aboutsummaryrefslogtreecommitdiff
path: root/wqflask
diff options
context:
space:
mode:
authorzsloan2020-08-04 12:40:31 -0500
committerzsloan2020-08-04 12:40:31 -0500
commitdb0f9ebcb3b9bed2f8dfe2f9a2370dc1a86204b3 (patch)
tree265ab920cfbcaedb9c2a10d36f69391e5bdc40ea /wqflask
parent7884399b779e839f87a2667591aebf7d293b8f33 (diff)
downloadgenenetwork2-db0f9ebcb3b9bed2f8dfe2f9a2370dc1a86204b3.tar.gz
Simplified logic in the @before_request that checks user permissions
* wqflask/wqflask/views.py - Removed an if statement that was unnecessary, because it already checks if dataset is either the string "Temp" or of type "Temp"
Diffstat (limited to 'wqflask')
-rw-r--r--wqflask/wqflask/views.py37
1 files changed, 15 insertions, 22 deletions
diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py
index 57183eed..dde22bf7 100644
--- a/wqflask/wqflask/views.py
+++ b/wqflask/wqflask/views.py
@@ -61,7 +61,7 @@ from utility.authentication_tools import check_resource_availability
from utility.redis_tools import get_redis_conn
Redis = get_redis_conn()
-from base.webqtlConfig import GENERATED_IMAGE_DIR
+from base.webqtlConfig import GENERATED_IMAGE_DIR, DEFAULT_PRIVILEGES
from utility.benchmark import Bench
from pprint import pformat as pf
@@ -91,27 +91,20 @@ def connect_db():
def check_access_permissions():
logger.debug("@app.before_request check_access_permissions")
available = True
- if "temp_trait" in request.args:
- if request.args['temp_trait'] == "True":
- pass
- else:
- if 'dataset' in request.args:
- if request.args['dataset'] == "Temp":
- permissions = check_resource_availability("Temp")
- else:
- dataset = create_dataset(request.args['dataset'])
-
- if dataset.type == "Temp":
- permissions = False
- if 'trait_id' in request.args:
- permissions = check_resource_availability(dataset, request.args['trait_id'])
- elif dataset.type != "Publish":
- permissions = check_resource_availability(dataset)
- else:
- return None
-
- if 'view' not in permissions['data']:
- return redirect(url_for("no_access_page"))
+ if 'dataset' in request.args:
+ permissions = DEFAULT_PRIVILEGES
+ if request.args['dataset'] != "Temp":
+ dataset = create_dataset(request.args['dataset'])
+
+ if dataset.type == "Temp":
+ permissions = DEFAULT_PRIVILEGES
+ elif 'trait_id' in request.args:
+ permissions = check_resource_availability(dataset, request.args['trait_id'])
+ elif dataset.type != "Publish":
+ permissions = check_resource_availability(dataset)
+
+ if 'view' not in permissions['data']:
+ return redirect(url_for("no_access_page"))
@app.teardown_appcontext
def shutdown_session(exception=None):