access: usedeposit action addition #2906
Conversation
| @@ -558,7 +558,8 @@ | |||
| ('claimpaper_change_others_data', 'Change data of any person ID', '', 'no'), | |||
| ('runbibtasklet', 'run BibTaskLet', '', 'no'), | |||
| ('cfgbibsched', 'configure BibSched', '', 'no'), | |||
| ('runinfomanager', 'run Info Space Manager', '', 'no') | |||
| ('runinfomanager', 'run Info Space Manager', '', 'no'), | |||
| ('usedeposit', 'use deposit type', 'type', 'yes'), | |||
There was a problem hiding this comment.
this line is not needed if you define your own action in https://github.com/inveniosoftware/invenio/pull/2906/files#diff-1917d7fa51639dedef09e17079a8a7cdR25
| @@ -236,6 +246,10 @@ def save(deposition_type=None, uuid=None, draft_id=None): | |||
|
|
|||
| deposition = Deposition.get(uuid, current_user, type=deposition_type) | |||
|
|
|||
| dep_type = deposition_type if deposition_type else Deposition.get_type(uuid) | |||
There was a problem hiding this comment.
def deposition_type_from_request():
"""Return deposition from parsed view arguments."""
return request.view_args.get(
'deposition_type', None
) or (
Deposition.get_type(request.view_args.get('uuid'))
if request.view_args.get('uuid', None) else None
)
|
@jstypka can I ask you to first improve PEP8/PEP257 code style of the files you are going to edit? Thank you in advance |
|
@jirikuncar I've improved style of my code and the files in general. Hope that helps. |
|
@jstypka I think you might want to create new role and authorization similar to: |
|
@jirikuncar I can add it, but shouldn't the roles be specific for a particular Invenio instance? |
|
Just use this: |
jstypka
force-pushed
the
rfc-2724
branch
2 times, most recently
from
4de138b
to
e38ac49
Compare
|
@jirikuncar There you go! |
|
@jstypka it's shaping well. There is one last not addressed point in #2724 (comment). |
| @@ -521,8 +553,29 @@ def __unicode__(self): | |||
| """ Return a name for this class """ | |||
| return self.get_identifier() | |||
|
|
|||
| @classmethod | |||
| def all_authorized(cls, current_user): | |||
There was a problem hiding this comment.
def all_authorized(cls, user_info=None):
user_info = user_info or current_user
...
jstypka
force-pushed
the
rfc-2724
branch
3 times, most recently
from
f8c21b5
to
3c8e030
Compare
|
@jirikuncar I finally decided to go with your initial suggestion for the dict creation. The problem is that the I also made an attempt to implement the cache - please have a look at it, because I'm not sure about some stuff. |
| for collection, auth in zip(deposit_type_cacher.cache, auths): | ||
| if auth[0] == 0: | ||
| ret.append(collection) | ||
| return ret |
There was a problem hiding this comment.
Can you keep the new line character here(\n) (not new empty line \n\n or none \0). Thanks
jstypka
force-pushed
the
rfc-2724
branch
2 times, most recently
from
029e9d7
to
e881964
Compare
|
@jirikuncar so how does it look? Any other remarks? |
|
Can you also mention in commit message that one need to run: cc @kaplun can you confirm that the command arguments work well? Thanks |
|
@jirikuncar done, is it good to go? |
|
@jstypka, @jirikuncar, indeed it's correct. We can skip the |
|
ping @jstypka (#2906 (comment)) |
|
@jirikuncar after resolving rebase conflicts I'm testing the application again. Please have a look at: |
| user_info, | ||
| 'usedeposit', | ||
| batch_args=True, | ||
| type=deposit_type_cacher.cache |
There was a problem hiding this comment.
type=list(deposit_type_cacher.cache)
|
@jstypka please note that there is a failing test |
|
@jstypka you have also left out |
jstypka
force-pushed
the
rfc-2724
branch
2 times, most recently
from
28ccf4b
to
87b26d2
Compare
|
@jirikuncar I think I pushed all the changes that we discussed. Is it fine? |
|
@jstypka the tests are still failing 😞 |
|
@jstypka do you need any help with the failing test? Please let us know if you are working on it. Thanks |
|
@jirikuncar Yes, I am currently trying to figure out why it fails. If I get stuck I'll let you know. |
|
@jstypka I offered my help so please tell me where is the problem or deliver working solution. Thank you! |
|
@jirikuncar I sent you an e-mail few days ago. Basically the cache at the beginning seems to be filled properly, however the UserInfo object that is checked during the test seems to be a blank one - all lists empty, all fields False etc. |
|
@jstypka please use my updated commit from https://github.com/jirikuncar/invenio/tree/2906-fix. Moreover we need to protect also deposit REST API - most importantly https://github.com/inveniosoftware/invenio/blob/master/invenio/modules/deposit/restful.py#L250. |
* NEW Adds usedeposit action which enables per user access restrictions for different deposit types (closes inveniosoftware#2724). * Requires running `webaccessadmin -u admin -c -a -D` command. Signed-off-by: Jan Stypka <jan.stypka@cern.ch>
|
I have fixed the issue with tests (see https://github.com/jirikuncar/invenio/tree/2906-fix) caused by caches in user info object. @jstypka add permission checking to REST API. |
|
Superseded by #3172 |
restrictions for different deposit types. (closes RFC deposit: filter depositions based on user roles #2724)
webaccessadmin -u admin -c -a -Dcommand.Signed-off-by: Jan Stypka jan.stypka@cern.ch
cc @jmartinm @jalavik