Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(public-files): check authz/acl field, then hit arborist as anon … #653

Merged
merged 8 commits into from
Jun 28, 2019
9 changes: 3 additions & 6 deletions fence/blueprints/data/indexd.py
Original file line number Diff line number Diff line change
Expand Up @@ -365,7 +365,9 @@ def metadata(self):

@cached_property
def public(self):
return check_public(self.set_acls)
authz_resources = list(self.set_acls)
authz_resources.extend(self.index_document.get("authz", []))
return "*" in authz_resources or "/open" in authz_resources

@login_required({"data"})
def check_authorization(self, action):
Expand Down Expand Up @@ -827,8 +829,3 @@ def filter_auth_ids(action, list_auth_ids):
if checked_permission in values:
authorized_dbgaps.append(key)
return authorized_dbgaps


def check_public(set_acls):
if "*" in set_acls:
return True