Commit 76beae70 authored by Markus Scheidgen's avatar Markus Scheidgen
Browse files

Fixed oasis upload auth issue.

parent 809a153b
Pipeline #102353 passed with stages
in 25 minutes and 43 seconds
......@@ -267,7 +267,7 @@ class UploadListResource(Resource):
user = g.user
from_oasis = oasis_upload_id is not None
if from_oasis:
if not g.user.is_oasis_admin:
if not g.user.full_user().is_oasis_admin:
abort(401, 'Only an oasis admin can perform an oasis upload.')
if oasis_uploader_id is None:
abort(400, 'You must provide the original uploader for an oasis upload.')
......@@ -281,7 +281,7 @@ class UploadListResource(Resource):
uploader_id = request.args.get('uploader_id')
if uploader_id is not None:
if not g.user.is_admin:
if not g.user.full_user().is_admin:
abort(401, 'Only an admins can upload for other users.')
user = datamodel.User.get(user_id=uploader_id)
......
......@@ -117,6 +117,12 @@ class User(Author):
from nomad import infrastructure
return infrastructure.keycloak.get_user(*args, **kwargs) # type: ignore
def full_user(self) -> 'User':
''' Returns a User object with all attributes loaded from the user management system. '''
from nomad import infrastructure
assert self.user_id is not None
return infrastructure.keycloak.get_user(user_id=self.user_id) # type: ignore
class UserReference(metainfo.Reference):
'''
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment