Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: permissions on channels requests #331

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Fix: permissions on channels requests #331

wants to merge 1 commit into from

Conversation

nrbnlulu
Copy link
Member

@nrbnlulu nrbnlulu commented Aug 7, 2023

Description

Types of Changes

  • Core
  • Bugfix
  • New feature
  • Enhancement/optimization
  • Documentation

Issues Fixed or Closed by This PR

fix #330

Checklist

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • I have tested the changes and verified that they work and don't break anything (as well as I can manage).

bellini666
bellini666 requested changes Aug 7, 2023
View reviewed changes
Copy link
Member

@bellini666 bellini666 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR is mostly fine! :)

Left a small suggestion, will take a look again when the PR is ready to be reviewed

tests/test_permissions.py
@@ -56,6 +57,17 @@ def test_is_authenticated(db, gql_client: GraphQLTestClient):
}


@pytest.mark.django_db(transaction=True)
async def test_channels_authenticated(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would be nice to have tests for both authenticated and non-authenticated (which would fail) for this

devkral
devkral reviewed Jan 25, 2024
View reviewed changes
strawberry_django/permissions.py
user = info.context.request.user
except AttributeError:
# this is a channels request
user = info.context["request"].user
Copy link
Contributor

@devkral devkral Jan 25, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not always info.context["request"].user? It works in both cases

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When I wrote this PR context wasn't a dict on HTTP requests.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You may want to use:

from strawberry_django.auth.utls import get_current_user
user = get_current_user(info)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@devkral devkral devkral left review comments

@sdobbelaere sdobbelaere sdobbelaere left review comments

@bellini666 bellini666 bellini666 requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

DjangoPermissionExtension does not support Channels requests.
4 participants
@nrbnlulu @bellini666 @devkral @sdobbelaere