From db0f9ebcb3b9bed2f8dfe2f9a2370dc1a86204b3 Mon Sep 17 00:00:00 2001
From: zsloan
Date: Tue, 4 Aug 2020 12:40:31 -0500
Subject: Simplified logic in the @before_request that checks user permissions
 * wqflask/wqflask/views.py - Removed an if statement that was unnecessary,
 because it already checks if dataset is either the string "Temp" or of type
 "Temp"

---
 wqflask/wqflask/views.py | 37 +++++++++++++++----------------------
 1 file changed, 15 insertions(+), 22 deletions(-)

(limited to 'wqflask')

diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py
index 57183eed..dde22bf7 100644
--- a/wqflask/wqflask/views.py
+++ b/wqflask/wqflask/views.py
@@ -61,7 +61,7 @@ from utility.authentication_tools import check_resource_availability
 from utility.redis_tools import get_redis_conn
 Redis = get_redis_conn()
 
-from base.webqtlConfig import GENERATED_IMAGE_DIR
+from base.webqtlConfig import GENERATED_IMAGE_DIR, DEFAULT_PRIVILEGES
 from utility.benchmark import Bench
 
 from pprint import pformat as pf
@@ -91,27 +91,20 @@ def connect_db():
 def check_access_permissions():
     logger.debug("@app.before_request check_access_permissions")
     available = True
-    if "temp_trait" in request.args:
-        if request.args['temp_trait'] == "True":
-            pass
-    else:
-        if 'dataset' in request.args:
-            if request.args['dataset'] == "Temp":
-                permissions = check_resource_availability("Temp")
-            else:
-                dataset = create_dataset(request.args['dataset'])
-
-                if dataset.type == "Temp":
-                    permissions = False
-                if 'trait_id' in request.args:
-                    permissions = check_resource_availability(dataset, request.args['trait_id'])
-                elif dataset.type != "Publish":
-                    permissions = check_resource_availability(dataset)
-                else:
-                    return None
-
-            if 'view' not in permissions['data']:
-                return redirect(url_for("no_access_page"))
+    if 'dataset' in request.args:
+        permissions = DEFAULT_PRIVILEGES
+        if request.args['dataset'] != "Temp":
+            dataset = create_dataset(request.args['dataset'])
+
+            if dataset.type == "Temp":
+                permissions = DEFAULT_PRIVILEGES
+            elif 'trait_id' in request.args:
+                permissions = check_resource_availability(dataset, request.args['trait_id'])
+            elif dataset.type != "Publish":
+                permissions = check_resource_availability(dataset)
+
+        if 'view' not in permissions['data']:
+            return redirect(url_for("no_access_page"))
 
 @app.teardown_appcontext
 def shutdown_session(exception=None):
-- 
cgit v1.2.3