Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tagging routes with IAM permissions #92

Closed
Tracked by #89
migduroli opened this issue Mar 6, 2023 · 0 comments · Fixed by #89
Closed
Tracked by #89

Tagging routes with IAM permissions #92

migduroli opened this issue Mar 6, 2023 · 0 comments · Fixed by #89
Labels
enhancement New feature or request
Milestone
1.3

Comments

@migduroli
Copy link
Collaborator

Context

Currently, any route mounted within a Flama app is visible to the outside world without any restriction. However, it could be that users of the library want to expose certain routes only for authenticated users of theirs, with certain permissions. For this to happen, one of the requirements will be that the routes "know" which permissions are needed for them to be accessible.

Proposed solution

The interface of the solution could look something like:

from flama import Flama

class FooResource(RESTResource, metaclass=CRUDListResourceType):
    name = "foo"
    verbose_name = "Foo"

    model = models.foo
    schema = schemas.Foo

app = Flama()

app.resources.add_resource("/foo/", resource=FooResource, permissions=["iam.user.authenticated"])

@app.route("/", permission="iam.user.authenticated")
def home():
    return {"message": "Hello 🔥"}

which, at some point will involve adding to the tags of the resource such permissions passed as arguments before, i.e.:

route.tags["permissions"] = ["iam.user.authenticated"]}

Indeed, a mokey-patching strategy would consist in doing the following:

def tag_route(route):
    try:
        for r in route.routes:
            tag_route(r)
    except AttributeError:
        route.tags = {"permissions": ["iam.user.authenticated"] if route.name in WHITELISTED_ROUTES else []}

for route in app.routes:
    tag_route(route)

However, this hack does not give the granularity of having different permissions etc. which is why we think implementing this as a fundamental feature of Flama is needed.
@perdy perdy mentioned this issue Mar 9, 2023
Merged
8 tasks
@perdy perdy added this to the 1.3 milestone Mar 9, 2023
@perdy perdy added the enhancement New feature or request label Mar 9, 2023
@perdy perdy linked a pull request Mar 9, 2023 that will close this issue
1.3 #89
Merged
8 tasks
perdy added a commit that referenced this issue Mar 9, 2023
@perdy
✨ Allow to tag routes (#92)
96e1fc5
perdy added a commit that referenced this issue Mar 9, 2023
@perdy
✨ Allow to tag routes (#92)
f640c23
@perdy perdy closed this as completed in #89 Mar 17, 2023
perdy added a commit that referenced this issue Mar 17, 2023
@perdy
✨ Allow to tag routes (#92)
cbd026f
github-actions bot pushed a commit that referenced this issue Mar 17, 2023
@semantic-release-bot
🔖 1.3.0 [skip ci]
451ce8d 
# [v1.3.0](v1.2.0...v1.3.0) (2023-03-17)

## ✨ New Features
- [`d5715a7`](d5715a7)  Allow all endpoint responses in swagger schema (#88) (Issues: [`#88`](https://github.com/vortico/flama/issues/))
- [`21292dc`](21292dc)  Schema type as annotation for input and ouput schemas (#91) (Issues: [`#91`](https://github.com/vortico/flama/issues/))
- [`693fdf7`](693fdf7)  Script for fixing lint errors (#93) (Issues: [`#93`](https://github.com/vortico/flama/issues/))
- [`cbd026f`](cbd026f)  Allow to tag routes (#92) (Issues: [`#92`](https://github.com/vortico/flama/issues/))
- [`318b461`](318b461)  Warning loading a model with another framework version (#94) (Issues: [`#94`](https://github.com/vortico/flama/issues/))
- [`ac82633`](ac82633)  Include artifacts in model inspect (#95) (Issues: [`#95`](https://github.com/vortico/flama/issues/))
- [`056cd90`](056cd90)  CLI command to interact with an ML model without server (#96) (Issues: [`#96`](https://github.com/vortico/flama/issues/))

## 🐛 Bug Fixes
- [`18daa90`](18daa90)  Amend some Enum instantiations from strings
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
1.3
Development

Successfully merging a pull request may close this issue.

1.3 vortico/flama
2 participants
@perdy @migduroli