diff options
| author | BonfaceKilz | 2021-09-21 21:36:32 +0300 |
|---|---|---|
| committer | BonfaceKilz | 2021-10-04 13:00:53 +0300 |
| commit | 7f317126d7d422b073cb4e4a8698757fe1e763f3 (patch) | |
| tree | 64ec7d7bc95784e66f08a75322809f988a3cf7b9 | |
| parent | 266d4c4a425ca0a215c8d789e2978d213d5ff37d (diff) | |
| download | genenetwork2-7f317126d7d422b073cb4e4a8698757fe1e763f3.tar.gz | |
Replace hard-coded e-mails with gn-proxy queries
* wqflask/wqflask/decorators.py (edit_access_required.wrap): Query the
proxy to see the access rights of a given user.
| -rw-r--r-- | wqflask/wqflask/decorators.py | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/wqflask/wqflask/decorators.py b/wqflask/wqflask/decorators.py index f6e3eb8a..54aa6795 100644 --- a/wqflask/wqflask/decorators.py +++ b/wqflask/wqflask/decorators.py @@ -1,14 +1,36 @@ """This module contains gn2 decorators""" from flask import g +from typing import Dict from functools import wraps +from utility.hmac import hmac_creation + +import json +import requests def edit_access_required(f): """Use this for endpoints where admins are required""" @wraps(f) def wrap(*args, **kwargs): - if g.user_session.record.get(b"user_email_address") not in [ - b"labwilliams@gmail.com"]: + resource_id: str = "" + if kwargs.get("inbredset_id"): # data type: dataset-publish + resource_id = hmac_creation("dataset-publish:" + f"{kwargs.get('inbredset_id')}:" + f"{kwargs.get('name')}") + if kwargs.get("dataset_name"): # data type: dataset-probe + resource_id = hmac_creation("dataset-probeset:" + f"{kwargs.get('dataset_name')}") + response: Dict = {} + try: + _user_id = g.user_session.record.get(b"user_id", + "").decode("utf-8") + response = json.loads( + requests.get("http://localhost:8080/" + "available?resource=" + f"{resource_id}&user={_user_id}").content) + except: + response = {} + if "edit" not in response.get("data", []): return "You need to be admin", 401 return f(*args, **kwargs) return wrap |