(release) karrio admin foundation with 2023.9.4

apps/api/karrio/server/VERSION

@@ -1 +1 @@
-2023.9.3
+2023.9.4

bin/deploy-hobby

@@ -2,7 +2,7 @@
 
 set -e
 
-export KARRIO_TAG="${KARRIO_TAG:-2023.9.3}"
+export KARRIO_TAG="${KARRIO_TAG:-2023.9.4}"
 export SENTRY_DSN="${SENTRY_DSN:-'https://public@sentry.example.com/1'}"
 
 SECRET_KEY=$(head -c 28 /dev/urandom | sha224sum -b | head -c 56)
@@ -23,7 +23,7 @@ if ! [ -z "$1" ]
 then
 export KARRIO_TAG=$1
 else
-echo "What version of Karrio would you like to install? (We default to '2023.9.3')"
+echo "What version of Karrio would you like to install? (We default to '2023.9.4')"
 echo "You can check out available versions here: https://hub.docker.com/r/karrio/server/tags"
 read -r KARRIO_TAG_READ
 if [ -z "$KARRIO_TAG_READ" ]

bin/upgrade-hobby

@@ -44,7 +44,7 @@ else
 fi
 
 [[ -f ".env" ]] && export $(cat .env | xargs) || ( echo "No .env file found. Please create it with SECRET_KEY and DOMAIN set." && exit 1)
-export KARRIO_TAG="${KARRIO_TAG:-2023.9.3}"
+export KARRIO_TAG="${KARRIO_TAG:-2023.9.4}"
 
 # get karrio scripts
 mkdir -p ./karrio

docker/docker-compose.yml

@@ -3,7 +3,7 @@ version: "3"
 services:
   api:
     container_name: karrio.api
-    image: karrio.docker.scarf.sh/karrio/server:2023.9.3
+    image: karrio.docker.scarf.sh/karrio/server:2023.9.4
     restart: unless-stopped
     ports:
       - ${KARRIO_HTTP_PORT}:${KARRIO_HTTP_PORT}
@@ -25,7 +25,7 @@ services:
 
   worker:
     container_name: karrio.worker
-    image: karrio.docker.scarf.sh/karrio/server:2023.9.3
+    image: karrio.docker.scarf.sh/karrio/server:2023.9.4
     restart: unless-stopped
     depends_on:
       - db
@@ -46,7 +46,7 @@ services:
 
   dashboard:
     container_name: karrio.dashboard
-    image: karrio.docker.scarf.sh/karrio/dashboard:2023.9.3
+    image: karrio.docker.scarf.sh/karrio/dashboard:2023.9.4
     restart: unless-stopped
     ports:
       - ${DASHBOARD_PORT}:3000/tcp

modules/admin/setup.py

@@ -5,7 +5,7 @@
 
 setup(
     name="karrio.server.admin",
-    version="2023.9",
+    version="2023.9.4",
     description="Multi-carrier shipping API admin module",
     long_description=long_description,
     long_description_content_type="text/markdown",

modules/core/karrio/server/core/dataunits.py

@@ -53,8 +53,8 @@ def contextual_metadata(request: Request):
 
 
 def contextual_reference(request: Request = None, reduced: bool = True):
-    import karrio.server.core.validators as validators
     import karrio.server.core.gateway as gateway
+    import karrio.server.core.validators as validators
     import karrio.server.core.middleware as middleware
 
     request = request or middleware.SessionContext.get_current_request()

modules/core/karrio/server/user/models.py

@@ -71,7 +71,28 @@ def object_type(self):
 
     @property
     def permissions(self):
-        _permissions = self.groups.all().values_list("name", flat=True)
+        import karrio.server.conf as conf
+        import karrio.server.iam.models as iam
+        import karrio.server.core.middleware as middleware
+
+        ctx = middleware.SessionContext.get_current_request()
+        _permissions = []
+
+        if conf.settings.MULTI_ORGANIZATIONS and ctx.org is not None:
+            org_user = ctx.org.organization_users.filter(user_id=self.pk)
+            _permissions = (
+                iam.ContextPermission.objects.get(
+                    object_pk=org_user.first().pk,
+                    content_type=ContentType.objects.get_for_model(org_user.first()),
+                )
+                .groups.all()
+                .values_list("name", flat=True)
+                if org_user.exists()
+                else []
+            )
+
+        if not any(_permissions):
+            _permissions = self.groups.all().values_list("name", flat=True)
 
         if not any(_permissions) and self.is_superuser:
             return Group.objects.all().values_list("name", flat=True)
@@ -119,30 +140,31 @@ def permissions(self):
 
