From dc5bc302aea67790951dacca3df989fc25017ed5 Mon Sep 17 00:00:00 2001 From: Gavin Date: Thu, 2 Jul 2020 10:01:56 -0700 Subject: [PATCH] Support anon users in get links from sample in core code --- lib/SampleService/core/samples.py | 5 ++--- test/core/samples_test.py | 14 ++++++++++---- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/lib/SampleService/core/samples.py b/lib/SampleService/core/samples.py index 8bf67116..c4c9ef61 100644 --- a/lib/SampleService/core/samples.py +++ b/lib/SampleService/core/samples.py @@ -359,14 +359,14 @@ def expire_data_link(self, user: UserID, duid: DataUnitID, as_admin: bool = Fals def get_links_from_sample( self, - user: UserID, + user: Optional[UserID], sample: SampleAddress, timestamp: datetime.datetime = None, as_admin: bool = False) -> Tuple[List[DataLink], datetime.datetime]: ''' Get a set of data links originating from a sample at a particular time. - :param user: the user requesting the links. + :param user: the user requesting the links or None if the user is anonymous. :param sample: the sample from which the links originate. :param timestamp: the timestamp during which the links should be active, defaulting to the current time. @@ -378,7 +378,6 @@ def get_links_from_sample( :raises NoSuchSampleVersionError: if the sample version does not exist. :raises NoSuchUserError: if the user does not exist. ''' - _not_falsy(user, 'user') _not_falsy(sample, 'sample') timestamp = self._resolve_timestamp(timestamp) self._check_perms(sample.sampleid, user, _SampleAccessType.READ, as_admin=as_admin) diff --git a/test/core/samples_test.py b/test/core/samples_test.py index aa4308b8..18f972c9 100644 --- a/test/core/samples_test.py +++ b/test/core/samples_test.py @@ -1134,6 +1134,7 @@ def test_get_links_from_sample(): _get_links_from_sample(UserID('ur mum')) _get_links_from_sample(UserID('x')) _get_links_from_sample(UserID('noaccess'), True) + _get_links_from_sample(None, True) def _get_links_from_sample(user, public_read=False): @@ -1270,8 +1271,6 @@ def test_get_links_from_sample_fail_bad_args(): sa = SampleAddress(UUID('1234567890abcdef1234567890abcdee'), 3) bt = datetime.datetime.fromtimestamp(1) - _get_links_from_sample_fail(s, None, sa, None, ValueError( - 'user cannot be a value that evaluates to false')) _get_links_from_sample_fail(s, u, None, None, ValueError( 'sample cannot be a value that evaluates to false')) _get_links_from_sample_fail(s, u, sa, bt, ValueError( @@ -1279,6 +1278,13 @@ def test_get_links_from_sample_fail_bad_args(): def test_get_links_from_sample_fail_unauthorized(): + _get_links_from_sample_fail_unauthorized(UserID('z'), UnauthorizedError( + 'User z cannot read sample 12345678-90ab-cdef-1234-567890abcdee')) + _get_links_from_sample_fail_unauthorized(None, UnauthorizedError( + 'Anonymous users cannot read sample 12345678-90ab-cdef-1234-567890abcdee')) + + +def _get_links_from_sample_fail_unauthorized(user, expected): storage = create_autospec(ArangoSampleStorage, spec_set=True, instance=True) lu = create_autospec(KBaseUserLookup, spec_set=True, instance=True) meta = create_autospec(MetadataValidatorSet, spec_set=True, instance=True) @@ -1294,10 +1300,10 @@ def test_get_links_from_sample_fail_unauthorized(): _get_links_from_sample_fail( s, - UserID('z'), + user, SampleAddress(UUID('1234567890abcdef1234567890abcdee'), 3), None, - UnauthorizedError('User z cannot read sample 12345678-90ab-cdef-1234-567890abcdee')) + expected) storage.get_sample_acls.assert_called_once_with(UUID('1234567890abcdef1234567890abcdee'))