Add checks if the user is allowed to start an analysis.

This commit is contained in:
Patrick Jentsch 2019-11-12 12:04:07 +01:00
parent 19f1dea4fa
commit b0c6bb9c05

View File

@ -2,19 +2,19 @@ from app import db, socketio
from app.events import connected_sessions from app.events import connected_sessions
from app.models import Corpus from app.models import Corpus
from flask import current_app, request from flask import current_app, request
from flask_login import login_required from flask_login import current_user, login_required
from .CQiWrapper.CQiWrapper import CQiWrapper from .CQiWrapper.CQiWrapper import CQiWrapper
import logging import logging
''' '''
' A dictionary containing lists of with corpus ids associated Socket.IO session ' A dictionary containing lists of, with corpus ids associated, Socket.IO
' ids (sid). {<corpus_id>: [<sid>, ...], ...} ' session ids (sid). {<corpus_id>: [<sid>, ...], ...}
''' '''
analysis_sessions = {} analysis_sessions = {}
''' '''
' A dictionary containing Socket.IO session id - CQi client pairs. ' A dictionary containing Socket.IO session id - CQi client pairs.
' {<sid>: CQi client, ...} ' {<sid>: CQiClient, ...}
''' '''
analysis_clients = {} analysis_clients = {}
@ -22,7 +22,13 @@ analysis_clients = {}
@socketio.on('init_corpus_analysis') @socketio.on('init_corpus_analysis')
@login_required @login_required
def init_corpus_analysis(corpus_id): def init_corpus_analysis(corpus_id):
''' TODO: Check if current_user is allowed to subscribe to this ''' corpus = Corpus.query.filter_by(id=corpus_id).first()
if corpus is None:
socketio.emit('init_corpus_analysis', '[ERROR 404]: Not Found',
room=request.sid)
if not (corpus.creator == current_user or current_user.is_administrator()):
socketio.emit('init_corpus_analysis', '[ERROR 403]: Forbidden',
room=request.sid)
if str(corpus_id) not in analysis_sessions: if str(corpus_id) not in analysis_sessions:
analysis_sessions[str(corpus_id)] = [request.sid] analysis_sessions[str(corpus_id)] = [request.sid]
socketio.start_background_task(observe_corpus_analysis_connection, socketio.start_background_task(observe_corpus_analysis_connection,
@ -31,6 +37,7 @@ def init_corpus_analysis(corpus_id):
@socketio.on('query_event') @socketio.on('query_event')
@login_required
def recv_query(message): def recv_query(message):
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
logger.warning(message) logger.warning(message)