Skip to content

Commit b397622

Browse files
pcrespovpcrespov
committed
minor
1 parent 2350f9a commit b397622

File tree

2 files changed

+14
-7
lines changed

2 files changed

+14
-7
lines changed

services/catalog/src/simcore_service_catalog/core/background_tasks.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,8 @@ def _by_version(t: tuple[ServiceKey, ServiceVersion]) -> Version:
8888
service_access_rights
8989
)
9090

91+
# TODO: if icon is not set, use the icon from previous version
92+
9193
# set the service in the DB
9294
await services_repo.create_or_update_service(
9395
ServiceMetaDataDBCreate(

services/catalog/src/simcore_service_catalog/service/access_rights.py

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,6 @@ async def evaluate_default_policy(
5252
2. Services published after 19.08.2020 will be visible ONLY to his/her owner
5353
3. Front-end services are have execute-access to everyone
5454
55-
5655
Raises:
5756
HTTPException: from calls to director's rest API. Maps director errors into catalog's server error
5857
SQLAlchemyError: from access to pg database
@@ -64,13 +63,17 @@ async def evaluate_default_policy(
6463
owner_gid = None
6564
group_ids: list[PositiveInt] = []
6665

66+
# 1. If service is old or frontend, we add the everyone group
6767
if _is_frontend_service(service) or await _is_old_service(app, service):
6868
everyone_gid = (await groups_repo.get_everyone_group()).gid
69-
_logger.debug("service %s:%s is old or frontend", service.key, service.version)
70-
# let's make that one available to everyone
71-
group_ids.append(everyone_gid)
69+
group_ids.append(everyone_gid) # let's make that one available to everyone
70+
_logger.debug(
71+
"service %s:%s is old or frontend. Set available to everyone",
72+
service.key,
73+
service.version,
74+
)
7275

73-
# try to find the owner
76+
# 2. Deducing the owner gid
7477
possible_owner_email = [service.contact] + [
7578
author.email for author in service.authors
7679
]
@@ -84,14 +87,16 @@ async def evaluate_default_policy(
8487
else:
8588
group_ids.append(owner_gid)
8689

87-
# we add the owner with full rights, unless it's everyone
90+
# 3. Aplying default access rights
8891
default_access_rights = [
8992
ServiceAccessRightsDB(
9093
key=service.key,
9194
version=service.version,
9295
gid=gid,
9396
execute_access=True,
94-
write_access=(gid == owner_gid),
97+
write_access=(
98+
gid == owner_gid
99+
), # we add the owner with full rights, unless it's everyone
95100
product_name=app.state.default_product_name,
96101
)
97102
for gid in set(group_ids)

0 commit comments

Comments
 (0)