From 0618b9f78d6ca2517f6265a9cfe7db64b6ae12ef Mon Sep 17 00:00:00 2001 From: BonfaceKilz Date: Wed, 27 Oct 2021 14:20:20 +0300 Subject: Default to an empty string if a session_id is empty "user_id" is jumbled up; it's either bytes or plain strings. This correctly parses it. --- wqflask/wqflask/decorators.py | 23 +++++++++++------------ wqflask/wqflask/metadata_edits.py | 5 ++--- 2 files changed, 13 insertions(+), 15 deletions(-) (limited to 'wqflask') diff --git a/wqflask/wqflask/decorators.py b/wqflask/wqflask/decorators.py index a4ff7ce3..0c3c2a89 100644 --- a/wqflask/wqflask/decorators.py +++ b/wqflask/wqflask/decorators.py @@ -16,9 +16,9 @@ def login_required(f): """Use this for endpoints where login is required""" @wraps(f) def wrap(*args, **kwargs): - user_id = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + user_id = ((g.user_session.record.get(b"user_id") or + b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") redis_conn = redis.from_url(current_app.config["REDIS_URL"], decode_responses=True) if not redis_conn.hget("users", user_id): @@ -38,15 +38,14 @@ def edit_access_required(f): resource_id = kwargs.get("resource_id") response: Dict = {} try: - _user_id = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + user_id = ((g.user_session.record.get(b"user_id") or + b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") response = json.loads( requests.get(urljoin( current_app.config.get("GN2_PROXY"), ("available?resource=" - f"{resource_id}&user={_user_id}"))).content) - + f"{resource_id}&user={user_id}"))).content) except: response = {} if max([DataRole(role) for role in response.get( @@ -63,14 +62,14 @@ def edit_admins_access_required(f): resource_id: str = kwargs.get("resource_id", "") response: Dict = {} try: - _user_id = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + user_id = ((g.user_session.record.get(b"user_id") or + b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") response = json.loads( requests.get(urljoin( current_app.config.get("GN2_PROXY"), ("available?resource=" - f"{resource_id}&user={_user_id}"))).content) + f"{resource_id}&user={user_id}"))).content) except: response = {} if max([AdminRole(role) for role in response.get( diff --git a/wqflask/wqflask/metadata_edits.py b/wqflask/wqflask/metadata_edits.py index bab1fa71..7e237976 100644 --- a/wqflask/wqflask/metadata_edits.py +++ b/wqflask/wqflask/metadata_edits.py @@ -162,9 +162,8 @@ def update_phenotype(dataset_id: str, name: str): host=current_app.config.get("DB_HOST")) data_ = request.form.to_dict() TMPDIR = current_app.config.get("TMPDIR") - author = (g.user_session.record.get(b"user_id", - b"").decode("utf-8") or - g.user_session.record.get("user_id", "")) + author = ((g.user_session.record.get(b"user_id") or b"").decode("utf-8") + or g.user_session.record.get("user_id") or "") phenotype_id = str(data_.get('phenotype-id')) if 'file' not in request.files: flash("No sample-data has been uploaded", "warning") -- cgit v1.2.3