From f3c7f79e2ed12d38b275530fa88fc39460abc765 Mon Sep 17 00:00:00 2001 From: F-G Fernandez <26927750+frgfm@users.noreply.github.com> Date: Mon, 30 Oct 2023 20:48:01 +0100 Subject: [PATCH] feat: Updates permissions & telemetry --- src/app/api/api_v1/endpoints/compute.py | 2 +- src/app/api/api_v1/endpoints/guidelines.py | 13 ++++++++----- src/app/api/api_v1/endpoints/login.py | 2 +- src/app/api/api_v1/endpoints/repos.py | 19 +++++++++---------- src/app/api/api_v1/endpoints/users.py | 13 ++++++++----- 5 files changed, 27 insertions(+), 22 deletions(-) diff --git a/src/app/api/api_v1/endpoints/compute.py b/src/app/api/api_v1/endpoints/compute.py index b3e6096..53e8971 100644 --- a/src/app/api/api_v1/endpoints/compute.py +++ b/src/app/api/api_v1/endpoints/compute.py @@ -24,7 +24,7 @@ async def analyze_snippet( guidelines: GuidelineCRUD = Depends(get_guideline_crud), user=Security(get_current_user, scopes=[UserScope.ADMIN, UserScope.USER]), ) -> List[ComplianceResult]: - telemetry_client.capture(user.id, event="snippet-analysis", properties={"repo_id": payload.repo_id}) + telemetry_client.capture(user.id, event="compute-analysis", properties={"repo_id": payload.repo_id}) # Check repo await repos.get(payload.repo_id, strict=True) # Fetch guidelines diff --git a/src/app/api/api_v1/endpoints/guidelines.py b/src/app/api/api_v1/endpoints/guidelines.py index 1db7277..3ce7e94 100644 --- a/src/app/api/api_v1/endpoints/guidelines.py +++ b/src/app/api/api_v1/endpoints/guidelines.py @@ -23,8 +23,8 @@ async def create_guideline( guidelines: GuidelineCRUD = Depends(get_guideline_crud), user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> Guideline: - guideline = await guidelines.create(payload) telemetry_client.capture(user.id, event="guideline-creation", properties={"repo_id": payload.repo_id}) + guideline = await guidelines.create(payload) return guideline @@ -32,16 +32,19 @@ async def create_guideline( async def get_guideline( guideline_id: int = Path(..., gt=0), guidelines: GuidelineCRUD = Depends(get_guideline_crud), - _=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), + user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> Guideline: - return cast(Guideline, await guidelines.get(guideline_id, strict=True)) + guideline = cast(Guideline, await guidelines.get(guideline_id, strict=True)) + telemetry_client.capture(user.id, event="guideline-get", properties={"repo_id": guideline.repo_id}) + return guideline @router.get("/", status_code=status.HTTP_200_OK) async def fetch_guidelines( guidelines: GuidelineCRUD = Depends(get_guideline_crud), - _=Security(get_current_user, scopes=[UserScope.ADMIN]), + user=Security(get_current_user, scopes=[UserScope.ADMIN]), ) -> List[Guideline]: + telemetry_client.capture(user.id, event="guideline-fetch") return [elt for elt in await guidelines.fetch_all()] @@ -76,5 +79,5 @@ async def delete_guideline( user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> None: guideline = cast(Guideline, await guidelines.get(guideline_id, strict=True)) - await guidelines.delete(guideline_id) telemetry_client.capture(user.id, event="guideline-deletion", properties={"repo_id": guideline.repo_id}) + await guidelines.delete(guideline_id) diff --git a/src/app/api/api_v1/endpoints/login.py b/src/app/api/api_v1/endpoints/login.py index 3f40085..bc653d9 100644 --- a/src/app/api/api_v1/endpoints/login.py +++ b/src/app/api/api_v1/endpoints/login.py @@ -69,10 +69,10 @@ async def login_with_creds( user = await users.get_by_login(form_data.username) if user is None or not await verify_password(form_data.password, user.hashed_password): raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials.") + telemetry_client.capture(user.id, event="user-login", properties={"login": user.login}) # create access token using user user_id/user_scopes token_data = {"sub": str(user.id), "scopes": user.scope.split()} token = await create_access_token(token_data, settings.ACCESS_TOKEN_UNLIMITED_MINUTES) - telemetry_client.capture(user.id, event="user-login", properties={"login": user.login}) return Token(access_token=token, token_type="bearer") # nosec B106 # noqa S106 diff --git a/src/app/api/api_v1/endpoints/repos.py b/src/app/api/api_v1/endpoints/repos.py index 0b03cb2..737ca2a 100644 --- a/src/app/api/api_v1/endpoints/repos.py +++ b/src/app/api/api_v1/endpoints/repos.py @@ -46,8 +46,9 @@ async def create_repo( async def get_repo( repo_id: int = Path(..., gt=0), repos: RepositoryCRUD = Depends(get_repo_crud), - _=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), + user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> Repository: + telemetry_client.capture(user.id, event="repo-get", properties={"repo_id": repo_id}) return cast(Repository, await repos.get(repo_id, strict=True)) @@ -56,8 +57,8 @@ async def fetch_repos( repos: RepositoryCRUD = Depends(get_repo_crud), user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> List[Repository]: - entries = await repos.fetch_all() if user.scope == UserScope.ADMIN else await repos.fetch_all(("owner_id", user.id)) telemetry_client.capture(user.id, event="repo-fetch") + entries = await repos.fetch_all() if user.scope == UserScope.ADMIN