fix: middleware setup / removing old auth code

bento-platform · Oct 16, 2023 · a7fa8cd · a7fa8cd
1 parent 8ed9d26
commit a7fa8cd
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 34 deletions.
diff --git a/chord_metadata_service/chord/permissions.py b/chord_metadata_service/chord/permissions.py
@@ -8,6 +8,9 @@
 ]
 
 
+# TODO: new base permissions for authz
+
+
 class ReadOnly(BasePermission):
     def has_permission(self, request, view):
         return request.method in SAFE_METHODS

diff --git a/chord_metadata_service/metadata/settings.py b/chord_metadata_service/metadata/settings.py
@@ -147,9 +147,6 @@
     'rest_framework',
     'adrf',
     'drf_spectacular',
-
-    # Keep authz middleware last!
-    'chord_metadata_service.metadata.authz.AuthzMiddleware'
 ]
 
 MIDDLEWARE = [
@@ -159,7 +156,7 @@
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'bento_lib.auth.django_remote_user.BentoRemoteUserMiddleware',
+    'chord_metadata_service.metadata.authz.AuthzMiddleware'
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
@@ -270,16 +267,14 @@ def get_secret(path):
 ELASTICSEARCH = False
 
 REST_FRAMEWORK = {
-    'DEFAULT_AUTHENTICATION_CLASSES': [
-        'bento_lib.auth.django_remote_user.BentoRemoteUserAuthentication'
-    ],
+    'DEFAULT_AUTHENTICATION_CLASSES': [],
     'DEFAULT_PARSER_CLASSES': (
         # allows serializers to use snake_case field names, but parse incoming data as camelCase
         'djangorestframework_camel_case.parser.CamelCaseJSONParser',
         'djangorestframework_camel_case.parser.CamelCaseFormParser',
         'djangorestframework_camel_case.parser.CamelCaseMultiPartParser',
     ),
-    'DEFAULT_PERMISSION_CLASSES': ['chord_metadata_service.chord.permissions.OverrideOrSuperUserOnly'],
+    'DEFAULT_PERMISSION_CLASSES': [],
     'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
     'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend'],
     'JSON_UNDERSCOREIZE': {
@@ -306,8 +301,7 @@ def get_secret(path):
 ]
 
 
-AUTHENTICATION_BACKENDS = ['bento_lib.auth.django_remote_user.BentoRemoteUserBackend'] + (
-    ['django.contrib.auth.backends.ModelBackend'] if DEBUG else [])
+AUTHENTICATION_BACKENDS = (['django.contrib.auth.backends.ModelBackend'] if DEBUG else [])
 
 # Models
 DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'

diff --git a/chord_metadata_service/restapi/__init__.py b/chord_metadata_service/restapi/__init__.py
@@ -1,3 +0,0 @@
-from . import auth_schema
-
-__all__ = ['auth_schema']

diff --git a/chord_metadata_service/restapi/auth_schema.py b/chord_metadata_service/restapi/auth_schema.py
Original file line number	Diff line number	Diff line change
		@@ -1,3 +0,0 @@
		from . import auth_schema

		__all__ = ['auth_schema']