Simplify permissions declaration in custom endpoint

Question

Simplify permissions declaration in custom endpoint

Opened this issue a month ago · 0 comments

Currently custom endpoints, when in need of auth, require to write something like:

from fastapi import Depends
from cat.mad_hatter.decorators import endpoint
from cat.auth.connection import HTTPAuth
from cat.auth.permissions import AuthPermission, AuthResource

@endpoint.get("/hello")
def my_endpoint(stray=Depends(HTTPAuth(AuthResource.MEMORY, AuthPermission.LIST))):
    return {"answer": 42, "userId": stray.user_id}

Would be a great devx improvement to have this:

from cat.mad_hatter.decorators import endpoint
from cat.auth.permissions import AuthPermission, AuthResource, permissions_check

@endpoint.get("/hello")
def my_endpoint(stray=permissions_check(AuthResource.MEMORY, AuthPermission.LIST)):
    return {"answer": 42, "userId": stray.user_id}

which is the same as the less elegant but way simpler

from cat.mad_hatter.decorators import endpoint
from cat.auth.permissions import permissions_check

@endpoint.get("/hello")
def my_endpoint(stray=permissions_check("MEMORY", "LIST")):
    return {"answer": 42, "userId": stray.user_id}

Also we can use this helper function in all our core routes.
permissions_check is just a proposal name, maybe there is something more easy to understand.
If permissions are passed a strings, the function can check they correspond to the actual resource and permission enums

P.S.: by reading the docs it is not always clear (even if clearly written) that cat in hooks and tools is the same as stray as an instance of StrayCat. I think this may lead to confusion and so it should be called everywhere cat