gmakstutis/cognee
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: Cognee backend fixes (#659)

Browse source 
<!-- .github/pull_request_template.md -->

## Description
Cognee backend fixes

## DCO Affirmation
I affirm that all code in every commit of this pull request conforms to
the terms of the Topoteretes Developer Certificate of Origin


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **New Features**
- Improved handling of `tenant_id` in JWT payload for enhanced type
safety.
- Unique identifier generation for datasets now considers the owner ID,
allowing for multiple users to share the same dataset name.

- **Bug Fixes**
- Disabled user role permissions in the permission check logic
temporarily during a rework.

- **Refactor**
  - Simplified dependencies by removing unnecessary model imports.
- Updated parameter name from `tenant` to `tenant_id` for clarity in JWT
creation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This commit is contained in:
Igor Ilic 2025-03-20 21:51:35 +01:00 committed by GitHub
parent ee88fcf5d3
commit 7bf30f7373
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 27 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
cognee/get_token.py
View file

@ -5,10 +5,10 @@ import datetime
SECRET_KEY = os.getenv("FASTAPI_USERS_JWT_SECRET", "super_secret") SECRET_KEY = os.getenv("FASTAPI_USERS_JWT_SECRET", "super_secret")
def create_jwt(user_id: str, tenant: str, roles: list[str]): def create_jwt(user_id: str, tenant_id: str, roles: list[str]):
payload = { payload = {
"user_id": user_id, "user_id": user_id,
"tenant_id": tenant, "tenant_id": tenant_id,
"roles": roles, "roles": roles,
"exp": datetime.datetime.utcnow() + datetime.timedelta(hours=1), # 1 hour expiry "exp": datetime.datetime.utcnow() + datetime.timedelta(hours=1), # 1 hour expiry
} }
@ -17,5 +17,7 @@ def create_jwt(user_id: str, tenant: str, roles: list[str]):
if __name__ == "__main__": if __name__ == "__main__":
# Example token generation # Example token generation
token = create_jwt("6763554c-91bd-432c-aba8-d42cd72ed659", "tenant_456", ["admin"]) token = create_jwt(
"6763554c-91bd-432c-aba8-d42cd72ed659", "4523544d-82bd-432c-aca7-d42cd72ed651", ["admin"]
)
print(token) print(token)

5
cognee/modules/data/methods/create_dataset.py
View file

@ -16,7 +16,10 @@ async def create_dataset(dataset_name: str, owner_id: UUID, session: AsyncSessio
).first() ).first()
if dataset is None: if dataset is None:
dataset = Dataset(id=uuid5(NAMESPACE_OID, dataset_name), name=dataset_name, data=[]) # Dataset id should be generated based on dataset_name and owner_id so multiple users can use the same dataset_name
dataset = Dataset(
id=uuid5(NAMESPACE_OID, f"{dataset_name}{str(owner_id)}"), name=dataset_name, data=[]
)
dataset.owner_id = owner_id dataset.owner_id = owner_id
session.add(dataset) session.add(dataset)

18
cognee/modules/users/methods/get_authenticated_user.py
View file

@ -5,6 +5,8 @@ from fastapi import HTTPException, Header
import os import os
import jwt import jwt
from uuid import UUID
fastapi_users = get_fastapi_users() fastapi_users = get_fastapi_users()
@ -19,10 +21,18 @@ async def get_authenticated_user(authorization: str = Header(...)) -> SimpleName
token, os.getenv("FASTAPI_USERS_JWT_SECRET", "super_secret"), algorithms=["HS256"] token, os.getenv("FASTAPI_USERS_JWT_SECRET", "super_secret"), algorithms=["HS256"]
) )
# SimpleNamespace lets us access dictionary elements like attributes if payload["tenant_id"]:
auth_data = SimpleNamespace( # SimpleNamespace lets us access dictionary elements like attributes
id=payload["user_id"], tenant_id=payload["tenant_id"], roles=payload["roles"] auth_data = SimpleNamespace(
) id=UUID(payload["user_id"]),
tenant_id=UUID(payload["tenant_id"]),
roles=payload["roles"],
)
else:
auth_data = SimpleNamespace(
id=UUID(payload["user_id"]), tenant_id=None, roles=payload["roles"]
)
return auth_data return auth_data
except jwt.ExpiredSignatureError: except jwt.ExpiredSignatureError:

3
cognee/modules/users/methods/get_default_user.py
View file

@ -1,8 +1,7 @@
from types import SimpleNamespace from types import SimpleNamespace
from sqlalchemy.orm import selectinload from sqlalchemy.orm import selectinload
from sqlalchemy.future import select from sqlalchemy.future import select
from cognee.modules.users.models import User, Tenant from cognee.modules.users.models import User
from cognee.infrastructure.databases.relational import get_relational_engine from cognee.infrastructure.databases.relational import get_relational_engine
from cognee.modules.users.methods.create_default_user import create_default_user from cognee.modules.users.methods.create_default_user import create_default_user

4
cognee/modules/users/permissions/methods/check_permission_on_documents.py
View file

@ -13,7 +13,9 @@ logger = logging.getLogger(__name__)
async def check_permission_on_documents(user: User, permission_type: str, document_ids: list[UUID]): async def check_permission_on_documents(user: User, permission_type: str, document_ids: list[UUID]):
user_roles_ids = [role.id for role in user.roles] # TODO: Enable user role permissions again. Temporarily disabled during rework.
# user_roles_ids = [role.id for role in user.roles]
user_roles_ids = []
db_engine = get_relational_engine() db_engine = get_relational_engine()