Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move out authorization from FooterHTML view #6133

Merged

Conversation

@stsewd
Copy link
Member

@stsewd stsewd commented Sep 4, 2019

This allow us to override the authorization from the corporate site.

Everything that makes use of request.user now can be overridden :)

stsewd added 2 commits Sep 4, 2019
This allow us to override the authorization from the corporate site.
Copy link
Member

@humitos humitos left a comment

I think changes make sense.

I'm concern about having more extra auth logic on a different Permission class, but I think there is no other way to do it. I did the same for APIv3. The good side of this is that it uses the normal querysets.

I left some comments to improve the naming of some methods/classes.

Loading

readthedocs/api/v2/permissions.py Outdated Show resolved Hide resolved
Loading
readthedocs/api/v2/views/footer_views.py Outdated Show resolved Hide resolved
Loading
@stsewd
Copy link
Member Author

@stsewd stsewd commented Sep 4, 2019

@humitos done. I also modified the ordered_active_versions method to accept any kwargs (this is needed to pass more stuff down to .public in .com)

Loading

humitos
humitos approved these changes Sep 4, 2019
@@ -950,28 +950,33 @@ def active_versions(self):
versions.filter(active=True, uploaded=True)
)

def ordered_active_versions(self, user=None):
def ordered_active_versions(self, **kwargs):
Copy link
Member

@humitos humitos Sep 4, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to have a docstring or comment saying that this kwargs argument has to match the filter for the Version, or probably better to just use all the keyword argument that support .public directly here.

Probably the second option is better "self-documented".

Loading

Copy link
Member Author

@stsewd stsewd Sep 4, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't do 2, in .com we override .public to support more kwargs

Loading

@stsewd stsewd merged commit 46abaa8 into readthedocs:master Sep 4, 2019
2 checks passed
Loading
@stsewd stsewd deleted the separate-authorization-from-footer-view branch Sep 4, 2019
stsewd added a commit that referenced this issue Mar 9, 2020
This is the same as #6133
but for the search view.

This allow us to override `get_all_projects` in .com
to filter projects using the auth backends.

And make use of the permission class from .com that makes use of the
auth backends.

This doesn't break the current search endpoint in .com
since it filters the versions using `public(user=self.request.user)`

This is required to proxy search on .com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants