feat(RBAC): remove decorators (#627)

This commit is contained in:
Mamadou DICKO 2023-07-13 12:12:02 +02:00 committed by GitHub
parent 029f7b75df
commit 83fe9430d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 9 deletions

View File

@ -7,7 +7,7 @@ from models.brains import Brain
from models.users import User
def has_brain_authorization(required_role: str = "Owner"):
def has_brain_authorization(required_role: Optional[str] = "Owner"):
def decorator(func):
@wraps(func)
async def wrapper(current_user: User, *args, **kwargs):
@ -44,7 +44,6 @@ def validate_brain_authorization(
brain = Brain(id=brain_id)
user_brain = brain.get_brain_for_user(user_id)
if user_brain is None:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,

View File

@ -9,7 +9,9 @@ from models.settings import common_dependencies
from models.users import User
from pydantic import BaseModel
from routes.authorizations.brain_authorization import has_brain_authorization
from routes.authorizations.brain_authorization import (
validate_brain_authorization,
)
logger = get_logger(__name__)
@ -78,12 +80,12 @@ async def get_default_brain_endpoint(current_user: User = Depends(get_current_us
"/brains/{brain_id}/",
dependencies=[
Depends(AuthBearer()),
Depends(has_brain_authorization),
],
tags=["Brain"],
)
async def get_brain_endpoint(
brain_id: UUID,
current_user: User = Depends(get_current_user),
):
"""
Retrieve details of a specific brain by brain ID.
@ -94,6 +96,7 @@ async def get_brain_endpoint(
This endpoint retrieves the details of a specific brain identified by the provided brain ID. It returns the brain ID and its
history, which includes the brain messages exchanged in the brain.
"""
validate_brain_authorization(brain_id, current_user.id)
brain = Brain(id=brain_id)
brains = brain.get_brain_details()
if len(brains) > 0:
@ -111,7 +114,6 @@ async def get_brain_endpoint(
"/brains/{brain_id}/",
dependencies=[
Depends(AuthBearer()),
Depends(has_brain_authorization),
],
tags=["Brain"],
)
@ -123,7 +125,7 @@ async def delete_brain_endpoint(
Delete a specific brain by brain ID.
"""
# [TODO] check if the user is the owner of the brain
validate_brain_authorization(brain_id, current_user.id)
brain = Brain(id=brain_id)
brain.delete_brain(current_user.id)
@ -186,7 +188,6 @@ async def create_brain_endpoint(
Depends(
AuthBearer(),
),
Depends(has_brain_authorization),
],
tags=["Brain"],
)
@ -203,6 +204,7 @@ async def update_brain_endpoint(
name, status, model, max_tokens, temperature
Return modified brain ? No need -> do an optimistic update
"""
validate_brain_authorization(brain_id, current_user.id)
commons = common_dependencies()
brain = Brain(id=brain_id)

View File

@ -5,8 +5,8 @@ from fastapi import APIRouter, Depends, Query
from models.brains import Brain
from models.settings import common_dependencies
from models.users import User
from routes.authorizations.brain_authorization import (
has_brain_authorization,
validate_brain_authorization,
)
@ -31,7 +31,6 @@ async def explore_endpoint(
"/explore/{file_name}/",
dependencies=[
Depends(AuthBearer()),
Depends(has_brain_authorization),
],
tags=["Explore"],
)
@ -43,6 +42,7 @@ async def delete_endpoint(
"""
Delete a specific user file by file name.
"""
validate_brain_authorization(brain_id, current_user.id)
brain = Brain(id=brain_id)
brain.delete_file_from_brain(file_name)