feat(RBAC): remove decorators (#627)

QuivrHQ · Jul 13, 2023 · 83fe943 · 83fe943
1 parent 029f7b7
commit 83fe943
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 9 deletions.
diff --git a/backend/routes/authorizations/brain_authorization.py b/backend/routes/authorizations/brain_authorization.py
@@ -7,7 +7,7 @@
 from models.users import User
 
 
-def has_brain_authorization(required_role: str = "Owner"):
+def has_brain_authorization(required_role: Optional[str] = "Owner"):
     def decorator(func):
         @wraps(func)
         async def wrapper(current_user: User, *args, **kwargs):
@@ -44,7 +44,6 @@ def validate_brain_authorization(
 
     brain = Brain(id=brain_id)
     user_brain = brain.get_brain_for_user(user_id)
-
     if user_brain is None:
         raise HTTPException(
             status_code=status.HTTP_404_NOT_FOUND,

diff --git a/backend/routes/brain_routes.py b/backend/routes/brain_routes.py
@@ -9,7 +9,9 @@
 from models.users import User
 from pydantic import BaseModel
 
-from routes.authorizations.brain_authorization import has_brain_authorization
+from routes.authorizations.brain_authorization import (
+    validate_brain_authorization,
+)
 
 logger = get_logger(__name__)
 
@@ -78,12 +80,12 @@ async def get_default_brain_endpoint(current_user: User = Depends(get_current_us
     "/brains/{brain_id}/",
     dependencies=[
         Depends(AuthBearer()),
-        Depends(has_brain_authorization),
     ],
     tags=["Brain"],
 )
 async def get_brain_endpoint(
     brain_id: UUID,
+    current_user: User = Depends(get_current_user),
 ):
     """
     Retrieve details of a specific brain by brain ID.
@@ -94,6 +96,7 @@ async def get_brain_endpoint(
     This endpoint retrieves the details of a specific brain identified by the provided brain ID. It returns the brain ID and its
     history, which includes the brain messages exchanged in the brain.
     """
+    validate_brain_authorization(brain_id, current_user.id)
     brain = Brain(id=brain_id)
     brains = brain.get_brain_details()
     if len(brains) > 0:
@@ -111,7 +114,6 @@ async def get_brain_endpoint(
     "/brains/{brain_id}/",
     dependencies=[
         Depends(AuthBearer()),
-        Depends(has_brain_authorization),
     ],
     tags=["Brain"],
 )
@@ -123,7 +125,7 @@ async def delete_brain_endpoint(
     Delete a specific brain by brain ID.
     """
     # [TODO] check if the user is the owner of the brain
-
+    validate_brain_authorization(brain_id, current_user.id)
     brain = Brain(id=brain_id)
     brain.delete_brain(current_user.id)
 
@@ -186,7 +188,6 @@ async def create_brain_endpoint(
         Depends(
             AuthBearer(),
         ),
-        Depends(has_brain_authorization),
     ],
     tags=["Brain"],
 )
@@ -203,6 +204,7 @@ async def update_brain_endpoint(
         name, status, model, max_tokens, temperature
     Return modified brain ? No need -> do an optimistic update
     """
+    validate_brain_authorization(brain_id, current_user.id)
     commons = common_dependencies()
     brain = Brain(id=brain_id)
 

diff --git a/backend/routes/explore_routes.py b/backend/routes/explore_routes.py
@@ -5,8 +5,8 @@
 from models.brains import Brain
 from models.settings import common_dependencies
 from models.users import User
+
 from routes.authorizations.brain_authorization import (
-    has_brain_authorization,
     validate_brain_authorization,
 )
 
@@ -31,7 +31,6 @@ async def explore_endpoint(
     "/explore/{file_name}/",
     dependencies=[
         Depends(AuthBearer()),
-        Depends(has_brain_authorization),
     ],
     tags=["Explore"],
 )
@@ -43,6 +42,7 @@ async def delete_endpoint(
     """
     Delete a specific user file by file name.
     """
+    validate_brain_authorization(brain_id, current_user.id)
     brain = Brain(id=brain_id)
     brain.delete_file_from_brain(file_name)