Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Complete specifying token scopes. #1000

Merged
merged 1 commit into from
Nov 23, 2022
Merged

Complete specifying token scopes. #1000

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
- Better control dtype on multi sources ([#993](../../pull/993))
- Don't use dask threads when using nd2 to fetch tiles ([#994](../../pull/994))
- Set mime type for imported girder files ([#995](../../pull/995))
- Specify token scopes for girder endpoint ([#999](../../pull/999))
- Specify token scopes for girder endpoints ([#999](../../pull/999), [#1000](../../pull/1000))

### Bug Fixes
- Use open.read rather than download to access files in Girder ([#989](../../pull/989))
Expand Down
26 changes: 13 additions & 13 deletions girder/girder_large_image/rest/large_image_resource.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -242,7 +242,7 @@ def __init__(self):
@describeRoute(
Description('Clear tile source caches to release resources and file handles.')
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def cacheClear(self, params):
before = cache_util.cachesInfo()
cache_util.cachesClear()
Expand All @@ -257,7 +257,7 @@ def cacheClear(self, params):
@describeRoute(
Description('Get information on caches.')
)
@access.admin
@access.admin(scope=TokenScope.DATA_READ)
def cacheInfo(self, params):
return cache_util.cachesInfo()

Expand All @@ -279,7 +279,7 @@ def getPublicSettings(self, params):
'specifications typically include width, height, encoding, and '
'encoding options.', required=False)
)
@access.admin
@access.admin(scope=TokenScope.DATA_READ)
def countThumbnails(self, params):
return self._countCachedImages(params.get('spec'))

Expand All @@ -290,7 +290,7 @@ def countThumbnails(self, params):
'specified key', required=False)
.notes('The imageKey can also be "tileFrames".')
)
@access.admin
@access.admin(scope=TokenScope.DATA_READ)
def countAssociatedImages(self, params):
return self._countCachedImages(
None, associatedImages=True, imageKey=params.get('imageKey'))
Expand Down Expand Up @@ -338,7 +338,7 @@ def _countCachedImages(self, spec, associatedImages=False, imageKey=None):
'making thumbnails. 0 or unspecified to base this on the '
'number of reported cpus.', required=False, dataType='int')
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def createThumbnails(self, params):
self.requireParams(['spec'], params)
try:
Expand Down Expand Up @@ -376,7 +376,7 @@ def createThumbnails(self, params):
'specifications typically include width, height, encoding, and '
'encoding options.', required=False)
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def deleteThumbnails(self, params):
return self._deleteCachedImages(params.get('spec'))

Expand All @@ -385,7 +385,7 @@ def deleteThumbnails(self, params):
.param('imageKey', 'If specific, only include images with the '
'specified key', required=False)
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def deleteAssociatedImages(self, params):
return self._deleteCachedImages(
None, associatedImages=True, imageKey=params.get('imageKey'))
Expand Down Expand Up @@ -425,7 +425,7 @@ def _deleteCachedImages(self, spec, associatedImages=False, imageKey=None):
'cancelled. The return value is the number of items that were '
'adjusted.')
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def deleteIncompleteTiles(self, params):
result = {'removed': 0}
while True:
Expand Down Expand Up @@ -473,7 +473,7 @@ def listSources(self, params):
@describeRoute(
Description('Count the number of cached histograms for large_image items.')
)
@access.admin
@access.admin(scope=TokenScope.DATA_READ)
def countHistograms(self, params):
query = {
'isLargeImageData': True,
Expand All @@ -486,7 +486,7 @@ def countHistograms(self, params):
@describeRoute(
Description('Delete cached histograms from large_image items.')
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def deleteHistograms(self, params):
query = {
'isLargeImageData': True,
Expand Down Expand Up @@ -561,7 +561,7 @@ def _configValidate(self, config):
.param('config', 'The contents of config file to validate.',
paramType='body')
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def configValidate(self, config):
config = config.read().decode('utf8')
return self._configValidate(config)
Expand All @@ -571,7 +571,7 @@ def configValidate(self, config):
.param('config', 'The contents of config file to format.',
paramType='body')
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def configFormat(self, config): # noqa
config = config.read().decode('utf8')
if len(self._configValidate(config)):
Expand Down Expand Up @@ -627,7 +627,7 @@ def configFormat(self, config): # noqa
.param('config', 'The new contents of config file.',
paramType='body')
)
@access.admin
@access.admin(scope=TokenScope.USER_AUTH)
def configReplace(self, config, restart):
config = config.read().decode('utf8')
if len(self._configValidate(config)):
Expand Down
7 changes: 4 additions & 3 deletions girder/girder_large_image/rest/tiles.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -546,7 +546,7 @@ def _getTile(self, item, z, x, y, imageArgs, mayRedirect=False):
# LoadModelCache, three database lookups are avoided, which saves around
# 6 ms in tests. We also avoid the @access.public decorator and directly
# set the accessLevel attribute on the method.
# @access.public(cookie=True)
# @access.public(cookie=True, scope=TokenScope.DATA_READ)
# @loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
# def getTile(self, item, z, x, y, params):
# return self._getTile(item, z, x, y, params, True)
Expand All @@ -561,6 +561,7 @@ def getTile(self, itemId, z, x, y, params):
return self._getTile(item, z, x, y, params, mayRedirect=redirect)
getTile.accessLevel = 'public'
getTile.cookieAuth = True
getTile.requiredScopes = TokenScope.DATA_READ

@describeRoute(
Description('Get a large image tile with a frame number.')
Expand Down Expand Up @@ -1408,7 +1409,7 @@ def tileFramesQuadInfo(self, item, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.admin
@access.admin(scope=TokenScope.DATA_READ)
def listTilesThumbnails(self, item):
return self.imageItemModel.removeThumbnailFiles(item, onlyList=True)

Expand All @@ -1420,6 +1421,6 @@ def listTilesThumbnails(self, item):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.admin
@access.admin(scope=TokenScope.DATA_WRITE)
def deleteTilesThumbnails(self, item, keep):
return self.imageItemModel.removeThumbnailFiles(item, keep=keep or 0)