graphql-python/graphene-django
1
1
Fork 0
mirror of https://github.com/graphql-python/graphene-django.git synced 2025-02-23 15:10:51 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added authorization support for DjangoFilterConnectionField

Browse Source
This commit is contained in:
Carlos Martinez 2017-03-06 22:11:49 -05:00
parent 6f138c8a7e
commit 4086525928
3 changed files with 78 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
graphene_django/auth/fields.py Normal file
View File

@ -0,0 +1,37 @@
from django.core.exceptions import PermissionDenied
from graphene_django.filter import DjangoFilterConnectionField
from graphene_django.fields import DjangoConnectionField
class AuthDjangoFilterConnectionField(DjangoFilterConnectionField):
_permission = ''
@classmethod
def has_perm(cls, context):
if context is None:
return False
if type(context) is dict:
user = context.get('user', None)
if user is None:
return False
else:
user = context.user
if user.is_authenticated() is False:
return False
if type(cls._permission) is tuple:
for permission in cls._permission:
if not user.has_perm(permission):
return False
if type(cls._permission) is str:
if not user.has_perm(cls._permission):
return False
return True
def connection_resolver(self, resolver, connection, default_manager, filterset_class, filtering_args,
root, args, context, info):
if self.has_perm(context) is not True:
return DjangoConnectionField.connection_resolver(resolver, connection, [PermissionDenied('Permission Denied'), ], root, args, context, info)
return super(AuthDjangoFilterConnectionField, self).connection_resolver(
resolver, connection, default_manager, filterset_class, filtering_args,
root, args, context, info)

6
graphene_django/auth/mixins.py
View File

@ -9,15 +9,15 @@ class AuthNodeMixin():
def has_perm(object_instance): def has_perm(object_instance):
if context is None: if context is None:
return PermissionDenied('Permission Denied') return False
if type(context) is dict: if type(context) is dict:
user = context.get('user', None) user = context.get('user', None)
if user is None: if user is None:
return PermissionDenied('Permission Denied') return False
else: else:
user = context.user user = context.user
if user.is_authenticated() is False: if user.is_authenticated() is False:
return PermissionDenied('Permission Denied') return False
if type(cls._permission) is tuple: if type(cls._permission) is tuple:
for permission in cls._permission: for permission in cls._permission:

38
graphene_django/tests/test_auth_mixins.py → graphene_django/tests/test_auth.py
View File

@ -3,6 +3,8 @@ from graphene import Schema, relay, ObjectType
from django.test import TestCase, RequestFactory from django.test import TestCase, RequestFactory
from graphene_django import DjangoObjectType from graphene_django import DjangoObjectType
from graphene_django.auth.mixins import AuthNodeMixin, AuthMutationMixin from graphene_django.auth.mixins import AuthNodeMixin, AuthMutationMixin
from graphene_django.auth.fields import AuthDjangoFilterConnectionField
from django.core.exceptions import PermissionDenied
from .models import Pet from .models import Pet
@ -42,8 +44,13 @@ class CreatePet(AuthMutationMixin, graphene.Mutation):
return CreatePet(pet=pet) return CreatePet(pet=pet)
class PetFilterConnection(AuthDjangoFilterConnectionField):
_permission = 'app.create_pet'
class QueryRoot(ObjectType): class QueryRoot(ObjectType):
pet = relay.Node.Field(PetNode) pet = relay.Node.Field(PetNode)
pets = PetFilterConnection(PetNode)
class MutationRoot(ObjectType): class MutationRoot(ObjectType):
@ -97,6 +104,18 @@ class AuthorizationTests(TestCase):
} }
} }
''' '''
cls.query_filter = '''
query {
pets{
edges{
node{
id
name
}
}
}
}
'''
def setUp(self): def setUp(self):
self.factory = RequestFactory() self.factory = RequestFactory()
@ -167,3 +186,22 @@ class AuthorizationTests(TestCase):
""" """
result = self.schema.execute(self.query_node, context_value={'user': self.luke}) result = self.schema.execute(self.query_node, context_value={'user': self.luke})
self.assertEqual(result.errors, []) self.assertEqual(result.errors, [])
def test_filter_has_permission(self):
"""
Making query with an user who has the permission
"""
result = self.schema.execute(self.query_filter, context_value={'user': self.luke})
print(result.data)
print(result.errors)
self.assertEqual(result.errors, [])
def test_filter_non_permission(self):
"""
Making query with an user who has the permission
"""
result = self.schema.execute(self.query_filter, context_value={'user': self.storm_tropper})
print(result.data)
print(result.errors)
self.assertNotEqual(result.errors, [])
self.assertEqual(result.errors[0].message, 'Permission Denied')