search

HASKI-RAK / HASKI-Backend

This is the Backend System for our HASKI project.
GNU Lesser General Public License v2.1
4 stars 1 forks source link

42 implementing api access controll with lti #43

Closed theUpsider closed 1 year ago

theUpsider commented 1 year ago

Authorize feature: Add permission-based access control

Closes #42

Description

This pull request adds an authorization feature to the application, allowing for permission-based access control for our endpoints. We've defined a decorator, authorize(), that checks if a user has a cookie haski_state containing the necessary permissions to access a particular endpoint. If they do not, an Unauthorized error is raised. Example usage:

from flask import Flask
from utils.auth.auth import authorize
from utils.auth.permissions import Permissions

app = Flask(__name__)

@app.route('/secure_endpoint')
@authorize([Permissions.READ])
def secure_endpoint(state):
    # Your secure endpoint logic goes here
    return 'Secure data'

Permissions are represented as a list of Permissions enum values.

Changes

Added the authorize decorator in utils/auth/auth.py Added unit tests for the authorize decorator in _tests/unit/testauth.py

Testing

Unit tests have been added to ensure the authorize decorator works as expected. The tests mock the JWTKeyManagement methods and the flask request object. The decorator is tested with both authorized and unauthorized users.

Note

The authorize decorator requires a cookie. This feature will be implemented with https://github.com/HASKI-RAK/HASKI-Backend/pull/32

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

92.4% 92.4% Coverage
0.0% 0.0% Duplication