Skip to content

Commit

Permalink
Check isAdmin for Feed in Backend service
Browse files Browse the repository at this point in the history
  • Loading branch information
dlpzx committed Nov 26, 2024
1 parent b2ad9b2 commit 0940baf
Show file tree
Hide file tree
Showing 7 changed files with 52 additions and 17 deletions.
4 changes: 2 additions & 2 deletions backend/dataall/modules/dashboards/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
from typing import Set, List, Type

from dataall.base.loader import ImportMode, ModuleInterface

from dataall.modules.dashboards.services.dashboard_permissions import UPDATE_DASHBOARD

log = logging.getLogger(__name__)

Expand Down Expand Up @@ -34,7 +34,7 @@ def __init__(self):
from dataall.modules.vote.services.vote_service import add_vote_type
from dataall.modules.dashboards.indexers.dashboard_indexer import DashboardIndexer

FeedRegistry.register(FeedDefinition('Dashboard', Dashboard))
FeedRegistry.register(FeedDefinition('Dashboard', Dashboard, UPDATE_DASHBOARD))

GlossaryRegistry.register(
GlossaryDefinition(
Expand Down
2 changes: 1 addition & 1 deletion backend/dataall/modules/datapipelines/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def __init__(self):
)
import dataall.modules.datapipelines.api

FeedRegistry.register(FeedDefinition('DataPipeline', DataPipeline))
FeedRegistry.register(FeedDefinition('DataPipeline', DataPipeline, UPDATE_PIPELINE))

TargetType('pipeline', GET_PIPELINE, UPDATE_PIPELINE, MANAGE_PIPELINES)
TargetType('cdkpipeline', GET_PIPELINE, UPDATE_PIPELINE, MANAGE_PIPELINES)
Expand Down
5 changes: 5 additions & 0 deletions backend/dataall/modules/feed/api/registry.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
class FeedDefinition:
target_type: str
model: Type[Resource]
permission: str


class FeedRegistry(UnionTypeRegistry):
Expand All @@ -25,6 +26,10 @@ def register(cls, definition: FeedDefinition):
def find_model(cls, target_type: str):
return cls._DEFINITIONS[target_type].model

@classmethod
def find_permission(cls, target_type: str):
return cls._DEFINITIONS[target_type].permission

@classmethod
def find_target(cls, obj: Resource):
for target_type, definition in cls._DEFINITIONS.items():
Expand Down
2 changes: 1 addition & 1 deletion backend/dataall/modules/feed/api/resolvers.py
Original file line number Diff line number Diff line change
Expand Up @@ -43,4 +43,4 @@ def resolve_feed_messages(context: Context, source: Feed, filter: dict = None):
_required_uri(source.targetUri)
if not filter:
filter = {}
return FeedService.list_feed_messages(targetUri=source.targetUri, filter=filter)
return FeedService.list_feed_messages(targetUri=source.targetUri, targetType=source.targetType, filter=filter)
39 changes: 31 additions & 8 deletions backend/dataall/modules/feed/services/feed_service.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,10 @@
import logging

from dataall.base.context import get_context
from dataall.core.permissions.services.resource_policy_service import ResourcePolicyService
from dataall.modules.feed.db.feed_models import FeedMessage
from dataall.modules.feed.db.feed_repository import FeedRepository
from dataall.modules.feed.api.registry import FeedRegistry


logger = logging.getLogger(__name__)
Expand All @@ -27,10 +29,6 @@ def targetType(self):
return self._targetType


def _session():
return get_context().db_engine.scoped_session()


class FeedService:
"""
Encapsulate the logic of interactions with Feeds.
Expand All @@ -41,6 +39,15 @@ def get_feed(
targetUri: str = None,
targetType: str = None,
) -> Feed:
context = get_context()
with context.db_engine.scoped_session() as session:
ResourcePolicyService.check_user_resource_permission(
session=session,
username=context.username,
groups=context.groups,
resource_uri=targetUri,
permission_name=FeedRegistry.find_permission(target_type=targetType),
)
return Feed(targetUri=targetUri, targetType=targetType)

