Skip to content

Commit

Permalink
ANPL-1704 Pass the current_user when revoking access to a datasource
Browse files Browse the repository at this point in the history
  • Loading branch information
michaeljcollinsuk committed Sep 13, 2023
1 parent 928238f commit 22a503e
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 8 deletions.
8 changes: 1 addition & 7 deletions controlpanel/api/models/apps3bucket.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,6 @@ def __repr__(self):

def grant_bucket_access(self):
tasks.S3BucketGrantToApp(self, self.current_user).create_task()
# cluster.App(self.app).grant_bucket_access(
# self.s3bucket.arn,
# self.access_level,
# self.resources,
# )

def revoke_bucket_access(self):
tasks.S3BucketRevokeAppAccess(self).create_task()
# cluster.App(self.app).revoke_bucket_access(self.s3bucket.arn)
tasks.S3BucketRevokeAppAccess(self, self.current_user).create_task()
5 changes: 4 additions & 1 deletion controlpanel/api/models/users3bucket.py
Original file line number Diff line number Diff line change
Expand Up @@ -48,4 +48,7 @@ def grant_bucket_access(self):
tasks.S3BucketGrantToUser(self, self.current_user).create_task()

def revoke_bucket_access(self):
tasks.S3BucketRevokeUserAccess(self).create_task()
# TODO when soft delete is added, this should be updated to use the user that
# has deleted the parent S3bucket to ensure we store the user that has sent the
# task in the case of cascading deletes
tasks.S3BucketRevokeUserAccess(self, self.current_user).create_task()
5 changes: 5 additions & 0 deletions controlpanel/frontend/views/app.py
Original file line number Diff line number Diff line change
Expand Up @@ -312,6 +312,11 @@ class RevokeAppAccess(OIDCLoginRequiredMixin, PermissionRequiredMixin, DeleteVie
model = AppS3Bucket
permission_required = "api.remove_app_bucket"

def get_object(self, queryset=None):
obj = super().get_object(queryset=queryset)
obj.current_user = self.request.user
return obj

def get_success_url(self):
messages.success(self.request, "Successfully disconnected data source")
return reverse_lazy("manage-app", kwargs={"pk": self.object.app.id})
Expand Down
5 changes: 5 additions & 0 deletions controlpanel/frontend/views/datasource.py
Original file line number Diff line number Diff line change
Expand Up @@ -293,6 +293,11 @@ class RevokeAccess(OIDCLoginRequiredMixin, PermissionRequiredMixin, DeleteView):
model = UserS3Bucket
permission_required = "api.destroy_users3bucket"

def get_object(self, queryset=None):
obj = super().get_object(queryset=queryset)
obj.current_user = self.request.user
return obj

def get_success_url(self):
messages.success(self.request, "Successfully revoked access")
return reverse_lazy("manage-datasource", kwargs={"pk": self.object.s3bucket.id})
Expand Down

0 comments on commit 22a503e

Please sign in to comment.