-
Notifications
You must be signed in to change notification settings - Fork 5.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #4689 from korycins/feature/bot_authentication
Add logic to grant access to api through a token
- Loading branch information
Showing
33 changed files
with
866 additions
and
25 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
# Generated by Django 2.2.4 on 2019-09-05 10:10 | ||
|
||
import django.contrib.postgres.fields.jsonb | ||
import oauthlib.common | ||
from django.db import migrations, models | ||
|
||
import saleor.core.utils.json_serializer | ||
|
||
|
||
class Migration(migrations.Migration): | ||
|
||
dependencies = [ | ||
("auth", "0011_update_proxy_permissions"), | ||
("account", "0032_remove_user_token"), | ||
] | ||
|
||
operations = [ | ||
migrations.CreateModel( | ||
name="ServiceAccount", | ||
fields=[ | ||
( | ||
"id", | ||
models.AutoField( | ||
auto_created=True, | ||
primary_key=True, | ||
serialize=False, | ||
verbose_name="ID", | ||
), | ||
), | ||
( | ||
"private_meta", | ||
django.contrib.postgres.fields.jsonb.JSONField( | ||
blank=True, | ||
default=dict, | ||
encoder=saleor.core.utils.json_serializer.CustomJsonEncoder, | ||
null=True, | ||
), | ||
), | ||
( | ||
"meta", | ||
django.contrib.postgres.fields.jsonb.JSONField( | ||
blank=True, | ||
default=dict, | ||
encoder=saleor.core.utils.json_serializer.CustomJsonEncoder, | ||
null=True, | ||
), | ||
), | ||
("name", models.CharField(max_length=60)), | ||
( | ||
"auth_token", | ||
models.CharField( | ||
default=oauthlib.common.generate_token, | ||
max_length=30, | ||
unique=True, | ||
), | ||
), | ||
("created", models.DateTimeField(auto_now_add=True)), | ||
("is_active", models.BooleanField(default=True)), | ||
( | ||
"permissions", | ||
models.ManyToManyField( | ||
blank=True, | ||
help_text="Specific permissions for this service.", | ||
related_name="service_set", | ||
related_query_name="service", | ||
to="auth.Permission", | ||
verbose_name="service account permissions", | ||
), | ||
), | ||
], | ||
options={ | ||
"permissions": (("manage_service_accounts", "Manage service account"),) | ||
}, | ||
) | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,120 @@ | ||
import graphene | ||
|
||
from saleor.core.permissions import get_permissions | ||
|
||
from ....account import models | ||
from ...core.enums import PermissionEnum | ||
from ...core.mutations import ( | ||
ClearMetaBaseMutation, | ||
ModelDeleteMutation, | ||
ModelMutation, | ||
UpdateMetaBaseMutation, | ||
) | ||
|
||
|
||
class ServiceAccountInput(graphene.InputObjectType): | ||
name = graphene.types.String(description="Name of the service account") | ||
is_active = graphene.types.Boolean( | ||
description="Determine if this service account should be enabled" | ||
) | ||
permissions = graphene.List( | ||
PermissionEnum, | ||
description="List of permission code names to assign to this service account.", | ||
) | ||
|
||
|
||
class ServiceAccountCreate(ModelMutation): | ||
auth_token = graphene.types.String( | ||
description="The newly created authentication token" | ||
) | ||
|
||
class Arguments: | ||
input = ServiceAccountInput( | ||
required=True, | ||
description="Fields required to create a new service account.", | ||
) | ||
|
||
class Meta: | ||
description = "Creates a new service account" | ||
model = models.ServiceAccount | ||
permissions = ("account.manage_service_accounts",) | ||
|
||
@classmethod | ||
def clean_input(cls, info, instance, data): | ||
cleaned_input = super().clean_input(info, instance, data) | ||
# clean and prepare permissions | ||
if "permissions" in cleaned_input: | ||
permissions = cleaned_input.pop("permissions") | ||
cleaned_input["permissions"] = get_permissions(permissions) | ||
return cleaned_input | ||
|
||
@classmethod | ||
def perform_mutation(cls, root, info, **data): | ||
instance = cls.get_instance(info, **data) | ||
data = data.get("input") | ||
cleaned_input = cls.clean_input(info, instance, data) | ||
instance = cls.construct_instance(instance, cleaned_input) | ||
cls.clean_instance(instance) | ||
cls.save(info, instance, cleaned_input) | ||
cls._save_m2m(info, instance, cleaned_input) | ||
response = cls.success_response(instance) | ||
response.auth_token = instance.auth_token | ||
return response | ||
|
||
@classmethod | ||
def success_response(cls, instance): | ||
response = super().success_response(instance) | ||
response.auth_token = instance.auth_token | ||
return response | ||
|
||
|
||
class ServiceAccountUpdate(ModelMutation): | ||
class Arguments: | ||
id = graphene.ID( | ||
description="ID of a service account to update.", required=True | ||
) | ||
input = ServiceAccountInput( | ||
required=True, | ||
description="Fields required to update an existing service account.", | ||
) | ||
|
||
class Meta: | ||
description = "Updates an existing service account" | ||
model = models.ServiceAccount | ||
permissions = ("account.manage_service_accounts",) | ||
|
||
@classmethod | ||
def clean_input(cls, info, instance, data): | ||
cleaned_input = super().clean_input(info, instance, data) | ||
# clean and prepare permissions | ||
if "permissions" in cleaned_input: | ||
cleaned_input["permissions"] = get_permissions(cleaned_input["permissions"]) | ||
return cleaned_input | ||
|
||
|
||
class ServiceAccountDelete(ModelDeleteMutation): | ||
class Arguments: | ||
id = graphene.ID( | ||
description="ID of a service account to delete.", required=True | ||
) | ||
|
||
class Meta: | ||
description = "Deletes a service account" | ||
model = models.ServiceAccount | ||
permissions = ("account.manage_service_accounts",) | ||
|
||
|
||
class ServiceAccountUpdatePrivateMeta(UpdateMetaBaseMutation): | ||
class Meta: | ||
description = "Updates private metadata for a service account." | ||
permissions = ("account.manage_service_accounts",) | ||
model = models.ServiceAccount | ||
public = False | ||
|
||
|
||
class ServiceAccountClearStoredPrivateMeta(ClearMetaBaseMutation): | ||
class Meta: | ||
description = "Clear stored metadata value." | ||
model = models.ServiceAccount | ||
permissions = ("account.manage_service_accounts",) | ||
public = False |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.