maquinaweb-shared-auth 0.2.13__py3-none-any.whl → 0.2.15__py3-none-any.whl

{maquinaweb_shared_auth-0.2.13.dist-info → maquinaweb_shared_auth-0.2.15.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: maquinaweb-shared-auth
-Version: 0.2.13
+Version: 0.2.15
 Summary: Models read-only para autenticação compartilhada entre projetos Django.
 Author-email: Seu Nome <seuemail@dominio.com>
 License: MIT

maquinaweb_shared_auth-0.2.15.dist-info/RECORD

@@ -0,0 +1,20 @@
+shared_auth/__init__.py,sha256=Ta8lIbyn22J6wU-TgWeSvdDHS4NBRf4Sv1Ag8VtY-bE,152
+shared_auth/app.py,sha256=EHoLKlpW41o6ZxcH184aMhnWQxkVp9fH2_-89RjMz-4,215
+shared_auth/authentication.py,sha256=2dcmq2ATYxvbPXgXd2duNNfiSmwIubg_5yrYa90STsI,1432
+shared_auth/conf.py,sha256=-jdnCokMvWvVKllfsxNYCsPk1Vo3MDRq4Y1MsO16oeA,411
+shared_auth/decorators.py,sha256=RT-Qfi7oGBo6PvWJRR1dqJUQdU6ZOf9p-8mV3rZmqQ0,3237
+shared_auth/exceptions.py,sha256=VKamHjBl2yjXG2RsMrLrXru1_Q9IJXmy4xmDcXlpWsU,627
+shared_auth/fields.py,sha256=RAcmFh1D_nkbai_7t_OrPZhfhAipesy5kKnEj4LUvvM,1254
+shared_auth/managers.py,sha256=IF12LmQslupcQhpazmxksrWBhy3N4bZrgU8hP6bHqII,6781
+shared_auth/middleware.py,sha256=8pi5UEj3TLLrjrVBp2Jh8F015urncUSewJTjTj5UsY8,6106
+shared_auth/mixins.py,sha256=BSYNTWYjLRGuxfy7x-uAaNZmrTMsm67ogAQzjrU2DoQ,7388
+shared_auth/models.py,sha256=PHVLpJUk3gzmiQYHPkk_G1KyUo8qXGolCioK8vg2xu0,6201
+shared_auth/permissions.py,sha256=CTsd0xE_Z-LYNVwU4jOJLWvlcbdRG8mLkLMEnbmkhJA,2665
+shared_auth/router.py,sha256=zYidJ7j40lQLrhkCtAQAp-rQLhua_UF0X7SDzYRcV5w,668
+shared_auth/serializers.py,sha256=uhSrcmFgBUnIWUiKymQrsSNpFDTj3j1Eged2lPG2M0s,4588
+shared_auth/urls.py,sha256=Bj3EtpLDyNBEgtfVN0gVf11STOPJV8hzAnOb_cF2xi4,298
+shared_auth/views.py,sha256=r4UU97TDvhJdqPr4ifIYSflRaUBeQ9DMaDAxby7l3k0,1572
+maquinaweb_shared_auth-0.2.15.dist-info/METADATA,sha256=00iVBSYhh26aw4TA_z8yMRgwKmglsq5JIXM6o1z5pio,27151
+maquinaweb_shared_auth-0.2.15.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+maquinaweb_shared_auth-0.2.15.dist-info/top_level.txt,sha256=msyYRy02ZV7zz7GR1raUI5LXGFIFn2TIkgkeKZqKufE,12
+maquinaweb_shared_auth-0.2.15.dist-info/RECORD,,

shared_auth/authentication.py

@@ -6,7 +6,7 @@ from django.utils.translation import gettext_lazy as _
 from rest_framework import exceptions
 from rest_framework.authentication import TokenAuthentication
 
-from .models import SharedToken, SharedUser
+from .models import SharedToken, User
 
 
 class SharedTokenAuthentication(TokenAuthentication):
@@ -34,8 +34,8 @@ class SharedTokenAuthentication(TokenAuthentication):
 
