Permission class added for dynamics (#58)

* Permission class added for dynamics * Permission added
fylein · Dec 20, 2023 · b965983 · b965983
1 parent 5e5da44
commit b965983
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 11 deletions.
diff --git a/apps/workspaces/permissions.py b/apps/workspaces/permissions.py
@@ -0,0 +1,52 @@
+from cryptography.fernet import Fernet
+from django.conf import settings
+from django.contrib.auth import get_user_model
+from django.core.cache import cache
+from rest_framework import permissions
+
+from apps.workspaces.models import Workspace
+
+User = get_user_model()
+
+
+class WorkspacePermissions(permissions.BasePermission):
+    """
+    Permission check for users <> workspaces
+    """
+
+    def validate_and_cache(self, workspace_users, user: User, workspace_id: str, cache_users: bool = False):
+        if user.id in workspace_users:
+            if cache_users:
+                cache.set(workspace_id, workspace_users, 172800)
+            return True
+
+        return False
+
+    def has_permission(self, request, view):
+        workspace_id = str(view.kwargs.get('workspace_id'))
+        user = request.user
+        workspace_users = cache.get(workspace_id)
+
+        if workspace_users:
+            return self.validate_and_cache(workspace_users, user, workspace_id)
+        else:
+            workspace_users = Workspace.objects.filter(pk=workspace_id).values_list('user', flat=True)
+            return self.validate_and_cache(workspace_users, user, workspace_id, True)
+
+
+class IsAuthenticatedForTest(permissions.BasePermission):
+    """
+    Custom auth for preparing a workspace for e2e tests
+    """
+
+    def has_permission(self, request, view):
+        # Client sends a token in the header, which we decrypt and compare with the Client Secret
+        cipher_suite = Fernet(settings.ENCRYPTION_KEY)
+        try:
+            decrypted_password = cipher_suite.decrypt(request.headers['X-E2E-Tests-Client-ID'].encode('utf-8')).decode('utf-8')
+            if decrypted_password == settings.E2E_TESTS_CLIENT_SECRET:
+                return True
+        except Exception:
+            return False
+
+        return False
diff --git a/ms_business_central_api/settings.py b/ms_business_central_api/settings.py
@@ -101,17 +101,17 @@
     'async_update_user': True
 }
 
-# REST_FRAMEWORK = {
-#     'DEFAULT_PERMISSION_CLASSES': (
-#         'rest_framework.permissions.IsAuthenticated',
-#         'apps.workspaces.permissions.WorkspacePermissions'
-#     ),
-#     'DEFAULT_AUTHENTICATION_CLASSES': (
-#         'fyle_rest_auth.authentication.FyleJWTAuthentication',
-#     ),
-#     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
-#     'PAGE_SIZE': 100
-# }
+REST_FRAMEWORK = {
+    'DEFAULT_PERMISSION_CLASSES': (
+        'rest_framework.permissions.IsAuthenticated',
+        # 'apps.workspaces.permissions.WorkspacePermissions'
+    ),
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'fyle_rest_auth.authentication.FyleJWTAuthentication',
+    ),
+    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
+    'PAGE_SIZE': 100
+}
 
 CACHES = {
     'default': {