0
0
mirror of https://github.com/PostHog/posthog.git synced 2024-11-25 11:17:50 +01:00
Commit Graph

7 Commits

Author SHA1 Message Date
Michael Matloka
bc3e223265
Project-based permissioning framework (#5976)
* Refactor `AvailableFeature` from strings to an enum everywhere

* Fix circular dependency and type

* Add "Per-project access" feature flag, premium feature, and organization switch

* Rename `OrganizationMembershipLevel` to `OrganizationAccessLevel`

* Create `ExplicitTeamMembership` model

* Show whether projects are restricted in the project switcher

* Update organizations API code

* Fix migrations

* Move organization tests that require EE to `ee`

* Revert `OrganizationMembershipLevel` rename

* Fix organization tests

* Update migration

* Fix schema and add Members to Project Settings

* Build out test memberships API with security tests

* Update `TeamMembers` and `teamMembersLogic`

* Move "Per-project access" description to tooltip

* Add moar tests

* Fix Project Members list logic

* Add additional membership checks

* Update migrations

* Fix typing

* Adjust explicit team memberships API similarly

* Fix typo

* Unify `ExplicitTeamMemberSerializer`

* Remove old changes to `membersLogic` usage

* Use `effective_membership_level` on `TeamBasicSerializer`

* Clean up organization update tests

* Explicitly disallow enabling per-project access for free

* Fix circular import

* Remove `id` from `UserSerializer`

* Fix typing

* Try to fix import

* Fix fatal typing

* Add more tests

* Update permissioning.ts

* Add clarifying comment to migration

* Fix import

* minor clarifications

* Revert `TopNavigation` changes

* Make new access control entirely project-based

* Update migrations

* Add `project_based_permissioning` to `TeamBasicSerializer`

* Update test_team.py

* Fix Access Control restriction tooltip

* adjust copy & UI a bit

* Address feedback on field comment

* "Privacy settings" to "Access Control"

* Ignore mypy

* Rename `Team` field `project_based_permissioning` to `access_control`

* Update migrations

Co-authored-by: Paolo D'Amico <paolodamico@users.noreply.github.com>
2021-09-22 18:29:59 +02:00
Paolo D'Amico
627d493817
SAML support (#5681) 2021-08-27 07:20:49 -07:00
Tim Glaser
f22a082f30
Debug CH queries (#2666)
* Debug CH queries

* tests

* Logout when impersonated session

* Put "Debug ClickHouse queries" in its own command

* Clean up ClickHouse modal

Co-authored-by: Michael Matloka <dev@twixes.com>
2020-12-07 16:06:14 +01:00
Michael Matloka
96e4ee8512
Nest endpoints of project-based models under /api/project/ – LITE (#2485)
* Nest endpoints under /project/ with StructuredViewSetMixin

* Rewrite URLs

* isort

* Update utils.py

* Fix errors

* Fix almoast all the errors

Last left to do: shared dashboards and permission classes.

* isort

* Adjust for master

* Add compatbility with shared dashboards

* Debug ClickHouse

* Remove some # type: ignores

* Simplify CursorPagination

* Move test base from posthog.api.test to posthog.test

* Improve API structure

* Bring back legacy endpoints

* Fix legacy compatibility

* Fix bugs and typing

* isort

* Fix hooks test

* Try fixing errors

* Fix oversight

* isort

* Fix problems

* isort

* Be more tolerant

* Fix naming and remove redundant code

* Fix imports

* Update deleteWithUndo

* Roll back

* Roll back more

* Update .gitignore

* Rollll back

* Rollllllll

* back

* Betterify

* Address feedback
2020-11-24 23:26:28 +01:00
Michael Matloka
533c7df105
Organization<>Team<>User structure (closes #1540) (#1562)
* Backend changes to implement #1461

