oxutils 0.1.7__py3-none-any.whl → 0.1.10__py3-none-any.whl

oxutils/__init__.py

@@ -8,9 +8,10 @@ This package provides:
 - Celery integration
 - Django model mixins
 - Custom exceptions
+- Permission management
 """
 
-__version__ = "0.1.7"
+__version__ = "0.1.10"
 
 from oxutils.settings import oxi_settings
 from oxutils.conf import UTILS_APPS, AUDIT_MIDDLEWARE

oxutils/constants.py

@@ -2,3 +2,7 @@ ORGANIZATION_QUERY_KEY = 'organization_id'
 ORGANIZATION_HEADER_KEY = 'X-Organization-ID'
 ORGANIZATION_TOKEN_COOKIE_KEY = 'organization_token'
 OXILIERE_SERVICE_TOKEN = 'X-Oxiliere-Token'
+
+REFRESH_TOKEN_COOKIE = 'refresh_token'
+ACCESS_TOKEN_COOKIE = 'access_token'
+

oxutils/jwt/auth.py

@@ -1,11 +1,33 @@
 import os
-from typing import Dict, Any, Optional
+from typing import Dict, Any, Optional, Type, Tuple
+from django.utils.translation import gettext_lazy as _
+from django.http import HttpRequest
+from django.contrib.auth.models import AbstractUser
+from django.contrib.auth import (
+    authenticate as django_authenticate,
+    login as django_login,
+    get_user_model
+)
 from jwcrypto import jwk
 from django.core.exceptions import ImproperlyConfigured
+
+from ninja.security.base import AuthBase
+from ninja_jwt.authentication import (
+    JWTBaseAuthentication,
+    JWTStatelessUserAuthentication
+)
+from ninja.security import (
+    APIKeyCookie,
+    HttpBasicAuth,
+)
+from ninja_jwt.exceptions import InvalidToken
+from ninja_jwt.settings import api_settings
+from oxutils.constants import ACCESS_TOKEN_COOKIE
 from oxutils.settings import oxi_settings
 
 
 
+
 _public_jwk_cache: Optional[jwk.JWK] = None
 
 
@@ -53,3 +75,130 @@ def clear_jwk_cache() -> None:
     """Clear the cached JWK. Useful for testing or key rotation."""
     global _public_jwk_cache
     _public_jwk_cache = None
+
+
+class AuthMixin:
+    def jwt_authenticate(self, request: HttpRequest, token: str) -> AbstractUser:
+        """
+        Add token_user to the request object, witch will be erased by the jwt_allauth.utils.popolate_user
+        function.
+        """
+        token_user = super().jwt_authenticate(request, token)
+        request.token_user = token_user
+        return token_user
+
+
+class JWTAuth(AuthMixin, JWTStatelessUserAuthentication):
+    pass
+
+
+class JWTCookieAuth(AuthMixin, JWTBaseAuthentication, APIKeyCookie):
+    """
+    An authentication plugin that authenticates requests through a JSON web
+    token provided in a request header without performing a database lookup to obtain a user instance.
+    """
+
+    param_name = ACCESS_TOKEN_COOKIE
+
+    def authenticate(self, request: HttpRequest, token: str) -> Any:
+        return self.jwt_authenticate(request, token)
+
+    def get_user(self, validated_token: Any) -> Type[AbstractUser]:
+        """
+        Returns a stateless user object which is backed by the given validated
+        token.
+        """
+        if api_settings.USER_ID_CLAIM not in validated_token:
+            # The TokenUser class assumes tokens will have a recognizable user
+            # identifier claim.
+            raise InvalidToken(_("Token contained no recognizable user identification"))
+
+        return api_settings.TOKEN_USER_CLASS(validated_token)
+
+
+def authenticate_by_x_session_token(token: str) -> Optional[Tuple]:
+    """
+    Copied from allauth.headless.internal.sessionkit, to "select_related"
+    """
+    from allauth.headless import app_settings
+
+
+    session = app_settings.TOKEN_STRATEGY.lookup_session(token)
+    if not session:
+        return None
+    user_id_str = session.get(SESSION_KEY)
+    if user_id_str:
+        meta_pk = get_user_model()._meta.pk
+        if meta_pk:
+            user_id = meta_pk.to_python(user_id_str)
+            user = get_user_model().objects.filter(pk=user_id).first()
+            if user and user.is_active:
+                return (user, session)
+    return None
+
+
+class XSessionTokenAuth(AuthBase):
+    """
+    This security class uses the X-Session-Token that django-allauth
+    is using for authentication purposes.
+    """
+
+    openapi_type: str = "apiKey"
+
+    def __call__(self, request: HttpRequest):
+        token = self.get_session_token(request)
+        if token:
+            user_session = authenticate_by_x_session_token(token)
+            if user_session:
+                return user_session[0]
+        return None
+
+    def get_session_token(self, request: HttpRequest) -> Optional[str]:
+        """
+        Returns the session token for the given request, by looking up the
+        ``X-Session-Token`` header. Override this if you want to extract the token
+        from e.g. the ``Authorization`` header.
+        """
+        if request.session.session_key:
+            return request.session.session_key
+        
+        return request.headers.get("X-Session-Token")
+
+
+class BasicAuth(HttpBasicAuth):
+    def authenticate(self, request: HttpRequest, username: str, password: str) -> Optional[Any]:
+        user = django_authenticate(email=username, password=password)
+        if user and user.is_active:
+            django_login(request, user)
+            return user
+        return None
+
+
+class BasicNoPasswordAuth(HttpBasicAuth):
+    def authenticate(self, request: HttpRequest, username: str, password: str) -> Optional[Any]:
+        try:
+            user = get_user_model().objects.get(email=username)
+            if user and user.is_active:
+                django_login(request, user)
+                return user
+            return None
+        except Exception as e:
+            return None
+
+x_session_token_auth = XSessionTokenAuth()
+basic_auth = BasicAuth()
+basic_no_password_auth = BasicNoPasswordAuth()
+jwt_auth = JWTAuth()
+jwt_cookie_auth = JWTCookieAuth()
+
+
+
+
+def get_auth_handlers(auths: List[AuthBase] = []) -> List[AuthBase]:
+    """Auth handler switcher based on settings.DEBUG"""
+    from django.conf import settings
+
+    if settings.DEBUG:
+        return auths
+
+    return [jwt_auth, jwt_cookie_auth]

