def get_authors(config, wsid): ws = Workspace(url=config.narrative_session.ws_url, token=config.narrative_session.token) ws_info = ws.get_workspace_info({"id": wsid}) author_id_list = [ws_info[2]] other_authors = ws.get_permissions({"id": wsid}) for author in sorted(other_authors.keys()): if author != "*" and other_authors[author] in [ "w", "a" ] and author not in author_id_list: author_id_list.append(author) auth = _KBaseAuth(config.narrative_session.auth_url) disp_names = auth.get_display_names(config.narrative_session.token, author_id_list) author_list = [] for author in author_id_list: author_list.append({ "id": author, "name": html.escape(disp_names.get(author, author)), "path": config.narrative_session.profile_page_url + author }) return author_list
def verify_public_narrative(workspace_url: str, ws_id: int) -> None: """ Raises a PermissionError if the workspace is not public (i.e. user '*' has 'r' access). Creating a stating Narrative is only permitted on public Narratives. If the Narrative is public, this returns None. Raises a WorkspaceError if anything goes wrong with the lookup. :param workspace_url: str - the workspace endpoint url :param ws_id: int - the workspace to check """ ws_client = Workspace(url=workspace_url) try: perms = ws_client.get_permissions({"id": ws_id}) except ServerError as err: raise WorkspaceError(err, ws_id) if perms.get("*", "n") not in ["r", "w", "a"]: err = f"Workspace {ws_id} must be publicly readable to make a Static Narrative" logging.getLogger("StaticNarrative").error(err) raise PermissionError(err)
def verify_admin_privilege(workspace_url: str, user_id: str, token: str, ws_id: int) -> None: """ Raises PermissionError if the user is not an admin (has 'a' rights) on the Workspace. Gotta write to the Workspace metadata to create and save a Static Narrative, so this checks that the user has rights. If the user has admin rights, this returns None. Raises a WorkspaceError if anything goes wrong with the permission lookup. :param workspace_url: str - the workspace endpoint url :param token: str - the auth token :param user_id: str - the user id to check. This is expected to be the owner of the provided token. Not checked, though, since that should be done by the Server module. :param ws_id: int - the workspace to check """ ws_client = Workspace(url=workspace_url, token=token) try: perms = ws_client.get_permissions({"id": ws_id}) except ServerError as err: raise WorkspaceError(err, ws_id) if user_id not in perms or perms[user_id] != "a": err = f"User {user_id} does not have admin rights on workspace {ws_id}" logging.getLogger("StaticNarrative").error(err) raise PermissionError(err)