* Added the missing migration files

* Fixes Typecheck errors

* Refactor request.user.team_set.get() to use request.user.team

* Updated user patch method to change current_team on team id instead of name

* Merged migration file

* Changes team property to return first item in queryset

* Fixes failing tests

* Changed User api to return the ids of the teams they are currently part of

* Frontend for changing teams

* Update and simplify migrations

* Improve team and user buttons

* Make team changing backend more logical

* Improve current_team mechanics

* Update test_team.py

* Fix Team.objects.create_with_data

* Update migration

* Update tests

* Make setup_review more convenient

* Add Organization and OrganizationMembership

* Replace is_admin with level

* Extend API

* Update team.py

* Improve modeling

* Improve handling of new mechanics

* Add proper migration

* Remove _ensure_organization_and_team

* Update 0084_org_team_user.py

* Improve user, org and team creation

* Make MembershipLevel more flexible for the future

* Add member deletion

* Fix naive datetime warnings

* Update setup_review.py

* Update API route

* Make PersonalAPIKey changes

* Update models and migrations, fix typing

* Fix typing

* Use MAC-less UUID v1 instead of v4 for better performance

* Add abstract UUIDModel

* Update utils.py

* Update utils.py

* Fix multi/unicast bit

* Update APIs, frontend and tests

* Update pull_request_template.md

* Fix comment

* Fix migration error

* Compress migrations

* Updates with minimal renaming

* More updates

* Make further updates

* Update test_team_user.py

* Fix issues

* Add migration

* Satisfy mypy

* Remove Signup redirect on logged in

* Use uuid1_macless in Person

* Fix typing

* Update tests

* Update /api/team/signup to /api/organization/signup

* Fix mypy issues and update tests

The remaining failures are actually missing functionality (TDD applied), so filling these in.

* Update 0086_org_live

* Make small improvements

* Implement permissions

* Remove now unneccesary membership check

* Update setup_dev.py

* Make small frontend improvements

* Add drf-nested-routers as requirement

* Remove unused import

* Implemented nested routes

* Remove cruft

* Add relevant org/proj/user name to headings

* Fix imports

* Update migration

* Replace unreliable drf-nested-routers with drf-extensions

* Improve unset team handling

* Make org and team creation proper

* Update migration

* Fix migration

* Update TopContent

* Update command palette for new sidebar structure

* Remove deprecated demo data deletion

* Assume that each org has a project and fix typing

* Require paid plan for multiple orgs and projects

* Make HogFlix demo a separate team

* Update migration

* Slightly improve style

* Adjust page layout bottom padding

* Make user dropdown nicer

* Fix base app tests

* Satisfy mypy

* Fix test_leave_organization

* Improve wording

* Possibly fix import

* Remove misplaced None check

* Enhance org and teams APIs and add tests

* Fix /api/projects for particular Team

* Improve invites and demo data

* Address feedback

* Put everything related to billing on Organization

* Fix minor issues

* Simplify invitation creation

* Update team model

* Make orgs and projects premium only on self-hosted

* Improve testing

* Update migration

* Remove extra License import

* Fix minor issues

* Fix Django tests

* Fix Cypress

* Fix yarn build

* Fix TeamSignupViewset

* Fix posthog-production incompatibility

* Remove extraneous insight endpoint registration

* Adjust tests for posthog-production

* Simplify invitations and fix email validation

* Address all feedback

* Satisfy mypy

* Update migration

* Fix constraint removal in migration

* Update tests

* Fix test creation edge case

* Run posthog-production CI tests against this branch and teams-live

* Ensure that js_posthog_api_key is always passed

* Fix preflight check pre-login

* Update cypress tests

* Update instanceStatus.js

* Bring ee tets up to par

* Bring actions-ux-201012 back

* Cypress retry in cypress.json

* Revert "Run posthog-production CI tests against this branch and teams-live"

This reverts commit d79cb844d8.

