Skip to content

BENCH-418 & BENCH-422: Authentication and permissions#90

Open
MichaelOSullivanAnswer wants to merge 14 commits intodevelopfrom
BENCH-422-permissions
Open

BENCH-418 & BENCH-422: Authentication and permissions#90
MichaelOSullivanAnswer wants to merge 14 commits intodevelopfrom
BENCH-422-permissions

Conversation

@MichaelOSullivanAnswer
Copy link
Contributor

@MichaelOSullivanAnswer MichaelOSullivanAnswer commented Feb 24, 2023

No description provided.

@MichaelOSullivanAnswer
Copy link
Contributor Author

MichaelOSullivanAnswer commented Feb 24, 2023

Still need to update tests.

@MichaelOSullivanAnswer MichaelOSullivanAnswer changed the title BENCH 418 & BENCH-422: Authentication and permissions BENCH-418 & BENCH-422: Authentication and permissions Feb 24, 2023
JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/models/serializers.py
@@ -1,11 +1,17 @@
import re
from abc import ABC
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need this?

JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/models/permissions/auth_permissions.py
pass


class IsManagerUser(BasePermission):
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is the same as IsStaffUser so can get rid of this

JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/utils/schema/schema_examples.py
"errors": {"name": "The name field is required."},
"type": "https://testserver/problems/error/",
"title": "One or more validation errors occurred.",
"title": "One or more permissions errors occurred.",
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

probably would change this to "One or more validation or permissions errors occurred."

JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/views/auth_views.py
class RegisterManagerView(
generics.CreateAPIView,
):
permission_classes = (AllowAny,)
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this be "IsStaffUser" rather than AllowAny?

JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/views/category_views.py
mixins.CreateModelMixin,
generics.GenericAPIView,
):
permission_classes = []
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this have "IsStaffUser" s its permission?

JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/views/category_views.py
mixins.UpdateModelMixin,
generics.GenericAPIView,
):
permission_classes = []
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this have "IsStaffUser" as its permission?

JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/views/category_views.py
RetireMixin,
generics.GenericAPIView,
):
permission_classes = []
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this have "IsStaffUser" as its permission?

JoeCSykes
JoeCSykes reviewed Feb 24, 2023
View reviewed changes
answerking_app/models/serializers.py
depth = 3


class ManagerAuthSerializer(serializers.ModelSerializer):
Copy link
Contributor

@JoeCSykes JoeCSykes Feb 24, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we are going with the permission as "IsStaffUser" we may want to change this to StaffAuthSerializer. Similar with a few other naming conventions further down also.

PietroConvalleAD
PietroConvalleAD reviewed Feb 27, 2023
View reviewed changes
PietroConvalleAD
PietroConvalleAD reviewed Feb 27, 2023
View reviewed changes
answerking_app/models/serializers.py
Comment on lines +343 to +344
"password",
"password2",
Copy link
Contributor

@PietroConvalleAD PietroConvalleAD Feb 27, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 single password should be sent, password confirmation should be done by the front end

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@JoeCSykes JoeCSykes JoeCSykes left review comments

@PietroConvalleAD PietroConvalleAD PietroConvalleAD left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MichaelOSullivanAnswer @JoeCSykes @PietroConvalleAD