         _permissions = []
 
-        if conf.settings.MULTI_ORGANIZATIONS and self.org.exists():
-            org_user = self.org.first().organization_users.filter(user_id=self.user_id)
+        if iam.ContextPermission.objects.filter(object_pk=self.pk).exists():
             _permissions = (
                 iam.ContextPermission.objects.get(
-                    object_pk=org_user.first().pk,
-                    content_type=ContentType.objects.get_for_model(org_user.first()),
+                    object_pk=self.pk,
+                    content_type=ContentType.objects.get_for_model(Token),
                 )
                 .groups.all()
                 .values_list("name", flat=True)
-                if org_user.exists()
-                else []
             )
 
         if (
             not any(_permissions)
-            and iam.ContextPermission.objects.filter(object_pk=self.pk).exists()
+            and conf.settings.MULTI_ORGANIZATIONS
+            and self.org.exists()
         ):
+            org_user = self.org.first().organization_users.filter(user_id=self.user_id)
             _permissions = (
                 iam.ContextPermission.objects.get(
-                    object_pk=self.pk,
-                    content_type=ContentType.objects.get_for_model(Token),
+                    object_pk=org_user.first().pk,
+                    content_type=ContentType.objects.get_for_model(org_user.first()),
                 )
                 .groups.all()
                 .values_list("name", flat=True)
+                if org_user.exists()
+                else []
             )
 
         return _permissions if any(_permissions) else self.user.permissions

modules/core/setup.py

@@ -5,7 +5,7 @@
 
 setup(
     name="karrio.server.core",
-    version="2023.9.3",
+    version="2023.9.4",
     description="Multi-carrier shipping API Core module",
     long_description=long_description,
     long_description_content_type="text/markdown",

modules/graph/karrio/server/graph/schemas/base/inputs.py

@@ -73,6 +73,7 @@ class UpdateUserInput(utils.BaseInput):
 
 @strawberry.input
 class TokenMutationInput(utils.BaseInput):
+    key: str
     password: typing.Optional[str] = strawberry.UNSET
     refresh: typing.Optional[bool] = strawberry.UNSET
 

modules/graph/karrio/server/graph/schemas/base/mutations.py

@@ -64,9 +64,12 @@ class TokenMutation(utils.BaseMutation):
     @utils.authentication_required
     @utils.authorization_required()
     def mutate(
-        info: Info, refresh: bool = None, password: str = None
+        info: Info,
+        key: str = None,
+        refresh: bool = None,
+        password: str = None,
     ) -> "UserUpdateMutation":
-        tokens = user_models.Token.access_by(info.context.request)
+        tokens = user_models.Token.access_by(info.context.request).filter(key=key)
 
         if refresh:
             if len(password or "") == 0:
@@ -80,6 +83,9 @@ def mutate(
             if any(tokens):
                 tokens.delete()
 
+        else:
+            return TokenMutation(token=tokens.first())  # type:ignore
+
         token = (
             TokenSerializer.map(data={}, context=info.context.request).save().instance
         )
@@ -105,7 +111,11 @@ def mutate(
         api_key = TokenSerializer.map(data=data, context=context).save().instance
 
         if any(permissions):
-            _auth_ctx = getattr(context, "token", context.user)
+            _auth_ctx = (
+                context.token
+                if hasattr(getattr(info.context.request, "token", None), "permissions")
+                else context.user
+            )
             _ctx_permissions = getattr(_auth_ctx, "permissions", [])
             _invalid_permissions = [_ for _ in permissions if _ not in _ctx_permissions]
 

modules/graph/karrio/server/graph/schemas/base/types.py

@@ -6,7 +6,6 @@
 from django.forms.models import model_to_dict
 from django.contrib.auth import get_user_model
 from django.utils.translation import gettext_lazy as _
-from django.contrib.contenttypes.models import ContentType
 
 import karrio.lib as lib
 import karrio.server.iam.models as iam
@@ -41,22 +40,6 @@ def permissions(self: User, info) -> typing.Optional[typing.List[str]]:
         if hasattr(getattr(info.context.request, "token", None), "permissions"):
             return info.context.request.token.permissions
 
-        # Return permissions from org user if multiple orgs context
-        if hasattr(info.context.request, "org"):
-            org_user = info.context.request.org.organization_users.filter(
-                user_id=self.id
-            )
-            return (
-                iam.ContextPermission.objects.get(
-                    object_pk=org_user.first().pk,
-                    content_type=ContentType.objects.get_for_model(org_user.first()),
-                )
-                .groups.all()
-                .values_list("name", flat=True)
-                if org_user.exists()
-                else []
-            )
-
         # Return permissions from user
         return info.context.request.user.permissions
 
@@ -227,7 +210,7 @@ def resolve_list(
             "test_mode": info.context.request.test_mode,
             **(
                 {"org__id": info.context.request.org.id}
-                if hasattr(info.context.request, "org")
+                if getattr(info.context.request, "org", None) is not None
                 else {}
             ),
         }

modules/graph/karrio/server/graph/tests/test_user_info.py

@@ -42,7 +42,9 @@ def test_update_token(self):
             }
             """,
             operation_name="mutate_token",
-            variables=TOKEN_MUTATION_DATA,
+            variables={
+                "data": {"refresh": True, "password": "test", "key": current_token}
+            },
         )
         response_data = response.data
 
@@ -67,5 +69,3 @@ def test_update_token(self):
         }
     }
 }
-
-TOKEN_MUTATION_DATA = {"data": {"refresh": True, "password": "test"}}

modules/graph/setup.py

@@ -5,7 +5,7 @@
 
 setup(
     name="karrio.server.graph",
-    version="2023.9.2",
+    version="2023.9.4",
     description="Multi-carrier shipping API Graph module",
     long_description=long_description,
     long_description_content_type="text/markdown",

modules/pricing/setup.py

@@ -5,7 +5,7 @@
 
 setup(
     name="karrio.server.pricing",
-    version="2023.4",
+    version="2023.9.4",
     description="Multi-carrier shipping API Pricing panel",
     long_description=long_description,
     long_description_content_type="text/markdown",

packages/types/graphql/types.ts

@@ -6517,6 +6517,7 @@ export interface UpdateAddressTemplateInput {
 
 // null
 export interface TokenMutationInput {
+  key: string;
   password?: string | null;
   refresh?: boolean | null;
 }

packages/ui/modals/generate-api-dialog.tsx

@@ -1,4 +1,4 @@
-import { useAPITokenMutation } from '@karrio/hooks/api-token';
+import { useAPIToken, useAPITokenMutation } from '@karrio/hooks/api-token';
 import React, { useContext, useRef, useState } from 'react';
 import { Notifier, Notify } from '../components/notifier';
 import { NotificationType } from '@karrio/types';
@@ -12,13 +12,14 @@ export const GenerateAPIModal: React.FC<{ children?: React.ReactNode }> = ({ chi
   const { loading, setLoading } = useLoader();
   const password = useRef<HTMLInputElement>(null);
   const { query: { data: { user } = {} } } = useUser();
+  const { query: { data: { token } = {} } } = useAPIToken();
   const [isActive, setIsActive] = useState<boolean>(false);
 
   const handleSubmit = async (evt: React.FormEvent<HTMLFormElement>) => {
     evt.preventDefault();
     try {
       setLoading(true);
-      await mutation.updateToken.mutateAsync({ refresh: true, password: password.current?.value });
+      await mutation.updateToken.mutateAsync({ refresh: true, key: token!.key, password: password.current?.value });
       setLoading(false);
       setIsActive(false);
       notify({ type: NotificationType.success, message: "New token generated successfully!" });