f69304373c
This mapping API enables the mapping between the edX user ID and the ID provided by identity provider (IdP). For details, please see https://github.com/edx/edx-platform/pull/9842
32 lines
1.0 KiB
Python
32 lines
1.0 KiB
Python
"""
|
|
Third party auth API related permissions
|
|
"""
|
|
from rest_framework import permissions
|
|
|
|
from third_party_auth.models import ProviderApiPermissions
|
|
|
|
|
|
class ThirdPartyAuthProviderApiPermission(permissions.BasePermission):
|
|
"""
|
|
Allow someone to access the view if they have valid OAuth client credential.
|
|
"""
|
|
def __init__(self, provider_id):
|
|
""" Initialize the class with a provider_id """
|
|
self.provider_id = provider_id
|
|
|
|
def has_permission(self, request, view):
|
|
"""
|
|
Check if the OAuth client associated with auth token in current request has permission to access
|
|
the information for provider
|
|
"""
|
|
if not request.auth or not self.provider_id:
|
|
# doesn't have access token or no provider_id specified
|
|
return False
|
|
|
|
try:
|
|
ProviderApiPermissions.objects.get(client__pk=request.auth.client_id, provider_id=self.provider_id)
|
|
except ProviderApiPermissions.DoesNotExist:
|
|
return False
|
|
|
|
return True
|