From 6216fc0879046c3b583e6fa697930f89fab7254a Mon Sep 17 00:00:00 2001 From: Maciej Korycinski Date: Thu, 4 Jun 2020 13:54:01 +0200 Subject: [PATCH] Drop graphql_jwt.PermissionDenied --- .isort.cfg | 2 +- saleor/core/exceptions.py | 8 +++++++ saleor/graphql/account/mutations/base.py | 2 +- saleor/graphql/account/mutations/staff.py | 4 ++-- saleor/graphql/account/resolvers.py | 2 +- saleor/graphql/account/types.py | 2 +- saleor/graphql/checkout/mutations.py | 3 +-- saleor/graphql/checkout/types.py | 2 +- saleor/graphql/core/mutations.py | 2 +- saleor/graphql/decorators.py | 22 +++++++++++++++++--- saleor/graphql/giftcard/types.py | 2 +- saleor/graphql/meta/mutations.py | 2 +- saleor/graphql/meta/permissions.py | 3 +-- saleor/graphql/meta/resolvers.py | 3 +-- saleor/graphql/order/types.py | 2 +- saleor/graphql/product/mutations/products.py | 2 +- saleor/graphql/views.py | 3 +-- saleor/graphql/webhook/resolvers.py | 2 +- 18 files changed, 44 insertions(+), 24 deletions(-) diff --git a/.isort.cfg b/.isort.cfg index 42a876e47ed..7259f4a544d 100644 --- a/.isort.cfg +++ b/.isort.cfg @@ -1,2 +1,2 @@ [settings] -known_third_party = PIL,babel,braintree,celery,dj_database_url,dj_email_url,django,django_cache_url,django_countries,django_filters,django_measurement,django_prices,django_prices_openexchangerates,django_prices_vatlayer,draftjs_sanitizer,faker,freezegun,geolite2,google_measurement_protocol,graphene,graphene_django,graphene_federation,graphql,graphql_jwt,graphql_relay,html_to_draftjs,i18naddress,jaeger_client,jwt,markdown,measurement,mptt,oauthlib,opentracing,phonenumber_field,phonenumbers,prices,promise,pytest,pytz,razorpay,requests,sentry_sdk,storages,stripe,templated_email,text_unidecode,tqdm,versatileimagefield +known_third_party = PIL,babel,braintree,celery,dj_database_url,dj_email_url,django,django_cache_url,django_countries,django_filters,django_measurement,django_prices,django_prices_openexchangerates,django_prices_vatlayer,draftjs_sanitizer,faker,freezegun,geolite2,google_measurement_protocol,graphene,graphene_django,graphene_federation,graphql,graphql_relay,html_to_draftjs,i18naddress,jaeger_client,jwt,markdown,measurement,mptt,oauthlib,opentracing,phonenumber_field,phonenumbers,prices,promise,pytest,pytz,razorpay,requests,sentry_sdk,storages,stripe,templated_email,text_unidecode,tqdm,versatileimagefield diff --git a/saleor/core/exceptions.py b/saleor/core/exceptions.py index 2102cadee50..8829435c3a1 100644 --- a/saleor/core/exceptions.py +++ b/saleor/core/exceptions.py @@ -31,3 +31,11 @@ def __init__(self, context=None): super().__init__("Can't add unpublished product.") self.context = context self.code = CheckoutErrorCode.PRODUCT_NOT_PUBLISHED + + +class PermissionDenied(Exception): + def __init__(self, message=None): + default_message = "You do not have permission to perform this action" + if message is None: + message = default_message + super().__init__(message) diff --git a/saleor/graphql/account/mutations/base.py b/saleor/graphql/account/mutations/base.py index cbbf1e9a145..f088a0b015a 100644 --- a/saleor/graphql/account/mutations/base.py +++ b/saleor/graphql/account/mutations/base.py @@ -3,7 +3,6 @@ from django.contrib.auth.tokens import default_token_generator from django.core.exceptions import ObjectDoesNotExist, ValidationError from django.db import transaction -from graphql_jwt.exceptions import PermissionDenied from ....account import events as account_events, models from ....account.emails import ( @@ -11,6 +10,7 @@ send_user_password_reset_email_with_url, ) from ....account.error_codes import AccountErrorCode +from ....core.exceptions import PermissionDenied from ....core.permissions import AccountPermissions from ....core.utils.url import validate_storefront_url from ....order.utils import match_orders_with_new_user diff --git a/saleor/graphql/account/mutations/staff.py b/saleor/graphql/account/mutations/staff.py index a21ffcd1412..89037649387 100644 --- a/saleor/graphql/account/mutations/staff.py +++ b/saleor/graphql/account/mutations/staff.py @@ -4,8 +4,6 @@ import graphene from django.core.exceptions import ValidationError from django.db import transaction -from graphql_jwt.decorators import staff_member_required -from graphql_jwt.exceptions import PermissionDenied from ....account import events as account_events, models, utils from ....account.emails import send_set_password_email_with_url @@ -13,6 +11,7 @@ from ....account.thumbnails import create_user_avatar_thumbnails from ....account.utils import remove_staff_member from ....checkout import AddressType +from ....core.exceptions import PermissionDenied from ....core.permissions import AccountPermissions from ....core.utils.url import validate_storefront_url from ...account.enums import