From nobody Tue May 13 08:54:53 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=patchew-devel-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=patchew-devel-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1525790283247362.2913833274398; Tue, 8 May 2018 07:38:03 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5E99213A8F; Tue, 8 May 2018 14:38:02 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4DC515D9C6; Tue, 8 May 2018 14:38:02 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 36E53180BAD3; Tue, 8 May 2018 14:38:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w48Ec1rb005846 for ; Tue, 8 May 2018 10:38:01 -0400 Received: by smtp.corp.redhat.com (Postfix) id A908630BAAC6; Tue, 8 May 2018 14:38:01 +0000 (UTC) Received: from mx1.redhat.com (ext-mx15.extmail.prod.ext.phx2.redhat.com [10.5.110.44]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9D37B30BAAC4 for ; Tue, 8 May 2018 14:37:58 +0000 (UTC) Received: from mail-wm0-f43.google.com (mail-wm0-f43.google.com [74.125.82.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 78AD330023F0 for ; Tue, 8 May 2018 14:37:47 +0000 (UTC) Received: by mail-wm0-f43.google.com with SMTP id j4so19262439wme.1 for ; Tue, 08 May 2018 07:37:47 -0700 (PDT) Received: from donizetti.lan (dynamic-adsl-78-12-189-60.clienti.tiscali.it. [78.12.189.60]) by smtp.gmail.com with ESMTPSA id d18-v6sm14409399edb.97.2018.05.08.07.37.44 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 08 May 2018 07:37:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=J+EGqueFeOgFRbGS82qHEHyUao3zOvbGdXukT2HJRL8=; b=ZRuiiQV1jzQfzLxf5BPGvqQRkcJqH7b9tGShckm/6R5jtk9vs0jFrXQSEIaC6ksA3N yjojVp98NhITKTg8+O8qIqexUVKuYCWdg1FgHC+g8zLxfD8KTOjzuIIiVAe76GVBqnm/ L5AHkmoo5wZMGv01LoSK80ALLUtdw6DEyHDhvtWUauNu2keuOIfpMSU/J5cvF2bPMijg ba7XmCLko93WHtSM0WxHgRmVeTjdsG1IRTVYd4T9TYjidfC2G+hCVbXxZWLy+dqqx8Hh D3YtbLCUnGc96zgDVsRXe1rsaNnpVaXg447o5iUH6HzTqIKXoC8h/qxfzk/WwKfrK2ds KiNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=J+EGqueFeOgFRbGS82qHEHyUao3zOvbGdXukT2HJRL8=; b=BXTrifw/mL5fJcXR9OF7d5swIKrO2T0DTENHU0TbU5nHsixhY1WFCd8yLtNO0ve5Xr 7v22Q3N/8bQit1mLza8DMr1g0l34p7bUo6B/ZpLU72Absa8FCm/TxIWUHHYza30IrjbN k8HUzasePTWLPW+FPlPmwlzC1qGOZgbL/1Jisnk4ISo+Z+D/HdKbT96quwjx9KRbH6Ji tj9WcwVv7BQpQmnG5fCnDf2BghpR+MHu5iApNyqDFLsrc2WsOoAtlahMgKYhxkCu4u6d w5z9sq1TIEdLDE1KikoLdD6eBWYfKTq0Hl4WSdCjmrw6kpN+ZhMpblJL2t1djWSyvpRy n5Jg== X-Gm-Message-State: ALQs6tDng70XWzXAXlBeji3f0aeLHJyNoxi2XmfdOSlPFvnCy76FoeYP +zg1EWLti8MRPwUcHIifd+TNHe3K X-Google-Smtp-Source: AB8JxZrdWL/t2fZqSq8k0DxUfRHMBrFl68khztE6nOxguggMa/P+hTozecMfRjGkBNR2NAFfj69yDQ== X-Received: by 2002:aa7:d60f:: with SMTP id c15-v6mr55642234edr.301.1525790265789; Tue, 08 May 2018 07:37:45 -0700 (PDT) From: Paolo Bonzini To: patchew-devel@redhat.com Date: Tue, 8 May 2018 16:37:40 +0200 Message-Id: <20180508143740.28409-3-pbonzini@redhat.com> In-Reply-To: <20180508143740.28409-1-pbonzini@redhat.com> References: <20180508143740.28409-1-pbonzini@redhat.com> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Tue, 08 May 2018 14:37:47 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Tue, 08 May 2018 14:37:47 +0000 (UTC) for IP:'74.125.82.43' DOMAIN:'mail-wm0-f43.google.com' HELO:'mail-wm0-f43.google.com' FROM:'paolo.bonzini@gmail.com' RCPT:'' X-RedHat-Spam-Score: 0.6 (DKIM_SIGNED, FREEMAIL_FORGED_FROMDOMAIN, FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE, SPF_PASS, T_DKIM_INVALID) 74.125.82.43 mail-wm0-f43.google.com 74.125.82.43 mail-wm0-f43.google.com X-RedHat-Possible-Forgery: Paolo Bonzini X-Scanned-By: MIMEDefang 2.84 on 10.5.110.44 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-loop: patchew-devel@redhat.com Cc: Shubham Jain Subject: [Patchew-devel] [PATCH 2/2] rest: introduce generic permission framework X-BeenThere: