feat: allow oauth2 on all views

nelc · Nov 21, 2024 · d3d4671 · d3d4671
1 parent 79604d2
commit d3d4671
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 3 deletions.
diff --git a/futurex_openedx_extensions/dashboard/views.py b/futurex_openedx_extensions/dashboard/views.py
@@ -13,8 +13,10 @@
 from django.http import JsonResponse
 from django.shortcuts import get_object_or_404
 from django_filters.rest_framework import DjangoFilterBackend
+from openedx.core.lib.api.authentication import BearerAuthentication
 from rest_framework import status as http_status
 from rest_framework import viewsets
+from rest_framework.authentication import SessionAuthentication
 from rest_framework.exceptions import ParseError
 from rest_framework.generics import ListAPIView
 from rest_framework.response import Response
@@ -90,6 +92,7 @@ class TotalCountsView(APIView, FXViewRoleInfoMixin):
         STAT_LEARNERS: 'learners_count',
     }
 
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
     fx_view_name = 'total_counts_statistics'
     fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
@@ -181,8 +184,9 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> Response | JsonRespons
 
 class LearnersView(ListAPIView, FXViewRoleInfoMixin):
     """View to get the list of learners"""
-    serializer_class = serializers.LearnerDetailsSerializer
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
+    serializer_class = serializers.LearnerDetailsSerializer
     pagination_class = DefaultPagination
     fx_view_name = 'learners_list'
     fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
@@ -202,8 +206,9 @@ def get_queryset(self) -> QuerySet:
 
 class CoursesView(ListAPIView, FXViewRoleInfoMixin):
     """View to get the list of courses"""
-    serializer_class = serializers.CourseDetailsSerializer
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
+    serializer_class = serializers.CourseDetailsSerializer
     pagination_class = DefaultPagination
     filter_backends = [DefaultOrderingFilter]
     ordering_fields = [
@@ -230,6 +235,7 @@ def get_queryset(self) -> QuerySet:
 
 class CourseStatusesView(APIView, FXViewRoleInfoMixin):
     """View to get the course statuses"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
     fx_view_name = 'course_statuses'
     fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
@@ -263,6 +269,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse:
 
 class LearnerInfoView(APIView, FXViewRoleInfoMixin):
     """View to get the information of a learner"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
     fx_view_name = 'learner_detailed_info'
     fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
@@ -297,8 +304,9 @@ def get(self, request: Any, username: str, *args: Any, **kwargs: Any) -> JsonRes
 
 class DataExportManagementView(viewsets.ModelViewSet, FXViewRoleInfoMixin):  # pylint: disable=too-many-ancestors
     """View to list and retrieve data export tasks."""
-    serializer_class = serializers.DataExportTaskSerializer
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
+    serializer_class = serializers.DataExportTaskSerializer
     pagination_class = DefaultPagination
     fx_view_name = 'exported_files_data'
     fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
@@ -327,6 +335,7 @@ def get_object(self) -> DataExportTask:
 
 class LearnerCoursesView(APIView, FXViewRoleInfoMixin):
     """View to get the list of courses for a learner"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
     pagination_class = DefaultPagination
     fx_view_name = 'learner_courses'
@@ -398,6 +407,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse:  # pylin
 
 class LearnersDetailsForCourseView(ExportCSVMixin, ListAPIView, FXViewRoleInfoMixin):
     """View to get the list of learners for a course"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     serializer_class = serializers.LearnerDetailsForCourseSerializer
     permission_classes = [FXHasTenantCourseAccess]
     pagination_class = DefaultPagination
@@ -433,6 +443,7 @@ def get_serializer_context(self) -> Dict[str, Any]:
 
 class GlobalRatingView(APIView, FXViewRoleInfoMixin):
     """View to get the global rating"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
     fx_view_name = 'global_rating'
     fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
@@ -460,6 +471,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse:
 
 class UserRolesManagementView(viewsets.ModelViewSet, FXViewRoleInfoMixin):  # pylint: disable=too-many-ancestors
     """View to get the user roles"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantAllCoursesAccess]
     fx_view_name = 'user_roles'
     fx_default_read_only_roles = ['org_course_creator_group']
@@ -622,6 +634,7 @@ def destroy(self, request: Any, *args: Any, **kwargs: Any) -> Response:
 
 class MyRolesView(APIView, FXViewRoleInfoMixin):
     """View to get the user roles of the caller"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
     fx_view_name = 'my_roles'
     fx_default_read_only_roles = COURSE_ACCESS_ROLES_SUPPORTED_READ.copy()
@@ -638,6 +651,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse:
 
 class ClickhouseQueryView(APIView, FXViewRoleInfoMixin):
     """View to get the Clickhouse query"""
+    authentication_classes = [SessionAuthentication, BearerAuthentication]
     permission_classes = [FXHasTenantCourseAccess]
     fx_view_name = 'clickhouse_query_fetcher'
     fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']

diff --git a/test_utils/edx_platform_mocks/fake_models/classes.py b/test_utils/edx_platform_mocks/fake_models/classes.py
@@ -16,3 +16,10 @@ class OrgRole(RoleBase):  # pylint: disable=too-few-public-methods
 
 
 REGISTERED_ACCESS_ROLES = {}
+
+
+class BearerAuthentication:  # pylint: disable=too-few-public-methods
+    """Mock"""
+    def authenticate(self, request):  # pylint: disable=no-self-use
+        """Mock"""
+        return None
diff --git a/test_utils/edx_platform_mocks/openedx/core/lib/api/authentication.py b/test_utils/edx_platform_mocks/openedx/core/lib/api/authentication.py
@@ -0,0 +1,2 @@
+"""edx-platform Mocks"""
+from fake_models.classes import BearerAuthentication  # pylint: disable=unused-import
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		"""edx-platform Mocks"""
		from fake_models.classes import BearerAuthentication # pylint: disable=unused-import