AddressTypeEnum @@ -21,6 +20,7 @@ from ...core.types import Upload from ...core.types.common import AccountError, StaffError from ...core.utils import get_duplicates_ids, validate_image_file +from ...decorators import staff_member_required from ...meta.deprecated.mutations import ClearMetaBaseMutation, UpdateMetaBaseMutation from ..utils import ( CustomerDeleteMixin, diff --git a/saleor/graphql/account/resolvers.py b/saleor/graphql/account/resolvers.py index 54a23b23c93..5a5ef5fa17b 100644 --- a/saleor/graphql/account/resolvers.py +++ b/saleor/graphql/account/resolvers.py @@ -3,10 +3,10 @@ import graphene from django.contrib.auth import models as auth_models -from graphql_jwt.exceptions import PermissionDenied from i18naddress import get_validation_rules from ...account import models +from ...core.exceptions import PermissionDenied from ...core.permissions import AccountPermissions from ...payment import gateway from ...payment.utils import fetch_customer_id diff --git a/saleor/graphql/account/types.py b/saleor/graphql/account/types.py index 4434f1a2530..030414ba5aa 100644 --- a/saleor/graphql/account/types.py +++ b/saleor/graphql/account/types.py @@ -2,10 +2,10 @@ from django.contrib.auth import get_user_model, models as auth_models from graphene import relay from graphene_federation import key -from graphql_jwt.exceptions import PermissionDenied from ...account import models from ...checkout.utils import get_user_checkout +from ...core.exceptions import PermissionDenied from ...core.permissions import AccountPermissions, OrderPermissions from ...order import models as order_models from ..checkout.types import Checkout diff --git a/saleor/graphql/checkout/mutations.py b/saleor/graphql/checkout/mutations.py index 61f9a1e39d4..cbcf16975a6 100644 --- a/saleor/graphql/checkout/mutations.py +++ b/saleor/graphql/checkout/mutations.py @@ -5,7 +5,6 @@ from django.core.exceptions import ObjectDoesNotExist, ValidationError from django.db import transaction from django.db.models import Prefetch -from graphql_jwt.exceptions import PermissionDenied from ...account.error_codes import AccountErrorCode from ...checkout import models @@ -24,7 +23,7 @@ remove_promo_code_from_checkout, ) from ...core import analytics -from ...core.exceptions import InsufficientStock, ProductNotPublished +from ...core.exceptions import InsufficientStock, PermissionDenied, ProductNotPublished from ...core.permissions import OrderPermissions from ...core.taxes import TaxError from ...core.utils.url import validate_storefront_url diff --git a/saleor/graphql/checkout/types.py b/saleor/graphql/checkout/types.py index a0a224250df..7a6358028c5 100644 --- a/saleor/graphql/checkout/types.py +++ b/saleor/graphql/checkout/types.py @@ -1,9 +1,9 @@ import graphene -from graphql_jwt.exceptions import PermissionDenied from promise import Promise from ...checkout import calculations, models from ...checkout.utils import get_valid_shipping_methods_for_checkout +from ...core.exceptions import PermissionDenied from ...core.permissions import AccountPermissions, CheckoutPermissions from ...core.taxes import display_gross_prices, zero_taxed_money from ...plugins.manager import get_plugins_manager diff --git a/saleor/graphql/core/mutations.py b/saleor/graphql/core/mutations.py index 876deb1fb86..f8169c47846 100644 --- a/saleor/graphql/core/mutations.py +++ b/saleor/graphql/core/mutations.py @@ -12,8 +12,8 @@ from graphene.types.mutation import MutationOptions from graphene_django.registry import get_global_registry from graphql.error import GraphQLError -from graphql_jwt.exceptions import PermissionDenied +from ...core.exceptions import PermissionDenied from ...core.permissions import AccountPermissions from ..utils import get_nodes from .types import Error, Upload diff --git a/saleor/graphql/decorators.py b/saleor/graphql/decorators.py index 36883a532cd..759594a7ec5 100644 --- a/saleor/graphql/decorators.py +++ b/saleor/graphql/decorators.py @@ -2,12 +2,23 @@ from functools import wraps from typing import Iterable, Union -from graphql_jwt import exceptions -from graphql_jwt.decorators import context +from graphql.execution.base import ResolveInfo +from ..core.exceptions import PermissionDenied from ..core.permissions import AccountPermissions +def context(f): + def decorator(func): + def wrapper(*args, **kwargs): + info = next(arg for arg in args if isinstance(arg, ResolveInfo)) + return func(info.context, *args, **kwargs) + + return wrapper + + return decorator + + def account_passes_test(test_func): """Determine if user/app has permission to access to content.""" @@ -17,7 +28,7 @@ def decorator(f): def wrapper(context, *args, **kwargs): if test_func(context): return f(*args, **kwargs) - raise exceptions.PermissionDenied() + raise