def get_sub_dependant( *, param: inspect.Parameter, path: str, security_scopes: List[str] = None ) -> Dependant: depends: params.Depends = param.default if depends.dependency: dependency = depends.dependency else: dependency = param.annotation security_requirement = None security_scopes = security_scopes or [] if isinstance(depends, params.Security): dependency_scopes = depends.scopes security_scopes.extend(dependency_scopes) if isinstance(dependency, SecurityBase): use_scopes = [] if isinstance(dependency, (OAuth2, OpenIdConnect)): use_scopes = security_scopes security_requirement = SecurityRequirement( security_scheme=dependency, scopes=use_scopes ) sub_dependant = get_dependant( path=path, call=dependency, name=param.name, security_scopes=security_scopes ) if security_requirement: sub_dependant.security_requirements.append(security_requirement) sub_dependant.security_scopes = security_scopes return sub_dependant
def get_sub_dependant( *, depends: params.Depends, dependency: Callable, path: str, name: str = None, security_scopes: List[str] = None, ) -> Dependant: security_requirement = None security_scopes = security_scopes or [] if isinstance(depends, params.Security): dependency_scopes = depends.scopes security_scopes.extend(dependency_scopes) if isinstance(dependency, SecurityBase): use_scopes: List[str] = [] if isinstance(dependency, (OAuth2, OpenIdConnect)): use_scopes = security_scopes security_requirement = SecurityRequirement(security_scheme=dependency, scopes=use_scopes) sub_dependant = get_dependant(path=path, call=dependency, name=name, security_scopes=security_scopes) if security_requirement: sub_dependant.security_requirements.append(security_requirement) sub_dependant.security_scopes = security_scopes return sub_dependant
def get_sub_dependant(*, param: inspect.Parameter, path: str) -> Dependant: depends: params.Depends = param.default if depends.dependency: dependency = depends.dependency else: dependency = param.annotation sub_dependant = get_dependant(path=path, call=dependency, name=param.name) if isinstance(depends, params.Security) and isinstance( dependency, SecurityBase): security_requirement = SecurityRequirement(security_scheme=dependency, scopes=depends.scopes) sub_dependant.security_requirements.append(security_requirement) return sub_dependant
import logging from typing import Set, List, Tuple from cidemiasecurity.security import oauth2_scheme from cidemiasecurity.security.models import UserModel from cidemiasecurity.security.utils import get_current_user from fastapi import HTTPException, FastAPI from fastapi.dependencies.models import SecurityRequirement from fastapi.routing import APIRoute from starlette.status import HTTP_401_UNAUTHORIZED from starlette.requests import Request from starlette.types import Scope, Receive, Send, ASGIApp from cidemiasecurity.urls.schemas import ApiUrl auth_requirement = SecurityRequirement(oauth2_scheme, []) no_auth_requirement: SecurityRequirement = None log = logging.getLogger(__file__) def has_one_permission(user: UserModel, permissions: Set[str]) -> bool: """ This method will verify if a given user has one of permissions. There is a special permission named `authenticated` that will just look if the user is fully authenticated :param user: CTSUser -> The user :param permissions: Set[str] -> The list of permissions to look for :return: bool -> True if the user has one of the permissions, else otherwise """ if "authenticated" in permissions: