Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor: Migrate to 2.0-style security policies #11218

Merged
merged 37 commits into from
May 2, 2022
Merged
Changes from 1 commit
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
bba2796
warehouse: begin using security policies
woodruffw Apr 20, 2022
7bc9904
Merge remote-tracking branch 'origin/main' into tob-pyramid-2-securit…
woodruffw Apr 20, 2022
03ffbc3
Remove pyramid-multiauth, begin switching to security policies
woodruffw Apr 20, 2022
6beb4dd
migrations: remove incorrectly checked in migrations
woodruffw Apr 20, 2022
4efbccf
warehouse: fix principals a little bit
woodruffw Apr 20, 2022
9da307d
warehouse: begin using real security policies
woodruffw Apr 20, 2022
00afa6e
warehouse: port basic auth
woodruffw Apr 20, 2022
a211e35
warehouse: port macaroon policy, remove transition shim
woodruffw Apr 20, 2022
1be99d8
utils/security_policy: fix principals
woodruffw Apr 20, 2022
936b633
warehouse: fix lint
woodruffw Apr 20, 2022
8f95b0e
tests/unit: rename-o-rama
woodruffw Apr 20, 2022
090ef01
Improve the readabililty of the overall diff
di Apr 21, 2022
0b788d9
warehouse: refactor security policies
woodruffw Apr 21, 2022
0bc2083
macaroons/security_policy: remove redundant route check
woodruffw Apr 21, 2022
8f858e3
Merge remote-tracking branch 'upstream/main' into tob-pyramid-2-secur…
woodruffw Apr 21, 2022
231a46d
accounts/security_policy: lint
woodruffw Apr 21, 2022
e2242ec
Update warehouse/utils/security_policy.py
woodruffw Apr 25, 2022
5cdb53a
macaroons/security_policy: avoid a DB roundtrip
woodruffw Apr 25, 2022
593d199
utils/security_policy: simplify principals, add comment
woodruffw Apr 25, 2022
44d1463
utils/security_policy: re-add id principal
woodruffw Apr 25, 2022
3e0c525
warehouse: disambiguate user IDs inside the principal set
woodruffw Apr 25, 2022
366b5e3
Merge remote-tracking branch 'upstream/main' into tob-pyramid-2-secur…
woodruffw Apr 25, 2022
6be5ae7
Merge remote-tracking branch 'upstream/main' into tob-pyramid-2-secur…
woodruffw Apr 25, 2022
840c301
packaging/models: blacken
woodruffw Apr 25, 2022
52c3120
tests, warehouse: the long and winding road
woodruffw Apr 25, 2022
9c7f8cd
tests/packaging: fix ACL tests
woodruffw Apr 26, 2022
f4f608b
tests, warehouse: rewrite account security policy tests
woodruffw Apr 26, 2022
5db0a10
macaroons: make the tests pass
woodruffw Apr 26, 2022
ab12fd3
tests: finish tests
woodruffw Apr 26, 2022
29b40f9
warehouse: move session invalidation to session authn
woodruffw Apr 26, 2022
f2ee9e9
tests, warehouse: update tests
woodruffw Apr 26, 2022
250a2a7
Merge remote-tracking branch 'upstream/main' into tob-pyramid-2-secur…
woodruffw Apr 26, 2022
42f7beb
Merge remote-tracking branch 'upstream/main' into tob-pyramid-2-secur…
woodruffw Apr 28, 2022
222b293
Merge remote-tracking branch 'upstream/main' into tob-pyramid-2-secur…
woodruffw Apr 28, 2022
ec2c563
utils/security_policy: authenticated_userid only works for user ident…
woodruffw Apr 28, 2022
8cb31c8
tests: update utils/security_policy tests
woodruffw Apr 28, 2022
6e6d039
Merge branch 'main' into tob-pyramid-2-security-policies
di May 2, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
warehouse: fix principals a little bit
woodruffw committed Apr 20, 2022

Verified

This commit was signed with the committer’s verified signature.
snyk-bot Snyk bot
commit 4efbccf37e21dbc06e86759dac2d723b3d34c119
2 changes: 1 addition & 1 deletion warehouse/accounts/__init__.py
Original file line number Diff line number Diff line change
@@ -226,7 +226,7 @@ def includeme(config):
MacaroonAuthenticationPolicy(callback=_macaroon_authenticate),
),
],
authz_policy
authz_policy,
)
)

38 changes: 32 additions & 6 deletions warehouse/utils/security_policy.py
Original file line number Diff line number Diff line change
@@ -10,18 +10,36 @@
# See the License for the specific language governing permissions and
# limitations under the License.

from pyramid.authorization import Authenticated, Everyone
from pyramid.interfaces import ISecurityPolicy
from zope.interface import implementer


from warehouse.accounts.interfaces import IUserService


def _groupfinder(user):
principals = []

if user.is_superuser:
principals.append("group:admins")
if user.is_moderator or user.is_superuser:
principals.append("group:moderators")
if user.is_psf_staff or user.is_superuser:
principals.append("group:psf_staff")

# user must have base admin access if any admin permission
if principals:
principals.append("group:with_admin_dashboard_access")


@implementer(ISecurityPolicy)
class ShimSecurityPolicy:
"""
Taken directly from the Pyramid changelog:
Modified from the Pyramid changelog:
https://docs.pylonsproject.org/projects/pyramid/en/latest/whatsnew-2.0.html

Unlike the Pyramid example, this `ShimSecurityPolicy` does not pass through
to an underlying AuthZ policy. AuthZ is handled separately.
"""

def __init__(self, authn_policy):
@@ -32,7 +50,10 @@ def authenticated_userid(self, request):

def identity(self, request):
login_service = request.find_service(IUserService, context=None)
return login_service.get_user(self.authenticated_userid(request))
user = login_service.get_user(self.authenticated_userid(request))
if user is not None:
return {"entity": user, "principals": _groupfinder(user)}
return None

def permits(self, request, context, permission):
return NotImplemented
woodruffw marked this conversation as resolved.
Show resolved Hide resolved
@@ -75,7 +96,7 @@ def identity(self, request):

def authenticated_userid(self, request):
if request.identity:
return request.identity.id
return request.identity["entity"].id
return None

def forget(self, request, **kw):
@@ -91,5 +112,10 @@ def remember(self, request, userid, **kw):
return headers

def permits(self, request, context, permission):
# TODO: definitely wrong.
return self._authz.permits(context, [], permission)
identity = request.identity
principals = [Everyone]
woodruffw marked this conversation as resolved.
Show resolved Hide resolved
if identity is not None:
principals.extend(
[Authenticated, identity["entity"].id, identity["principals"]]
)
return self._authz.permits(context, principals, permission)
woodruffw marked this conversation as resolved.
Show resolved Hide resolved