From 26e57d82be62288c9d0a6f9b228e1cfc3c634706 Mon Sep 17 00:00:00 2001 From: Nick Ross Date: Mon, 23 Oct 2023 16:35:32 +0100 Subject: [PATCH] Fix/allow editors data dictionary (#2822) * fix: allow editors to edit dictionaries * fix: add logging to proxy sso --- .../apps/datasets/data_dictionary/views.py | 17 +++++++++-------- dataworkspace/proxy.py | 5 +++++ 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/dataworkspace/dataworkspace/apps/datasets/data_dictionary/views.py b/dataworkspace/dataworkspace/apps/datasets/data_dictionary/views.py index eeb4b4acc3..08561ca519 100644 --- a/dataworkspace/dataworkspace/apps/datasets/data_dictionary/views.py +++ b/dataworkspace/dataworkspace/apps/datasets/data_dictionary/views.py @@ -63,14 +63,15 @@ class DataDictionaryEditView(View): def dispatch(self, request, *args, **kwargs): dataset_uuid = self.kwargs.get("dataset_uuid") dataset = find_dataset(dataset_uuid, self.request.user) - if ( - request.user - not in [ - dataset.information_asset_owner, - dataset.information_asset_manager, - ] - and not request.user.is_superuser - ): + valid_users = [ + dataset.information_asset_owner, + dataset.information_asset_manager, + ] + ( + list(dataset.data_catalogue_editors.all()) + if hasattr(dataset, "data_catalogue_editors") + else [] + ) + if request.user not in valid_users and not request.user.is_superuser: return HttpResponseForbidden() return super().dispatch(request, *args, **kwargs) diff --git a/dataworkspace/proxy.py b/dataworkspace/proxy.py index 8525538006..a1fe33b0c6 100644 --- a/dataworkspace/proxy.py +++ b/dataworkspace/proxy.py @@ -1152,6 +1152,11 @@ async def handler_with_sso_headers(): if me_profile: return await handler_with_sso_headers() + request["logger"].info( + "Making request to SSO - %s%s", + sso_base_url, + me_path, + ) async with client_session.get( f"{sso_base_url}{me_path}", headers={"Authorization": f"Bearer {token}"},