Merge pull request 'master' (#466) from master into Docker
Reviewed-on: #466
This commit is contained in:
commit
303583daa1
@ -51,7 +51,7 @@ class APIUserToken(models.Model):
|
|||||||
if token_obj.valid_until is not None and token_obj.valid_until < _today:
|
if token_obj.valid_until is not None and token_obj.valid_until < _today:
|
||||||
raise PermissionError("Token validity expired")
|
raise PermissionError("Token validity expired")
|
||||||
except ObjectDoesNotExist:
|
except ObjectDoesNotExist:
|
||||||
raise PermissionError("Credentials invalid")
|
raise PermissionError("Token unknown")
|
||||||
return token_obj.user
|
return token_obj.user
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -50,14 +50,19 @@ class AbstractAPIView(View):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
try:
|
||||||
# Fetch the proper user from the given request header token
|
# Fetch the proper user from the given request header token
|
||||||
ksp_token = request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None)
|
token = request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None)
|
||||||
ksp_user = request.headers.get(KSP_USER_HEADER_IDENTIFIER, None)
|
ksp_user = request.headers.get(KSP_USER_HEADER_IDENTIFIER, None)
|
||||||
token_user = APIUserToken.get_user_from_token(ksp_token)
|
|
||||||
|
|
||||||
if ksp_user != token_user.username:
|
if not token and not ksp_user:
|
||||||
|
bearer_token = request.headers.get("authorization", None)
|
||||||
|
if not bearer_token:
|
||||||
|
raise PermissionError("No token provided")
|
||||||
|
token = bearer_token.split(" ")[1]
|
||||||
|
|
||||||
|
token_user = APIUserToken.get_user_from_token(token)
|
||||||
|
if ksp_user and ksp_user != token_user.username:
|
||||||
raise PermissionError(f"Invalid token for {ksp_user}")
|
raise PermissionError(f"Invalid token for {ksp_user}")
|
||||||
else:
|
self.user = token_user
|
||||||
self.user = token_user
|
|
||||||
|
|
||||||
request.user = self.user
|
request.user = self.user
|
||||||
if not self.user.is_default_user():
|
if not self.user.is_default_user():
|
||||||
|
|||||||
@ -82,8 +82,8 @@ class Command(BaseKonovaCommand):
|
|||||||
atom_id = element.find("atomid").text
|
atom_id = element.find("atomid").text
|
||||||
selectable = element.find("selectable").text.lower()
|
selectable = element.find("selectable").text.lower()
|
||||||
selectable = bool_map.get(selectable, False)
|
selectable = bool_map.get(selectable, False)
|
||||||
short_name = element.find("shortname").text
|
short_name = element.find("shortname").text or ""
|
||||||
long_name = element.find("longname").text
|
long_name = element.find("longname").text or ""
|
||||||
is_archived = bool_map.get((element.find("archive").text.lower()), False)
|
is_archived = bool_map.get((element.find("archive").text.lower()), False)
|
||||||
|
|
||||||
code = KonovaCode.objects.get_or_create(
|
code = KonovaCode.objects.get_or_create(
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user