From 4a7b86a5718d444262c2149507b94af09b6433b4 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Fri, 19 May 2023 10:00:31 +0300 Subject: auth: Check for json on authorisation endpoint. Add user data. Ensure the authorisation endpoint expects only JSON. Add the user data to the response from the endpoint. --- gn3/auth/authorisation/data/views.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'gn3/auth/authorisation/data/views.py') diff --git a/gn3/auth/authorisation/data/views.py b/gn3/auth/authorisation/data/views.py index d2bdbf3..b899b83 100644 --- a/gn3/auth/authorisation/data/views.py +++ b/gn3/auth/authorisation/data/views.py @@ -18,6 +18,7 @@ from gn3.db.traits import build_trait_name from gn3.auth import db from gn3.auth.db_utils import with_db_connection +from gn3.auth.authorisation.checks import require_json from gn3.auth.authorisation.errors import InvalidData, NotFoundError from gn3.auth.authorisation.groups.models import group_by_id @@ -28,6 +29,7 @@ from gn3.auth.authorisation.resources.checks import authorised_for from gn3.auth.authorisation.resources.models import ( user_resources, public_resources, attach_resources_data) +from gn3.auth.authentication.users import User from gn3.auth.authentication.oauth2.resource_server import require_oauth from gn3.auth.authorisation.data.phenotypes import link_phenotype_data @@ -45,14 +47,17 @@ def list_species() -> Response: cursor.execute("SELECT * FROM Species") return jsonify(tuple(dict(row) for row in cursor.fetchall())) -@data.route("/authorisation", methods=["GET"]) +@data.route("/authorisation", methods=["POST"]) +@require_json def authorisation() -> Response: """Retrive the authorisation level for datasets/traits for the user.""" db_uri = app.config["AUTH_DB"] privileges = {} + user = User(uuid.uuid4(), "anon@ymous.user", "Anonymous User") with db.connection(db_uri) as auth_conn: try: with require_oauth.acquire("profile group resource") as the_token: + user = the_token.user resources = attach_resources_data( auth_conn, user_resources(auth_conn, the_token.user)) resources_roles = user_resource_roles(auth_conn, the_token.user) @@ -77,7 +82,7 @@ def authorisation() -> Response: raise exc from None # Access endpoint with somethin like: - # curl -X GET http://127.0.0.1:8080/api/oauth2/data/authorisation \ + # curl -X POST http://127.0.0.1:8080/api/oauth2/data/authorisation \ # -H "Content-Type: application/json" \ # -d '{"traits": ["HC_M2_0606_P::1442370_at", "BXDGeno::01.001.695", # "BXDPublish::10001"]}' @@ -118,7 +123,9 @@ def authorisation() -> Response: return f"{dataset_type}::{dataset_name}::{trait['trait_name']}" return f"{dataset_type}::{dataset_name}" - return jsonify(tuple( + return jsonify({ + "user": user._asdict(), + "trait_privileges": tuple( { **{key:trait[key] for key in ("trait_fullname", "trait_name")}, "dataset_name": trait["db"]["dataset_name"], @@ -130,7 +137,7 @@ def authorisation() -> Response: tuple()) } for trait in (build_trait_name(trait_fullname) - for trait_fullname in traits_names))) + for trait_fullname in traits_names))}) def __search_mrna__(): query = __request_key__("query", "") -- cgit v1.2.3