Feature Panel - Backend (#283)

Author: LiranCaduri

.gitignore

@@ -147,6 +147,7 @@ dmypy.json
 .pyre/
 
 # mac env
+.DS_Store
 bin
 
 # register stuff

AUTHORS.md

@@ -33,6 +33,7 @@
          * PureDreamer - Developer
          * ShiZinDle - Developer
          * YairEn - Developer
+         * LiranCaduri - Developer
          * IdanPelled - Developer
 
 # Special thanks to

app/database/models.py

@@ -34,6 +34,16 @@
 Base: DeclarativeMeta = declarative_base()
 
 
+class UserFeature(Base):
+    __tablename__ = "user_feature"
+
+    id = Column(Integer, primary_key=True, index=True)
+    feature_id = Column('feature_id', Integer, ForeignKey('features.id'))
+    user_id = Column('user_id', Integer, ForeignKey('users.id'))
+
+    is_enable = Column(Boolean, default=False)
+
+
 class User(Base):
     __tablename__ = "users"
 
@@ -69,6 +79,7 @@ class User(Base):
     )
     comments = relationship("Comment", back_populates="user")
 
+    features = relationship("Feature", secondary=UserFeature.__tablename__)
     oauth_credentials = relationship(
         "OAuthCredentials",
         cascade="all, delete",
@@ -85,6 +96,18 @@ async def get_by_username(db: Session, username: str) -> User:
         return db.query(User).filter(User.username == username).first()
 
 
+class Feature(Base):
+    __tablename__ = "features"
+
+    id = Column(Integer, primary_key=True, index=True)
+    name = Column(String, nullable=False)
+    route = Column(String, nullable=False)
+    creator = Column(String, nullable=True)
+    description = Column(String, nullable=False)
+
+    users = relationship("User", secondary=UserFeature.__tablename__)
+
+
 class Event(Base):
     __tablename__ = "events"
 

app/internal/features.py

@@ -0,0 +1,183 @@
+from functools import wraps
+from typing import Dict, List
+
+from fastapi import Depends, Request
+from sqlalchemy.orm import Session
+from sqlalchemy.sql import exists
+from starlette.responses import RedirectResponse
+
+from app.database.models import Feature, UserFeature
+from app.dependencies import SessionLocal, get_db
+from app.internal.features_index import features
+from app.internal.security.dependencies import current_user
+from app.internal.security.ouath2 import get_authorization_cookie
+from app.internal.utils import create_model
+
+
+def feature_access_filter(call_next):
+    @wraps(call_next)
+    async def wrapper(*args, **kwargs):
+        request = kwargs["request"]
+
+        if request.headers["user-agent"] == "testclient":
+            # in case it's a unit test.
+            return await call_next(*args, **kwargs)
+
+        # getting the url route path for matching with the database.
+        route = "/" + str(request.url).replace(str(request.base_url), "")
+
+        # getting access status.
+        access = await is_access_allowd(route=route, request=request)
+
+        if access:
+            # in case the feature is enabled or access is allowed.
+            return await call_next(*args, **kwargs)
+
+        elif "referer" not in request.headers:
+            # in case request come straight from address bar in browser.
+            return RedirectResponse(url="/")
+
+        # in case the feature is disabled or access isn't allowed.
+        return RedirectResponse(url=request.headers["referer"])
+
+    return wrapper
+
+
+def create_features_at_startup(session: Session) -> bool:
+    for feat in features:
+        if not is_feature_exists(feature=feat, session=session):
+            create_feature(**feat, db=session)
+    return True
+
+
+def is_user_has_feature(
+    session: Session,
+    feature_id: int,
+    user_id: int,
+) -> bool:
+    return session.query(
+        exists()
+        .where(UserFeature.user_id == user_id)
+        .where(UserFeature.feature_id == feature_id),
+    ).scalar()
+
+
+def delete_feature(
+    feature: Feature,
+    session: Session = Depends(get_db),
+) -> None:
+    session.query(UserFeature).filter_by(feature_id=feature.id).delete()
+    session.query(Feature).filter_by(id=feature.id).delete()
+    session.commit()
+
+
+def is_feature_exists(feature: Dict[str, str], session: Session) -> bool:
+    is_exists = session.query(
+        exists()
+        .where(Feature.name == feature["name"])
+        .where(Feature.route == feature["route"]),
+    ).scalar()
+
+    return is_exists
+
+
+def update_feature(
+    feature: Feature,
+    feature_dict: Dict[str, str],
+    session: Session = Depends(get_db),
+) -> Feature:
+    feature.name = feature_dict["name"]
+    feature.route = feature_dict["route"]
+    feature.description = feature_dict["description"]
+    feature.creator = feature_dict["creator"]
+    session.commit()
+    return feature
+
+
+async def is_access_allowd(request: Request, route: str) -> bool:
+    session = SessionLocal()
+
+    # Get current user.
+    # Note: can't use dependency beacause its designed for routes only.
+    # current_user return schema not an db model.
+    jwt = await get_authorization_cookie(request=request)
+    user = await current_user(request=request, jwt=jwt, db=session)
+
+    feature = session.query(Feature).filter_by(route=route).first()
+
+    if feature is None:
+        # in case there is no feature exists in the database that match the
+        # route that gived by to the request.
+        return True
+
+    user_feature = session.query(
+        exists().where(
+            (UserFeature.feature_id == feature.id)
+            & (UserFeature.user_id == user.user_id),
+        ),
+    ).scalar()
+
+    return user_feature
+
+
+def create_feature(
+    db: Session,
+    name: str,
+    route: str,
+    description: str,
+    creator: str = None,
+) -> Feature:
+    """Creates a feature."""
+    return create_model(
+        db,
+        Feature,
+        name=name,
+        route=route,
+        creator=creator,
+        description=description,
+    )
+
+
+def create_user_feature_association(
+    db: Session,
+    feature_id: int,
+    user_id: int,
+    is_enable: bool,
+) -> UserFeature:
+    """Creates an association."""
+    return create_model(
+        db,
+        UserFeature,
+        user_id=user_id,
+        feature_id=feature_id,
+        is_enable=is_enable,
+    )
+
+
+def get_user_installed_features(
+    user_id: int,
+    session: Session = Depends(get_db),
+) -> List[Feature]:
+    return (
+        session.query(Feature)
+        .join(UserFeature)
+        .filter(UserFeature.user_id == user_id)
+        .all()
+    )
+
+
+def get_user_uninstalled_features(
+    user_id: int,
+    session: Session = Depends(get_db),
+) -> List[Feature]:
+    return (
+        session.query(Feature)
+        .filter(
+            Feature.id.notin_(
+                session.query(UserFeature.feature_id).filter(
+                    UserFeature.user_id == user_id,
+                ),
+            ),
+        )
+        .all()
+    )

