0
0
mirror of https://github.com/PostHog/posthog.git synced 2024-12-01 04:12:23 +01:00
posthog/ee/urls.py

100 lines
3.3 KiB
Python
Raw Normal View History

2021-08-27 16:20:49 +02:00
from typing import Any, List
from django.conf import settings
from django.contrib import admin
from django.urls import include
2021-08-27 16:20:49 +02:00
from django.urls.conf import path
from rest_framework_extensions.routers import NestedRegistryItem
from ee.api import integration, time_to_see_data
from posthog.api.routing import DefaultRouterPlusPlus
from .api import (
authentication,
2022-10-19 08:58:36 +02:00
billing,
dashboard_collaborator,
debug_ch_queries,
explicit_team_member,
feat: role based permissions (#12657) * initial role and role memberships setup * create role when org is created and role memberships when user joins * wip for merge * fix api tests for role * nest roles under organization route and test fixes * remove pdb set trace * fix types * remove creating default roles and role memberships for orgs and users * add permission levels to orgs and roles * bulk create role memberships * leave role membership as individual api request, handle bulk creation on the frontend instead * feature flag role access wip and migrations * fix flag role access tests * linter * isort * temp type ignore * add access level to plugin tests * test remove test migration safe * test license import error fix * delete old? org license test * nvm we need these tests * type ignore * reset license plans after test * add organization resource access model and remove access level field from regular organizations * feat: permission return on feature flag (#12826) * suggested permission return * change naming * add changes * pass bool * fix plugin tests * organization resource access tests and fixes * update can edit return with new org resource access model from feature flag * fix tests * add permissions to feature flag for editing * more tests * remove unnecessary spacing * fix test * add context for feature flag serializer tests * add back workflow test step * add organization to feature flag role access * fix(spike): why are tests failing (#12858) * was it because invalid id is provided? * allow django to touch the db * a less unexpected way of allowing access to the DB * Revert "add organization to feature flag role access" This reverts commit ef18b0ec8b0bca0dede6a8614eb94f5879f442a7. * address feedback and include organization safety checks in tests * test error fix * test role dupe name per org * remove third access level option * fix migration for it * more tests * fix test * feat: role based permissions UI (#12776) * add api * starter * role and member creation + deletion * working with all deletes * add block * working roles * permissions tab on org settings * org default setting * types * flag role assignment * working per flag permission * working with admin block * types * use restricted area component * wrap flag resource access in different url * restore migrations manifest * update url endpoints * pay gate mini org role settings * remove view and custom edit and remove resource access creation on org creation * add feature flag * address feedback * fix backend tests * remove broken permissions setting on new feature flags * export logic props interface Co-authored-by: Li Yi Yu <li@posthog.com> * type fixes Co-authored-by: Eric Duong <eeoneric@gmail.com> Co-authored-by: Paul D'Ambra <paul@posthog.com>
2022-11-24 02:36:29 +01:00
feature_flag_role_access,
hooks,
license,
feat: role based permissions (#12657) * initial role and role memberships setup * create role when org is created and role memberships when user joins * wip for merge * fix api tests for role * nest roles under organization route and test fixes * remove pdb set trace * fix types * remove creating default roles and role memberships for orgs and users * add permission levels to orgs and roles * bulk create role memberships * leave role membership as individual api request, handle bulk creation on the frontend instead * feature flag role access wip and migrations * fix flag role access tests * linter * isort * temp type ignore * add access level to plugin tests * test remove test migration safe * test license import error fix * delete old? org license test * nvm we need these tests * type ignore * reset license plans after test * add organization resource access model and remove access level field from regular organizations * feat: permission return on feature flag (#12826) * suggested permission return * change naming * add changes * pass bool * fix plugin tests * organization resource access tests and fixes * update can edit return with new org resource access model from feature flag * fix tests * add permissions to feature flag for editing * more tests * remove unnecessary spacing * fix test * add context for feature flag serializer tests * add back workflow test step * add organization to feature flag role access * fix(spike): why are tests failing (#12858) * was it because invalid id is provided? * allow django to touch the db * a less unexpected way of allowing access to the DB * Revert "add organization to feature flag role access" This reverts commit ef18b0ec8b0bca0dede6a8614eb94f5879f442a7. * address feedback and include organization safety checks in tests * test