diff options
author | BonfaceKilz | 2021-10-27 14:20:20 +0300 |
---|---|---|
committer | BonfaceKilz | 2021-10-28 08:34:35 +0300 |
commit | 0618b9f78d6ca2517f6265a9cfe7db64b6ae12ef (patch) | |
tree | ca4869d1cf0cda2e2a090a72b510c2439e95465a | |
parent | e640c85bdb5174d86f2ba5adf112bbf9259fdc94 (diff) | |
download | genenetwork2-0618b9f78d6ca2517f6265a9cfe7db64b6ae12ef.tar.gz |
Default to an empty string if a session_id is empty
"user_id" is jumbled up; it's either bytes or plain strings. This
correctly parses it.
-rw-r--r-- | wqflask/wqflask/decorators.py | 23 | ||||
-rw-r--r-- | wqflask/wqflask/metadata_edits.py | 5 |
2 files changed, 13 insertions, 15 deletions
diff --git a/wqflask/wqflask/decorators.py b/wqflask/wqflask/decorators.py index a4ff7ce3..0c3c2a89 100644 --- a/wqflask/wqflask/decorators.py +++ b/wqflask/wqflask/decorators.py @@ -16,9 +16,9 @@ def login_required(f): """Use this for endpoints where login is required""" @wraps(f) def wrap(*args, **kwargs): - user_id = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + user_id = ((g.user_session.record.get(b"user_id") or + b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") redis_conn = redis.from_url(current_app.config["REDIS_URL"], decode_responses=True) if not redis_conn.hget("users", user_id): @@ -38,15 +38,14 @@ def edit_access_required(f): resource_id = kwargs.get("resource_id") response: Dict = {} try: - _user_id = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + user_id = ((g.user_session.record.get(b"user_id") or + b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") response = json.loads( requests.get(urljoin( current_app.config.get("GN2_PROXY"), ("available?resource=" - f"{resource_id}&user={_user_id}"))).content) - + f"{resource_id}&user={user_id}"))).content) except: response = {} if max([DataRole(role) for role in response.get( @@ -63,14 +62,14 @@ def edit_admins_access_required(f): resource_id: str = kwargs.get("resource_id", "") response: Dict = {} try: - _user_id = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + user_id = ((g.user_session.record.get(b"user_id") or + b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") response = json.loads( requests.get(urljoin( current_app.config.get("GN2_PROXY"), ("available?resource=" - f"{resource_id}&user={_user_id}"))).content) + f"{resource_id}&user={user_id}"))).content) except: response = {} if max([AdminRole(role) for role in response.get( diff --git a/wqflask/wqflask/metadata_edits.py b/wqflask/wqflask/metadata_edits.py index bab1fa71..7e237976 100644 --- a/wqflask/wqflask/metadata_edits.py +++ b/wqflask/wqflask/metadata_edits.py @@ -162,9 +162,8 @@ def update_phenotype(dataset_id: str, name: str): host=current_app.config.get("DB_HOST")) data_ = request.form.to_dict() TMPDIR = current_app.config.get("TMPDIR") - author = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + author = ((g.user_session.record.get(b"user_id") or b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") phenotype_id = str(data_.get('phenotype-id')) if 'file' not in request.files: flash("No sample-data has been uploaded", "warning") |