From 05628e484fb238cea6ac3267be959b2bb0702c61 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Thu, 27 Oct 2022 12:20:35 +0300 Subject: Refactor: Pass user id to `check_resource_availability` * Pass the user_id for the current user to the `check_resource_availability` function as an argument, rather than using the global `g.user_session.user_id` value. --- wqflask/base/trait.py | 5 +++-- wqflask/tests/unit/utility/test_authentication_tools.py | 12 +++++++----- wqflask/utility/authentication_tools.py | 9 +++------ wqflask/wqflask/correlation/show_corr_results.py | 1 - wqflask/wqflask/gsearch.py | 5 +++-- wqflask/wqflask/search_results.py | 5 ++++- 6 files changed, 20 insertions(+), 17 deletions(-) (limited to 'wqflask') diff --git a/wqflask/base/trait.py b/wqflask/base/trait.py index dcd81085..4352c527 100644 --- a/wqflask/base/trait.py +++ b/wqflask/base/trait.py @@ -44,9 +44,10 @@ def create_trait(**kw): if dataset.type == 'Publish': permissions = check_resource_availability( - dataset, kw.get('name')) + dataset, g.user_session.user_id, kw.get('name')) else: - permissions = check_resource_availability(dataset) + permissions = check_resource_availability( + dataset, g.user_session.user_id) if permissions['data'] != "no-access": diff --git a/wqflask/tests/unit/utility/test_authentication_tools.py b/wqflask/tests/unit/utility/test_authentication_tools.py index 024ab43f..fb8de292 100644 --- a/wqflask/tests/unit/utility/test_authentication_tools.py +++ b/wqflask/tests/unit/utility/test_authentication_tools.py @@ -21,6 +21,8 @@ class TestUser: """Mockes user id. Used in Flask.g.user_session.user_id""" return b"Jane" +user_id = b"Jane" + class TestUserSession: """Mock user session""" @@ -52,7 +54,7 @@ class TestCheckResourceAvailability(unittest.TestCase): test_dataset = mock.MagicMock() type(test_dataset).type = mock.PropertyMock(return_value="Test") add_new_resource_mock.return_value = {"default_mask": 2} - self.assertEqual(check_resource_availability(test_dataset), 2) + self.assertEqual(check_resource_availability(test_dataset, user_id), 2) @mock.patch('utility.authentication_tools.requests.get') @mock.patch('utility.authentication_tools.add_new_resource') @@ -72,7 +74,7 @@ class TestCheckResourceAvailability(unittest.TestCase): requests_mock.return_value = TestResponse() test_dataset = mock.MagicMock() type(test_dataset).type = mock.PropertyMock(return_value="Test") - self.assertEqual(check_resource_availability(test_dataset), + self.assertEqual(check_resource_availability(test_dataset, user_id), ['foo']) @mock.patch('utility.authentication_tools.webqtlConfig.SUPER_PRIVILEGES', @@ -95,14 +97,14 @@ class TestCheckResourceAvailability(unittest.TestCase): requests_mock.return_value = TestResponse() test_dataset = mock.MagicMock() type(test_dataset).type = mock.PropertyMock(return_value="Test") - self.assertEqual(check_resource_availability(test_dataset), + self.assertEqual(check_resource_availability(test_dataset, user_id), "SUPERUSER") @mock.patch('utility.authentication_tools.webqtlConfig.DEFAULT_PRIVILEGES', "John Doe") def test_check_resource_availability_string_dataset(self): """Test the resource availability if the dataset is a string""" - self.assertEqual(check_resource_availability("Test"), + self.assertEqual(check_resource_availability("Test", user_id), "John Doe") @mock.patch('utility.authentication_tools.webqtlConfig.DEFAULT_PRIVILEGES', @@ -111,7 +113,7 @@ class TestCheckResourceAvailability(unittest.TestCase): """Test the resource availability if the dataset is a string""" test_dataset = mock.MagicMock() type(test_dataset).type = mock.PropertyMock(return_value="Temp") - self.assertEqual(check_resource_availability(test_dataset), + self.assertEqual(check_resource_availability(test_dataset, user_id), "John Doe") diff --git a/wqflask/utility/authentication_tools.py b/wqflask/utility/authentication_tools.py index a8c03fe2..7d80b3fb 100644 --- a/wqflask/utility/authentication_tools.py +++ b/wqflask/utility/authentication_tools.py @@ -13,7 +13,7 @@ from utility.tools import GN_PROXY_URL Redis = get_redis_conn() -def check_resource_availability(dataset, trait_id=None): +def check_resource_availability(dataset, user_id, trait_id=None): # At least for now assume temporary entered traits are accessible if type(dataset) == str or dataset.type == "Temp": return webqtlConfig.DEFAULT_PRIVILEGES @@ -33,14 +33,11 @@ def check_resource_availability(dataset, trait_id=None): # Check if super-user - we should probably come up with some # way to integrate this into the proxy - if g.user_session.user_id in Redis.smembers("super_users"): + if user_id in Redis.smembers("super_users"): return webqtlConfig.SUPER_PRIVILEGES response = None - - the_url = GN_PROXY_URL + "available?resource={}&user={}".format( - resource_id, g.user_session.user_id) - + the_url = f"{GN_PROXY_URL}available?resource={resource_id}&user={user_id}" try: response = json.loads(requests.get(the_url).content) except: diff --git a/wqflask/wqflask/correlation/show_corr_results.py b/wqflask/wqflask/correlation/show_corr_results.py index cda34bee..d3e50972 100644 --- a/wqflask/wqflask/correlation/show_corr_results.py +++ b/wqflask/wqflask/correlation/show_corr_results.py @@ -29,7 +29,6 @@ from base.webqtlConfig import TMPDIR from wqflask.correlation.pre_computes import fetch_all_cached_metadata from wqflask.correlation.pre_computes import cache_new_traits_metadata -from utility.authentication_tools import check_resource_availability from utility import hmac from utility.type_checking import get_float, get_int, get_string diff --git a/wqflask/wqflask/gsearch.py b/wqflask/wqflask/gsearch.py index 202d2670..a1b3c5c4 100644 --- a/wqflask/wqflask/gsearch.py +++ b/wqflask/wqflask/gsearch.py @@ -4,8 +4,9 @@ from pymonad.maybe import Just, Maybe from pymonad.tools import curry import requests -from gn3.monads import MonadicDict -from utility.tools import GN3_LOCAL_URL +from base import webqtlConfig +from utility.monads import MonadicDict +from wqflask.database import xapian_database # KLUDGE: Due to the lack of pagination, we hard-limit the maximum # number of search results. diff --git a/wqflask/wqflask/search_results.py b/wqflask/wqflask/search_results.py index fd2b97d7..5019f156 100644 --- a/wqflask/wqflask/search_results.py +++ b/wqflask/wqflask/search_results.py @@ -6,6 +6,8 @@ import re import json +from flask import g + from base.data_set import create_dataset from base.webqtlConfig import PUBMEDLINK_URL from wqflask import parser @@ -137,7 +139,8 @@ class SearchResultPage: # Check permissions on a trait-by-trait basis for phenotype traits trait_dict['name'] = trait_dict['display_name'] = str(result[0]) trait_dict['hmac'] = hmac.data_hmac('{}:{}'.format(trait_dict['name'], trait_dict['dataset'])) - permissions = check_resource_availability(self.dataset, trait_dict['display_name']) + permissions = check_resource_availability( + self.dataset, g.user_session.user_id, trait_dict['display_name']) if not any(x in permissions['data'] for x in ["view", "edit"]): continue -- cgit v1.2.3