutually exclusive") | ||
|
|
||
| async def inner(request: Request): | ||
| """Attempts to locate and decode JWT token.""" | ||
| token = request.headers.get("authorization") | ||
|
|
||
| if token is None: | ||
| raise HTTPException(status_code=401) | ||
|
|
||
| try: | ||
| data = jwt.decode( | ||
| jwt=token, | ||
| algorithms=["HS256"], | ||
| key=config.secret_key(), | ||
| ) | ||
| except jwt.PyJWTError: | ||
| raise HTTPException(status_code=401, detail="Invalid token.") | ||
|
|
||
| data["uid"] = int(data["uid"]) | ||
|
|
||
| user = await User.fetch(data["uid"]) | ||
| if not user: | ||
| raise HTTPException(status_code=401, detail="Invalid token.") | ||
|
|
||
| if app_only and not user.app: | ||
| raise HTTPException(status_code=403, detail="Users can't use this endpoint") | ||
|
|
||
| if user_only and user.app: | ||
| raise HTTPException(status_code=403, detail="Bots can't use this endpoint") | ||
|
|
||
| return user | ||
|
|
||
| return Depends(inner) | ||
|
|
||
|
|
||
| def has_permissions(permissions: List[Union[int, BasePermission]]): | ||
| async def inner(user=authorization()): | ||
| query = """ | ||
| SELECT * | ||
| FROM roles r | ||
| WHERE r.id IN ( | ||
| SELECT ur.role_id | ||
| FROM userroles ur | ||
| WHERE ur.user_id = $1 | ||
| ) | ||
| """ | ||
| records = await Role.pool.fetch(query, user.id) | ||
| if not records: | ||
| raise HTTPException(403, "Missing Permissions") | ||
|
|
||
| user_permissions = 0 | ||
| for record in records: | ||
| user_permissions |= record["permissions"] | ||
|
|
||
| if not utils.has_permissions(user_permissions, permissions): | ||
| raise HTTPException(403, "Missing Permissions") | ||
|
|
||
| return [Role(**record) for record in records] | ||
|
|
||
| return Depends(inner) |
Submodule models
updated
21 files
| +4 −2 | Pipfile | |
| +143 −86 | Pipfile.lock | |
| +15 −4 | __init__.py | |
| +7 −0 | cdn/__init__.py | |
| +68 −0 | cdn/asset.py | |
| +41 −0 | cdn/file.py | |
| +7 −0 | challenges/__init__.py | |
| +34 −0 | challenges/challenge.py | |
| +36 −0 | challenges/challenge_submission.py | |
| +21 −0 | migrations/0001_init_schema.down.sql | |
| +104 −0 | migrations/0001_init_schema.up.sql | |
| +27 −0 | permissions/__init__.py | |
| +5 −0 | permissions/bases/__init__.py | |
| +30 −0 | permissions/bases/category.py | |
| +18 −0 | permissions/bases/permission.py | |
| +71 −0 | permissions/challenges.py | |
| +31 −0 | permissions/general.py | |
| +5 −0 | roles/__init__.py | |
| +72 −0 | roles/role.py | |
| +38 −0 | roles/user_role.py | |
| +7 −0 | users/__init__.py |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| from .routes import router | ||
|
|
||
|
|
||
| __all__ = (router,) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| from typing import List, Optional | ||
| from pydantic import BaseModel, Field | ||
|
|
||
|
|
||
| class RoleResponse(BaseModel): | ||
| id: str | ||
| name: str | ||
| position: int | ||
| permissions: int | ||
| color: Optional[int] | ||
|
|
||
|
|
||
| class DetailedRoleResponse(RoleResponse): | ||
| members: List[str] | ||
|
|
||
|
|
||
| class NewRoleBody(BaseModel): | ||
| name: str = Field(..., min_length=4, max_length=32) | ||
| color: Optional[int] = Field(None, le=0xFFFFFF, ge=0) | ||
| permissions: Optional[int] = Field(0, ge=0) | ||
|
|
||
|
|
||
| class UpdateRoleBody(BaseModel): | ||
| name: str = Field("", min_length=4, max_length=64) | ||
| color: Optional[int] = Field(None, le=0xFFFFFF, ge=0) | ||
| permissions: int = Field(0, ge=0) | ||
| position: int = Field(0, ge=0) |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.