def validate_absolute_path(self, root, absolute_path):
"""Overrides StaticFileHandler's method to include authentication
"""
# Get the filename (or the base directory) of the result
len_prefix = len(commonprefix([root, absolute_path]))
base_requested_fp = absolute_path[len_prefix:].split(sep, 1)[0]
current_user = self.current_user
# If the user is an admin, then allow access
if current_user.level == 'admin':
return super(ResultsHandler, self).validate_absolute_path(
root, absolute_path)
# otherwise, we have to check if they have access to the requested
# resource
user_id = current_user.id
accessible_filepaths = check_access_to_analysis_result(
user_id, base_requested_fp)
# Turn these filepath IDs into absolute paths
db_files_base_dir = get_db_files_base_dir()
relpaths = filepath_ids_to_rel_paths(accessible_filepaths)
accessible_filepaths = {join(db_files_base_dir, relpath)
for relpath in relpaths.values()}
# check if the requested resource is a file (or is in a directory) that
# the user has access to
if join(root, base_requested_fp) in accessible_filepaths:
return super(ResultsHandler, self).validate_absolute_path(
root, absolute_path)
else:
raise QiitaPetAuthorizationError(user_id, absolute_path)
def validate_absolute_path(self, root, absolute_path):
"""Overrides StaticFileHandler's method to include authentication
"""
# Get the filename (or the base directory) of the result
if root[-1] != '/':
root = "%s/" % root
len_prefix = len(commonprefix([root, absolute_path]))
base_requested_fp = absolute_path[len_prefix:].split(sep, 1)[0]
current_user = self.current_user
# If the user is an admin, then allow access
if current_user.level == 'admin':
return super(ResultsHandler, self).validate_absolute_path(
root, absolute_path)
# otherwise, we have to check if they have access to the requested
# resource
user_id = current_user.id
accessible_filepaths = check_access_to_analysis_result(
user_id, base_requested_fp)
# Turn these filepath IDs into absolute paths
db_files_base_dir = get_db_files_base_dir()
relpaths = filepath_ids_to_rel_paths(accessible_filepaths)
accessible_filepaths = {join(db_files_base_dir, relpath)
for relpath in relpaths.values()}
# check if the requested resource is a file (or is in a directory) that
# the user has access to
if join(root, base_requested_fp) in accessible_filepaths:
return super(ResultsHandler, self).validate_absolute_path(
root, absolute_path)
else:
raise QiitaPetAuthorizationError(user_id, absolute_path)
def test_check_access_to_analysis_result(self):
obs = check_access_to_analysis_result('*****@*****.**',
'1_job_result.txt')
exp = [12]
self.assertEqual(obs, exp)
def test_check_access_to_analysis_result(self):
obs = check_access_to_analysis_result('*****@*****.**',
'1_job_result.txt')
exp = [12]
self.assertEqual(obs, exp)
def test_check_access_to_analysis_result(self):
obs = check_access_to_analysis_result("*****@*****.**", "1_job_result.txt")
exp = [10]
self.assertEqual(obs, exp)
