Skip to content

Commit

Permalink
adds restricted access
Browse files Browse the repository at this point in the history
  • Loading branch information
@pcrespov
pcrespov committed Dec 17, 2024
1 parent cfe5d8d commit 818588c
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
8 changes: 6 additions & 2 deletions services/web/server/src/simcore_service_webserver/groups/_groups_repository.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import sqlalchemy as sa
from aiohttp import web
from common_library.groups_enums import GroupType
from common_library.users_enums import UserRole
from models_library.basic_types import IDStr
from models_library.groups import (
AccessRightsDict,
Expand Down Expand Up @@ -499,11 +500,14 @@ async def list_users_in_group(
.select_from(
groups.join(
user_to_groups, user_to_groups.c.gid == groups.c.gid, isouter=True
)
).join(users, users.c.id == user_to_groups.c.uid)
)
.where(
((user_to_groups.c.uid == user_id) & (user_to_groups.c.gid == group_id))
| (groups.c.type == GroupType.PRIMARY) # TODO: at least active users!
| (
(groups.c.type == GroupType.PRIMARY)
& users.c.role.in_([r for r in UserRole if r > UserRole.GUEST])
)
)
)
group_row = result.first()
Expand Down
4 changes: 2 additions & 2 deletions services/web/server/src/simcore_service_webserver/users/_users_repository.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,12 +169,12 @@ async def get_user_or_raise(
assert set(return_column_names).issubset(users.columns.keys()) # nosec

async with pass_or_acquire_connection(engine, connection) as conn:
result = await conn.stream(
result = await conn.execute(
sa.select(*(users.columns[name] for name in return_column_names)).where(
users.c.id == user_id
)
)
row = await result.first()
row = result.first()
if row is None:
raise UserNotFoundError(uid=user_id)
user: dict[str, Any] = row._asdict()
Expand Down

0 comments on commit 818588c

Please sign in to comment.