1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
from __future__ import absolute_import, print_function, division
import json
import requests
from base import data_set, webqtlConfig
from utility import hmac
from utility.redis_tools import get_redis_conn, get_resource_info, get_resource_id
Redis = get_redis_conn()
from flask import Flask, g, redirect, url_for
import logging
logger = logging.getLogger(__name__ )
def check_resource_availability(dataset, trait_id=None):
#ZS: Check if super-user - we should probably come up with some way to integrate this into the proxy
if g.user_session.user_id in Redis.smembers("super_users"):
return webqtlConfig.SUPER_PRIVILEGES
response = None
#At least for now assume temporary entered traits are accessible#At least for now assume temporary entered traits are accessible
if type(dataset) == str:
return webqtlConfig.DEFAULT_PRIVILEGES
if dataset.type == "Temp":
return webqtlConfig.DEFAULT_PRIVILEGES
resource_id = get_resource_id(dataset, trait_id)
if resource_id:
resource_info = get_resource_info(resource_id)
else:
return response #ZS: Need to substitute in something that creates the resource in Redis later
the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
try:
response = json.loads(requests.get(the_url).content)
except:
response = resource_info['default_mask']
if response:
return response
else: #ZS: No idea how this would happen, but just in case
return False
def check_admin(resource_id=None):
the_url = "http://localhost:8080/available?resource={}&user={}".format(resource_id, g.user_session.user_id)
try:
response = json.loads(requests.get(the_url).content)['admin']
except:
response = resource_info['default_mask']['admin']
if 'edit-admins' in response:
return "edit-admins"
elif 'edit-access' in response:
return "edit-access"
else:
return "not-admin"
def check_owner(dataset=None, trait_id=None, resource_id=None):
if resource_id:
resource_info = get_resource_info(resource_id)
if g.user_session.user_id == resource_info['owner_id']:
return resource_id
else:
resource_id = get_resource_id(dataset, trait_id)
if resource_id:
resource_info = get_resource_info(resource_id)
if g.user_session.user_id == resource_info['owner_id']:
return resource_id
return False
def check_owner_or_admin(dataset=None, trait_id=None, resource_id=None):
if not resource_id:
if dataset.type == "Temp":
return "not-admin"
else:
resource_id = get_resource_id(dataset, trait_id)
if g.user_session.user_id in Redis.smembers("super_users"):
return "owner"
resource_info = get_resource_info(resource_id)
if g.user_session.user_id == resource_info['owner_id']:
return "owner"
else:
return check_admin(resource_id)
return "not-admin"
|