         # Buscar usuário completo
         try:
-            user = SharedUser.objects.get(pk=token.user_id)
-        except SharedUser.DoesNotExist:
+            user = User.objects.get(pk=token.user_id)
+        except User.DoesNotExist:
             raise exceptions.AuthenticationFailed(_("Usuário não encontrado."))
 
         if not user.is_active:

shared_auth/decorators.py

@@ -6,7 +6,7 @@ from functools import wraps
 
 from django.http import JsonResponse
 
-from .models import SharedOrganization, SharedToken, SharedUser
+from .models import SharedOrganization, SharedToken, User
 
 
 def require_auth(view_func):
@@ -30,7 +30,7 @@ def require_auth(view_func):
         # Validar token
         try:
             token_obj = SharedToken.objects.get(key=token)
-            user = SharedUser.objects.get(pk=token_obj.user_id)
+            user = User.objects.get(pk=token_obj.user_id)
 
             if not user.is_active or user.deleted_at is not None:
                 return JsonResponse({"error": "Usuário inativo"}, status=401)
@@ -38,7 +38,7 @@ def require_auth(view_func):
             request.user = user
             request.auth = token_obj
 
-        except (SharedToken.DoesNotExist, SharedUser.DoesNotExist):
+        except (SharedToken.DoesNotExist, User.DoesNotExist):
             return JsonResponse({"error": "Token inválido"}, status=401)
 
         return view_func(request, *args, **kwargs)

shared_auth/exceptions.py

@@ -1,21 +1,23 @@
+from rest_framework.exceptions import APIException
 """
 Exceções customizadas
 """
-class SharedAuthError(Exception):
+class SharedAuthError(APIException):
     """Erro base da biblioteca"""
     pass
 
 
 class OrganizationNotFoundError(SharedAuthError):
-    """Organização não encontrada"""
-    pass
-
+    status_code = 404
+    default_detail = 'Organização não encontrada.'
+    default_code = 'organization_not_found'
 
 class UserNotFoundError(SharedAuthError):
-    """Usuário não encontrado"""
-    pass
-
+    status_code = 404
+    default_detail = 'Usuário não encontrado.'
+    default_code = 'user_not_found'
 
 class DatabaseConnectionError(SharedAuthError):
-    """Erro de conexão com o banco de dados"""
-    pass
+    status_code = 500
+    default_detail = 'Erro interno'
+    default_code = 'internal_error'

shared_auth/managers.py

@@ -220,6 +220,3 @@ class BaseAuthManager(models.Manager):
             return super().get_queryset()
 
         return qs_class(self.model, using=self._db)
-
-
-# shared_auth/serializers.py

shared_auth/middleware.py

@@ -6,7 +6,7 @@ from django.http import JsonResponse
 from django.utils.deprecation import MiddlewareMixin
 
 from .authentication import SharedTokenAuthentication
-from .models import SharedMember, SharedOrganization, SharedToken, SharedUser
+from .models import SharedMember, SharedOrganization, SharedToken, User
 
 
 class SharedAuthMiddleware(MiddlewareMixin):
@@ -52,7 +52,7 @@ class SharedAuthMiddleware(MiddlewareMixin):
         # Validar token e buscar usuário
         try:
             token_obj = SharedToken.objects.get(key=token)
-            user = SharedUser.objects.get(pk=token_obj.user_id)
+            user = User.objects.get(pk=token_obj.user_id)
 
             if not user.is_active or user.deleted_at is not None:
                 # request.user = None
@@ -63,7 +63,7 @@ class SharedAuthMiddleware(MiddlewareMixin):
             # request.user = user
             request.auth = token_obj
 
-        except (SharedToken.DoesNotExist, SharedUser.DoesNotExist):
+        except (SharedToken.DoesNotExist, User.DoesNotExist):
             # request.user = None
             request.auth = None
 

shared_auth/mixins.py

@@ -108,9 +108,9 @@ class UserMixin(models.Model):
         Acessa usuário do banco de auth (lazy loading com cache)
         """
         if not hasattr(self, "_cached_user"):
-            from shared_auth.models import SharedUser
+            from shared_auth.models import User
 