patchew-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Patchew development and discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: patchew-devel-bounces@redhat.com Errors-To: patchew-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 08 May 2018 14:38:02 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Until now, the REST API didn't really have a good permission system. In particular, it did not know about user groups. We will need to allow the "importer" group to add messages to any project, so it's time to improve the permissions. Similar to the old API, all the knowledge of permissions is encapsulated in one class, in this case a DRF Permission subclass. The new class replaces the old IsAdminUserOrReadOnly and IsMaintainerUserOrReadOnly permissions. The hierarchy is: - safe requests, or requests from superusers, are always allowed - group membership grants authorization for an operation on any project, but only if the view allows those groups - maintainership grants authorization for an operation on maintained projec= ts --- api/rest.py | 67 ++++++++++++++++++++++++++++++++++------------ tests/test_rest.py | 10 +++++++ 2 files changed, 60 insertions(+), 17 deletions(-) diff --git a/api/rest.py b/api/rest.py index ed40a10..3e9a4a6 100644 --- a/api/rest.py +++ b/api/rest.py @@ -28,23 +28,46 @@ SEARCH_PARAM =3D 'q' =20 # patchew-specific permission classes =20 -class IsAdminUserOrReadOnly(permissions.BasePermission): +class PatchewPermission(permissions.BasePermission): """ - Allows access only to admin users. + Generic code to lookup for permissions based on message and project ob= jects. + The nested router's "project_pk" keyword is taken as a hint that the v= iew + also has a "project" property that returns a Django object. has_permi= ssion + then checks that property too. """ + + allowed_groups =3D () + + def is_superuser(self, request): + return request.user and request.user.is_superuser + + def has_project_permission(self, request, view, obj): + return obj.maintained_by(request.user) + + def has_group_permission(self, request, view): + for grp in request.user.groups.all(): + if grp.name in self.allowed_groups: + return True + return False + + def has_generic_permission(self, request, view): + return (request.method in permissions.SAFE_METHODS) or \ + self.is_superuser(request) or \ + self.has_group_permission(request, view) + def has_permission(self, request, view): - return request.method in permissions.SAFE_METHODS or \ - (request.user and request.user.is_superuser) + return self.has_generic_permission(request, view) or \ + ('projects_pk' in view.kwargs and \ + self.has_project_permission(request, view, view.project)) =20 -class IsMaintainerOrReadOnly(permissions.BasePermission): - """ - Allows access only to admin users or maintainers. - """ def has_object_permission(self, request, view, obj): if isinstance(obj, Message): obj =3D obj.project - return request.method in permissions.SAFE_METHODS or \ - obj.maintained_by(request.user) + return self.has_generic_permission(request, view) or \ + self.has_project_permission(request, view, obj) + +class ImportPermission(PatchewPermission): + allowed_groups =3D ('importers',) =20 # pluggable field for plugin support =20 @@ -85,7 +108,7 @@ class UserSerializer(serializers.HyperlinkedModelSeriali= zer): class UsersViewSet(viewsets.ModelViewSet): queryset =3D User.objects.all().order_by('id') serializer_class =3D UserSerializer - permission_classes =3D (IsAdminUserOrReadOnly,) + permission_classes =3D (PatchewPermission,) =20 # Projects =20 @@ -108,7 +131,7 @@ class ProjectSerializer(serializers.HyperlinkedModelSer= ializer): class ProjectsViewSet(viewsets.ModelViewSet): queryset =3D Project.objects.all().order_by('id') serializer_class =3D ProjectSerializer - permission_classes =3D (IsMaintainerOrReadOnly,) + permission_classes =3D (PatchewPermission,) =20 # Common classes for series and messages =20 @@ -153,7 +176,7 @@ class BaseMessageSerializer(serializers.ModelSerializer= ): class BaseMessageViewSet(mixins.ListModelMixin, viewsets.GenericViewSet): serializer_class =3D BaseMessageSerializer queryset =3D Message.objects.all() - permission_classes =3D () + permission_classes =3D (ImportPermission,) lookup_field =3D 'message_id' lookup_value_regex =3D '[^/]+' =20 @@ -162,11 +185,21 @@ class ProjectMessagesViewSetMixin(mixins.RetrieveMode= lMixin): def get_queryset(self): return self.queryset.filter(project=3Dself.kwargs['projects_pk']) =20 - def get_serializer_context(self): + @property + def project(self): + if hasattr(self, '__project'): + return self.__project try: - return {'project': Project.objects.get(id=3Dself.kwargs['proje= cts_pk']), 'request': self.request} - except:=20 + self.__project =3D Project.objects.get(id=3Dself.kwargs['proje= cts_pk']) + except: + self.__project =3D None + return self.__project + + def get_serializer_context(self): + if self.project is None: return Http404 + return {'project': self.project, 'request': self.request} + # Series =20 class ReplySerializer(BaseMessageSerializer): @@ -249,7 +282,6 @@ class SeriesViewSet(BaseMessageViewSet): queryset =3D Message.objects.filter(is_series_head=3DTrue).order_by('-= last_reply_date') filter_backends =3D (PatchewSearchFilter,) search_fields =3D (SEARCH_PARAM,) - permission_classes =3D (IsMaintainerOrReadOnly,) =20 =20 class ProjectSeriesViewSet(ProjectMessagesViewSetMixin, @@ -362,6 +394,7 @@ class ResultSerializerFull(ResultSerializer): class ResultsViewSet(viewsets.ViewSet, generics.GenericAPIView): lookup_field =3D 'name' lookup_value_regex =3D '[^/]+' + permission_classes =3D (PatchewPermission,) =20 def get_serializer_class(self, *args, **kwargs): if self.lookup_field in self.kwargs: diff --git a/tests/test_rest.py b/tests/test_rest.py index 3baadd5..ace58ab 100755 --- a/tests/test_rest.py +++ b/tests/test_rest.py @@ -78,10 +78,18 @@ class RestTest(PatchewTestCase): self.assertEquals(resp.data['mailing_list'], "qemu-block@nongnu.or= g") self.assertEquals(resp.data['parent_project'], self.PROJECT_BASE) =20 + def test_project_post_no_login(self): + data =3D { + 'name': 'keycodemapdb', + } + resp =3D self.api_client.post(self.REST_BASE + 'projects/', data= =3Ddata) + self.assertEquals(resp.status_code, 403) + def test_project_post_minimal(self): data =3D { 'name': 'keycodemapdb', } + self.api_client.login(username=3Dself.user, password=3Dself.passwo= rd) resp =3D self.api_client.post(self.REST_BASE + 'projects/', data= =3Ddata) self.assertEquals(resp.status_code, 201) self.assertEquals(resp.data['resource_uri'].startswith(self.REST_B= ASE + 'projects/'), True) @@ -91,6 +99,7 @@ class RestTest(PatchewTestCase): self.assertEquals(resp.data['name'], data['name']) =20 def test_project_post(self): + self.api_client.login(username=3Dself.user, password=3Dself.passwo= rd) data =3D { 'name': 'keycodemapdb', 'mailing_list': 'qemu-devel@nongnu.org', @@ -261,6 +270,7 @@ class RestTest(PatchewTestCase): dp =3D self.get_data_path("0022-another-simple-patch.json.gz") with open(dp, "r") as f: data =3D f.read() + self.api_client.login(username=3Dself.user, password=3Dself.passwo= rd) resp =3D self.api_client.post(self.PROJECT_BASE + "messages/", dat= a, content_type=3D'application/json') self.assertEqual(resp.status_code, 201) resp_get =3D self.api_client.get(self.PROJECT_BASE + "messages/201= 71023201055.21973-11-andrew.smirnov@gmail.com/") --=20 2.17.0 _______________________________________________ Patchew-devel mailing list Patchew-devel@redhat.com https://www.redhat.com/mailman/listinfo/patchew-devel