oxutils/jwt/models.py

@@ -1,4 +1,8 @@
-# TokenTenant model
+from uuid import UUID
+from django.utils.functional import cached_property
+from ninja_jwt.models import TokenUser as DefaultTonkenUser
+from ninja_jwt.settings import api_settings
+
 import structlog
 from .tokens import OrganizationAccessToken
 
@@ -32,6 +36,14 @@ class TokenTenant:
     def pk(self):
         return self.id
 
+    @property
+    def is_active(self):
+        return self.status == 'active'
+
+    @property
+    def is_deleted(self):
+        return self.status == 'deleted'
+
     @classmethod
     def for_token(cls, token):
         try:
@@ -48,3 +60,22 @@ class TokenTenant:
         except Exception:
             logger.exception('Failed to create TokenTenant from token', token=token)
             return None
+
+
+class TokenUser(DefaultTonkenUser):
+    @cached_property
+    def id(self):
+        return UUID(self.token[api_settings.USER_ID_CLAIM])
+
+    @property
+    def oxi_id(self):
+        # for compatibility with the User model
+        return self.id
+
+    @cached_property
+    def token_created_at(self):
+        return self.token.get('cat', None)
+
+    @cached_property
+    def token_session(self):
+        return self.token.get('session', None)

oxutils/jwt/utils.py

@@ -0,0 +1,45 @@
+from functools import wraps
+import structlog
+from django.contrib.auth import get_user_model
+from django.http import HttpRequest
+
+from ninja_jwt.exceptions import InvalidToken
+
+
+
+logger = structlog.getLogger("django")
+User = get_user_model()
+
+
+def load_user(f):
+    """
+    Decorator that loads the complete user object from the database for stateless JWT authentication.
+    This is necessary because JWT tokens only contain the user ID, and the full user object
+    might be needed in the view methods.
+
+    Usage:
+
+    .. code-block:: python
+
+        @load_user
+        def my_view_method(self, *args, **kwargs):
+            # self.request.user will be the complete user object
+            pass
+    """
+    @wraps(f)
+    def wrapper(self, *args, **kwargs):
+        populate_user(self.context.request)
+        res = f(self, *args, **kwargs)
+        return res
+    return wrapper
+
+
+def populate_user(request: HttpRequest):
+    if isinstance(request.user, User):
+        return
+
+    try:
+        request.user = User.objects.get(oxi_id=request.user.id)
+    except User.DoesNotExist as exc:
+        logger.exception('user_not_found', oxi_id=request.user.id, message=str(exc))
+        raise InvalidToken()

oxutils/logger/receivers.py

@@ -3,14 +3,18 @@ from django.dispatch import receiver
 import structlog
 from django_structlog import signals
 from oxutils.settings import oxi_settings
-
+from oxutils.oxiliere.context import get_current_tenant_schema_name
 
