Skip to content

Commit

Permalink
introduce permission checker to task create api (#368)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ykeremy
ykeremy authored May 26, 2024
1 parent 5e88d64 commit 688a615
Show file tree
Hide file tree
Showing 7 changed files with 48 additions and 2 deletions.
17 changes: 16 additions & 1 deletion poetry.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ supabase = "^2.4.3"
aioredlock = "^0.7.3"
fpdf = "^1.7.2"
pypdf = "^4.2.0"
stripe = "^9.7.0"

[tool.poetry.group.dev.dependencies]
isort = "^5.13.2"
Expand Down
3 changes: 2 additions & 1 deletion skyvern/forge/agent_functions.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
from playwright.async_api import Page

from skyvern.exceptions import StepTerminationError
from skyvern.forge import app
from skyvern.forge.async_operations import AsyncOperation
from skyvern.forge.sdk.models import Organization, Step, StepStatus
Expand Down Expand Up @@ -33,7 +34,7 @@ async def validate_step_execution(

can_execute = has_valid_task_status and has_valid_step_status and has_no_running_steps
if not can_execute:
raise Exception(f"Cannot execute step. Reasons: {reasons}, Step: {step}")
raise StepTerminationError(step_id=step.step_id, reason="Cannot execute step. Reasons: {reasons}")

def generate_async_operations(
self,
Expand Down
Empty file added skyvern/forge/sdk/core/permissions/__init__.py
View file
Empty file.
13 changes: 13 additions & 0 deletions skyvern/forge/sdk/core/permissions/permission_checker_factory.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
from skyvern.forge.sdk.core.permissions.permission_checkers import NoopPermissionChecker, PermissionChecker


class PermissionCheckerFactory:
__instance: PermissionChecker = NoopPermissionChecker()

@staticmethod
def get_instance() -> PermissionChecker:
return PermissionCheckerFactory.__instance

@staticmethod
def set_instance(permission_checker: PermissionChecker) -> None:
PermissionCheckerFactory.__instance = permission_checker
14 changes: 14 additions & 0 deletions skyvern/forge/sdk/core/permissions/permission_checkers.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
import abc

from skyvern.forge.sdk.models import Organization


class PermissionChecker(abc.ABC):
@abc.abstractmethod
async def check(self, organization: Organization) -> None:
pass


class NoopPermissionChecker(PermissionChecker):
async def check(self, organization: Organization) -> None:
return
2 changes: 2 additions & 0 deletions skyvern/forge/sdk/routes/agent_protocol.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
from skyvern.forge import app
from skyvern.forge.sdk.artifact.models import Artifact, ArtifactType
from skyvern.forge.sdk.core import skyvern_context
from skyvern.forge.sdk.core.permissions.permission_checker_factory import PermissionCheckerFactory
from skyvern.forge.sdk.core.security import generate_skyvern_signature
from skyvern.forge.sdk.executor.factory import AsyncExecutorFactory
from skyvern.forge.sdk.models import Organization, Step
Expand Down Expand Up @@ -99,6 +100,7 @@ async def create_agent_task(
x_max_steps_override: Annotated[int | None, Header()] = None,
) -> CreateTaskResponse:
analytics.capture("skyvern-oss-agent-task-create", data={"url": task.url})
await PermissionCheckerFactory.get_instance().check(current_org)

if current_org and current_org.organization_name == "CoverageCat":
task.proxy_location = ProxyLocation.RESIDENTIAL
Expand Down

0 comments on commit 688a615

Please sign in to comment.