@staticmethod
Expand All @@ -49,17 +56,33 @@ def post_feed_message(
targetType: str = None,
content: str = None,
):
with _session() as session:
context = get_context()
with context.db_engine.scoped_session() as session:
ResourcePolicyService.check_user_resource_permission(
session=session,
username=context.username,
groups=context.groups,
resource_uri=targetUri,
permission_name=FeedRegistry.find_permission(target_type=targetType),
)
m = FeedMessage(
targetUri=targetUri,
targetType=targetType,
creator=get_context().username,
creator=context.username,
content=content,
)
session.add(m)
return m

@staticmethod
def list_feed_messages(targetUri: str, filter: dict = None):
with _session() as session:
def list_feed_messages(targetUri: str, targetType: str, filter: dict = None):
context = get_context()
with context.db_engine.scoped_session() as session:
ResourcePolicyService.check_user_resource_permission(
session=session,
username=context.username,
groups=context.groups,
resource_uri=targetUri,
permission_name=FeedRegistry.find_permission(target_type=targetType),
)
return FeedRepository(session).paginated_feed_messages(uri=targetUri, filter=filter)
10 changes: 8 additions & 2 deletions backend/dataall/modules/redshift_datasets/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
from typing import List, Type, Set

from dataall.base.loader import ModuleInterface, ImportMode
from dataall.modules.redshift_datasets.services.redshift_dataset_permissions import (
UPDATE_REDSHIFT_DATASET,
UPDATE_REDSHIFT_DATASET_TABLE,
)

log = logging.getLogger(__name__)

Expand Down Expand Up @@ -54,8 +58,10 @@ def __init__(self):

import dataall.modules.redshift_datasets.api

FeedRegistry.register(FeedDefinition(FEED_REDSHIFT_DATASET_TABLE_NAME, RedshiftTable))
FeedRegistry.register(FeedDefinition(FEED_REDSHIFT_DATASET_NAME, RedshiftDataset))
FeedRegistry.register(
FeedDefinition(FEED_REDSHIFT_DATASET_TABLE_NAME, RedshiftTable, UPDATE_REDSHIFT_DATASET_TABLE)
)
FeedRegistry.register(FeedDefinition(FEED_REDSHIFT_DATASET_NAME, RedshiftDataset, UPDATE_REDSHIFT_DATASET))

GlossaryRegistry.register(
GlossaryDefinition(
Expand Down
7 changes: 4 additions & 3 deletions backend/dataall/modules/s3_datasets/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
from typing import List, Type, Set

from dataall.base.loader import ModuleInterface, ImportMode
from dataall.modules.s3_datasets.services.dataset_permissions import UPDATE_DATASET_FOLDER, UPDATE_DATASET_TABLE

log = logging.getLogger(__name__)

Expand Down Expand Up @@ -49,9 +50,9 @@ def __init__(self):
from dataall.modules.s3_datasets.db.dataset_repositories import DatasetRepository
from dataall.modules.s3_datasets.db.dataset_models import DatasetStorageLocation, DatasetTable, S3Dataset

FeedRegistry.register(FeedDefinition('DatasetStorageLocation', DatasetStorageLocation))
FeedRegistry.register(FeedDefinition('DatasetTable', DatasetTable))
FeedRegistry.register(FeedDefinition('Dataset', S3Dataset))
FeedRegistry.register(FeedDefinition('DatasetStorageLocation', DatasetStorageLocation, UPDATE_DATASET_FOLDER))
FeedRegistry.register(FeedDefinition('DatasetTable', DatasetTable, UPDATE_DATASET_TABLE))
FeedRegistry.register(FeedDefinition('Dataset', S3Dataset, UPDATE_DATASET))

GlossaryRegistry.register(
GlossaryDefinition(
Expand Down

0 comments on commit 0940baf

Please sign in to comment.