error fix * test role dupe name per org * remove third access level option * fix migration for it * more tests * fix test * feat: role based permissions UI (#12776) * add api * starter * role and member creation + deletion * working with all deletes * add block * working roles * permissions tab on org settings * org default setting * types * flag role assignment * working per flag permission * working with admin block * types * use restricted area component * wrap flag resource access in different url * restore migrations manifest * update url endpoints * pay gate mini org role settings * remove view and custom edit and remove resource access creation on org creation * add feature flag * address feedback * fix backend tests * remove broken permissions setting on new feature flags * export logic props interface Co-authored-by: Li Yi Yu <li@posthog.com> * type fixes Co-authored-by: Eric Duong <eeoneric@gmail.com> Co-authored-by: Paul D'Ambra <paul@posthog.com>
2022-11-24 02:36:29 +01:00
organization_resource_access,
role,
sentry_stats,
subscription,
)
from .session_recordings import session_recording_playlist
2022-02-08 17:22:09 +01:00
def extend_api_router(
root_router: DefaultRouterPlusPlus,
*,
projects_router: NestedRegistryItem,
feat: role based permissions (#12657) * initial role and role memberships setup * create role when org is created and role memberships when user joins * wip for merge * fix api tests for role * nest roles under organization route and test fixes * remove pdb set trace * fix types * remove creating default roles and role memberships for orgs and users * add permission levels to orgs and roles * bulk create role memberships * leave role membership as individual api request, handle bulk creation on the frontend instead * feature flag role access wip and migrations * fix flag role access tests * linter * isort * temp type ignore * add access level to plugin tests * test remove test migration safe * test license import error fix * delete old? org license test * nvm we need these tests * type ignore * reset license plans after test * add organization resource access model and remove access level field from regular organizations * feat: permission return on feature flag (#12826) * suggested permission return * change naming * add changes * pass bool * fix plugin tests * organization resource access tests and fixes * update can edit return with new org resource access model from feature flag * fix tests * add permissions to feature flag for editing * more tests * remove unnecessary spacing * fix test * add context for feature flag serializer tests * add back workflow test step * add organization to feature flag role access * fix(spike): why are tests failing (#12858) * was it because invalid id is provided? * allow django to touch the db * a less unexpected way of allowing access to the DB * Revert "add organization to feature flag role access" This reverts commit ef18b0ec8b0bca0dede6a8614eb94f5879f442a7. * address feedback and include organization safety checks in tests * test error fix * test role dupe name per org * remove third access level option * fix migration for it * more tests * fix test * feat: role based permissions UI (#12776) * add api * starter * role and member creation + deletion * working with all deletes * add block * working roles * permissions tab on org settings * org default setting * types * flag role assignment * working per flag permission * working with admin block * types * use restricted area component * wrap flag resource access in different url * restore migrations manifest * update url endpoints * pay gate mini org role settings * remove view and custom edit and remove resource access creation on org creation * add feature flag * address feedback * fix backend tests * remove broken permissions setting on new feature flags * export logic props interface Co-authored-by: Li Yi Yu <li@posthog.com> * type fixes Co-authored-by: Eric Duong <eeoneric@gmail.com> Co-authored-by: Paul D'Ambra <paul@posthog.com>
2022-11-24 02:36:29 +01:00
organizations_router: NestedRegistryItem,
project_dashboards_router: NestedRegistryItem,
feat: role based permissions (#12657) * initial role and role memberships setup * create role when org is created and role memberships when user joins * wip for merge * fix api tests for role * nest roles under organization route and test fixes * remove pdb set trace * fix types * remove creating default roles and role memberships for orgs and users * add permission levels to orgs and roles * bulk create role memberships * leave role membership as individual api request, handle bulk creation on the frontend instead * feature flag role access wip and migrations * fix flag role access tests * linter * isort * temp type ignore * add access level to plugin tests * test remove test migration safe * test license import error fix * delete old? org license test * nvm we need these tests * type ignore * reset license plans after test * add organization resource access model and remove access level field from regular organizations * feat: permission return on feature flag (#12826) * suggested permission return * change naming * add changes * pass bool * fix plugin tests * organization resource access tests and fixes * update can edit return with new org resource access