 
 @receiver(signals.bind_extra_request_metadata)
 def bind_domain(request, logger, **kwargs):
     current_site = RequestSite(request)
-    structlog.contextvars.bind_contextvars(
-        domain=current_site.domain,
-        user_id=str(request.user.pk),
-        service=oxi_settings.service_name
-    )
+    ctx = {
+        'domain': current_site.domain,
+        'user_id': str(request.user.pk),
+        'service': oxi_settings.service_name
+    }
+    if oxi_settings.multitenancy:
+        ctx['tenant'] = get_current_tenant_schema_name()
+
+    structlog.contextvars.bind_contextvars(**ctx)

oxutils/models/base.py

@@ -1,6 +1,24 @@
 import uuid
+import time
 from django.db import models
+from django.db import transaction
 from django.conf import settings
+from oxutils.models.fields import MaskedBackupField
+
+
+
+try:
+    from safedelete.models import SafeDeleteModel
+    from safedelete.models import SOFT_DELETE_CASCADE
+    from safedelete.signals import post_undelete
+except ImportError:
+    from django.dispatch import Signal
+    post_undelete = Signal()
+    SOFT_DELETE_CASCADE = 2
+
+    class SafeDeleteModel(models.Model):
+        def __new__(cls, *args, **kwargs):
+            raise ImportError("django-safedelete is not installed, please install it to use SafeDeleteModel")
 
 
 class UUIDPrimaryKeyMixin(models.Model):
@@ -114,3 +132,87 @@ class BaseModelMixin(UUIDPrimaryKeyMixin, TimestampMixin, ActiveMixin):
     """
     class Meta:
         abstract = True
+
+
+class SafeDeleteModelMixin(SafeDeleteModel):
+    _safedelete_policy = SOFT_DELETE_CASCADE
+    mask_fields = []
+
+    _masked_backup = MaskedBackupField(default=dict, editable=False)
+
+    class Meta:
+        abstract = True
+
+    @transaction.atomic
+    def delete(self, *args, **kwargs):
+        backup = {}
+
+        for field_name in self.mask_fields:
+            field = self._meta.get_field(field_name)
+            old_value = getattr(self, field_name)
+
+            if old_value is None:
+                continue
+
+            backup[field_name] = old_value
+            masked = self._mask_value(field, old_value)
+            setattr(self, field_name, masked)
+
+        if backup:
+            self._masked_backup = backup
+            self.save(update_fields=[*backup.keys(), "_masked_backup"])
+
+        return super().delete(*args, **kwargs)
+
+    def _mask_value(self, field: models.Field, old_value):
+        uid = uuid.uuid4().hex
+        ts = int(time.time())
+
+        if isinstance(field, models.EmailField):
+            return f"{ts}.{uid}.deleted@invalid.local"
+
+        if isinstance(field, models.URLField):
+            return f"https://deleted.invalid/{ts}/{uid}"
+
+        if isinstance(field, models.SlugField):
+            return f"deleted-{ts}-{uid}"
+
+        if isinstance(field, models.CharField):
+            return f"__deleted__{ts}__{uid}"
+
+        if isinstance(field, models.IntegerField):
+            return None  # souvent OK, sinon adapte
+
+        # fallback générique
+        return f"deleted-{ts}-{uid}"
+
+    @transaction.atomic
+    def restore_masked_fields(self):
+        if not self._masked_backup:
+            return
+
+        for field_name, old_value in self._masked_backup.items():
+            field = self._meta.get_field(field_name)
+
+            # vérification collision
+            qs = self.__class__._default_manager.filter(
+                **{field_name: old_value}
+            ).exclude(pk=self.pk)
+
+            if qs.exists():
+                raise ValueError(
+                    f"Collision détectée lors de la restauration du champ '{field_name}'"
+                )
+
+            setattr(self, field_name, old_value)
+
+        self._masked_backup = {}
+        self.save()
+
+
+def _restore_masked_fields(sender, instance, **kwargs):
+    if isinstance(instance, SafeDeleteModelMixin):
+        instance.restore_masked_fields()
+
+
+post_undelete.connect(_restore_masked_fields)

