Skip to content

A
amundsen_dev
Unverified Commit f8106352 authored by Jin Hyuk Chang's avatar Jin Hyuk Chang Committed by GitHub
Browse files
Options

other : Dashboard preview ACL to use user_id (#485) 

* print user_id

* Update
parent d202fca2
Show whitespace changes
Inline Side-by-side
Showing with 11 additions and 12 deletions
amundsen_application/dashboard_preview/mode_preview.py
View file @ f8106352
...@@ -63,9 +63,8 @@ class ModePreview(BasePreview): ...@@ -63,9 +63,8 @@ class ModePreview(BasePreview):
:return: image bytes :return: image bytes
:raise: PermissionError when user is not allowed to access the dashboard :raise: PermissionError when user is not allowed to access the dashboard
""" """
if self._is_auth_enabled: if self._is_auth_enabled:
self._authorize_access(user_email=self._auth_user_method(app).email) self._authorize_access(user_id=self._auth_user_method(app).user_id)
url = self._get_preview_image_url(uri=uri) url = self._get_preview_image_url(uri=uri)
r = requests.get(url, allow_redirects=True) r = requests.get(url, allow_redirects=True)
...@@ -95,18 +94,18 @@ class ModePreview(BasePreview): ...@@ -95,18 +94,18 @@ class ModePreview(BasePreview):
return image_url return image_url
def _authorize_access(self, user_email: str) -> None: def _authorize_access(self, user_id: str) -> None:
""" """
Get Mode user ID via metadata service. Note that metadata service needs to be at least v2.5.2 and Get Mode user ID via metadata service. Note that metadata service needs to be at least v2.5.2 and
Databuilder should also have ingested Mode user. Databuilder should also have ingested Mode user.
https://github.com/lyft/amundsendatabuilder#modedashboarduserextractor https://github.com/lyft/amundsendatabuilder#modedashboarduserextractor
:param user_email: :param user_id:
:return: :return:
:raise: PermissionError when user is not allowed to access the dashboard :raise: PermissionError when user is not allowed to access the dashboard
""" """
metadata_svc_url = '{0}{1}/{2}'.format(app.config['METADATASERVICE_BASE'], USER_ENDPOINT, user_email) metadata_svc_url = '{0}{1}/{2}'.format(app.config['METADATASERVICE_BASE'], USER_ENDPOINT, user_id)
response = request_metadata(url=metadata_svc_url) response = request_metadata(url=metadata_svc_url)
response.raise_for_status() response.raise_for_status()
...@@ -114,4 +113,4 @@ class ModePreview(BasePreview): ...@@ -114,4 +113,4 @@ class ModePreview(BasePreview):
if user.is_active and user.other_key_values and user.other_key_values.get('mode_user_id'): if user.is_active and user.other_key_values and user.other_key_values.get('mode_user_id'):
return return
raise PermissionError('User {} is not authorized to preview Mode Dashboard'.format(user_email)) raise PermissionError('User {} is not authorized to preview Mode Dashboard'.format(user_id))
tests/unit/dashboard_preview/test_mode_preview.py
View file @ f8106352
...@@ -109,7 +109,7 @@ class TestModePreview(unittest.TestCase): ...@@ -109,7 +109,7 @@ class TestModePreview(unittest.TestCase):
} }
preview = ModePreview(access_token='token', password='password', organization='foo') preview = ModePreview(access_token='token', password='password', organization='foo')
preview._authorize_access(user_email='test_email') preview._authorize_access(user_id='test_email')
with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata: with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata:
...@@ -129,7 +129,7 @@ class TestModePreview(unittest.TestCase): ...@@ -129,7 +129,7 @@ class TestModePreview(unittest.TestCase):
} }
preview = ModePreview(access_token='token', password='password', organization='foo') preview = ModePreview(access_token='token', password='password', organization='foo')
self.assertRaises(PermissionError, preview._authorize_access, user_email='test_email') self.assertRaises(PermissionError, preview._authorize_access, user_id='test_email')
with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata: with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata:
mock_request_metadata.return_value.json.return_value = { mock_request_metadata.return_value.json.return_value = {
...@@ -146,7 +146,7 @@ class TestModePreview(unittest.TestCase): ...@@ -146,7 +146,7 @@ class TestModePreview(unittest.TestCase):
} }
preview = ModePreview(access_token='token', password='password', organization='foo') preview = ModePreview(access_token='token', password='password', organization='foo')
self.assertRaises(PermissionError, preview._authorize_access, user_email='test_email') self.assertRaises(PermissionError, preview._authorize_access, user_id='test_email')
with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata: with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata:
mock_request_metadata.return_value.json.return_value = { mock_request_metadata.return_value.json.return_value = {
...@@ -165,7 +165,7 @@ class TestModePreview(unittest.TestCase): ...@@ -165,7 +165,7 @@ class TestModePreview(unittest.TestCase):
} }
preview = ModePreview(access_token='token', password='password', organization='foo') preview = ModePreview(access_token='token', password='password', organization='foo')
self.assertRaises(PermissionError, preview._authorize_access, user_email='test_email') self.assertRaises(PermissionError, preview._authorize_access, user_id='test_email')
with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata: with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata:
mock_request_metadata.return_value.json.return_value = { mock_request_metadata.return_value.json.return_value = {
...@@ -182,7 +182,7 @@ class TestModePreview(unittest.TestCase): ...@@ -182,7 +182,7 @@ class TestModePreview(unittest.TestCase):
} }
preview = ModePreview(access_token='token', password='password', organization='foo') preview = ModePreview(access_token='token', password='password', organization='foo')
self.assertRaises(PermissionError, preview._authorize_access, user_email='test_email') self.assertRaises(PermissionError, preview._authorize_access, user_id='test_email')
with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata: with patch('amundsen_application.dashboard_preview.mode_preview.request_metadata') as mock_request_metadata:
mock_request_metadata.return_value.json.return_value = { mock_request_metadata.return_value.json.return_value = {
...@@ -198,7 +198,7 @@ class TestModePreview(unittest.TestCase): ...@@ -198,7 +198,7 @@ class TestModePreview(unittest.TestCase):
} }
preview = ModePreview(access_token='token', password='password', organization='foo') preview = ModePreview(access_token='token', password='password', organization='foo')
self.assertRaises(PermissionError, preview._authorize_access, user_email='test_email') self.assertRaises(PermissionError, preview._authorize_access, user_id='test_email')
if __name__ == '__main__': if __name__ == '__main__':
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment