feat(security): add approved rooms/users/domains as env variables (#277)

* feat(security): add approved rooms/users/domains as env variables * chore(lint): fix R0902 * chore(lint): fix C0114 * chore(lint): fix C0116 * chore(lint): fix C0413
2024-08-30 19:38:56 +01:00
parent 56f1cb924e
commit b758d0dfda
8 changed files with 109 additions and 28 deletions
--- a/app/utils/config.py
+++ b/app/utils/config.py
@ -2,19 +2,19 @@

 import os

+from app.utils.helpers import validate_email_syntax
+

 class Config:
    """Configuration module."""
+
    def __init__(self) -> None:
        """Configuration module."""
-        self.__environment: str = os.environ.get("APP_LIFECYCLE", "DEV").upper()
-        self.__version: str = os.environ["APP_VERSION"]
-        self.__bot_name: str = os.environ["BOT_NAME"]
-        self.__webex_token: str = os.environ["WEBEX_API_KEY"]
-        self.__admin_first_name: str = os.environ["ADMIN_FIRST_NAME"]
-        self.__admin_emails: list = os.environ["ADMIN_EMAIL"].split(",")
-        self.__n8n_webhook_url: str = os.environ["N8N_WEBHOOK_URL"]
+
+        # Sentry config needs to be processed first for loop prevention.
+
        self.__sentry_dsn: str = os.environ.get("SENTRY_DSN", "")
+
        self.__sentry_enabled: bool = bool(
            os.environ.get("SENTRY_ENABLED", "False").upper() == "TRUE"
            and self.__sentry_dsn != ""
@ -23,12 +23,12 @@ class Config:
    @property
    def environment(self) -> str:
        """Returns the current app lifecycle."""
-        return self.__environment
+        return os.environ.get("APP_LIFECYCLE", "DEV").upper()

    @property
    def version(self) -> str:
        """Returns the current app version."""
-        return self.__version
+        return os.environ["APP_VERSION"]

    @property
    def sentry_enabled(self) -> bool:
@ -46,27 +46,46 @@ class Config:
    @property
    def bot_name(self) -> str:
        """Returns the bot name."""
-        return self.__bot_name
+        return os.environ["BOT_NAME"]

    @property
    def webex_token(self) -> str:
        """Returns the Webex API key."""
-        return self.__webex_token
+        return os.environ["WEBEX_API_KEY"]

    @property
    def admin_first_name(self) -> str:
        """Returns the first name of the bot admin."""
-        return self.__admin_first_name
+        return os.environ["ADMIN_FIRST_NAME"]

    @property
    def admin_emails(self) -> list:
        """Returns a list of admin email addresses."""
-        return self.__admin_emails
+        return os.environ["ADMIN_EMAIL"].split(",")

    @property
    def n8n_webhook_url(self) -> str:
        """Returns the n8n webhook URL."""
-        return self.__n8n_webhook_url
+        return os.environ["N8N_WEBHOOK_URL"]
+
+    @property
+    def approved_users(self) -> list:
+        """Returns a list of approved users."""
+        emails: list[str] = os.environ.get("APPROVED_USERS", "").split(",")
+        emails = [i.strip() for i in emails if validate_email_syntax(i.strip())]
+        return emails
+
+    @property
+    def approved_rooms(self) -> list:
+        """Returns a list of approved rooms."""
+        rooms: list[str] = os.environ.get("APPROVED_ROOMS", "").split(",")
+        return [i.strip() for i in rooms]
+
+    @property
+    def approved_domains(self) -> list:
+        """Returns a list of approved domains."""
+        domains: list[str] = os.environ.get("APPROVED_DOMAINS", "").split(",")
+        return [i.strip() for i in domains]


 config: Config = Config()