Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add token scopes to girder endpoints. #999

Merged
merged 1 commit into from
Nov 22, 2022
Merged

Add token scopes to girder endpoints. #999

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
- Better control dtype on multi sources ([#993](../../pull/993))
- Don't use dask threads when using nd2 to fetch tiles ([#994](../../pull/994))
- Set mime type for imported girder files ([#995](../../pull/995))
- Specify token scopes for girder endpoint ([#999](../../pull/999))

### Bug Fixes
- Use open.read rather than download to access files in Girder ([#989](../../pull/989))
Expand Down
7 changes: 4 additions & 3 deletions girder/girder_large_image/rest/large_image_resource.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
from girder.api import access
from girder.api.describe import Description, autoDescribeRoute, describeRoute
from girder.api.rest import Resource
from girder.constants import TokenScope
from girder.exceptions import RestException
from girder.models.file import File
from girder.models.item import Item
Expand Down Expand Up @@ -263,7 +264,7 @@ def cacheInfo(self, params):
@describeRoute(
Description('Get public settings for large image display.')
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
def getPublicSettings(self, params):
keys = [getattr(constants.PluginSettings, key)
for key in dir(constants.PluginSettings)
Expand Down Expand Up @@ -450,7 +451,7 @@ def deleteIncompleteTiles(self, params):
'higher priority for an extension of mime type with that '
'source.')
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
def listSources(self, params):
results = {}
for key, source in girder_tilesource.AvailableGirderTileSources.items():
Expand Down Expand Up @@ -565,7 +566,7 @@ def configValidate(self, config):
config = config.read().decode('utf8')
return self._configValidate(config)

@autoDescribeRoute(
@autoDescribeRoute( # noqa
Description('Reformat a Girder config file')
.param('config', 'The contents of config file to format.',
paramType='body')
Expand Down
40 changes: 20 additions & 20 deletions girder/girder_large_image/rest/tiles.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
from girder.api.describe import Description, autoDescribeRoute, describeRoute
from girder.api.rest import filtermodel, loadmodel, setRawResponse, setResponseHeader
from girder.api.v1.item import Item as ItemResource
from girder.constants import AccessType
from girder.constants import AccessType, TokenScope
from girder.exceptions import RestException
from girder.models.file import File
from girder.models.item import Item
Expand Down Expand Up @@ -218,7 +218,7 @@ def __init__(self, apiRoot):
'number of logical cpus less that value. Default is -2.',
dataType='int', required=False)
)
@access.user
@access.user(scope=TokenScope.DATA_WRITE)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.WRITE)
@filtermodel(model='job', plugin='jobs')
def createTiles(self, item, params):
Expand Down Expand Up @@ -283,7 +283,7 @@ def createTiles(self, item, params):
'number of logical cpus less that value. Default is -2.',
dataType='int', required=False)
)
@access.user
@access.user(scope=TokenScope.DATA_WRITE)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
@filtermodel(model='job', plugin='jobs')
def convertImage(self, item, params):
Expand Down Expand Up @@ -421,7 +421,7 @@ def _setContentDisposition(self, item, contentDisposition, mime, subname, fullFi
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getTilesInfo(self, item, params):
return self._getTilesInfo(item, params)
Expand All @@ -432,7 +432,7 @@ def getTilesInfo(self, item, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getInternalMetadata(self, item, params):
try:
Expand All @@ -443,7 +443,7 @@ def getInternalMetadata(self, item, params):
@describeRoute(
Description('Get test large image metadata.')
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
def getTestTilesInfo(self, params):
item = {'largeImage': {'sourceName': 'test'}}
imageArgs = self._parseTestParams(params)
Expand All @@ -459,7 +459,7 @@ def getTestTilesInfo(self, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getDZIInfo(self, item, params):
if 'encoding' in params and params['encoding'] not in ('JPEG', 'PNG'):
Expand Down Expand Up @@ -606,7 +606,7 @@ def getTileWithFrame(self, itemId, frame, z, x, y, params):
paramType='path')
.produces(ImageMimeTypes)
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
def getTestTile(self, z, x, y, params):
item = {'largeImage': {'sourceName': 'test'}}
imageArgs = self._parseTestParams(params)
Expand All @@ -624,7 +624,7 @@ def getTestTile(self, z, x, y, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getDZITile(self, item, level, xandy, params):
_adjustParams(params)
Expand Down Expand Up @@ -680,7 +680,7 @@ def getDZITile(self, item, level, xandy, params):
Description('Remove a large image from this item.')
.param('itemId', 'The ID of the item.', paramType='path')
)
@access.user
@access.user(scope=TokenScope.DATA_WRITE)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.WRITE)
def deleteTiles(self, item, params):
deleted = self.imageItemModel.delete(item)
Expand Down Expand Up @@ -725,7 +725,7 @@ def deleteTiles(self, item, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getTilesThumbnail(self, item, params):
_adjustParams(params)
Expand Down Expand Up @@ -852,7 +852,7 @@ def getTilesThumbnail(self, item, params):
.errorResponse('Read access was denied for the item.', 403)
.errorResponse('Insufficient memory.')
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getTilesRegion(self, item, params):
_adjustParams(params)
Expand Down Expand Up @@ -933,7 +933,7 @@ def stream():
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getTilesPixel(self, item, params):
params = self._parseParams(params, True, [
Expand Down Expand Up @@ -988,7 +988,7 @@ def getTilesPixel(self, item, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getHistogram(self, item, params):
_adjustParams(params)
Expand Down Expand Up @@ -1045,7 +1045,7 @@ def getHistogram(self, item, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getBandInformation(self, item, params):
_adjustParams(params)
Expand All @@ -1062,7 +1062,7 @@ def getBandInformation(self, item, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def getAssociatedImagesList(self, item, params):
try:
Expand Down Expand Up @@ -1091,7 +1091,7 @@ def getAssociatedImagesList(self, item, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
def getAssociatedImage(self, itemId, image, params):
_adjustParams(params)
# We can't use the loadmodel decorator, as we want to allow cookies
Expand Down Expand Up @@ -1130,7 +1130,7 @@ def getAssociatedImage(self, itemId, image, params):
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public
@access.public(scope=TokenScope.DATA_READ)
def getAssociatedImageMetadata(self, item, image, params):
_handleETag('getAssociatedImageMetadata', item, image)
tilesource = self.imageItemModel._loadTileSource(item, **params)
Expand Down Expand Up @@ -1264,7 +1264,7 @@ def getAssociatedImageMetadata(self, item, image, params):
.errorResponse('Read access was denied for the item.', 403)
.errorResponse('Insufficient memory.')
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def tileFrames(self, item, params):
cache = params.pop('cache', False)
Expand Down Expand Up @@ -1362,7 +1362,7 @@ def stream():
.errorResponse('ID was invalid.')
.errorResponse('Read access was denied for the item.', 403)
)
@access.public(cookie=True)
@access.public(cookie=True, scope=TokenScope.DATA_READ)
@loadmodel(model='item', map={'itemId': 'item'}, level=AccessType.READ)
def tileFramesQuadInfo(self, item, params):
metadata = self.imageItemModel.getMetadata(item)
Expand Down
Loading