Skip to content

Commit

Permalink
fix: permission checking
Browse files Browse the repository at this point in the history
  • Loading branch information
SKairinos committed Feb 2, 2024
1 parent ab29e5a commit 87c6bf5
Show file tree
Hide file tree
Showing 9 changed files with 55 additions and 0 deletions.
3 changes: 3 additions & 0 deletions codeforlife/permissions/allow_none.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,5 +14,8 @@ class AllowNone(BasePermission):
https://www.django-rest-framework.org/api-guide/permissions/#allowany
"""

def __eq__(self, other):
return isinstance(other, self.__class__)

def has_permission(self, request, view):
return False
3 changes: 3 additions & 0 deletions codeforlife/permissions/is_cron_request_from_google.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ class IsCronRequestFromGoogle(BasePermission):
https://cloud.google.com/appengine/docs/flexible/scheduling-jobs-with-cron-yaml#securing_urls_for_cron
"""

def __eq__(self, other):
return isinstance(other, self.__class__)

def has_permission(self, request, view):
return (
settings.DEBUG
Expand Down
17 changes: 17 additions & 0 deletions codeforlife/tests/model_view_set.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
from django.utils.http import urlencode
from pyotp import TOTP
from rest_framework import status
from rest_framework.permissions import BasePermission
from rest_framework.response import Response
from rest_framework.test import APIClient, APIRequestFactory, APITestCase

Expand Down Expand Up @@ -689,6 +690,22 @@ def setUpClass(cls):

return super().setUpClass()

def assert_get_permissions(
self,
permissions: t.List[BasePermission],
*args,
**kwargs,
):
"""Assert that we get the expected permissions.
Args:
permissions: The expected permissions.
"""

model_view_set = self.model_view_set_class(*args, **kwargs)
actual_permissions = model_view_set.get_permissions()
self.assertListEqual(permissions, actual_permissions)

def get_other_user(
self,
user: User,
Expand Down
6 changes: 6 additions & 0 deletions codeforlife/user/permissions/in_class.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,12 @@ def __init__(self, class_id: t.Optional[str] = None):
super().__init__()
self.class_id = class_id

def __eq__(self, other):
return (
isinstance(other, self.__class__)
and self.class_id == other.class_id
)

def has_permission(self, request: Request, view: APIView):
user = request.user
if super().has_permission(request, view) and isinstance(user, User):
Expand Down
6 changes: 6 additions & 0 deletions codeforlife/user/permissions/in_school.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,12 @@ def __init__(self, school_id: t.Optional[int] = None):
super().__init__()
self.school_id = school_id

def __eq__(self, other):
return (
isinstance(other, self.__class__)
and self.school_id == other.school_id
)

def has_permission(self, request: Request, view: APIView):
def in_school(school_id: int):
return self.school_id is None or self.school_id == school_id
Expand Down
3 changes: 3 additions & 0 deletions codeforlife/user/permissions/is_independent.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,9 @@
class IsIndependent(IsAuthenticated):
"""Request's user must be independent."""

def __eq__(self, other):
return isinstance(other, self.__class__)

def has_permission(self, request: Request, view: APIView):
user = request.user
return (
Expand Down
6 changes: 6 additions & 0 deletions codeforlife/user/permissions/is_student.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,12 @@ def __init__(self, student_id: t.Optional[int] = None):
super().__init__()
self.student_id = student_id

def __eq__(self, other):
return (
isinstance(other, self.__class__)
and self.student_id == other.student_id
)

def has_permission(self, request: Request, view: APIView):
user = request.user
return (
Expand Down
7 changes: 7 additions & 0 deletions codeforlife/user/permissions/is_teacher.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,13 @@ def __init__(
self.teacher_id = teacher_id
self.is_admin = is_admin

def __eq__(self, other):
return (
isinstance(other, self.__class__)
and self.teacher_id == other.teacher_id
and self.is_admin == other.is_admin
)

def has_permission(self, request: Request, view: APIView):
user = request.user
return (
Expand Down
4 changes: 4 additions & 0 deletions codeforlife/views/model.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
from django.db.models.query import QuerySet
from rest_framework import status
from rest_framework.decorators import action
from rest_framework.permissions import BasePermission
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ListSerializer
Expand Down Expand Up @@ -49,6 +50,9 @@ def get_model_class(cls) -> t.Type[AnyModel]:
0
]

def get_permissions(self):
return t.cast(t.List[BasePermission], super().get_permissions())

def get_serializer(self, *args, **kwargs):
serializer = super().get_serializer(*args, **kwargs)

Expand Down

0 comments on commit 87c6bf5

Please sign in to comment.