-            self._cached_user = SharedUser.objects.get_or_fail(self.user_id)
+            self._cached_user = User.objects.get_or_fail(self.user_id)
         return self._cached_user
 
     @property

shared_auth/models.py

@@ -5,7 +5,7 @@ ATENÇÃO: Estes models NÃO devem ser usados para criar migrations
 
 from django.contrib.auth.models import AbstractUser
 from django.db import models
-
+from .exceptions import OrganizationNotFoundError, PermissionDeniedError
 from .conf import MEMBER_TABLE, ORGANIZATION_TABLE, USER_TABLE
 from .managers import (
     SharedMemberManager,
@@ -37,7 +37,7 @@ class SharedToken(models.Model):
     def user(self):
         """Acessa usuário do token"""
         if not hasattr(self, "_cached_user"):
-            self._cached_user = SharedUser.objects.get_or_fail(self.user_id)
+            self._cached_user = User.objects.get_or_fail(self.user_id)
         return self._cached_user
 
     def is_valid(self):
@@ -121,7 +121,7 @@ class SharedOrganization(models.Model):
         Usage:
             users = org.users
         """
-        return SharedUser.objects.filter(
+        return User.objects.filter(
             id__in=self.members.values_list("user_id", flat=True)
         )
 
@@ -130,7 +130,7 @@ class SharedOrganization(models.Model):
         return self.deleted_at is None
 
 
-class SharedUser(AbstractUser):
+class User(AbstractUser):
     """
     Model READ-ONLY da tabela auth_user
     """
@@ -148,10 +148,36 @@ class SharedUser(AbstractUser):
     class Meta:
         managed = False
         db_table = USER_TABLE
-        default_related_name = "user"
-        name = "user"
-        verbose_name = "user"
-        verbose_name_plural = "users"
+
+    @property
+    def organizations(self):
+        """
+        Retorna todas as organizações associadas ao usuário.
+        """
+        return SharedOrganization.objects.filter(
+            id__in=SharedMember.objects.filter(user_id=self.id).values_list(
+                "organization_id", flat=True
+            )
+        )
+
+    def get_org(self, organization_id):
+        """
+        Retorna a organização especificada pelo ID, se o usuário for membro.
+        """
+        try:
+            organization = SharedOrganization.objects.get(id=organization_id)
+        except SharedOrganization.DoesNotExist:
+            raise OrganizationNotFoundError(
+                f"Organização com ID {organization_id} não encontrada."
+            )
+
+        if not SharedMember.objects.filter(
+            user_id=self.id, organization_id=organization.id
+        ).exists():
+            raise OrganizationNotFoundError("Usuário não é membro desta organização.")
+
+        return organization
+
 
 
 class SharedMember(models.Model):
@@ -183,7 +209,7 @@ class SharedMember(models.Model):
             user = member.user
             print(user.email)
         """
-        return SharedUser.objects.get_or_fail(self.user_id)
+        return User.objects.get_or_fail(self.user_id)
 
     @property
     def organization(self):

shared_auth/serializers.py

@@ -1,8 +1,8 @@
 """
 Serializers compartilhados para DRF
 """
-
 from rest_framework import serializers
+from .models import SharedOrganization, User
 
 
 class OrganizationSerializerMixin:
@@ -49,6 +49,16 @@ class OrganizationSerializerMixin:
         except Exception as e:
             return None
 
+class OrganizationSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = SharedOrganization
+        fields = "__all__"
+
+
+class UserSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = User
+        fields = "__all__"
 
 class UserSerializerMixin:
     """

shared_auth/urls.py

@@ -0,0 +1,8 @@
+from rest_framework.routers import DefaultRouter
+from .views import OrganizationViewSet, UserViewSet
+
+router = DefaultRouter()
+router.register(r'api/organizations', OrganizationViewSet, basename='organization')
+router.register(r'auth/user', UserViewSet, basename='user')
+
+urlpatterns = router.urls