model from feature flag * fix tests * add permissions to feature flag for editing * more tests * remove unnecessary spacing * fix test * add context for feature flag serializer tests * add back workflow test step * add organization to feature flag role access * fix(spike): why are tests failing (#12858) * was it because invalid id is provided? * allow django to touch the db * a less unexpected way of allowing access to the DB * Revert "add organization to feature flag role access" This reverts commit ef18b0ec8b0bca0dede6a8614eb94f5879f442a7. * address feedback and include organization safety checks in tests * test error fix * test role dupe name per org * remove third access level option * fix migration for it * more tests * fix test * feat: role based permissions UI (#12776) * add api * starter * role and member creation + deletion * working with all deletes * add block * working roles * permissions tab on org settings * org default setting * types * flag role assignment * working per flag permission * working with admin block * types * use restricted area component * wrap flag resource access in different url * restore migrations manifest * update url endpoints * pay gate mini org role settings * remove view and custom edit and remove resource access creation on org creation * add feature flag * address feedback * fix backend tests * remove broken permissions setting on new feature flags * export logic props interface Co-authored-by: Li Yi Yu <li@posthog.com> * type fixes Co-authored-by: Eric Duong <eeoneric@gmail.com> Co-authored-by: Paul D'Ambra <paul@posthog.com>
2022-11-24 02:36:29 +01:00
project_feature_flags_router: NestedRegistryItem,
2022-02-08 17:22:09 +01:00
) -> None:
2022-10-19 08:58:36 +02:00
root_router.register(r"billing-v2", billing.BillingViewset, "billing")
root_router.register(r"license", license.LicenseViewSet)
root_router.register(r"debug_ch_queries", debug_ch_queries.DebugCHQueries, "debug_ch_queries")
root_router.register(r"time_to_see_data", time_to_see_data.TimeToSeeDataViewSet, "query_metrics")
root_router.register(r"integrations", integration.PublicIntegrationViewSet)
feat: role based permissions (#12657) * initial role and role memberships setup * create role when org is created and role memberships when user joins * wip for merge * fix api tests for role * nest roles under organization route and test fixes * remove pdb set trace * fix types * remove creating default roles and role memberships for orgs and users * add permission levels to orgs and roles * bulk create role memberships * leave role membership as individual api request, handle bulk creation on the frontend instead * feature flag role access wip and migrations * fix flag role access tests * linter * isort * temp type ignore * add access level to plugin tests * test remove test migration safe * test license import error fix * delete old? org license test * nvm we need these tests * type ignore * reset license plans after test * add organization resource access model and remove access level field from regular organizations * feat: permission return on feature flag (#12826) * suggested permission return * change naming * add changes * pass bool * fix plugin tests * organization resource access tests and fixes * update can edit return with new org resource access model from feature flag * fix tests * add permissions to feature flag for editing * more tests * remove unnecessary spacing * fix test * add context for feature flag serializer tests * add back workflow test step * add organization to feature flag role access * fix(spike): why are tests failing (#12858) * was it because invalid id is provided? * allow django to touch the db * a less unexpected way of allowing access to the DB * Revert "add organization to feature flag role access" This reverts commit ef18b0ec8b0bca0dede6a8614eb94f5879f442a7. * address feedback and include organization safety checks in tests * test error fix * test role dupe name per org * remove third access level option * fix migration for it * more tests * fix test * feat: role based permissions UI (#12776) * add api * starter * role and member creation + deletion * working with all deletes * add block * working roles * permissions tab on org settings * org default setting * types * flag role assignment * working per flag permission * working with admin block * types * use restricted area component * wrap flag resource access in different url * restore migrations manifest * update url endpoints * pay gate mini org role settings * remove view and custom edit and remove resource access creation on org creation * add feature flag * address feedback * fix backend tests * remove broken permissions setting on new feature flags * export logic props interface Co-authored-by: Li Yi Yu <li@posthog.com> * type fixes Co-authored-by: Eric Duong <eeoneric@gmail.com> Co-authored-by: Paul D'Ambra <paul@posthog.com>
2022-11-24 02:36:29 +01:00
organization_roles_router = organizations_router.register(
r"roles",
role.RoleViewSet,
"organization_roles",
["organization_id"],
)
organization_roles_router.register(
r"role_memberships",
role.RoleMembershipViewSet,
"organization_role_memberships",
["organization_id", "role_id"],
)
project_feature_flags_router.register(
r"role_access",
feature_flag_role_access.FeatureFlagRoleAccessViewSet,
