Merge pull request #142 from bento-platform/chore/backport-katsu-auth

feat(auth): re-port legacy Django auth code
bento-platform · Nov 13, 2023 · 0844971 · 0844971
2 parents 307e6fa + 3e370d6
commit 0844971
Show file tree

Hide file tree

Showing 5 changed files with 99 additions and 1 deletion.
diff --git a/bento_lib/auth/django_remote_user.py b/bento_lib/auth/django_remote_user.py
@@ -0,0 +1,33 @@
+# !!! LEGACY FILE !!!
+
+from django.contrib.auth.backends import RemoteUserBackend
+from django.contrib.auth.middleware import RemoteUserMiddleware
+from rest_framework.authentication import RemoteUserAuthentication
+
+from bento_lib.auth.headers import DJANGO_USER_HEADER, DJANGO_USER_ROLE_HEADER
+from bento_lib.auth.roles import ROLE_OWNER, ROLE_USER
+
+
+__all__ = [
+    "BentoRemoteUserAuthentication",
+    "BentoRemoteUserBackend",
+    "BentoRemoteUserMiddleware",
+]
+
+
+class BentoRemoteUserAuthentication(RemoteUserAuthentication):
+    header = DJANGO_USER_HEADER
+
+
+class BentoRemoteUserMiddleware(RemoteUserMiddleware):
+    header = DJANGO_USER_HEADER
+
+
+class BentoRemoteUserBackend(RemoteUserBackend):
+    # noinspection PyMethodMayBeStatic
+    def configure_user(self, request, user):
+        is_owner = request.META.get(DJANGO_USER_ROLE_HEADER, ROLE_USER) == ROLE_OWNER
+        user.is_staff = is_owner
+        user.is_superuser = is_owner
+        user.save()
+        return user
diff --git a/bento_lib/auth/headers.py b/bento_lib/auth/headers.py
@@ -0,0 +1,20 @@
+# !!! LEGACY FILE !!!
+
+__all__ = [
+    "BENTO_USER_HEADER",
+    "BENTO_USER_ROLE_HEADER",
+
+    "DJANGO_USER_HEADER",
+    "DJANGO_USER_ROLE_HEADER",
+]
+
+
+def _to_django_header(header: str):
+    return f"HTTP_{header.replace('-', '_').upper()}"
+
+
+BENTO_USER_HEADER = "X-User"
+BENTO_USER_ROLE_HEADER = "X-User-Role"
+
+DJANGO_USER_HEADER = _to_django_header(BENTO_USER_HEADER)
+DJANGO_USER_ROLE_HEADER = _to_django_header(BENTO_USER_ROLE_HEADER)
diff --git a/bento_lib/auth/roles.py b/bento_lib/auth/roles.py
@@ -0,0 +1,4 @@
+# !!! LEGACY FILE !!!
+
+ROLE_OWNER = "owner"
+ROLE_USER = "user"
diff --git a/bento_lib/package.cfg b/bento_lib/package.cfg
@@ -1,5 +1,5 @@
 [package]
 name = bento_lib
-version = 9.1.0
+version = 9.2.0
 authors = David Lougheed, Paul Pillot
 author_emails = [email protected], [email protected]
diff --git a/tests/test_platform_django_legacy.py b/tests/test_platform_django_legacy.py
@@ -0,0 +1,41 @@
+# !!! LEGACY FILE !!!
+
+import django
+import pytest
+import os
+
+os.environ["DJANGO_SETTINGS_MODULE"] = "tests.django_settings"
+django.setup()
+
+
+@pytest.mark.django_db
+def test_django_remote_auth_backend():
+    import bento_lib.auth.django_remote_user
+    from bento_lib.auth.headers import DJANGO_USER_HEADER, DJANGO_USER_ROLE_HEADER
+    from django.contrib.auth.models import User
+    from django.http.request import HttpRequest
+
+    b = bento_lib.auth.django_remote_user.BentoRemoteUserBackend()
+    r = HttpRequest()
+    r.META = {
+        DJANGO_USER_HEADER: "test",
+        DJANGO_USER_ROLE_HEADER: "owner"
+    }
+
+    u = User(username="test", password="test")
+    b.configure_user(r, u)
+
+    u2 = User.objects.get_by_natural_key("test")
+
+    assert u2.is_staff
+    assert u2.is_superuser
+
+    r.META[DJANGO_USER_ROLE_HEADER] = "user"
+
+    u = User(username="test2", password="test")
+    b.configure_user(r, u)
+
+    u2 = User.objects.get_by_natural_key("test2")
+
+    assert not u2.is_staff
+    assert not u2.is_superuser