Adding all the authentication stuff

author: zsloan 2020-06-17 14:49:40 -0500
committer: zsloan 2020-06-17 14:49:40 -0500
commit: ea47eb228b1224ea83e3f50a056bf715b3bf5ec6 (patch)
tree: e6ff6824d2e1960e7b84342c7d09771d4783ae97 /wqflask/utility/authentication_tools.py
parent: 7438f3c45122f02c25155b42ede703ad2845649c (diff)
download: genenetwork2-ea47eb228b1224ea83e3f50a056bf715b3bf5ec6.tar.gz
1 files changed, 86 insertions, 46 deletions
diff --git a/wqflask/utility/authentication_tools.py b/wqflask/utility/authentication_tools.py
index 537881a5..07ceacc0 100644
--- a/wqflask/utility/authentication_tools.py
+++ b/wqflask/utility/authentication_tools.py
@@ -1,46 +1,86 @@
-from __future__ import absolute_import, print_function, division
-
-import json
-import requests
-
-from base import data_set
-
-from utility import hmac
-from utility.redis_tools import get_redis_conn, get_resource_info, get_resource_id
-
-from flask import Flask, g, redirect, url_for
-
-import logging
-logger = logging.getLogger(__name__ )
-
-def check_resource_availability(dataset, trait_id=None):
-    resource_id = get_resource_id(dataset, trait_id)
-
-    if resource_id:
-        the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
-        try:
-            response = json.loads(requests.get(the_url).content)['data']
-        except:
-            resource_info = get_resource_info(resource_id)
-            response = resource_info['default_mask']['data']
-
-        if 'view' in response:
-            return True
-        else:
-            return redirect(url_for("no_access_page"))
-
-    return True
-
-def check_owner(dataset=None, trait_id=None, resource_id=None):
-    if resource_id:
-        resource_info = get_resource_info(resource_id)
-        if g.user_session.user_id == resource_info['owner_id']:
-            return resource_id
-    else:
-        resource_id = get_resource_id(dataset, trait_id)
-        if resource_id:
-            resource_info = get_resource_info(resource_id)
-            if g.user_session.user_id == resource_info['owner_id']:
-                return resource_id
-
-    return False
-\ No newline at end of file
+from __future__ import absolute_import, print_function, division
+
+import json
+import requests
+
+from base import data_set
+
+from utility import hmac
+from utility.redis_tools import get_redis_conn, get_resource_info, get_resource_id
+
+from flask import Flask, g, redirect, url_for
+
+import logging
+logger = logging.getLogger(__name__ )
+
+def check_resource_availability(dataset, trait_id=None):
+    resource_id = get_resource_id(dataset, trait_id)
+
+    response = None
+    if resource_id:
+        resource_info = get_resource_info(resource_id)
+
+        the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
+        try:
+            response = json.loads(requests.get(the_url).content)['data']
+        except:
+            response = resource_info['default_mask']['data']
+
+        if 'edit' in response:
+            return "edit"
+        elif 'view' in response:
+            return "view"
+        else:
+            return "no-access"
+
+    return False
+
+def check_admin(resource_id=None):
+
+    return "not-admin"
+
+    # ZS: commented out until proxy can return this
+    # the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
+    # try:
+    #     response = json.loads(requests.get(the_url).content)
+    # except:
+    #     response = resource_info['default_mask']['admin']
+
+    # if 'edit-admins' in response:
+    #     return "edit-admins"
+    # elif 'edit-access' in response:
+    #     return "edit-access"
+    # else:
+    #     return "not-admin"
+
+def check_owner(dataset=None, trait_id=None, resource_id=None):
+    if resource_id:
+        resource_info = get_resource_info(resource_id)
+        if g.user_session.user_id == resource_info['owner_id']:
+            return resource_id
+    else:
+        resource_id = get_resource_id(dataset, trait_id)
+        if resource_id:
+            resource_info = get_resource_info(resource_id)
+            if g.user_session.user_id == resource_info['owner_id']:
+                return resource_id
+
+    return False
+
+def check_owner_or_admin(dataset=None, trait_id=None, resource_id=None):
+    if resource_id:
+        resource_info = get_resource_info(resource_id)
+        if g.user_session.user_id == resource_info['owner_id']:
+            return [resource_id, "owner"]
+        else:
+            return [resource_id, check_admin(resource_id)]
+    else:
+        resource_id = get_resource_id(dataset, trait_id)
+        if resource_id:
+            resource_info = get_resource_info(resource_id)
+            if g.user_session.user_id == resource_info['owner_id']:
+                return [resource_id, "owner"]
+            else:
+                return [resource_id, check_admin(resource_id)]
+
+    return [resource_id, "not-admin"]
+\ No newline at end of file
author	zsloan	2020-06-17 14:49:40 -0500
committer	zsloan	2020-06-17 14:49:40 -0500
commit	ea47eb228b1224ea83e3f50a056bf715b3bf5ec6 (patch)
tree	e6ff6824d2e1960e7b84342c7d09771d4783ae97 /wqflask/utility/authentication_tools.py
parent	7438f3c45122f02c25155b42ede703ad2845649c (diff)
download	genenetwork2-ea47eb228b1224ea83e3f50a056bf715b3bf5ec6.tar.gz