shared_auth/views.py

@@ -0,0 +1,41 @@
+from rest_framework import viewsets
+from rest_framework.decorators import action
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated
+from .middleware import get_member
+from .models import SharedOrganization, SharedMember
+from .serializers import OrganizationSerializer, UserSerializer
+
+class OrganizationViewSet(viewsets.ReadOnlyModelViewSet):
+    """
+    ViewSet para organizações do usuário + action `me` para retornar
+    a organização atual via header.
+    """
+    serializer_class = OrganizationSerializer
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        organizations = self.request.user.organizations
+        return organizations
+
+    @action(detail=False, methods=['get'])
+    def me(self, request):
+        org = request.user.get_org(request.organization_id)
+        if not org:
+            return Response({"detail": "Organization not specified or not found."}, status=400)
+
+        if not get_member(request.user.id, org.pk):
+            return Response({"detail": "Você não pertence a essa organização."}, status=403)
+        serializer = self.get_serializer(org)
+        return Response(serializer.data)
+
+class UserViewSet(viewsets.ReadOnlyModelViewSet):
+    serializer_class = UserSerializer
+    permission_classes = [IsAuthenticated]
+
+    # def get_queryset(self):
+    #     return User.objects.filter(pk=self.request.user.pk)
+
+    def list(self, request, *args, **kwargs):
+        serializer = self.get_serializer(request.user)
+        return Response(serializer.data)

maquinaweb_shared_auth-0.2.13.dist-info/RECORD

@@ -1,18 +0,0 @@
-shared_auth/__init__.py,sha256=Ta8lIbyn22J6wU-TgWeSvdDHS4NBRf4Sv1Ag8VtY-bE,152
-shared_auth/app.py,sha256=EHoLKlpW41o6ZxcH184aMhnWQxkVp9fH2_-89RjMz-4,215
-shared_auth/authentication.py,sha256=-9FTdSBvfjq7vgZbJBvoJyPcwN-zIfx1pRhgPFB9dnw,1450
-shared_auth/conf.py,sha256=-jdnCokMvWvVKllfsxNYCsPk1Vo3MDRq4Y1MsO16oeA,411
-shared_auth/decorators.py,sha256=A2BVcEk1Ty4M4ZOAa_fqEdPIn_w9UXxIvfJWFlqw3wk,3255
-shared_auth/exceptions.py,sha256=eiII-REupK6GeFinisteYO3FsGUDAN5zAajXPhTREm8,404
-shared_auth/fields.py,sha256=RAcmFh1D_nkbai_7t_OrPZhfhAipesy5kKnEj4LUvvM,1254
-shared_auth/managers.py,sha256=Oskz863DGG7nFp6ijZfYVWGCG-Inp6PAP0NakX-x71g,6812
-shared_auth/middleware.py,sha256=xVoSnlndp6-_cgQADASk2ie8th8e_7SN_7q-lfArx9Y,6124
-shared_auth/mixins.py,sha256=-D-mDmDI_EjMGpUpkMEp1XTlecvUlCRj-Bch9dm9s_I,7400
-shared_auth/models.py,sha256=HB5jCqa7l-P1o6v_Gk043RRjzv87xAXpYQ7jDlz7NZg,5287
-shared_auth/permissions.py,sha256=CTsd0xE_Z-LYNVwU4jOJLWvlcbdRG8mLkLMEnbmkhJA,2665
-shared_auth/router.py,sha256=zYidJ7j40lQLrhkCtAQAp-rQLhua_UF0X7SDzYRcV5w,668
-shared_auth/serializers.py,sha256=TDpuZVsOL-6igINSOOOyELWbTUeet4XWRoBkvcMGjW4,4290
-maquinaweb_shared_auth-0.2.13.dist-info/METADATA,sha256=YijgfRMLll6LeiRmcMBnjYyFKzODMbXUX39BtfJa8l4,27151
-maquinaweb_shared_auth-0.2.13.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-maquinaweb_shared_auth-0.2.13.dist-info/top_level.txt,sha256=msyYRy02ZV7zz7GR1raUI5LXGFIFn2TIkgkeKZqKufE,12
-maquinaweb_shared_auth-0.2.13.dist-info/RECORD,,