From 6100935e3ce5e493d0671a3eac6705749962bf96 Mon Sep 17 00:00:00 2001 From: lchen-2101 <73617864+lchen-2101@users.noreply.github.com> Date: Mon, 18 Mar 2024 10:31:30 -0400 Subject: [PATCH] feat: moved scopes to settings --- src/.env.local | 3 ++- src/config.py | 3 ++- src/dependencies.py | 6 ++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/.env.local b/src/.env.local index 69a344b..af5dd0e 100644 --- a/src/.env.local +++ b/src/.env.local @@ -15,4 +15,5 @@ INST_DB_HOST=localhost:5432 INST_DB_SCHEMA=public JWT_OPTS_VERIFY_AT_HASH="false" JWT_OPTS_VERIFY_AUD="false" -JWT_OPTS_VERIFY_ISS="false" \ No newline at end of file +JWT_OPTS_VERIFY_ISS="false" +ADMIN_SCOPES=["query-groups","manage-users"] \ No newline at end of file diff --git a/src/config.py b/src/config.py index 6b8cae6..817ac53 100644 --- a/src/config.py +++ b/src/config.py @@ -1,6 +1,6 @@ import os from urllib import parse -from typing import Any +from typing import Any, Set from pydantic import field_validator, ValidationInfo from pydantic.networks import PostgresDsn @@ -24,6 +24,7 @@ class Settings(BaseSettings): inst_db_host: str inst_db_scheme: str = "postgresql+asyncpg" inst_conn: PostgresDsn | None = None + admin_scopes: Set[str] = set(["query-groups", "manage-users"]) def __init__(self, **data): super().__init__(**data) diff --git a/src/dependencies.py b/src/dependencies.py index 55ef0e0..3516557 100644 --- a/src/dependencies.py +++ b/src/dependencies.py @@ -7,6 +7,7 @@ from sqlalchemy.ext.asyncio import AsyncSession from typing import List, Optional from itertools import chain +from config import settings from entities.engine import get_session from entities.repos import institutions_repo as repo @@ -46,11 +47,8 @@ def get_email_domain(email: str) -> str: return None -admin_scopes = set(["query-groups", "manage-users"]) - - def is_admin(auth: AuthCredentials): - return admin_scopes.issubset(auth.scopes) + return settings.admin_scopes.issubset(auth.scopes) def lei_association_check(func: DecoratedCallable) -> DecoratedCallable: