Drop graphql_jwt.PermissionDenied

saleor/core/exceptions.py

@@ -31,3 +31,11 @@ def __init__(self, context=None):
         super().__init__("Can't add unpublished product.")
         self.context = context
         self.code = CheckoutErrorCode.PRODUCT_NOT_PUBLISHED
+
+
+class PermissionDenied(Exception):
+    def __init__(self, message=None):
+        default_message = "You do not have permission to perform this action"
+        if message is None:
+            message = default_message
+        super().__init__(message)

saleor/graphql/account/mutations/base.py

@@ -3,14 +3,14 @@
 from django.contrib.auth.tokens import default_token_generator
 from django.core.exceptions import ObjectDoesNotExist, ValidationError
 from django.db import transaction
-from graphql_jwt.exceptions import PermissionDenied
 
 from ....account import events as account_events, models
 from ....account.emails import (
     send_set_password_email_with_url,
     send_user_password_reset_email_with_url,
 )
 from ....account.error_codes import AccountErrorCode
+from ....core.exceptions import PermissionDenied
 from ....core.permissions import AccountPermissions
 from ....core.utils.url import validate_storefront_url
 from ....order.utils import match_orders_with_new_user

saleor/graphql/account/mutations/staff.py

@@ -4,15 +4,14 @@
 import graphene
 from django.core.exceptions import ValidationError
 from django.db import transaction
-from graphql_jwt.decorators import staff_member_required
-from graphql_jwt.exceptions import PermissionDenied
 
 from ....account import events as account_events, models, utils
 from ....account.emails import send_set_password_email_with_url
 from ....account.error_codes import AccountErrorCode
 from ....account.thumbnails import create_user_avatar_thumbnails
 from ....account.utils import remove_staff_member
 from ....checkout import AddressType
+from ....core.exceptions import PermissionDenied
 from ....core.permissions import AccountPermissions
 from ....core.utils.url import validate_storefront_url
 from ...account.enums import AddressTypeEnum
@@ -21,6 +20,7 @@
 from ...core.types import Upload
 from ...core.types.common import AccountError, StaffError
 from ...core.utils import get_duplicates_ids, validate_image_file
+from ...decorators import staff_member_required
 from ...meta.deprecated.mutations import ClearMetaBaseMutation, UpdateMetaBaseMutation
 from ..utils import (
     CustomerDeleteMixin,

saleor/graphql/account/resolvers.py

@@ -3,10 +3,10 @@
 
 import graphene
 from django.contrib.auth import models as auth_models
-from graphql_jwt.exceptions import PermissionDenied
 from i18naddress import get_validation_rules
 
 from ...account import models
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import AccountPermissions
 from ...payment import gateway
 from ...payment.utils import fetch_customer_id

saleor/graphql/account/types.py

@@ -2,10 +2,10 @@
 from django.contrib.auth import get_user_model, models as auth_models
 from graphene import relay
 from graphene_federation import key
-from graphql_jwt.exceptions import PermissionDenied
 
 from ...account import models
 from ...checkout.utils import get_user_checkout
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import AccountPermissions, OrderPermissions
 from ...order import models as order_models
 from ..checkout.types import Checkout

saleor/graphql/checkout/mutations.py

@@ -5,7 +5,6 @@
 from django.core.exceptions import ObjectDoesNotExist, ValidationError
 from django.db import transaction
 from django.db.models import Prefetch
-from graphql_jwt.exceptions import PermissionDenied
 
 from ...account.error_codes import AccountErrorCode
 from ...checkout import models
@@ -24,7 +23,7 @@
     remove_promo_code_from_checkout,
 )
 from ...core import analytics
-from ...core.exceptions import InsufficientStock, ProductNotPublished
+from ...core.exceptions import InsufficientStock, PermissionDenied, ProductNotPublished
 from ...core.permissions import OrderPermissions
 from ...core.taxes import TaxError
 from ...core.utils.url import validate_storefront_url

saleor/graphql/checkout/types.py

@@ -1,9 +1,9 @@
 import graphene
-from graphql_jwt.exceptions import PermissionDenied
 from promise import Promise
 
 from ...checkout import calculations, models
 from ...checkout.utils import get_valid_shipping_methods_for_checkout
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import AccountPermissions, CheckoutPermissions
 from ...core.taxes import display_gross_prices, zero_taxed_money
 from ...plugins.manager import get_plugins_manager

saleor/graphql/core/mutations.py

@@ -12,8 +12,8 @@
 from graphene.types.mutation import MutationOptions
 from graphene_django.registry import get_global_registry
 from graphql.error import GraphQLError
-from graphql_jwt.exceptions import PermissionDenied
 
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import AccountPermissions
 from ..utils import get_nodes
 from .types import Error, Upload

saleor/graphql/decorators.py

@@ -2,12 +2,23 @@
 from functools import wraps
 from typing import Iterable, Union
 
-from graphql_jwt import exceptions
-from graphql_jwt.decorators import context
+from graphql.execution.base import ResolveInfo
 
+from ..core.exceptions import PermissionDenied
 from ..core.permissions import AccountPermissions
 
 
+def context(f):
+    def decorator(func):
+        def wrapper(*args, **kwargs):
+            info = next(arg for arg in args if isinstance(arg, ResolveInfo))
+            return func(info.context, *args, **kwargs)
+
+        return wrapper
+
+    return decorator
+
+
 def account_passes_test(test_func):
     """Determine if user/app has permission to access to content."""
 
@@ -17,7 +28,7 @@ def decorator(f):
         def wrapper(context, *args, **kwargs):
             if test_func(context):
                 return f(*args, **kwargs)
-            raise exceptions.PermissionDenied()
+            raise PermissionDenied()
 
         return wrapper
 
@@ -56,3 +67,8 @@ def check_perms(context):
         return False
 
     return account_passes_test(check_perms)
+
+
+staff_member_required = account_passes_test(
+    lambda context: context.user.is_active and context.user.is_staff
+)

saleor/graphql/giftcard/types.py

@@ -1,6 +1,6 @@
 import graphene
-from graphql_jwt.exceptions import PermissionDenied
 
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import AccountPermissions, GiftcardPermissions
 from ...giftcard import models
 from ..core.connection import CountableDjangoObjectType

saleor/graphql/meta/mutations.py

@@ -1,9 +1,9 @@
 import graphene
 from django.core.exceptions import ValidationError
-from graphql_jwt.exceptions import PermissionDenied
 
 from ...core import models
 from ...core.error_codes import MetadataErrorCode
+from ...core.exceptions import PermissionDenied
 from ..core.mutations import BaseMutation
 from ..core.types.common import MetadataError
 from .permissions import PRIVATE_META_PERMISSION_MAP, PUBLIC_META_PERMISSION_MAP

saleor/graphql/meta/permissions.py

@@ -1,8 +1,7 @@
 from typing import Any, List
 
-from graphql_jwt.exceptions import PermissionDenied
-
 from ...account import models as account_models
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import (
     AccountPermissions,
     AppPermission,

saleor/graphql/meta/resolvers.py

@@ -1,10 +1,9 @@
 from operator import itemgetter
 
-from graphql_jwt.exceptions import PermissionDenied
-
 from ...account import models as account_models
 from ...app import models as app_models
 from ...checkout import models as checkout_models
+from ...core.exceptions import PermissionDenied
 from ...core.models import ModelWithMetadata
 from ...order import models as order_models
 from ...product import models as product_models

saleor/graphql/order/types.py

@@ -1,8 +1,8 @@
 import graphene
 from django.core.exceptions import ValidationError
 from graphene import relay
-from graphql_jwt.exceptions import PermissionDenied
 
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import AccountPermissions, OrderPermissions
 from ...core.taxes import display_gross_prices
 from ...order import OrderStatus, models

saleor/graphql/product/mutations/products.py

@@ -7,9 +7,9 @@
 from django.db.models import Q, QuerySet
 from django.template.defaultfilters import slugify
 from graphene.types import InputObjectType
-from graphql_jwt.exceptions import PermissionDenied
 from graphql_relay import from_global_id
 
+from ....core.exceptions import PermissionDenied
 from ....core.permissions import ProductPermissions
 from ....product import models
 from ....product.error_codes import ProductErrorCode

saleor/graphql/views.py

@@ -22,10 +22,9 @@
     format_error as format_graphql_error,
 )
 from graphql.execution import ExecutionResult
-from graphql_jwt.exceptions import PermissionDenied
 from jwt.exceptions import PyJWTError
 
-from ..core.exceptions import ReadOnlyException
+from ..core.exceptions import PermissionDenied, ReadOnlyException
 from ..core.utils import is_valid_ipv4, is_valid_ipv6
 
 API_PATH = SimpleLazyObject(lambda: reverse("api"))

saleor/graphql/webhook/resolvers.py

@@ -1,6 +1,6 @@
 import graphene
-from graphql_jwt.exceptions import PermissionDenied
 
+from ...core.exceptions import PermissionDenied
 from ...core.permissions import WebhookPermissions
 from ...webhook import models, payloads
 from ...webhook.event_types import WebhookEventType