oxutils/models/fields.py

@@ -0,0 +1,79 @@
+"""# settings.py
+
+FIELD_MASKING_CRYPTO_ENABLED = True  # switch global
+
+# optionnel (recommandé)
+FIELD_MASKING_KEY = env("FIELD_MASKING_KEY", default=None)
+
+"""
+
+import json
+import base64
+import hashlib
+from django.utils.functional import cached_property
+from django.conf import settings
+from django.db import models
+
+
+
+
+
+def get_field_masking_fernet():
+    from cryptography.fernet import Fernet
+
+    if not hasattr(settings, "FIELD_MASKING_CRYPTO_ENABLED") or not settings.FIELD_MASKING_CRYPTO_ENABLED:
+        return None
+
+    if not hasattr(settings, "FIELD_MASKING_KEY") or settings.FIELD_MASKING_KEY:
+        return Fernet(settings.FIELD_MASKING_KEY)
+
+    # fallback contrôlé
+    digest = hashlib.sha256(
+        (settings.SECRET_KEY + ":field-masking:v1").encode()
+    ).digest()
+
+    key = base64.urlsafe_b64encode(digest)
+    return Fernet(key)
+
+
+
+class MaskedBackupField(models.TextField):
+    """
+    JSONField avec chiffrement optionnel
+    """
+
+    @cached_property
+    def fernet(self):
+        return get_field_masking_fernet()
+
+    def get_prep_value(self, value):
+        if value in (None, ""):
+            return None
+
+        raw = json.dumps(value).encode()
+
+        if not self.fernet:
+            return raw.decode()
+
+        return self.fernet.encrypt(raw).decode()
+
+    def from_db_value(self, value, expression, connection):
+        return self.to_python(value)
+
+    def to_python(self, value):
+        if isinstance(value, dict):
+            return value
+
+        if value in (None, ""):
+            return {}
+
+        try:
+            if self.fernet:
+                decrypted = self.fernet.decrypt(value.encode())
+                return json.loads(decrypted.decode())
+
+            return json.loads(value)
+
+        except Exception:
+            # sécurité : ne jamais casser un fetch DB
+            return {}

oxutils/oxiliere/apps.py

@@ -6,4 +6,9 @@ class OxiliereConfig(AppConfig):
     name = 'oxutils.oxiliere'
 
     def ready(self):
-        import oxutils.oxiliere.caches
+        import oxutils.oxiliere.checks
+        
+        try:
+            import oxutils.oxiliere.caches
+        except LookupError:
+            pass

oxutils/oxiliere/authorization.py

@@ -0,0 +1,45 @@
+from django.conf import settings
+from django.db import transaction
+from oxutils.permissions.actions import ACTIONS
+from oxutils.permissions.models import Grant, Group, UserGroup
+from oxutils.oxiliere.utils import get_tenant_user_model
+from oxutils.oxiliere.models import BaseTenant
+
+
+@transaction.atomic
+def grant_manager_access_to_owners(tenant: BaseTenant):
+    tenant_user_model = get_tenant_user_model()
+    tenant_users = tenant_user_model.objects.select_related("user").filter(tenant=tenant, is_owner=True)
+
+    access_scope = getattr(settings, 'ACCESS_MANAGER_SCOPE')
+    access_group = getattr(settings, 'ACCESS_MANAGER_GROUP')
+
+    if access_group:
+        try:
+            group = Group.objects.get(slug=access_group)
+        except Group.DoesNotExist:
+            group = None
+
+    bulk_grant = []
+    for tenant_user in tenant_users:
+        if group:
+            user_group, _ = UserGroup.objects.get_or_create(
+                user=tenant_user.user,
+                group=group,
+            )
+        else:
+            user_group = None
+        
+        bulk_grant.append(
+            Grant(
+                user=tenant_user.user,
+                scope=access_scope,
+                role=None,
+                actions=ACTIONS,
+                context={},
+                user_group=user_group,
+                created_by=None,
+            )
+        )
+
+    Grant.objects.bulk_create(bulk_grant)

oxutils/oxiliere/caches.py

@@ -1,6 +1,11 @@
 from django.conf import settings
 from cacheops import cached_as, cached
-from oxutils.oxiliere.utils import get_tenant_model, get_tenant_user_model
+from oxutils.oxiliere.utils import (
+    get_tenant_model,
+    get_tenant_user_model,
+    get_system_tenant_schema_name
+)
+
 