PermissionDenied() return wrapper @@ -56,3 +67,8 @@ def check_perms(context): return False return account_passes_test(check_perms) + + +staff_member_required = account_passes_test( + lambda context: context.user.is_active and context.user.is_staff +) diff --git a/saleor/graphql/giftcard/types.py b/saleor/graphql/giftcard/types.py index fef0c14c2b1..2ff2112dcd4 100644 --- a/saleor/graphql/giftcard/types.py +++ b/saleor/graphql/giftcard/types.py @@ -1,6 +1,6 @@ import graphene -from graphql_jwt.exceptions import PermissionDenied +from ...core.exceptions import PermissionDenied from ...core.permissions import AccountPermissions, GiftcardPermissions from ...giftcard import models from ..core.connection import CountableDjangoObjectType diff --git a/saleor/graphql/meta/mutations.py b/saleor/graphql/meta/mutations.py index dabdf45f31d..93f5815dcd3 100644 --- a/saleor/graphql/meta/mutations.py +++ b/saleor/graphql/meta/mutations.py @@ -1,9 +1,9 @@ import graphene from django.core.exceptions import ValidationError -from graphql_jwt.exceptions import PermissionDenied from ...core import models from ...core.error_codes import MetadataErrorCode +from ...core.exceptions import PermissionDenied from ..core.mutations import BaseMutation from ..core.types.common import MetadataError from .permissions import PRIVATE_META_PERMISSION_MAP, PUBLIC_META_PERMISSION_MAP diff --git a/saleor/graphql/meta/permissions.py b/saleor/graphql/meta/permissions.py index 8e5ba0a6e7b..9fafef86244 100644 --- a/saleor/graphql/meta/permissions.py +++ b/saleor/graphql/meta/permissions.py @@ -1,8 +1,7 @@ from typing import Any, List -from graphql_jwt.exceptions import PermissionDenied - from ...account import models as account_models +from ...core.exceptions import PermissionDenied from ...core.permissions import ( AccountPermissions, AppPermission, diff --git a/saleor/graphql/meta/resolvers.py b/saleor/graphql/meta/resolvers.py index ec66e0630a3..b71016533c1 100644 --- a/saleor/graphql/meta/resolvers.py +++ b/saleor/graphql/meta/resolvers.py @@ -1,10 +1,9 @@ from operator import itemgetter -from graphql_jwt.exceptions import PermissionDenied - from ...account import models as account_models from ...app import models as app_models from ...checkout import models as checkout_models +from ...core.exceptions import PermissionDenied from ...core.models import ModelWithMetadata from ...order import models as order_models from ...product import models as product_models diff --git a/saleor/graphql/order/types.py b/saleor/graphql/order/types.py index dd39ee4cdc3..8dbd0d363c5 100644 --- a/saleor/graphql/order/types.py +++ b/saleor/graphql/order/types.py @@ -1,8 +1,8 @@ import graphene from django.core.exceptions import ValidationError from graphene import relay -from graphql_jwt.exceptions import PermissionDenied +from ...core.exceptions import PermissionDenied from ...core.permissions import AccountPermissions, OrderPermissions from ...core.taxes import display_gross_prices from ...order import OrderStatus, models diff --git a/saleor/graphql/product/mutations/products.py b/saleor/graphql/product/mutations/products.py index 28c3f0817ce..8f12fb5e8b2 100644 --- a/saleor/graphql/product/mutations/products.py +++ b/saleor/graphql/product/mutations/products.py @@ -7,9 +7,9 @@ from django.db.models import Q, QuerySet from django.template.defaultfilters import slugify from graphene.types import InputObjectType -from graphql_jwt.exceptions import PermissionDenied from graphql_relay import from_global_id +from ....core.exceptions import PermissionDenied from ....core.permissions import ProductPermissions from ....product import models from ....product.error_codes import ProductErrorCode diff --git a/saleor/graphql/views.py b/saleor/graphql/views.py index 44eb9b1476f..7d0e9819372 100644 --- a/saleor/graphql/views.py +++ b/saleor/graphql/views.py @@ -22,10 +22,9 @@ format_error as format_graphql_error, ) from graphql.execution import ExecutionResult -from graphql_jwt.exceptions import PermissionDenied from jwt.exceptions import PyJWTError -from ..core.exceptions import ReadOnlyException +from ..core.exceptions import PermissionDenied, ReadOnlyException from ..core.utils import is_valid_ipv4, is_valid_ipv6 API_PATH = SimpleLazyObject(lambda: reverse("api")) diff --git a/saleor/graphql/webhook/resolvers.py b/saleor/graphql/webhook/resolvers.py index a51a5ba4168..9624bdc6879 100644 --- a/saleor/graphql/webhook/resolvers.py +++ b/saleor/graphql/webhook/resolvers.py @@ -1,6 +1,6 @@ import graphene -from graphql_jwt.exceptions import PermissionDenied +from ...core.exceptions import PermissionDenied from ...core.permissions import WebhookPermissions from ...webhook import models, payloads from ...webhook.event_types import WebhookEventType