else await repos.fetch_all(("owner_id", user.id)) return [elt for elt in entries] @@ -68,6 +69,7 @@ async def reorder_guidelines( guidelines: GuidelineCRUD = Depends(get_guideline_crud), user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> List[Guideline]: + telemetry_client.capture(user.id, event="guideline-order", properties={"repo_id": repo_id}) # Ensure all IDs are unique if len(payload.guideline_ids) != len(set(payload.guideline_ids)): raise HTTPException(status_code=status.HTTP_422_UNPROCESSABLE_ENTITY, detail="Duplicate IDs were passed.") @@ -78,12 +80,10 @@ async def reorder_guidelines( status_code=status.HTTP_422_UNPROCESSABLE_ENTITY, detail="Guideline IDs for that repo don't match." ) # Update all order - guideline_list = [ + return [ await guidelines.update(guideline_id, OrderUpdate(order=order_idx, updated_at=datetime.utcnow())) for order_idx, guideline_id in enumerate(payload.guideline_ids) ] - telemetry_client.capture(user.id, event="guideline-order", properties={"repo_id": repo_id}) - return guideline_list @router.put("/{repo_id}/disable", status_code=status.HTTP_200_OK) @@ -92,9 +92,8 @@ async def disable_repo( repos: RepositoryCRUD = Depends(get_repo_crud), user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> Repository: - repo = await repos.update(repo_id, RepoUpdate(removed_at=datetime.utcnow())) telemetry_client.capture(user.id, event="repo-disable", properties={"repo_id": repo_id}) - return repo + return await repos.update(repo_id, RepoUpdate(removed_at=datetime.utcnow())) @router.put("/{repo_id}/enable", status_code=status.HTTP_200_OK) @@ -103,9 +102,8 @@ async def enable_repo( repos: RepositoryCRUD = Depends(get_repo_crud), user=Security(get_current_user, scopes=[UserScope.USER, UserScope.ADMIN]), ) -> Repository: - repo = await repos.update(repo_id, RepoUpdate(removed_at=None)) telemetry_client.capture(user.id, event="repo-enable", properties={"repo_id": repo_id}) - return repo + return await repos.update(repo_id, RepoUpdate(removed_at=None)) @router.delete("/{repo_id}", status_code=status.HTTP_200_OK) @@ -114,8 +112,8 @@ async def delete_repo( repos: RepositoryCRUD = Depends(get_repo_crud), user=Security(get_current_user, scopes=[UserScope.ADMIN]), ) -> None: - await repos.delete(repo_id) telemetry_client.capture(user.id, event="repo-delete", properties={"repo_id": repo_id}) + await repos.delete(repo_id) @router.get("/{repo_id}/guidelines", status_code=status.HTTP_200_OK) @@ -125,4 +123,5 @@ async def fetch_guidelines_from_repo( repos: RepositoryCRUD = Depends(get_repo_crud), user=Security(get_current_user, scopes=[UserScope.ADMIN, UserScope.USER]), ) -> List[Guideline]: + telemetry_client.capture(user.id, event="repo-fetch-guidelines", properties={"repo_id": repo_id}) return [elt for elt in await guidelines.fetch_all(("repo_id", repo_id))] diff --git a/src/app/api/api_v1/endpoints/users.py b/src/app/api/api_v1/endpoints/users.py index ddc5ae0..ba06f48 100644 --- a/src/app/api/api_v1/endpoints/users.py +++ b/src/app/api/api_v1/endpoints/users.py @@ -23,13 +23,13 @@ async def create_user( users: UserCRUD = Depends(get_user_crud), _=Security(get_current_user, scopes=[UserScope.ADMIN]), ) -> User: + telemetry_client.capture(payload.id, event="user-creation", properties={"login": payload.login}) # Hash the password pwd = await hash_password(payload.password) user = await users.create( UserCreation(id=payload.id, login=payload.login, hashed_password=pwd, scope=payload.scope) ) - telemetry_client.capture(payload.id, event="user-creation", properties={"login": payload.login}) return user @@ -37,16 +37,18 @@ async def create_user( async def get_user( user_id: int = Path(..., gt=0), users: UserCRUD = Depends(get_user_crud), - _=Security(get_current_user, scopes=[UserScope.ADMIN]), + user=Security(get_current_user, scopes=[UserScope.ADMIN]), ) -> User: + telemetry_client.capture(user.id, event="user-get", properties={"user_id": user_id}) return cast(User, await users.get(user_id, strict=True)) @router.get("/", status_code=status.HTTP_200_OK) async def fetch_users( users: UserCRUD = Depends(get_user_crud), - _=Security(get_current_user, scopes=[UserScope.ADMIN]), + user=Security(get_current_user, scopes=[UserScope.ADMIN]), ) -> List[User]: + telemetry_client.capture(user.id, event="user-fetch") return [elt for elt in await users.fetch_all()] @@ -55,8 +57,9 @@ async def update_user_password( payload: Cred, user_id: int = Path(..., gt=0), users: UserCRUD = Depends(get_user_crud), - _=Security(get_current_user, scopes=[UserScope.ADMIN]), + user=Security(get_current_user, scopes=[UserScope.ADMIN]), ) -> User: + telemetry_client.capture(user.id, event="user-pwd", properties={"user_id": user_id}) pwd = await hash_password(payload.password) return await users.update(user_id, CredHash(hashed_password=pwd)) @@ -67,5 +70,5 @@ async def delete_user( users: UserCRUD = Depends(get_user_crud), user=Security(get_current_user, scopes=[UserScope.ADMIN]), ) -> None: + telemetry_client.capture(user_id, event="user-deletion", properties={"user_id": user_id}) await users.delete(user_id) - telemetry_client.capture(user_id, event="user-deletion", properties={"login": user.login})