Co-authored-by: anna <ms.annaphilips@gmail.com>
Co-authored-by: Anna Philips <aphilips@matmacorp.com>
2020-10-22 10:58:32 +02:00
Michael Matloka
c040601f49
Personal API keys and Zapier integration (#1281)
* Add missing migration

* Add generate_random_token() model util

* Move PublicTokenAuthentication to utils

* Make use of generate_random_token

* Add User.personal_access_token field

* Add PersonalAccessTokenAuthentication

* Fix PublicTokenAuthentication

* Fix migration and auth import

* Add personal_access_token to user API

* Update Setup.js

* Support trailing slash in API

* Improve PAT auth quality

* Add django-rest-hooks requirement

* Update settings.py for rest_hooks

* Fix django-rest-hooks requirement

* Bring back API routes with no double trailing slash

* Rename posthog.api.team to team_user

* Add API TODO

* Ad PAT auth with X-PAT HTTP header

* Replace User.personal_access_token with PersonalAPIKey model

* Fix PersonalAPIKey max_lengths

* Describe posthog.models.utils.generate_random_token better

* Add personal_api_key to API

* Add authenticate_header to PersonalAPIKeyAuthentication

* Add hook API endpoint

* Use django.utils.timezone in place of datetime.datetime

* Add Personal API Keys to Setup

* Sort personal_api_keys in ORM

* Add Action.on_perform()

* Remove requirements.txt comment

* Add a

* Add REST hook tasks

* Optimize PersonalAPIKeyAuthentication query

* Add a trailing slash version of /e endpoint

* Add team field to PersonalAPIKey model

* Add personal API key support to capture endpoint, get_cached_from_token

* Reject personal API keys from inactive users

* Add extra_properties_json field to /capture

* Improve PAK auth header regex

* Use custom hook model

* Deliver hooks

* Handle action.on_perform

* Consolidate userLogic in userLogic.tsx

* Update PersonalAPIKeys.js

* Make PersonalAPIKey foreign keys read-only

* Update requirements/dev.txt

* Make PersonalAPIKeys TSX

* Fix conflict

* Fix migration

* Fix minor mishaps

* Update and fix tests

* Use CharField of random 32 bits as hook.id

* Fix conflicting migrations

* Fix ValidationError in HookSerializer.validate_event

* Use query param in /api/event/actions ID filtering

* Rename endpoint `hook` to `hooks`

* Satisfy mypy

* Add tests

* Use DRF serialization in action_defined and annotation_created triggers

* Update migration leafs

* Make mypy ignore rest_hooks

* Update Django signal receiver names

* Update TS dependencies

* Revert "Update TS dependencies"

This reverts commit 7fc26fefcd.

* Add field user to Hook model

* Update migration leafs

* Fix circular import

* Fix some code

* Install git before running pip install in Dockerfiles

* Improve personal API keys UI

* Satisfy mypy

* Reword key label placeholder

* Add personal API key support to /api/user/*

Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself.

* Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware

* Run collectstatic before test

* Don't install dev dependencies in CI

* Update dependency installation order in CI

* Fix bug and describe PersonalAPIKeyAuthentication

* Fix CI issues

* Fix typing issues

* Fix more typing issues

* Use /api/personal_api_keys to list keys

* Move REST hooks (and therefore Zapier) to ee/

* Refactor personal API logic with kea-loaders

* Add "More about API authentication in PostHog docs."

* Update PersonalAPIKeys.tsx

* Use TestMixin

* Fix "Authentication" that should've been "Authorization"

* Add option to skip self.client.force_login in API tests

* Include team_id and user_id in personal API key serialization

* Update test_hooks.py

* Add personal API key tests

* Remove leftover

* Make ee.settings override posthog.settings

* Don't directly import from models

* Remove unused imports

* Fix mypy issues

* Fix HOOK_DELIVERER

* Use decorator for /api/user PAK auth

* Don't fire REST hook if user doesn't have "zapier" feature

* Import Optional

* Reword to "premium Zapier"

* Make mypy happy

* Fix test_delete_personal_api_key

* Fix misclick

* Fix and test /capture with personal API key

* Make mypy happy

* Remove extra_properties_json

* Resolve migrations

* Remove apt-utils

* Optimize and test PAK user.is_active filtering

* Replace DEBUG true with 1

* Remove unused instance_id

* Improve typing

* Fix deletion toast

* Refactor CopyToClipboard and use it in PAKs

* Use toast.success

* Update migrations

* Fix migration

* Fix migrations

* Complete merge

Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
Tim Glaser
23f5918477
Add enterprise edition and licensing (#1390)
* Add enterprise edition and licensing

* Cypress test

* License wording change

* Fix typos
2020-08-14 11:23:55 +02:00