diff --git a/ingest_openapi.yaml b/ingest_openapi.yaml index 98e990c..9e535b4 100644 --- a/ingest_openapi.yaml +++ b/ingest_openapi.yaml @@ -317,18 +317,6 @@ paths: application/json: schema: type: object - /user/self/authorize: - get: - summary: List own program authorizations - description: List authorizations for programs for the authenticated user - operationId: ingest_operations.list_programs_for_self - responses: - 200: - description: Success - content: - application/json: - schema: - type: object /user/{user_id}/authorize: parameters: - in: path @@ -336,6 +324,7 @@ paths: schema: type: string required: true + description: The user ID to check. If "me", return information about the requesting user get: summary: List program authorizations description: List authorizations for programs for a user diff --git a/ingest_operations.py b/ingest_operations.py index 062c8a9..951d2aa 100644 --- a/ingest_operations.py +++ b/ingest_operations.py @@ -362,29 +362,34 @@ def clear_pending_users(): # DAC authorization for users #### -@app.route('/user/self/authorize') -def list_programs_for_self(): - token = connexion.request.headers['Authorization'].split("Bearer ")[1] +def list_programs_for_self(token): response, status_code = auth.get_self_in_opa(token) if status_code == 404: # We next check if the user is pending response, status_code = auth.is_self_pending(token) # NB: The results is a string if unauthorized or pending, and a list otherwise - return {"results": "Pending" if response else "Unauthorized"}, status_code + return "Pending" if response else "Unauthorized", status_code print(response) # NB: The results is a list if authorized, and a string otherwise - return {"results": list(response["programs"].values())}, status_code + return list(response["programs"].values()), status_code @app.route('/user//authorize') def list_programs_for_user(user_id): token = connexion.request.headers['Authorization'].split("Bearer ")[1] - user_name = urllib.parse.unquote_plus(user_id) - response, status_code = auth.get_user_in_opa(user_name, token) - if status_code != 200: - return response, status_code + response = "" + status_code = 0 + if user_id == "me": + # Grab the user's own authorization + response, status_code = list_programs_for_self(token) + else: + user_name = urllib.parse.unquote_plus(user_id) + response, status_code = auth.get_user_in_opa(user_name, token) + if status_code != 200: + return response, status_code + response = list(response["programs"].values()) print(response) - return {"results": list(response["programs"].values())}, status_code + return {"results": response}, status_code @app.route('/user//authorize')