Move the Django API Permissions to a FastAPI dependency
This commit is contained in:
parent
117ab96017
commit
2f5f312d9c
@ -130,7 +130,6 @@ STATIC_ROOT = os.environ.get("DJANGO_STATIC_ROOT", os.path.join(BASE_DIR, "stati
|
|||||||
MEDIA_ROOT = os.environ.get("DJANGO_MEDIA_ROOT", os.path.join(BASE_DIR, "media"))
|
MEDIA_ROOT = os.environ.get("DJANGO_MEDIA_ROOT", os.path.join(BASE_DIR, "media"))
|
||||||
MEDIA_URL = "/user-media/"
|
MEDIA_URL = "/user-media/"
|
||||||
|
|
||||||
ETEBASE_API_PERMISSIONS = ["rest_framework.permissions.IsAuthenticated"]
|
|
||||||
ETEBASE_API_AUTHENTICATORS = (
|
ETEBASE_API_AUTHENTICATORS = (
|
||||||
"django_etebase.token_auth.authentication.TokenAuthentication",
|
"django_etebase.token_auth.authentication.TokenAuthentication",
|
||||||
"rest_framework.authentication.SessionAuthentication",
|
"rest_framework.authentication.SessionAuthentication",
|
||||||
@ -143,8 +142,6 @@ config_locations = [
|
|||||||
"/etc/etebase-server/etebase-server.ini",
|
"/etc/etebase-server/etebase-server.ini",
|
||||||
]
|
]
|
||||||
|
|
||||||
ETEBASE_CREATE_USER_FUNC = "django_etebase.utils.create_user_blocked"
|
|
||||||
|
|
||||||
# Use config file if present
|
# Use config file if present
|
||||||
if any(os.path.isfile(x) for x in config_locations):
|
if any(os.path.isfile(x) for x in config_locations):
|
||||||
config = configparser.ConfigParser()
|
config = configparser.ConfigParser()
|
||||||
@ -180,7 +177,7 @@ if any(os.path.isfile(x) for x in config_locations):
|
|||||||
|
|
||||||
# Configure EteBase to use LDAP
|
# Configure EteBase to use LDAP
|
||||||
ETEBASE_CREATE_USER_FUNC = "myauth.ldap.create_user"
|
ETEBASE_CREATE_USER_FUNC = "myauth.ldap.create_user"
|
||||||
ETEBASE_API_PERMISSIONS.append("myauth.ldap.LDAPUserExists")
|
ETEBASE_API_PERMISSIONS_READ = ["myauth.ldap.is_user_in_ldap"]
|
||||||
|
|
||||||
# Efficient file streaming (for large files)
|
# Efficient file streaming (for large files)
|
||||||
SENDFILE_BACKEND = "django_etebase.sendfile.backends.simple"
|
SENDFILE_BACKEND = "django_etebase.sendfile.backends.simple"
|
||||||
|
@ -4,8 +4,10 @@ from django.utils import timezone
|
|||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.core.exceptions import PermissionDenied
|
from django.core.exceptions import PermissionDenied
|
||||||
from django_etebase.utils import CallbackContext
|
from django_etebase.utils import CallbackContext
|
||||||
from myauth.models import get_typed_user_model
|
from myauth.models import get_typed_user_model, UserType
|
||||||
from rest_framework.permissions import BasePermission
|
from etebase_fastapi.dependencies import get_authenticated_user
|
||||||
|
from etebase_fastapi.exceptions import PermissionDenied
|
||||||
|
from fastapi import Depends
|
||||||
|
|
||||||
import ldap
|
import ldap
|
||||||
|
|
||||||
@ -76,15 +78,9 @@ class LDAPConnection:
|
|||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
def is_user_in_ldap(user: UserType = Depends(get_authenticated_user)):
|
||||||
class LDAPUserExists(BasePermission):
|
if not LDAPConnection.get_instance().has_user(user.username):
|
||||||
"""
|
raise PermissionDenied("User not in LDAP directory.")
|
||||||
A permission check which first checks with the LDAP directory if the user
|
|
||||||
exists.
|
|
||||||
"""
|
|
||||||
|
|
||||||
def has_permission(self, request, view):
|
|
||||||
return LDAPConnection.get_instance().has_user(request.user.username)
|
|
||||||
|
|
||||||
def create_user(context: CallbackContext, *args, **kwargs):
|
def create_user(context: CallbackContext, *args, **kwargs):
|
||||||
"""
|
"""
|
||||||
|
Loading…
Reference in New Issue
Block a user