app/internal/features_index.py

@@ -0,0 +1,51 @@
+'''
+    This file purpose is for developers to add their features to the database
+    in one convenient place, every time the system loads up it's adding and
+    updating the features in the features table in the database.
+
+    To update a feature, The developer needs to change the name or the route
+    and let the system load, but not change both at the same time otherwise
+    it will create junk and unnecessary duplicates.
+
+    *   IMPORTANT - To enable features panel functionlity the developer must  *
+    *   add the feature_access_filter decorator to ALL the feature routes     *
+    *   Please see the example below.                                         *
+
+    Enjoy and good luck :)
+'''
+
+'''
+Example to feature stracture:
+
+{
+    "name": "<feature name - str>",
+    "route": "/<the route like: /features - str>",
+    "description": "<description - str>",
+    "creator": "<creator name or nickname - str>"
+}
+'''
+
+'''
+*   IMPORTANT   *
+
+Example to decorator placement:
+
+    @router.get("/<my-route>")
+    @feature_access_filter     <---- just above def keyword!
+    def my_cool_feature_route():
+        ....
+        ...
+            some code.
+        ..
+        .
+
+'''
+
+features = [
+    {
+        "name": "Google Sync",
+        "route": "/google/sync",
+        "description": "Sync Google Calendar events with Pylender",
+        "creator": "Liran Caduri"
+    },
+]

app/main.py

@@ -16,8 +16,10 @@
     get_db,
     logger,
     templates,
+    SessionLocal,
 )
 from app.internal import daily_quotes, json_data_loader
+import app.internal.features as internal_features
 from app.internal.languages import set_ui_language
 from app.internal.security.ouath2 import auth_exception_handler
 from app.routers.salary import routes as salary
@@ -66,6 +68,7 @@ def create_tables(engine, psql_environment):
     email,
     event,
     export,
+    features,
     four_o_four,
     friendview,
     google_connect,
@@ -118,6 +121,7 @@ async def swagger_ui_redirect():
     email.router,
     event.router,
     export.router,
+    features.router,
     four_o_four.router,
     friendview.router,
     google_connect.router,
@@ -143,6 +147,13 @@ async def swagger_ui_redirect():
     app.include_router(router)
 
 
+@app.on_event("startup")
+async def startup_event():
+    session = SessionLocal()
+    internal_features.create_features_at_startup(session=session)
+    session.close()
+
+
 # TODO: I add the quote day to the home page
 # until the relevant calendar view will be developed.
 @app.get("/", include_in_schema=False)