1+ import asyncio
12import base64
23import requests
34import logging
@@ -88,15 +89,16 @@ def __init__(self, token, allow_anonymous=False):
8889 self ._teams = None
8990 self ._collab_info = {}
9091 self ._connection_error = False
92+ self .username = None
9193
9294 @property
9395 def is_anonymous (self ):
9496 return self .token is None or self .token .credentials == "undefined"
9597
96- async def get_identity (self ):
98+ def get_identity (self ):
9799 if self ._identity is None :
98100 payload = _decode_jwt_payload (self .token .credentials )
99- username = payload .get ("preferred_username" , "unknown" )
101+ username = payload .get ("preferred_username" , None )
100102 self ._identity = {
101103 "sub" : payload ["sub" ],
102104 "id" : payload ["sub" ],
@@ -105,19 +107,45 @@ async def get_identity(self):
105107 "given_name" : payload .get ("given_name" , "" ),
106108 "family_name" : payload .get ("family_name" , "" ),
107109 }
110+ self .username = username
108111 return self ._identity
109112
110113 async def get_teams (self ):
111114 if self ._teams is None :
112- identity = await self .get_identity ()
115+ identity = self .get_identity ()
113116 url = f"{ settings .EBRAINS_IDM_API_URL }
114117 headers = {"Authorization" : f"Bearer { self .token .credentials } }
115118 params = {"username" : identity ["username" ]}
116119 async with AsyncClient () as client :
117120 res = await client .get (url , headers = headers , params = params ,
118121 timeout = settings .AUTHENTICATION_TIMEOUT )
119122 res .raise_for_status ()
120- self ._teams = [t ["name" ] for t in res .json () if isinstance (t , dict ) and "name" in t ]
123+ self ._teams = []
124+ collab_names = set (
125+ item ["name" ] for item in res .json ()
126+ if not (
127+ item ["name" ].startswith ("d-" ) # ignore dataset collabs
128+ or item ["name" ].startswith ("nmc-test" ) # ignore NMC test collabs
129+ )
130+ )
131+ for role in ("administrator" , "editor" ):
132+ for collab_name in collab_names .copy ():
133+ roles_url = f"{ settings .EBRAINS_IDM_API_URL } { collab_name } { role }
134+ # todo: get groups as well and check for group membership
135+ async with AsyncClient () as client :
136+ res2 = await client .get (roles_url , headers = headers ,
137+ timeout = settings .AUTHENTICATION_TIMEOUT )
138+ res2 .raise_for_status () # do we want to raise an exception, or just log an error?
139+ # for robustness, perhaps just log
140+ for user in res2 .json ():
141+ if self .username == user ["username" ]:
142+ self ._teams .append (f"collab-{ collab_name } { role } )
143+ collab_names .discard (collab_name )
144+ print (collab_name )
145+ break
146+ # we assume user must have viewer permissions for any collab still in collab_names
147+ for collab_name in collab_names :
148+ self ._teams .append (f"collab-{ collab_name } )
121149 return self ._teams
122150
123151 async def get_collab_info (self , collab_id ):
@@ -134,8 +162,8 @@ async def get_collab_info(self, collab_id):
134162 self ._collab_info [collab_id ] = {}
135163 return self ._collab_info [collab_id ]
136164
137- async def get_person (self , kg_client ):
138- identity = await self .get_identity ()
165+ def get_person (self , kg_client ):
166+ identity = self .get_identity ()
139167 family_name = identity ["family_name" ]
140168 given_name = identity ["given_name" ]
141169 person = omcore .Person .list (kg_client , family_name = family_name , given_name = given_name , release_status = "any" )
@@ -195,12 +223,3 @@ async def can_edit_collab(self, collab_id):
195223 async def is_admin (self ):
196224 return await self .can_edit_collab (settings .ADMIN_COLLAB_ID )
197225 # todo: replace this check with a group membership check
198-
199- async def get_editable_collabs (self ):
200- teams = await self .get_teams ()
201- editable_collab_ids = set ()
202- for team_name in teams :
203- if team_name .endswith ("-editor" ) or team_name .endswith ("-administrator" ):
204- collab_id = "-" .join (team_name .split ("-" )[1 :- 1 ])
205- editable_collab_ids .add (collab_id )
206- return sorted (editable_collab_ids )
0 commit comments