Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Simplify permissions declaration in custom endpoint #987

Open
pieroit opened this issue Dec 12, 2024 · 0 comments
Open

Simplify permissions declaration in custom endpoint #987

pieroit opened this issue Dec 12, 2024 · 0 comments
Labels
endpoints Related to http / ws endpoints enhancement New feature or request

Comments

@pieroit
Copy link
Member

pieroit commented Dec 12, 2024

Currently custom endpoints, when in need of auth, require to write something like:

from fastapi import Depends
from cat.mad_hatter.decorators import endpoint
from cat.auth.connection import HTTPAuth
from cat.auth.permissions import AuthPermission, AuthResource

@endpoint.get("/hello")
def my_endpoint(stray=Depends(HTTPAuth(AuthResource.MEMORY, AuthPermission.LIST))):
    return {"answer": 42, "userId": stray.user_id}

Would be a great devx improvement to have this:

from cat.mad_hatter.decorators import endpoint
from cat.auth.permissions import AuthPermission, AuthResource, permissions_check

@endpoint.get("/hello")
def my_endpoint(stray=permissions_check(AuthResource.MEMORY, AuthPermission.LIST)):
    return {"answer": 42, "userId": stray.user_id}

which is the same as the less elegant but way simpler

from cat.mad_hatter.decorators import endpoint
from cat.auth.permissions import permissions_check

@endpoint.get("/hello")
def my_endpoint(stray=permissions_check("MEMORY", "LIST")):
    return {"answer": 42, "userId": stray.user_id}

Also we can use this helper function in all our core routes.
permissions_check is just a proposal name, maybe there is something more easy to understand.
If permissions are passed a strings, the function can check they correspond to the actual resource and permission enums

P.S.: by reading the docs it is not always clear (even if clearly written) that cat in hooks and tools is the same as stray as an instance of StrayCat. I think this may lead to confusion and so it should be called everywhere cat

@pieroit pieroit added enhancement New feature or request endpoints Related to http / ws endpoints labels Dec 12, 2024
@pieroit pieroit changed the title Simplify permissions declaration in custim endpoint Simplify permissions declaration in custom endpoint Dec 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
endpoints Related to http / ws endpoints enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant