aboutsummaryrefslogtreecommitdiff
path: root/wqflask/utility
diff options
context:
space:
mode:
authorzsloan2020-06-17 14:49:40 -0500
committerzsloan2020-06-17 14:49:40 -0500
commitea47eb228b1224ea83e3f50a056bf715b3bf5ec6 (patch)
treee6ff6824d2e1960e7b84342c7d09771d4783ae97 /wqflask/utility
parent7438f3c45122f02c25155b42ede703ad2845649c (diff)
downloadgenenetwork2-ea47eb228b1224ea83e3f50a056bf715b3bf5ec6.tar.gz
Adding all the authentication stuff
Diffstat (limited to 'wqflask/utility')
-rw-r--r--wqflask/utility/authentication_tools.py132
-rw-r--r--wqflask/utility/redis_tools.py67
2 files changed, 150 insertions, 49 deletions
diff --git a/wqflask/utility/authentication_tools.py b/wqflask/utility/authentication_tools.py
index 537881a5..07ceacc0 100644
--- a/wqflask/utility/authentication_tools.py
+++ b/wqflask/utility/authentication_tools.py
@@ -1,46 +1,86 @@
-from __future__ import absolute_import, print_function, division
-
-import json
-import requests
-
-from base import data_set
-
-from utility import hmac
-from utility.redis_tools import get_redis_conn, get_resource_info, get_resource_id
-
-from flask import Flask, g, redirect, url_for
-
-import logging
-logger = logging.getLogger(__name__ )
-
-def check_resource_availability(dataset, trait_id=None):
- resource_id = get_resource_id(dataset, trait_id)
-
- if resource_id:
- the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
- try:
- response = json.loads(requests.get(the_url).content)['data']
- except:
- resource_info = get_resource_info(resource_id)
- response = resource_info['default_mask']['data']
-
- if 'view' in response:
- return True
- else:
- return redirect(url_for("no_access_page"))
-
- return True
-
-def check_owner(dataset=None, trait_id=None, resource_id=None):
- if resource_id:
- resource_info = get_resource_info(resource_id)
- if g.user_session.user_id == resource_info['owner_id']:
- return resource_id
- else:
- resource_id = get_resource_id(dataset, trait_id)
- if resource_id:
- resource_info = get_resource_info(resource_id)
- if g.user_session.user_id == resource_info['owner_id']:
- return resource_id
-
- return False \ No newline at end of file
+from __future__ import absolute_import, print_function, division
+
+import json
+import requests
+
+from base import data_set
+
+from utility import hmac
+from utility.redis_tools import get_redis_conn, get_resource_info, get_resource_id
+
+from flask import Flask, g, redirect, url_for
+
+import logging
+logger = logging.getLogger(__name__ )
+
+def check_resource_availability(dataset, trait_id=None):
+ resource_id = get_resource_id(dataset, trait_id)
+
+ response = None
+ if resource_id:
+ resource_info = get_resource_info(resource_id)
+
+ the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
+ try:
+ response = json.loads(requests.get(the_url).content)['data']
+ except:
+ response = resource_info['default_mask']['data']
+
+ if 'edit' in response:
+ return "edit"
+ elif 'view' in response:
+ return "view"
+ else:
+ return "no-access"
+
+ return False
+
+def check_admin(resource_id=None):
+
+ return "not-admin"
+
+ # ZS: commented out until proxy can return this
+ # the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
+ # try:
+ # response = json.loads(requests.get(the_url).content)
+ # except:
+ # response = resource_info['default_mask']['admin']
+
+ # if 'edit-admins' in response:
+ # return "edit-admins"
+ # elif 'edit-access' in response:
+ # return "edit-access"
+ # else:
+ # return "not-admin"
+
+def check_owner(dataset=None, trait_id=None, resource_id=None):
+ if resource_id:
+ resource_info = get_resource_info(resource_id)
+ if g.user_session.user_id == resource_info['owner_id']:
+ return resource_id
+ else:
+ resource_id = get_resource_id(dataset, trait_id)
+ if resource_id:
+ resource_info = get_resource_info(resource_id)
+ if g.user_session.user_id == resource_info['owner_id']:
+ return resource_id
+
+ return False
+
+def check_owner_or_admin(dataset=None, trait_id=None, resource_id=None):
+ if resource_id:
+ resource_info = get_resource_info(resource_id)
+ if g.user_session.user_id == resource_info['owner_id']:
+ return [resource_id, "owner"]
+ else:
+ return [resource_id, check_admin(resource_id)]
+ else:
+ resource_id = get_resource_id(dataset, trait_id)
+ if resource_id:
+ resource_info = get_resource_info(resource_id)
+ if g.user_session.user_id == resource_info['owner_id']:
