New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
access: usedeposit action addition #2906
Conversation
@@ -558,7 +558,8 @@ | |||
('claimpaper_change_others_data', 'Change data of any person ID', '', 'no'), | |||
('runbibtasklet', 'run BibTaskLet', '', 'no'), | |||
('cfgbibsched', 'configure BibSched', '', 'no'), | |||
('runinfomanager', 'run Info Space Manager', '', 'no') | |||
('runinfomanager', 'run Info Space Manager', '', 'no'), | |||
('usedeposit', 'use deposit type', 'type', 'yes'), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this line is not needed if you define your own action in https://github.com/inveniosoftware/invenio/pull/2906/files#diff-1917d7fa51639dedef09e17079a8a7cdR25
@@ -236,6 +246,10 @@ def save(deposition_type=None, uuid=None, draft_id=None): | |||
|
|||
deposition = Deposition.get(uuid, current_user, type=deposition_type) | |||
|
|||
dep_type = deposition_type if deposition_type else Deposition.get_type(uuid) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
def deposition_type_from_request():
"""Return deposition from parsed view arguments."""
return request.view_args.get(
'deposition_type', None
) or (
Deposition.get_type(request.view_args.get('uuid'))
if request.view_args.get('uuid', None) else None
)
@jstypka can I ask you to first improve PEP8/PEP257 code style of the files you are going to edit? Thank you in advance |
@jirikuncar I've improved style of my code and the files in general. Hope that helps. |
@jstypka I think you might want to create new role and authorization similar to: |
@jirikuncar I can add it, but shouldn't the roles be specific for a particular Invenio instance? |
Just use this: |
4de138b
to
e38ac49
Compare
@jirikuncar There you go! |
@jstypka it's shaping well. There is one last not addressed point in #2724 (comment). |
@@ -521,8 +553,29 @@ def __unicode__(self): | |||
""" Return a name for this class """ | |||
return self.get_identifier() | |||
|
|||
@classmethod | |||
def all_authorized(cls, current_user): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
def all_authorized(cls, user_info=None):
user_info = user_info or current_user
...
f8c21b5
to
3c8e030
Compare
@jirikuncar I finally decided to go with your initial suggestion for the dict creation. The problem is that the I also made an attempt to implement the cache - please have a look at it, because I'm not sure about some stuff. |
for collection, auth in zip(deposit_type_cacher.cache, auths): | ||
if auth[0] == 0: | ||
ret.append(collection) | ||
return ret |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you keep the new line character here(\n
) (not new empty line \n\n
or none \0
). Thanks
029e9d7
to
e881964
Compare
@jirikuncar so how does it look? Any other remarks? |
Can you also mention in commit message that one need to run: cc @kaplun can you confirm that the command arguments work well? Thanks |
@jirikuncar done, is it good to go? |
@jstypka, @jirikuncar, indeed it's correct. We can skip the |
ping @jstypka (#2906 (comment)) |
@jirikuncar after resolving rebase conflicts I'm testing the application again. Please have a look at: |
user_info, | ||
'usedeposit', | ||
batch_args=True, | ||
type=deposit_type_cacher.cache |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
type=list(deposit_type_cacher.cache)
@jstypka please note that there is a failing test
|
@jstypka you have also left out |
28ccf4b
to
87b26d2
Compare
@jirikuncar I think I pushed all the changes that we discussed. Is it fine? |
@jstypka the tests are still failing 😞 |
@jstypka do you need any help with the failing test? Please let us know if you are working on it. Thanks |
@jirikuncar Yes, I am currently trying to figure out why it fails. If I get stuck I'll let you know. |
@jstypka I offered my help so please tell me where is the problem or deliver working solution. Thank you! |
@jirikuncar I sent you an e-mail few days ago. Basically the cache at the beginning seems to be filled properly, however the UserInfo object that is checked during the test seems to be a blank one - all lists empty, all fields False etc. |
@jstypka please use my updated commit from https://github.com/jirikuncar/invenio/tree/2906-fix. Moreover we need to protect also deposit REST API - most importantly https://github.com/inveniosoftware/invenio/blob/master/invenio/modules/deposit/restful.py#L250. |
* NEW Adds usedeposit action which enables per user access restrictions for different deposit types (closes inveniosoftware#2724). * Requires running `webaccessadmin -u admin -c -a -D` command. Signed-off-by: Jan Stypka <jan.stypka@cern.ch>
I have fixed the issue with tests (see https://github.com/jirikuncar/invenio/tree/2906-fix) caused by caches in user info object. @jstypka add permission checking to REST API. |
Superseded by #3172 |
restrictions for different deposit types. (closes RFC deposit: filter depositions based on user roles #2724)
webaccessadmin -u admin -c -a -D
command.Signed-off-by: Jan Stypka jan.stypka@cern.ch
cc @jmartinm @jalavik