def validate_absolute_path(self, root, absolute_path):
"""Overrides StaticFileHandler's method to include authentication
"""
# Get the filename (or the base directory) of the result
len_prefix = len(commonprefix([root, absolute_path]))
base_requested_fp = absolute_path[len_prefix:].split(sep, 1)[0]
current_user = self.current_user
# If the user is an admin, then allow access
if current_user.level == 'admin':
return super(ResultsHandler, self).validate_absolute_path(
root, absolute_path)
# otherwise, we have to check if they have access to the requested
# resource
user_id = current_user.id
accessible_filepaths = check_access_to_analysis_result(
user_id, base_requested_fp)
# Turn these filepath IDs into absolute paths
db_files_base_dir = get_db_files_base_dir()
relpaths = filepath_ids_to_rel_paths(accessible_filepaths)
accessible_filepaths = {join(db_files_base_dir, relpath)
for relpath in relpaths.values()}
# check if the requested resource is a file (or is in a directory) that
# the user has access to
if join(root, base_requested_fp) in accessible_filepaths:
return super(ResultsHandler, self).validate_absolute_path(
root, absolute_path)
else:
raise QiitaPetAuthorizationError(user_id, absolute_path)
def test_filepath_ids_to_rel_paths(self):
obs = filepath_ids_to_rel_paths([1, 3])
exp = {
1: 'raw_data/1_s_G1_L001_sequences.fastq.gz',
3: 'raw_data/2_sequences.fastq.gz'
}
self.assertEqual(obs, exp)
def validate_absolute_path(self, root, absolute_path):
"""Overrides StaticFileHandler's method to include authentication
"""
# Get the filename (or the base directory) of the result
if root[-1] != '/':
root = "%s/" % root
len_prefix = len(commonprefix([root, absolute_path]))
base_requested_fp = absolute_path[len_prefix:].split(sep, 1)[0]
current_user = self.current_user
# If the user is an admin, then allow access
if current_user.level == 'admin':
return super(ResultsHandler,
self).validate_absolute_path(root, absolute_path)
# otherwise, we have to check if they have access to the requested
# resource
user_id = current_user.id
accessible_filepaths = check_access_to_analysis_result(
user_id, base_requested_fp)
# Turn these filepath IDs into absolute paths
db_files_base_dir = get_db_files_base_dir()
relpaths = filepath_ids_to_rel_paths(accessible_filepaths)
accessible_filepaths = {
join(db_files_base_dir, relpath)
for relpath in relpaths.values()
}
# check if the requested resource is a file (or is in a directory) that
# the user has access to
if join(root, base_requested_fp) in accessible_filepaths:
return super(ResultsHandler,
self).validate_absolute_path(root, absolute_path)
else:
raise QiitaPetAuthorizationError(user_id, absolute_path)
def test_filepath_ids_to_rel_paths(self):
obs = filepath_ids_to_rel_paths([1, 3])
exp = {1: 'raw_data/1_s_G1_L001_sequences.fastq.gz',
3: 'raw_data/2_sequences.fastq.gz'}
self.assertEqual(obs, exp)
def test_filepath_ids_to_rel_paths(self):
obs = filepath_ids_to_rel_paths([1, 3])
exp = {1: "raw_data/1_s_G1_L001_sequences.fastq.gz", 3: "preprocessed_data/1_seqs.fna"}
self.assertEqual(obs, exp)