+ return [resource_id, "owner"]
+ else:
+ return [resource_id, check_admin(resource_id)]
+
+ return [resource_id, "not-admin"] \ No newline at end of file
diff --git a/wqflask/utility/redis_tools.py b/wqflask/utility/redis_tools.py
index bc30a0af..c6d221ff 100644
--- a/wqflask/utility/redis_tools.py
+++ b/wqflask/utility/redis_tools.py
@@ -16,7 +16,7 @@ from utility.logger import getLogger
logger = getLogger(__name__)
def get_redis_conn():
- Redis = redis.StrictRedis(port=6380)
+ Redis = redis.StrictRedis(port=6379)
return Redis
Redis = get_redis_conn()
@@ -51,6 +51,27 @@ def get_user_by_unique_column(column_name, column_value):
return item_details
+def get_users_like_unique_column(column_name, column_value):
+ """
+ Like previous function, but this only checks if the input is a subset of a field and can return multiple results
+ """
+ matched_users = []
+
+ if column_value != "":
+ user_list = Redis.hgetall("users")
+ if column_name != "user_id":
+ for key in user_list:
+ user_ob = json.loads(user_list[key])
+ if column_name in user_ob:
+ if column_value in user_ob[column_name]:
+ matched_users.append(user_ob)
+ else:
+ matched_users.append(json.loads(user_list[column_value]))
+
+ return matched_users
+
+# def search_users_by_unique_column(column_name, column_value):
+
def set_user_attribute(user_id, column_name, column_value):
user_info = json.loads(Redis.hget("users", user_id))
user_info[column_name] = column_value
@@ -142,6 +163,28 @@ def get_group_by_unique_column(column_name, column_value):
return matched_groups
+def get_groups_like_unique_column(column_name, column_value):
+ """
+ Like previous function, but this only checks if the input is a subset of a field and can return multiple results
+ """
+ matched_groups = []
+
+ if column_value != "":
+ group_list = Redis.hgetall("groups")
+ if column_name != "group_id":
+ for key in group_list:
+ group_info = json.loads(group_list[key])
+ if column_name == "admins" or column_name == "members": #ZS: Since these fields are lists, search in the list
+ if column_value in group_info[column_name]:
+ matched_groups.append(group_info)
+ else:
+ if column_name in group_info:
+ if column_value in group_info[column_name]:
+ matched_groups.append(group_info)
+ else:
+ matched_groups.append(json.loads(group_list[column_value]))
+
+ return matched_groups
def create_group(admin_user_ids, member_user_ids = [], group_name = "Default Group Name"):
group_id = str(uuid.uuid4())
@@ -192,9 +235,13 @@ def add_users_to_group(user_id, group_id, user_emails = [], admins = False): #ZS
def remove_users_from_group(user_id, users_to_remove_ids, group_id, user_type = "members"): #ZS: User type is because I assume admins can remove other admins
group_info = get_group_info(group_id)
+
if user_id in group_info["admins"]:
+ users_to_remove_set = set(users_to_remove_ids)
+ if user_type == "admins" and user_id in users_to_remove_set: #ZS: Make sure an admin can't remove themselves from a group, since I imagine we don't want groups to be able to become admin-less
+ users_to_remove_set.remove(user_id)
group_users = set(group_info[user_type])
- group_users -= set(users_to_remove_ids)
+ group_users -= users_to_remove_set
group_info[user_type] = list(group_users)
group_info["changed_timestamp"] = datetime.datetime.utcnow().strftime('%b %d %Y %I:%M%p')
Redis.hset("groups", group_id, json.dumps(group_info))
@@ -232,7 +279,6 @@ def get_resource_info(resource_id):
return json.loads(resource_info)
def add_resource(resource_info):
-
if 'trait' in resource_info['data']:
resource_id = hmac.hmac_creation('{}:{}:{}'.format(str(resource_info['type']), str(resource_info['data']['dataset']), str(resource_info['data']['trait'])))
else:
@@ -241,3 +287,18 @@ def add_resource(resource_info):
Redis.hset("resources", resource_id, json.dumps(resource_info))
return resource_info
+
+def add_access_mask(resource_id, group_id, access_mask):
+ the_resource = get_resource_info(resource_id)
+ the_resource['group_masks'][group_id] = access_mask
+
+ Redis.hset("resources", resource_id, json.dumps(the_resource))
+
+ return the_resource
+
+def change_resource_owner(resource_id, new_owner_id):
+ the_resource= get_resource_info(resource_id)
+ the_resource['owner_id'] = new_owner_id
+
+ Redis.delete("resource")
+ Redis.hset("resources", resource_id, json.dumps(the_resource)) \ No newline at end of file