Unverified Commit cbe5bd7b authored by Peter Stanko's avatar Peter Stanko
Browse files

Fixes in portal in order to use find by client name

parent 00b22877
......@@ -32,6 +32,7 @@ pylint = "*"
pytest = "*"
pytest-mock = "*"
mock = "*"
responses = "*"
[requires]
python_version = "3.6"
......@@ -160,8 +160,8 @@ def init_dev_data(app: Flask, db: SQLAlchemy):
# components
tomorrow = time.current_time() + timedelta(days=1)
executor = factory.create_worker(name='executor', url='some-url')
executor.secrets.append(Secret('executor_secret', 'executor_secret', tomorrow))
executor = factory.create_worker(name='executor', url='http://localhost:8080')
executor.secrets.append(Secret('executor_secret', 'executor_secret'))
processing = factory.create_worker(name='processing', url='some-url')
processing.secrets.append(Secret('processing_secret', 'processing_secret', tomorrow))
db.session.add_all([executor, processing])
......
import logging
from pathlib import Path
from storage import UploadedEntity
......
......@@ -128,6 +128,9 @@ class Client(db.Model):
return Role.query.filter_by(course=course) \
.join(Role.clients).filter(Client.id == self.id)
def is_self(self, eid) -> bool:
return self.id == eid
class Secret(db.Model):
__tablename__ = 'secret'
......@@ -186,6 +189,9 @@ class User(EntityBase, Client):
'polymorphic_identity': ClientType.USER,
}
def is_self(self, eid):
return super().is_self(eid) or self.username == eid
def set_password(self, password: str):
"""Sets password for the user
Args:
......@@ -983,6 +989,9 @@ class Worker(EntityBase, Client):
'polymorphic_identity': ClientType.WORKER,
}
def is_self(self, eid):
return super().is_self(eid) or self.name == eid
def __init__(self, name: str, url: str):
"""Creates component
Args:
......
......@@ -161,17 +161,16 @@ class RoleUsersList(Resource):
@roles_namespace.response(404, 'Course not found')
@roles_namespace.response(404, 'Role not found')
@roles_namespace.response(404, 'Client not found')
class RoleUser(Resource):
class RoleClient(Resource):
@jwt_required
@roles_namespace.response(204, 'Adds client to role')
def put(self, cid: str, rid: str, clid: str):
course = general.find_course(cid)
# authorization
permissions.PermissionsService(course=course).require.write_roles()
client_type = request.args.get('type')
role = general.find_role(course, rid)
client = general.find_client(clid)
client = general.find_client(clid, client_type=client_type)
RoleService(role).add_client(client)
return '', 204
......
......@@ -363,8 +363,7 @@ users_schema = UserSchema(many=True, only=(
password_change_schema = PasswordChangeSchema()
submission_schema = SubmissionSchema()
submissions_schema = SubmissionSchema(many=True,
only=(
*ALWAYS_ALLOWED, 'state', 'project', 'scheduled_for',
only=(*ALWAYS_ALLOWED, 'state', 'project', 'scheduled_for',
'user')
)
submission_create_schema = SubmissionCreateSchema()
......
......@@ -44,7 +44,7 @@ class WorkerResource(Resource):
# @workers_namespace.response(200, 'Worker', model=worker_schema)
@workers_namespace.response(403, 'Not allowed to access worker')
def get(self, wid: str):
permissions.PermissionsService().require.sysadmin()
permissions.PermissionsService().require.sysadmin_or_self(wid)
worker = general.find_worker(wid)
return worker_schema.dump(worker)[0]
......
......@@ -93,6 +93,7 @@ def find_client() -> Client:
def __find_client_helper(identifier: str) -> Client:
log.debug(f"[LOGIN] Finding client using identifier: {identifier}")
client = find_user(identifier, throws=False)
if not client:
client = find_worker(identifier, throws=False)
......
......@@ -242,18 +242,24 @@ def find_user(identifier: str, throws=True) -> User:
)
def find_client(identifier: str, throws=False) -> Client:
def find_client(identifier: str, throws=False, client_type=None) -> Client:
"""Gets a Client instance
Args:
client_type(str): Client type can be user or worker
identifier(str): Id of the resource
throws(bool): Throws an exception if true
Returns(Client): User entity instance
"""
query = Client.query.filter(
(Client.id == identifier)
)
query = Client.query.filter(Client.id == identifier)
if client_type == 'user':
query = User.query.filter((User.id == identifier) | (User.username == identifier))
elif client_type == 'worker':
query = Worker.query.filter((Worker.id == identifier) | (Worker.name == identifier))
return find_resource(
resource='client',
......
......@@ -5,7 +5,7 @@ Permissions service
import logging
from typing import Union
from portal.database.models import Client, ClientType, Course, Role, User, Worker
from portal.database.models import ClientType, Course, Role, User, Worker
from portal.service import auth, general
from portal.service.errors import ForbiddenError
......@@ -27,7 +27,7 @@ class PermissionServiceCheck:
self.service = service
def sysadmin_or_self(self, eid):
return self.any_check(self.sysadmin(), self.service.client.id == eid)
return self.any_check(self.sysadmin(), self.service.client.is_self(eid))
def sysadmin(self) -> bool:
if self.service.client.type == ClientType.USER:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment