Skip to content

Commit 5eb4e9a

Browse files
wvangeitwvangeit
committed
Fix some duplicate code
1 parent b4d3cfa commit 5eb4e9a

File tree

2 files changed

+25
-114
lines changed

2 files changed

+25
-114
lines changed

services/web/server/src/simcore_service_webserver/functions/_functions_repository.py

Lines changed: 22 additions & 111 deletions
Original file line numberDiff line numberDiff line change
@@ -326,12 +326,14 @@ async def get_function(
326326
function_id: FunctionID,
327327
) -> RegisteredFunctionDB:
328328
async with pass_or_acquire_connection(get_asyncpg_engine(app), connection) as conn:
329-
await check_user_api_access_rights(
329+
await check_user_permissions(
330330
app,
331331
connection=conn,
332332
user_id=user_id,
333333
product_name=product_name,
334-
api_access_rights=[FunctionsApiAccessRights.READ_FUNCTIONS],
334+
object_id=function_id,
335+
object_type="function",
336+
permissions=["read"],
335337
)
336338

337339
result = await conn.execute(
@@ -341,19 +343,7 @@ async def get_function(
341343

342344
if row is None:
343345
raise FunctionIDNotFoundError(function_id=function_id)
344-
registered_function = RegisteredFunctionDB.model_validate(row)
345-
346-
await check_user_permissions(
347-
app,
348-
connection=conn,
349-
user_id=user_id,
350-
product_name=product_name,
351-
object_id=function_id,
352-
object_type="function",
353-
permissions=["read"],
354-
)
355-
356-
return registered_function
346+
return RegisteredFunctionDB.model_validate(row)
357347

358348

359349
async def list_functions(
@@ -499,13 +489,6 @@ async def get_function_job_status(
499489
object_id=function_job_id,
500490
permissions=["read"],
501491
)
502-
await check_user_api_access_rights(
503-
app,
504-
connection=conn,
505-
user_id=user_id,
506-
product_name=product_name,
507-
api_access_rights=[FunctionsApiAccessRights.READ_FUNCTION_JOBS],
508-
)
509492

510493
result = await conn.execute(
511494
function_jobs_table.select().where(
@@ -538,13 +521,6 @@ async def get_function_job_outputs(
538521
object_id=function_job_id,
539522
permissions=["read"],
540523
)
541-
await check_user_api_access_rights(
542-
app,
543-
connection=conn,
544-
user_id=user_id,
545-
product_name=product_name,
546-
api_access_rights=[FunctionsApiAccessRights.READ_FUNCTION_JOBS],
547-
)
548524

549525
result = await conn.execute(
550526
function_jobs_table.select().where(
@@ -579,14 +555,6 @@ async def update_function_job_status(
579555
permissions=["write"],
580556
)
581557

582-
await check_user_api_access_rights(
583-
app,
584-
connection=transaction,
585-
user_id=user_id,
586-
product_name=product_name,
587-
api_access_rights=[FunctionsApiAccessRights.WRITE_FUNCTION_JOBS],
588-
)
589-
590558
result = await transaction.execute(
591559
function_jobs_table.update()
592560
.where(function_jobs_table.c.uuid == function_job_id)
@@ -621,14 +589,6 @@ async def update_function_job_outputs(
621589
permissions=["write"],
622590
)
623591

624-
await check_user_api_access_rights(
625-
app,
626-
connection=transaction,
627-
user_id=user_id,
628-
product_name=product_name,
629-
api_access_rights=[FunctionsApiAccessRights.WRITE_FUNCTION_JOBS],
630-
)
631-
632592
result = await transaction.execute(
633593
function_jobs_table.update()
634594
.where(function_jobs_table.c.uuid == function_job_id)
@@ -761,17 +721,6 @@ async def delete_function(
761721
function_id: FunctionID,
762722
) -> None:
763723
async with transaction_context(get_asyncpg_engine(app), connection) as transaction:
764-
await check_user_api_access_rights(
765-
app,
766-
connection=transaction,
767-
user_id=user_id,
768-
product_name=product_name,
769-
api_access_rights=[
770-
FunctionsApiAccessRights.READ_FUNCTIONS,
771-
FunctionsApiAccessRights.WRITE_FUNCTIONS,
772-
],
773-
)
774-
775724
await check_user_permissions(
776725
app,
777726
connection=transaction,
@@ -807,25 +756,14 @@ async def update_function(
807756
function: FunctionUpdate,
808757
) -> RegisteredFunctionDB:
809758
async with transaction_context(get_asyncpg_engine(app), connection) as transaction:
810-
await check_user_api_access_rights(
811-
app,
812-
connection=transaction,
813-
user_id=user_id,
814-
product_name=product_name,
815-
api_access_rights=[
816-
FunctionsApiAccessRights.READ_FUNCTIONS,
817-
FunctionsApiAccessRights.WRITE_FUNCTIONS,
818-
],
819-
)
820-
821759
await check_user_permissions(
822760
app,
823761
transaction,
824762
user_id=user_id,
825763
product_name=product_name,
826764
object_id=function_id,
827765
object_type="function",
828-
permissions=["write"],
766+
permissions=["read", "write"],
829767
)
830768

831769
result = await transaction.execute(
@@ -851,13 +789,6 @@ async def get_function_job(
851789
function_job_id: FunctionID,
852790
) -> RegisteredFunctionJobDB:
853791
async with pass_or_acquire_connection(get_asyncpg_engine(app), connection) as conn:
854-
await check_user_api_access_rights(
855-
app,
856-
connection=conn,
857-
user_id=user_id,
858-
product_name=product_name,
859-
api_access_rights=[FunctionsApiAccessRights.READ_FUNCTION_JOBS],
860-
)
861792
await check_user_permissions(
862793
app,
863794
connection=conn,
@@ -890,16 +821,6 @@ async def delete_function_job(
890821
function_job_id: FunctionID,
891822
) -> None:
892823
async with transaction_context(get_asyncpg_engine(app), connection) as transaction:
893-
await check_user_api_access_rights(
894-
app,
895-
connection=transaction,
896-
user_id=user_id,
897-
product_name=product_name,
898-
api_access_rights=[
899-
FunctionsApiAccessRights.READ_FUNCTION_JOBS,
900-
FunctionsApiAccessRights.WRITE_FUNCTION_JOBS,
901-
],
902-
)
903824
await check_user_permissions(
904825
app,
905826
connection=transaction,
@@ -938,14 +859,6 @@ async def find_cached_function_jobs(
938859
inputs: FunctionInputs,
939860
) -> list[RegisteredFunctionJobDB] | None:
940861
async with pass_or_acquire_connection(get_asyncpg_engine(app), connection) as conn:
941-
await check_user_api_access_rights(
942-
app,
943-
connection=conn,
944-
user_id=user_id,
945-
product_name=product_name,
946-
api_access_rights=[FunctionsApiAccessRights.READ_FUNCTION_JOBS],
947-
)
948-
949862
jobs: list[RegisteredFunctionJobDB] = []
950863
async for row in await conn.stream(
951864
function_jobs_table.select().where(
@@ -984,13 +897,6 @@ async def get_function_job_collection(
984897
function_job_collection_id: FunctionID,
985898
) -> tuple[RegisteredFunctionJobCollectionDB, list[FunctionJobID]]:
986899
async with pass_or_acquire_connection(get_asyncpg_engine(app), connection) as conn:
987-
await check_user_api_access_rights(
988-
app,
989-
connection=conn,
990-
user_id=user_id,
991-
product_name=product_name,
992-
api_access_rights=[FunctionsApiAccessRights.READ_FUNCTION_JOB_COLLECTIONS],
993-
)
994900
await check_user_permissions(
995901
app,
996902
connection=conn,
@@ -1038,16 +944,6 @@ async def delete_function_job_collection(
1038944
function_job_collection_id: FunctionID,
1039945
) -> None:
1040946
async with transaction_context(get_asyncpg_engine(app), connection) as transaction:
1041-
await check_user_api_access_rights(
1042-
app,
1043-
connection=transaction,
1044-
user_id=user_id,
1045-
product_name=product_name,
1046-
api_access_rights=[
1047-
FunctionsApiAccessRights.READ_FUNCTION_JOB_COLLECTIONS,
1048-
FunctionsApiAccessRights.WRITE_FUNCTION_JOB_COLLECTIONS,
1049-
],
1050-
)
1051947
await check_user_permissions(
1052948
app,
1053949
connection=transaction,
@@ -1304,6 +1200,21 @@ async def check_user_permissions(
13041200
object_type: Literal["function", "function_job", "function_job_collection"],
13051201
permissions: list[Literal["read", "write", "execute"]],
13061202
) -> bool:
1203+
1204+
api_access_rights = [
1205+
getattr(
1206+
FunctionsApiAccessRights, f"{permission.upper()}_{object_type.upper()}S"
1207+
)
1208+
for permission in permissions
1209+
]
1210+
await check_user_api_access_rights(
1211+
app,
1212+
connection=connection,
1213+
user_id=user_id,
1214+
product_name=product_name,
1215+
api_access_rights=api_access_rights,
1216+
)
1217+
13071218
user_permissions = await get_user_permissions(
13081219
app,
13091220
connection=connection,
@@ -1390,6 +1301,6 @@ async def check_user_api_access_rights(
13901301

13911302
for api_access_right in api_access_rights:
13921303
if not getattr(user_api_access_rights, api_access_right):
1393-
raise _ERRORS_MAP[api_access_right]
1304+
raise _ERRORS_MAP[api_access_right](user_id=user_id)
13941305

13951306
return True

services/web/server/tests/unit/with_dbs/04/functions_rpc/test_functions_controller_rpc.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
from models_library.functions_errors import (
1919
FunctionIDNotFoundError,
2020
FunctionReadAccessDeniedError,
21-
FunctionsReadApiAccessDeniedError,
21+
FunctionsWriteApiAccessDeniedError,
2222
FunctionWriteAccessDeniedError,
2323
)
2424
from models_library.products import ProductName
@@ -98,7 +98,7 @@ async def test_register_get_delete_function(
9898
product_name=osparc_product_name,
9999
)
100100

101-
with pytest.raises(FunctionsReadApiAccessDeniedError):
101+
with pytest.raises(FunctionsWriteApiAccessDeniedError):
102102
# Attempt to delete the function in another product
103103
await functions_rpc.delete_function(
104104
rabbitmq_rpc_client=rpc_client,
@@ -375,7 +375,7 @@ async def test_update_function_title(
375375
# Update the function's title by other user
376376
updated_title = "Updated Function Title by Other User"
377377
registered_function.title = updated_title
378-
with pytest.raises(FunctionWriteAccessDeniedError):
378+
with pytest.raises(FunctionReadAccessDeniedError):
379379
updated_function = await functions_rpc.update_function_title(
380380
rabbitmq_rpc_client=rpc_client,
381381
function_id=registered_function.uid,

0 commit comments

Comments
 (0)