 
 
@@ -28,9 +33,5 @@ def get_tenant_user(oxi_org_id: str, oxi_user_id: str):
 
 @cached(timeout=60*15)
 def get_system_tenant():
-    from oxutils.oxiliere.utils import oxid_to_schema_name
-
-    system_schema_name = oxid_to_schema_name(
-        getattr(settings, 'OXI_SYSTEM_TENANT', 'tenant_oxisystem')
-    )
-    return get_tenant_model().objects.get(schema_name=system_schema_name)
+    schema_name = get_system_tenant_schema_name()
+    return get_tenant_model().objects.get(schema_name=schema_name)

oxutils/oxiliere/checks.py

@@ -0,0 +1,31 @@
+"""
+Check TENANT_MODEL & TENANT_USER_MODEL
+"""
+from django.conf import settings
+from django.core.checks import Error, register, Tags
+
+
+@register(Tags.models)
+def check_tenant_settings(app_configs, **kwargs):
+    """Check that TENANT_MODEL and TENANT_USER_MODEL are defined in settings."""
+    errors = []
+    
+    if not hasattr(settings, 'TENANT_MODEL'):
+        errors.append(
+            Error(
+                'TENANT_MODEL is not defined in settings',
+                hint='Add TENANT_MODEL = "app_label.ModelName" to your settings',
+                id='oxiliere.E001',
+            )
+        )
+    
+    if not hasattr(settings, 'TENANT_USER_MODEL'):
+        errors.append(
+            Error(
+                'TENANT_USER_MODEL is not defined in settings',
+                hint='Add TENANT_USER_MODEL = "app_label.ModelName" to your settings',
+                id='oxiliere.E002',
+            )
+        )
+    
+    return errors

oxutils/oxiliere/constants.py

@@ -0,0 +1,3 @@
+OXI_SYSTEM_TENANT = 'tenant_oxisystem'
+OXI_SYSTEM_DOMAIN = 'system.oxiliere.com'
+OXI_SYSTEM_OWNER_EMAIL = 'dev@oxiliere.com'

oxutils/oxiliere/context.py

@@ -0,0 +1,18 @@
+import contextvars
+from oxutils.oxiliere.utils import get_system_tenant_schema_name
+
+
+current_tenant_schema_name: contextvars.ContextVar[str] = contextvars.ContextVar(
+    "current_tenant_schema_name",
+    default=get_system_tenant_schema_name()
+)
+
+
+def get_current_tenant_schema_name() -> str:
+    return current_tenant_schema_name.get()
+
+
+def set_current_tenant_schema_name(schema_name: str):
+    current_tenant_schema_name.set(schema_name)
+
+

oxutils/oxiliere/exceptions.py

@@ -0,0 +1,16 @@
+# exceptions
+
+class InactiveError(Exception):
+    pass
+
+
+class ExistsError(Exception):
+    pass
+
+
+class DeleteError(Exception):
+    pass
+
+
+class SchemaError(Exception):
+    pass

oxutils/oxiliere/management/commands/grant_tenant_owners.py

@@ -0,0 +1,19 @@
+from django.core.management.base import BaseCommand
+from django.db import connection
+from django_tenants.management.commands import InteractiveTenantOption
+from oxutils.oxiliere.authorization import grant_manager_access_to_owners
+
+
+class Command(InteractiveTenantOption, BaseCommand):
+    help = "Wrapper around django commands for use with an individual tenant"
+
+    def add_arguments(self, parser):
+        super().add_arguments(parser)
+
+    def handle(self, *args, **options):
+        tenant = self.get_tenant_from_options_or_interactive(**options)
+        connection.set_tenant(tenant)
+        options.pop('schema_name', None)
+
+        grant_manager_access_to_owners(tenant)
+        self.stdout.write(self.style.SUCCESS('Successfully granted manager access to owners'))