Skip to content

Adding admin dependency in authorization of dataset,files, metadata,search #819

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
longshuicy merged 16 commits into from
Dec 1, 2023
Merged

Adding admin dependency in authorization of dataset,files, metadata,search #819

longshuicy merged 16 commits into from
Dec 1, 2023

Conversation

@ddey2
Copy link
Member

@ddey2 ddey2 commented Nov 1, 2023
edited
Loading

For testing, please use endpoints on Postman or Clowder UI. Both should work.

@ddey2 ddey2 requested review from lmarini and tcnichol November 1, 2023 18:22
@ddey2 ddey2 linked an issue Nov 1, 2023 that may be closed by this pull request
Add admin dependency in all functions #817
Closed
@ddey2 ddey2 added enhancement New feature or request backend Backend specific (Python) labels Nov 1, 2023
@ddey2 ddey2 marked this pull request as draft November 1, 2023 20:55
@ddey2 ddey2 marked this pull request as ready for review November 1, 2023 21:35
@ddey2
Copy link
Member Author

ddey2 commented Nov 2, 2023

Hold on to review this one. I need to do some testing.

@ddey2 ddey2 marked this pull request as draft November 2, 2023 15:26
@ddey2 ddey2 marked this pull request as ready for review November 2, 2023 18:44
Base automatically changed from 803-basic-implementation-for-admin to main November 8, 2023 16:29
longshuicy
longshuicy reviewed Nov 13, 2023
View reviewed changes
lmarini
lmarini previously requested changes Nov 13, 2023
View reviewed changes
Copy link
Member

@lmarini lmarini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The line return DatasetDB.creator.email == current_username.email at authentication.py:100 is returning {'creator.email': '<current user email address>'} for some reason, which in turn is making all the if admin statements true, even if the user is not admin.

@ddey2 ddey2 requested review from lmarini and longshuicy November 13, 2023 21:40
@tcnichol
Copy link
Contributor

tcnichol commented Nov 27, 2023

Question on this one.

I have 2 users in my db right now. One is an admin, and one is not.

If I create a dataset with the non-admin user and upload files, the admin sees the dataset under explore, but when they click the dataset they do not see the files.

But if I download the dataset, they are downloaded.

If I try to access one of the files directly, this error is in the console:

6565073147e9aeb9a3876b75:1 Access to fetch at 'http://localhost:8000/api/v2/authorizations/files/6565073147e9aeb9a3876b75/role' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

@ddey2
Copy link
Member Author

ddey2 commented Nov 30, 2023

@tcnichol Could you check the same issue here in this branch? #834
I see that you approved that PR. If we can merge the other one, it should be taken care of in this branch and we can merge it to main then. The super-admin branch contains a lot of other change too on top of this one which takes care of a lot of the functionalities.

tcnichol
tcnichol approved these changes Nov 30, 2023
View reviewed changes
Copy link
Contributor

@tcnichol tcnichol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good. other admin features in another pull request, also approved.

longshuicy
longshuicy requested changes Nov 30, 2023
View reviewed changes
Copy link
Member

@longshuicy longshuicy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test a few scenarios all works:

  • Admin seeing other person's resources
  • Admin search
  • Non-Admin see resources only through sharing
  • etc

If you fix the merge conflict we can merge :-)

@ddey2
Copy link
Member Author

ddey2 commented Dec 1, 2023

Test a few scenarios all works:

  • Admin seeing other person's resources
  • Admin search
  • Non-Admin see resources only through sharing
  • etc

If you fix the merge conflict we can merge :-)

done

@ddey2 ddey2 requested a review from longshuicy December 1, 2023 04:28
@longshuicy longshuicy dismissed lmarini’s stale review December 1, 2023 15:28

It's been addressed by Dipannita

@longshuicy longshuicy merged commit 3e71882 into main Dec 1, 2023
@longshuicy longshuicy deleted the 817-add-admin-dependency branch December 1, 2023 15:28
@lmarini lmarini mentioned this pull request Jun 4, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@longshuicy longshuicy longshuicy approved these changes

@tcnichol tcnichol tcnichol approved these changes

@max-zilla max-zilla Awaiting requested review from max-zilla max-zilla is a code owner

@lmarini lmarini Awaiting requested review from lmarini

Assignees

No one assigned

Labels

backend Backend specific (Python) enhancement New feature or request

Projects

Clowder v2 Sprints
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add admin dependency in all functions

5 participants

@ddey2 @tcnichol @lmarini @longshuicy