Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add possibility of registered access for file download #544

Merged
merged 22 commits into from
Apr 24, 2019
Merged

Add possibility of registered access for file download #544

merged 22 commits into from
Apr 24, 2019

Conversation

talavis
Copy link
Contributor

@talavis talavis commented Apr 18, 2019

Describe the pull request:

  • Bug fix
  • Functional change
  • New feature
  • Code cleanup
  • Build system change
  • Documentation change
  • Language translation

Pull request long description:

Make it possible to skip the Access requested/Access granted step for datasets that have file_access set to Registered. Registering an account will be enough for access. File access have been updated as well.

Changes made:

User.has_access now checks the property of file_access as well. Function calls updated to include version as parameter.

Related issues:

The file uris in the database table data.dataset_files must be updated to include /versions/<ds_version>/ to support the changes made here.

note: /versions/ matches the other API paths in backend/route.py, but backend/modules/browser/route.py and the frontend are using /version/. Maybe change the API paths for all entries in backend/route.py to /version instead?

@talavis
Update db.py with new columns for access.
9ef17f6
@talavis
add file_access check to has_access()
ce9294d
@talavis
change file_access in load_dummy_data to Controlled to maintain earli…
6f02a5d 
…er behaviour
@talavis
dataset is a Dataset object, not a string
4f2c6e2
@talavis
rename version to ds_version
f7f4cce
@talavis
add support for version
bf96126
@talavis
version is called versions for the base routes; collection needs vers…
cc2eeed 
…ion support
@talavis
collection needs version
5a0fb9e
@talavis
support version check for authhandler
9386779
@talavis
not a variable name
efd5c8b
@talavis
better to receive string then Database object
8c79abc
@talavis
change back from string to database
4c84632
@talavis
seems to fix dl permissions
599f62e
@talavis
include version in dataset has_access check
5e9beac
@talavis
return after send_error
edb38bd
@talavis
add version check to file handler
ff7e108
@talavis
Error handling for missing file.
65aad54 
Also a few missing returns after send_error.
@talavis
send_error should be self.send_error
fc805d7
@talavis
Copy link
Contributor Author

talavis commented Apr 23, 2019

Bypassing security using /versions/ should be fixed.

@viklund viklund merged commit 3d02a9a into develop Apr 24, 2019
@viklund viklund deleted the feature/registered-access branch April 24, 2019 13:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@viklund viklund viklund approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@talavis @viklund