def get_authors(config, wsid):
ws = Workspace(url=config.narrative_session.ws_url,
token=config.narrative_session.token)
ws_info = ws.get_workspace_info({"id": wsid})
author_id_list = [ws_info[2]]
other_authors = ws.get_permissions({"id": wsid})
for author in sorted(other_authors.keys()):
if author != "*" and other_authors[author] in [
"w", "a"
] and author not in author_id_list:
author_id_list.append(author)
auth = _KBaseAuth(config.narrative_session.auth_url)
disp_names = auth.get_display_names(config.narrative_session.token,
author_id_list)
author_list = []
for author in author_id_list:
author_list.append({
"id":
author,
"name":
html.escape(disp_names.get(author, author)),
"path":
config.narrative_session.profile_page_url + author
})
return author_list
def verify_public_narrative(workspace_url: str, ws_id: int) -> None:
"""
Raises a PermissionError if the workspace is not public (i.e. user '*' has 'r' access).
Creating a stating Narrative is only permitted on public Narratives.
If the Narrative is public, this returns None.
Raises a WorkspaceError if anything goes wrong with the lookup.
:param workspace_url: str - the workspace endpoint url
:param ws_id: int - the workspace to check
"""
ws_client = Workspace(url=workspace_url)
try:
perms = ws_client.get_permissions({"id": ws_id})
except ServerError as err:
raise WorkspaceError(err, ws_id)
if perms.get("*", "n") not in ["r", "w", "a"]:
err = f"Workspace {ws_id} must be publicly readable to make a Static Narrative"
logging.getLogger("StaticNarrative").error(err)
raise PermissionError(err)
def verify_admin_privilege(workspace_url: str, user_id: str, token: str, ws_id: int) -> None:
"""
Raises PermissionError if the user is not an admin (has 'a' rights) on the Workspace.
Gotta write to the Workspace metadata to create and save a Static Narrative, so this
checks that the user has rights.
If the user has admin rights, this returns None.
Raises a WorkspaceError if anything goes wrong with the permission lookup.
:param workspace_url: str - the workspace endpoint url
:param token: str - the auth token
:param user_id: str - the user id to check. This is expected to be the owner of the
provided token. Not checked, though, since that should be done by the Server module.
:param ws_id: int - the workspace to check
"""
ws_client = Workspace(url=workspace_url, token=token)
try:
perms = ws_client.get_permissions({"id": ws_id})
except ServerError as err:
raise WorkspaceError(err, ws_id)
if user_id not in perms or perms[user_id] != "a":
err = f"User {user_id} does not have admin rights on workspace {ws_id}"
logging.getLogger("StaticNarrative").error(err)
raise PermissionError(err)
