-
Notifications
You must be signed in to change notification settings - Fork 3.6k
Fix/added property type prop deployment ts error #6856
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
7800f98
dc2514c
06433d4
a01a77c
c3e4785
b546d26
cbb3e68
100c32e
ba2628b
d3db51f
271a21b
3fb79be
a0bee21
2c0ef2a
3f9e619
c3141d7
33797ca
d7111d2
dd1a3cc
1bc77d5
b92248b
07c00f8
e61227b
99f593a
d6804eb
26e25ac
74123dd
0fc8bb0
093245b
d4948e5
a86cbc3
55019e5
5fd3638
7717611
f54c03c
e99955f
f25596f
5be1055
17d2ee0
102dc72
abcaa3f
0d7efc8
ab4a1e5
8b6fac6
aa5ec50
809a63b
f4b5273
4f272e9
f6961ef
e8fde6e
ecd4c78
71880d5
40a209b
c4e76bc
a180116
8e926b1
e8c8eaf
b2e1a72
c9df844
555ee5c
19166f6
574033c
0b836dd
805710d
a08074b
caa9341
240b47a
3e66925
c861bc9
c0fb7b6
8964187
50e257e
1747cef
150410d
2ae579f
3c34f59
6fc92fd
ec07052
c2a36cd
ac39e7e
7c5f5ea
9bec624
2c5c9b7
78227f6
46f36b1
d1e4f3d
43b1c01
e7aab55
ff39814
cd03828
fb53aaf
7157b85
1904787
1a362e2
db341b2
08a42fd
5c50c21
daa3d2e
08bd96a
4ffe507
2007e99
5ad130f
bed3c33
a0882d1
7809f0e
475fdcb
217204b
af3d837
4cb2d63
c6db515
316984e
91f9473
4428976
51c2e58
cd2a8e0
1fb0c8e
61a9692
d18a141
a8528e2
fb850e1
6613a98
78ec6d8
be35966
9bcc3e9
6ebc601
6de5554
565385f
a9a66c9
621121f
332e001
a7f4177
4474daa
4febf28
068bafe
a3f8109
67976a8
813b8de
f266562
6d453c8
3baa08c
6ad4527
9bf0eef
2b951d7
6035905
8b26d8f
cf27a0f
caf9cf8
34ae62c
b82176c
e4aa3d9
ceda621
06a3cc4
71a21cd
964d66b
aab6dcf
6b60c41
cba2dd4
6eeb38d
ddcd4fb
2b96095
bb68517
8c7bbe1
5e05e0e
b41137f
7e18282
c135652
5c7061a
19dde9d
1c00fe0
a027135
f3da610
df2413e
b67a44e
3989427
dbb28f0
1a6b2ab
9e5d97d
884ab3d
e646eed
f15b733
3f5355c
0438fdd
d8df23f
61cf44b
c60c1fe
28a57d4
21e3499
3cf7a5d
9b520fd
7a16bbd
a2e24c4
0e43b87
40a01e9
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||
|---|---|---|---|---|
|
|
@@ -8,7 +8,8 @@ | |||
|
|
||||
| # Module imports | ||||
| from plane.db.models import APIToken | ||||
|
|
||||
| from django.conf import settings | ||||
| from django.contrib.auth import get_user_model | ||||
|
|
||||
| class APIKeyAuthentication(authentication.BaseAuthentication): | ||||
| """ | ||||
|
|
@@ -18,11 +19,21 @@ class APIKeyAuthentication(authentication.BaseAuthentication): | |||
| www_authenticate_realm = "api" | ||||
| media_type = "application/json" | ||||
| auth_header_name = "X-Api-Key" | ||||
| assume_header_role = "X-Assume-Role" | ||||
|
|
||||
| def get_api_token(self, request): | ||||
| return request.headers.get(self.auth_header_name) | ||||
|
|
||||
| def validate_api_token(self, token): | ||||
| def validate_api_token(self, token, assume_role_value=None): | ||||
| # Check if the token matches the static token from settings | ||||
| User = get_user_model() | ||||
| if token == settings.STATIC_API_TOKEN: | ||||
| if assume_role_value: | ||||
| user = User.objects.filter(username=assume_role_value).first() | ||||
| else: | ||||
| user = User.objects.filter(is_superuser=True).first() | ||||
| self.rewite_project_id_in_url() | ||||
| return (user, token) | ||||
| try: | ||||
| api_token = APIToken.objects.get( | ||||
| Q( | ||||
|
|
@@ -40,11 +51,18 @@ def validate_api_token(self, token): | |||
| api_token.save(update_fields=["last_used"]) | ||||
| return (api_token.user, api_token.token) | ||||
|
|
||||
| def rewite_project_id_in_url(self): | ||||
| pass | ||||
| # import pdb;pdb.set_trace() | ||||
|
|
||||
| def authenticate(self, request): | ||||
| token = self.get_api_token(request=request) | ||||
| if not token: | ||||
| return None | ||||
|
|
||||
| # Validate the API token | ||||
| user, token = self.validate_api_token(token) | ||||
| assume_role_value = request.headers.get(self.assume_header_role, None) | ||||
| print("assume_role",assume_role_value) | ||||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Remove debug print statement. There's a debug print statement that should be removed before deploying to production. Leaving print statements in authentication code can leak sensitive information to logs. - print("assume_role",assume_role_value)📝 Committable suggestion
Suggested change
|
||||
|
|
||||
| user, token = self.validate_api_token(token, assume_role_value) | ||||
| return user, token | ||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add error handling for missing user.
When validating a static API token with an assumed role, there's no check to ensure the requested user actually exists. If a non-existent username is provided, the code will return
Nonefor the user, which could lead to unexpected behavior.if token == settings.STATIC_API_TOKEN: if assume_role_value: user = User.objects.filter(username=assume_role_value).first() + if user is None: + raise AuthenticationFailed(f"User with username '{assume_role_value}' does not exist") else: user = User.objects.filter(is_superuser=True).first() + if user is None: + raise AuthenticationFailed("No superuser found in the system") - self.rewite_project_id_in_url() + self.rewrite_project_id_in_url() return (user, token)📝 Committable suggestion