def test_make_signed_url_missing_configuration_key(app, indexd_client):
"""
Test BlankIndex make_signed_url with a missing configuration key
"""
uploader = MagicMock()
current_app = flask.current_app
expected_value = copy.deepcopy(current_app.config)
del expected_value["AZ_BLOB_CONTAINER_URL"]
del expected_value["DATA_UPLOAD_BUCKET"]
indexed_file_location = indexd_client["indexed_file_location"]
with patch.object(current_app, "config", expected_value):
assert current_app.config == expected_value
blank_index = BlankIndex(uploader=uploader)
assert blank_index
with patch(
"fence.blueprints.data.indexd.AzureBlobStorageIndexedFileLocation.get_signed_url"
):
with patch(
"fence.blueprints.data.indexd.S3IndexedFileLocation.get_signed_url"
):
with pytest.raises(InternalError):
signed_url = blank_index.make_signed_url(
file_name="some file name",
protocol=indexed_file_location)
def upload_data_file():
"""
Return a presigned URL for use with uploading a data file.
See the documentation on the entire flow here for more info:
https://github.com/uc-cdis/cdis-wiki/tree/master/dev/gen3/data_upload
"""
# make new record in indexd, with just the `uploader` field (and a GUID)
params = flask.request.get_json()
if not params:
raise UserError("wrong Content-Type; expected application/json")
if "file_name" not in params:
raise UserError("missing required argument `file_name`")
blank_index = BlankIndex(file_name=params["file_name"])
expires_in = flask.current_app.config.get("MAX_PRESIGNED_URL_TTL", 3600)
if "expires_in" in params:
is_valid_expiration(params["expires_in"])
expires_in = min(params["expires_in"], expires_in)
response = {
"guid":
blank_index.guid,
"url":
blank_index.make_signed_url(params["file_name"],
expires_in=expires_in),
}
return flask.jsonify(response), 201
def test_make_signed_url(app, indexd_client):
"""
Test BlankIndex make_signed_url with a missing configuration key
"""
uploader = MagicMock()
indexed_file_location = indexd_client["indexed_file_location"]
blank_index = BlankIndex(uploader=uploader)
assert blank_index
with patch(
"fence.blueprints.data.indexd.AzureBlobStorageIndexedFileLocation.get_signed_url"
):
with patch(
"fence.blueprints.data.indexd.S3IndexedFileLocation.get_signed_url"
):
signed_url = blank_index.make_signed_url(
file_name="some file name", protocol=indexed_file_location)
def upload_data_file():
"""
Return a presigned URL for use with uploading a data file.
See the documentation on the entire flow here for more info:
https://github.com/uc-cdis/cdis-wiki/tree/master/dev/gen3/data_upload
"""
# make new record in indexd, with just the `uploader` field (and a GUID)
params = flask.request.get_json()
if not params:
raise UserError("wrong Content-Type; expected application/json")
if "file_name" not in params:
raise UserError("missing required argument `file_name`")
authorized = False
authz_err_msg = "Auth error when attempting to get a presigned URL for upload. User must have '{}' access on '{}'."
authz = params.get("authz")
uploader = None
if authz:
# if requesting an authz field, using new authorization method which doesn't
# rely on uploader field, so clear it out
uploader = ""
authorized = flask.current_app.arborist.auth_request(
jwt=get_jwt(),
service="fence",
methods=["create", "write-storage"],
resources=authz,
)
if not authorized:
logger.error(authz_err_msg.format("create' and 'write-storage", authz))
else:
# no 'authz' was provided, so fall back on 'file_upload' logic
authorized = flask.current_app.arborist.auth_request(
jwt=get_jwt(),
service="fence",
methods=["file_upload"],
resources=["/data_file"],
)
if not authorized:
logger.error(authz_err_msg.format("file_upload", "/data_file"))
if not authorized:
raise Forbidden(
"You do not have access to upload data. You either need "
"general file uploader permissions or create and write-storage permissions "
"on the authz resources you specified (if you specified any)."
)
blank_index = BlankIndex(
file_name=params["file_name"], authz=params.get("authz"), uploader=uploader
)
default_expires_in = flask.current_app.config.get("MAX_PRESIGNED_URL_TTL", 3600)
expires_in = get_valid_expiration(
params.get("expires_in"),
max_limit=default_expires_in,
default=default_expires_in,
)
response = {
"guid": blank_index.guid,
"url": blank_index.make_signed_url(params["file_name"], expires_in=expires_in),
}
return flask.jsonify(response), 201
