Skip to content

Instantly share code, notes, and snippets.

@andreypopp
Created March 3, 2023 09:16
Show Gist options
  • Save andreypopp/aaa9682af6543978f94646595e18ab35 to your computer and use it in GitHub Desktop.
Save andreypopp/aaa9682af6543978f94646595e18ab35 to your computer and use it in GitHub Desktop.
diff --git a/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/management_api.py b/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/management_api.py
index 37187e9ca..ada7b2dc7 100644
--- a/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/management_api.py
+++ b/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/management_api.py
@@ -18,7 +18,7 @@ from rex.graphql import (
class ManagementGraphQLBase(ManagementGraphQLEndpoint):
enable_site_tasks = False
enable_cohort_builder = False
- # access = 'cohort-finder'
+ access = 'cohort-finder'
@classmethod
def create_context(cls, site, db, req):
diff --git a/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/utils.py b/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/utils.py
index a5e6bb740..e42a0408e 100644
--- a/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/utils.py
+++ b/src/client.ash.site_feedback_portal/src/ash/site_feedback_portal/utils.py
@@ -4,7 +4,7 @@ from rex.attach import upload
from .ash_scd.database import pscopg_db_execute
from rex.site_feedback_portal import GetSite
-from rex.web import Authorize
+from rex.web import Authorize, authenticate
SORT_DIRECTION_MAPPING = {
'asc': '+',
@@ -184,7 +184,7 @@ def check_user_permission(user, site, permission) -> bool:
cursor = connection.cursor()
query = """
SELECT id FROM portal_user_permission
- WHERE portal_sfp_user__id = (SELECT id FROM portal_sfp_user WHERE remote_user = (%(user)s) and is_active = 'true')
+ WHERE portal_sfp_user__id = (SELECT id FROM portal_sfp_user WHERE remote_user = (%(user)s) and is_active)
AND portal_permission__id = (SELECT id FROM portal_permission WHERE code = (%(permission)s))
AND portal_site__id = (SELECT id FROM portal_site WHERE code = (%(site_code)s))
AND has_access = true
@@ -204,15 +204,16 @@ def check_user_permission(user, site, permission) -> bool:
class CustomAuthorize(Authorize, GetSite):
def __call__(self, req):
- remote_user, site = self.get_user_site(req)
+ remote_user = authenticate(req)
+ site = req.environ.get('rex.sfp_site')
+ if site is None:
+ raise Exception('expected rex.sfp_site to be in WSGI environ')
print("==============================")
print(remote_user, site)
print("==============================")
if remote_user is None:
return False
- if site is None:
- return False
- return check_user_permission(remote_user, site, self.access)
+ return check_user_permission(remote_user, site.id, self.access)
class SiteDashabordAuthorize(CustomAuthorize):
@@ -222,4 +223,4 @@ class DataSubmissionsAuthorize(CustomAuthorize):
access = 'data-submissions'
class CohortFinderAuthorize(CustomAuthorize):
- access = 'cohort-finder'
\ No newline at end of file
+ access = 'cohort-finder'
diff --git a/src/rex.site_feedback_portal/src/rex/site_feedback_portal/handle.py b/src/rex.site_feedback_portal/src/rex/site_feedback_portal/handle.py
index 9e69f6b80..d28a08493 100644
--- a/src/rex.site_feedback_portal/src/rex/site_feedback_portal/handle.py
+++ b/src/rex.site_feedback_portal/src/rex/site_feedback_portal/handle.py
@@ -65,6 +65,7 @@ class APILocation(HandleLocation, GetSite):
def __call__(self, req):
remote_user, site = self.get_user_site(req)
+ req.environ['rex.sfp_site'] = site
req.path_info_pop()
req.path_info_pop()
return call_site_endpoint(site, req, remote_user)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment