def get_sub_dependant(
*, param: inspect.Parameter, path: str, security_scopes: List[str] = None
) -> Dependant:
depends: params.Depends = param.default
if depends.dependency:
dependency = depends.dependency
else:
dependency = param.annotation
security_requirement = None
security_scopes = security_scopes or []
if isinstance(depends, params.Security):
dependency_scopes = depends.scopes
security_scopes.extend(dependency_scopes)
if isinstance(dependency, SecurityBase):
use_scopes = []
if isinstance(dependency, (OAuth2, OpenIdConnect)):
use_scopes = security_scopes
security_requirement = SecurityRequirement(
security_scheme=dependency, scopes=use_scopes
)
sub_dependant = get_dependant(
path=path, call=dependency, name=param.name, security_scopes=security_scopes
)
if security_requirement:
sub_dependant.security_requirements.append(security_requirement)
sub_dependant.security_scopes = security_scopes
return sub_dependant
def get_sub_dependant(
*,
depends: params.Depends,
dependency: Callable,
path: str,
name: str = None,
security_scopes: List[str] = None,
) -> Dependant:
security_requirement = None
security_scopes = security_scopes or []
if isinstance(depends, params.Security):
dependency_scopes = depends.scopes
security_scopes.extend(dependency_scopes)
if isinstance(dependency, SecurityBase):
use_scopes: List[str] = []
if isinstance(dependency, (OAuth2, OpenIdConnect)):
use_scopes = security_scopes
security_requirement = SecurityRequirement(security_scheme=dependency,
scopes=use_scopes)
sub_dependant = get_dependant(path=path,
call=dependency,
name=name,
security_scopes=security_scopes)
if security_requirement:
sub_dependant.security_requirements.append(security_requirement)
sub_dependant.security_scopes = security_scopes
return sub_dependant
def get_sub_dependant(*, param: inspect.Parameter, path: str) -> Dependant:
depends: params.Depends = param.default
if depends.dependency:
dependency = depends.dependency
else:
dependency = param.annotation
sub_dependant = get_dependant(path=path, call=dependency, name=param.name)
if isinstance(depends, params.Security) and isinstance(
dependency, SecurityBase):
security_requirement = SecurityRequirement(security_scheme=dependency,
scopes=depends.scopes)
sub_dependant.security_requirements.append(security_requirement)
return sub_dependant
import logging
from typing import Set, List, Tuple
from cidemiasecurity.security import oauth2_scheme
from cidemiasecurity.security.models import UserModel
from cidemiasecurity.security.utils import get_current_user
from fastapi import HTTPException, FastAPI
from fastapi.dependencies.models import SecurityRequirement
from fastapi.routing import APIRoute
from starlette.status import HTTP_401_UNAUTHORIZED
from starlette.requests import Request
from starlette.types import Scope, Receive, Send, ASGIApp
from cidemiasecurity.urls.schemas import ApiUrl
auth_requirement = SecurityRequirement(oauth2_scheme, [])
no_auth_requirement: SecurityRequirement = None
log = logging.getLogger(__file__)
def has_one_permission(user: UserModel, permissions: Set[str]) -> bool:
"""
This method will verify if a given user has one of permissions.
There is a special permission named `authenticated` that will just look if the user is fully authenticated
:param user: CTSUser -> The user
:param permissions: Set[str] -> The list of permissions to look for
:return: bool -> True if the user has one of the permissions, else otherwise
"""
if "authenticated" in permissions:
