-
-
Notifications
You must be signed in to change notification settings - Fork 4.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Revert "ref(mediators): Make validator into a dataclass (#79116)"
This reverts commit e2df3f1. Co-authored-by: Christinarlong <60594860+Christinarlong@users.noreply.github.com>
- Loading branch information
1 parent
0661463
commit 30dd412
Showing
12 changed files
with
69 additions
and
54 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
from .mediator import Mediator # NOQA | ||
from .param import Param # NOQA | ||
from .token_exchange.util import AUTHORIZATION, REFRESH, GrantTypes # noqa: F401 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
from .util import AUTHORIZATION, REFRESH, GrantTypes, token_expiration # NOQA | ||
from .validator import Validator # NOQA |
File renamed without changes.
39 changes: 19 additions & 20 deletions
39
...y/sentry_apps/token_exchange/validator.py → ...try/mediators/token_exchange/validator.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,54 +1,53 @@ | ||
from dataclasses import dataclass | ||
|
||
from django.db import router | ||
from django.utils.functional import cached_property | ||
|
||
from sentry.coreapi import APIUnauthorized | ||
from sentry.mediators.mediator import Mediator | ||
from sentry.mediators.param import Param | ||
from sentry.models.apiapplication import ApiApplication | ||
from sentry.sentry_apps.models.sentry_app import SentryApp | ||
from sentry.sentry_apps.services.app import RpcSentryAppInstallation | ||
from sentry.users.models.user import User | ||
|
||
|
||
@dataclass | ||
class Validator: | ||
class Validator(Mediator): | ||
""" | ||
Validates general authorization params for all types of token exchanges. | ||
""" | ||
|
||
install: RpcSentryAppInstallation | ||
client_id: str | ||
user: User | ||
install = Param(RpcSentryAppInstallation) | ||
client_id = Param(str) | ||
user = Param(User) | ||
using = router.db_for_write(User) | ||
|
||
def run(self) -> bool: | ||
def call(self): | ||
self._validate_is_sentry_app_making_request() | ||
self._validate_app_is_owned_by_user() | ||
self._validate_installation() | ||
return True | ||
|
||
def _validate_is_sentry_app_making_request(self) -> None: | ||
def _validate_is_sentry_app_making_request(self): | ||
if not self.user.is_sentry_app: | ||
raise APIUnauthorized("User is not a Sentry App") | ||
raise APIUnauthorized | ||
|
||
def _validate_app_is_owned_by_user(self) -> None: | ||
def _validate_app_is_owned_by_user(self): | ||
if self.sentry_app.proxy_user != self.user: | ||
raise APIUnauthorized("Sentry App does not belong to given user") | ||
raise APIUnauthorized | ||
|
||
def _validate_installation(self) -> None: | ||
def _validate_installation(self): | ||
if self.install.sentry_app.id != self.sentry_app.id: | ||
raise APIUnauthorized( | ||
f"Sentry App Installation is not for Sentry App: {self.sentry_app.slug}" | ||
) | ||
raise APIUnauthorized | ||
|
||
@cached_property | ||
def sentry_app(self) -> SentryApp: | ||
def sentry_app(self): | ||
try: | ||
return self.application.sentry_app | ||
except SentryApp.DoesNotExist: | ||
raise APIUnauthorized("Sentry App does not exist") | ||
raise APIUnauthorized | ||
|
||
@cached_property | ||
def application(self) -> ApiApplication: | ||
def application(self): | ||
try: | ||
return ApiApplication.objects.get(client_id=self.client_id) | ||
except ApiApplication.DoesNotExist: | ||
raise APIUnauthorized("Application does not exist") | ||
raise APIUnauthorized |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters