From 19a5d8ab39475d737385e104ae4e6eec7c893508 Mon Sep 17 00:00:00 2001 From: Mahfouz Date: Fri, 26 Apr 2024 13:48:00 +0100 Subject: [PATCH] Made study privacy check more explicit --- config/local-lite.yml | 2 ++ emgapianns/management/lib/create_or_update_study.py | 12 +++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/config/local-lite.yml b/config/local-lite.yml index 0162f7cbd..346e4b9a6 100644 --- a/config/local-lite.yml +++ b/config/local-lite.yml @@ -10,6 +10,8 @@ emg: ENGINE: 'django.db.backends.sqlite3' NAME: '/opt/ci/testdbs/ena-testdb.sqlite' ERA_TABLESPACE_PREFIX: '' + ena_api_password: None + admin: True downloads_bypass_nginx: True diff --git a/emgapianns/management/lib/create_or_update_study.py b/emgapianns/management/lib/create_or_update_study.py index 4efb03922..3cbc71e9c 100644 --- a/emgapianns/management/lib/create_or_update_study.py +++ b/emgapianns/management/lib/create_or_update_study.py @@ -29,6 +29,7 @@ update_or_create_publication, ) from emgapianns.management.lib import utils +from emgcli.settings import EMG_CONF from emgena import models as ena_models from emgena.models import RunStudy, AssemblyStudy @@ -165,6 +166,9 @@ def _update_or_create_study_from_db_result( ) hold_date = ena_study.hold_date + ena_api_password = EMG_CONF['emg']['ena_api_password'] + if ena_api_password is None: + logging.warning("ENA API password is missing. Study ownership cannot be verified.") try: study_is_public = self.check_if_study_is_public(secondary_study_accession) if study_is_public: @@ -303,9 +307,11 @@ def check_if_study_is_public(self, study_id): def verify_study_ownership(self, study_id, submission_account_id): url = f"{'https://www.ebi.ac.uk/ena/submit/report/studies'}/{study_id}" - # TODO: fetch password from env - generic_password = 'Where to store Password ?' - auth_string = f"mg-{submission_account_id}:{generic_password}" + ena_api_password = EMG_CONF['emg']['ena_api_password'] + if not ena_api_password: + logging.warning("ENA API password is missing. Study ownership cannot be verified.") + return False + auth_string = f"mg-{submission_account_id}:{ena_api_password}" headers = { "accept": "*/*", "Authorization": f"Basic {b64encode(auth_string.encode()).decode()}"