"feature_flag_role_access",
["team_id", "feature_flag_id"],
)
organizations_router.register(
r"resource_access",
organization_resource_access.OrganizationResourceAccessViewSet,
"organization_resource_access",
["organization_id"],
)
projects_router.register(r"hooks", hooks.HookViewSet, "project_hooks", ["team_id"])
Project-based permissioning framework (#5976) * Refactor `AvailableFeature` from strings to an enum everywhere * Fix circular dependency and type * Add "Per-project access" feature flag, premium feature, and organization switch * Rename `OrganizationMembershipLevel` to `OrganizationAccessLevel` * Create `ExplicitTeamMembership` model * Show whether projects are restricted in the project switcher * Update organizations API code * Fix migrations * Move organization tests that require EE to `ee` * Revert `OrganizationMembershipLevel` rename * Fix organization tests * Update migration * Fix schema and add Members to Project Settings * Build out test memberships API with security tests * Update `TeamMembers` and `teamMembersLogic` * Move "Per-project access" description to tooltip * Add moar tests * Fix Project Members list logic * Add additional membership checks * Update migrations * Fix typing * Adjust explicit team memberships API similarly * Fix typo * Unify `ExplicitTeamMemberSerializer` * Remove old changes to `membersLogic` usage * Use `effective_membership_level` on `TeamBasicSerializer` * Clean up organization update tests * Explicitly disallow enabling per-project access for free * Fix circular import * Remove `id` from `UserSerializer` * Fix typing * Try to fix import * Fix fatal typing * Add more tests * Update permissioning.ts * Add clarifying comment to migration * Fix import * minor clarifications * Revert `TopNavigation` changes * Make new access control entirely project-based * Update migrations * Add `project_based_permissioning` to `TeamBasicSerializer` * Update test_team.py * Fix Access Control restriction tooltip * adjust copy & UI a bit * Address feedback on field comment * "Privacy settings" to "Access Control" * Ignore mypy * Rename `Team` field `project_based_permissioning` to `access_control` * Update migrations Co-authored-by: Paolo D'Amico <paolodamico@users.noreply.github.com>
2021-09-22 18:29:59 +02:00
projects_router.register(
r"explicit_members",
explicit_team_member.ExplicitTeamMemberViewSet,
"project_explicit_members",
["team_id"],
Project-based permissioning framework (#5976) * Refactor `AvailableFeature` from strings to an enum everywhere * Fix circular dependency and type * Add "Per-project access" feature flag, premium feature, and organization switch * Rename `OrganizationMembershipLevel` to `OrganizationAccessLevel` * Create `ExplicitTeamMembership` model * Show whether projects are restricted in the project switcher * Update organizations API code * Fix migrations * Move organization tests that require EE to `ee` * Revert `OrganizationMembershipLevel` rename * Fix organization tests * Update migration * Fix schema and add Members to Project Settings * Build out test memberships API with security tests * Update `TeamMembers` and `teamMembersLogic` * Move "Per-project access" description to tooltip * Add moar tests * Fix Project Members list logic * Add additional membership checks * Update migrations * Fix typing * Adjust explicit team memberships API similarly * Fix typo * Unify `ExplicitTeamMemberSerializer` * Remove old changes to `membersLogic` usage * Use `effective_membership_level` on `TeamBasicSerializer` * Clean up organization update tests * Explicitly disallow enabling per-project access for free * Fix circular import * Remove `id` from `UserSerializer` * Fix typing * Try to fix import * Fix fatal typing * Add more tests * Update permissioning.ts * Add clarifying comment to migration * Fix import * minor clarifications * Revert `TopNavigation` changes * Make new access control entirely project-based * Update migrations * Add `project_based_permissioning` to `TeamBasicSerializer` * Update test_team.py * Fix Access Control restriction tooltip * adjust copy & UI a bit * Address feedback on field comment * "Privacy settings" to "Access Control" * Ignore mypy * Rename `Team` field `project_based_permissioning` to `access_control` * Update migrations Co-authored-by: Paolo D'Amico <paolodamico@users.noreply.github.com>
2021-09-22 18:29:59 +02:00
)
2022-02-08 17:22:09 +01:00
project_dashboards_router.register(
r"collaborators",
dashboard_collaborator.DashboardCollaboratorViewSet,
"project_dashboard_collaborators",
["team_id", "dashboard_id"],
)
2021-08-27 16:20:49 +02:00
projects_router.register(r"subscriptions", subscription.SubscriptionViewSet, "subscriptions", ["team_id"])
projects_router.register(
r"session_recording_playlists",
session_recording_playlist.SessionRecordingPlaylistViewSet,
"project_session_recording_playlists",
["team_id"],
)
2021-08-27 16:20:49 +02:00
# The admin interface is disabled on self-hosted instances, as its misuse can be unsafe
admin_urlpatterns = (
[path("admin/", include("loginas.urls")), path("admin/", admin.site.urls)] if settings.ADMIN_PORTAL_ENABLED else []
)
urlpatterns: List[Any] = [
path("api/saml/metadata/", authentication.saml_metadata_view),
path("api/sentry_stats/", sentry_stats.sentry_stats),
*admin_urlpatterns,
]