Skip to content

Commit

Permalink
feat: allow oauth2 on all views
Browse files Browse the repository at this point in the history
  • Loading branch information
shadinaif committed Nov 24, 2024
1 parent bdfb332 commit e43d45f
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 4 deletions.
2 changes: 1 addition & 1 deletion futurex_openedx_extensions/__init__.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
"""One-line description for README and other doc files."""

__version__ = '0.9.14'
__version__ = '0.9.15'
20 changes: 17 additions & 3 deletions futurex_openedx_extensions/dashboard/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,10 @@
from django.http import JsonResponse
from django.shortcuts import get_object_or_404
from django_filters.rest_framework import DjangoFilterBackend
from openedx.core.lib.api.authentication import BearerAuthentication
from rest_framework import status as http_status
from rest_framework import viewsets
from rest_framework.authentication import SessionAuthentication
from rest_framework.exceptions import ParseError
from rest_framework.generics import ListAPIView
from rest_framework.response import Response
Expand Down Expand Up @@ -91,6 +93,7 @@ class TotalCountsView(APIView, FXViewRoleInfoMixin):
STAT_LEARNERS: 'learners_count',
}

authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
fx_view_name = 'total_counts_statistics'
fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
Expand Down Expand Up @@ -182,8 +185,9 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> Response | JsonRespons

class LearnersView(ListAPIView, FXViewRoleInfoMixin):
"""View to get the list of learners"""
serializer_class = serializers.LearnerDetailsSerializer
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
serializer_class = serializers.LearnerDetailsSerializer
pagination_class = DefaultPagination
fx_view_name = 'learners_list'
fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
Expand All @@ -203,8 +207,9 @@ def get_queryset(self) -> QuerySet:

class CoursesView(ListAPIView, FXViewRoleInfoMixin):
"""View to get the list of courses"""
serializer_class = serializers.CourseDetailsSerializer
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
serializer_class = serializers.CourseDetailsSerializer
pagination_class = DefaultPagination
filter_backends = [DefaultOrderingFilter]
ordering_fields = [
Expand All @@ -231,6 +236,7 @@ def get_queryset(self) -> QuerySet:

class CourseStatusesView(APIView, FXViewRoleInfoMixin):
"""View to get the course statuses"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
fx_view_name = 'course_statuses'
fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
Expand Down Expand Up @@ -264,6 +270,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse:

class LearnerInfoView(APIView, FXViewRoleInfoMixin):
"""View to get the information of a learner"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
fx_view_name = 'learner_detailed_info'
fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
Expand Down Expand Up @@ -298,8 +305,9 @@ def get(self, request: Any, username: str, *args: Any, **kwargs: Any) -> JsonRes

class DataExportManagementView(viewsets.ModelViewSet, FXViewRoleInfoMixin): # pylint: disable=too-many-ancestors
"""View to list and retrieve data export tasks."""
serializer_class = serializers.DataExportTaskSerializer
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
serializer_class = serializers.DataExportTaskSerializer
pagination_class = DefaultPagination
fx_view_name = 'exported_files_data'
fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
Expand Down Expand Up @@ -328,6 +336,7 @@ def get_object(self) -> DataExportTask:

class LearnerCoursesView(APIView, FXViewRoleInfoMixin):
"""View to get the list of courses for a learner"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
pagination_class = DefaultPagination
fx_view_name = 'learner_courses'
Expand Down Expand Up @@ -399,6 +408,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse: # pylin

class LearnersDetailsForCourseView(ExportCSVMixin, ListAPIView, FXViewRoleInfoMixin):
"""View to get the list of learners for a course"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
serializer_class = serializers.LearnerDetailsForCourseSerializer
permission_classes = [FXHasTenantCourseAccess]
pagination_class = DefaultPagination
Expand Down Expand Up @@ -467,6 +477,7 @@ def get_serializer_context(self) -> Dict[str, Any]:

class GlobalRatingView(APIView, FXViewRoleInfoMixin):
"""View to get the global rating"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
fx_view_name = 'global_rating'
fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
Expand Down Expand Up @@ -494,6 +505,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse:

class UserRolesManagementView(viewsets.ModelViewSet, FXViewRoleInfoMixin): # pylint: disable=too-many-ancestors
"""View to get the user roles"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantAllCoursesAccess]
fx_view_name = 'user_roles'
fx_default_read_only_roles = ['org_course_creator_group']
Expand Down Expand Up @@ -656,6 +668,7 @@ def destroy(self, request: Any, *args: Any, **kwargs: Any) -> Response:

class MyRolesView(APIView, FXViewRoleInfoMixin):
"""View to get the user roles of the caller"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
fx_view_name = 'my_roles'
fx_default_read_only_roles = COURSE_ACCESS_ROLES_SUPPORTED_READ.copy()
Expand All @@ -672,6 +685,7 @@ def get(self, request: Any, *args: Any, **kwargs: Any) -> JsonResponse:

class ClickhouseQueryView(APIView, FXViewRoleInfoMixin):
"""View to get the Clickhouse query"""
authentication_classes = [SessionAuthentication, BearerAuthentication]
permission_classes = [FXHasTenantCourseAccess]
fx_view_name = 'clickhouse_query_fetcher'
fx_default_read_only_roles = ['staff', 'instructor', 'data_researcher', 'org_course_creator_group']
Expand Down
7 changes: 7 additions & 0 deletions test_utils/edx_platform_mocks/fake_models/classes.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,10 @@ class OrgRole(RoleBase): # pylint: disable=too-few-public-methods


REGISTERED_ACCESS_ROLES = {}


class BearerAuthentication: # pylint: disable=too-few-public-methods
"""Mock"""
def authenticate(self, request): # pylint: disable=no-self-use
"""Mock"""
return None
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
"""edx-platform Mocks"""
from fake_models.classes import BearerAuthentication # pylint: disable=unused-import

0 comments on commit e43d45f

Please sign in to comment.