Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add dependency for endpoints to check if lei is in request.user.institutions #102

Closed
jcadam14 opened this issue Mar 12, 2024 · 2 comments · Fixed by #104
Closed

Add dependency for endpoints to check if lei is in request.user.institutions #102

jcadam14 opened this issue Mar 12, 2024 · 2 comments · Fixed by #104
Assignees
@jcadam14

Comments

@jcadam14
Copy link
Contributor

jcadam14 commented Mar 12, 2024
edited

Need to add a dependency for the filing endpoints that checks if the request.user.institutions (which is built from the access token) contains the lei in the URL path.

If not, return a 403 FORBIDDEN
@jcadam14 jcadam14 self-assigned this Mar 12, 2024
@hkeeler
Copy link
Member

hkeeler commented Mar 12, 2024

Can't this just be a check that LEI in the path matches one of the LEIs in the access token?

@jcadam14
Copy link
Contributor Author

Can't this just be a check that LEI in the path matches one of the LEIs in the access token?

Yup, sure could. For some reason I was thinking there would be a different between what was in the token and what institutions the user was associated with based on email domain they're logging in with but that association is already built into the token. MUCH easier. Thank you.

@jcadam14 jcadam14 changed the title Add call to /associated in user-fi as dependency for endpoints Add dependency for endpoints to check if lei is in request.user.institutions Mar 12, 2024
@jcadam14 jcadam14 mentioned this issue Mar 12, 2024
Merged
@jcadam14 jcadam14 linked a pull request Mar 12, 2024 that will close this issue
Added dependency to check user lei list from token #104
Merged
jcadam14 added a commit that referenced this issue Mar 13, 2024
@jcadam14
Added dependency to check user lei list from token (#104)
44fb238 
Closes #102 

- Added verify_user_lei_relation which checks if the path lei is in the
request.user.institutions list
- Made the check dependent on the ENV var not being LOCAL (for ease of
dev testing)
- Updated the Router to use the dependency. Dependency sets the lei as
optional for the /periods endpoint (which doesn't care about lei
checking, all others do)
- Created pytests to check dependency
- Moved the two dependency functions into a routers/dependencies.py file
@jcadam14 jcadam14 mentioned this issue Mar 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jcadam14 jcadam14

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added dependency to check user lei list from token cfpb/sbl-filing-api
2 participants
@hkeeler @jcadam14