Fixed oasis upload auth issue.

nomad/app/flask/api/upload.py

@@ -267,7 +267,7 @@ class UploadListResource(Resource):
         user = g.user
         from_oasis = oasis_upload_id is not None
         if from_oasis:
-            if not g.user.is_oasis_admin:
+            if not g.user.full_user().is_oasis_admin:
                 abort(401, 'Only an oasis admin can perform an oasis upload.')
             if oasis_uploader_id is None:
                 abort(400, 'You must provide the original uploader for an oasis upload.')
@@ -281,7 +281,7 @@ class UploadListResource(Resource):
 
         uploader_id = request.args.get('uploader_id')
         if uploader_id is not None:
-            if not g.user.is_admin:
+            if not g.user.full_user().is_admin:
                 abort(401, 'Only an admins can upload for other users.')
 
             user = datamodel.User.get(user_id=uploader_id)

nomad/datamodel/datamodel.py

@@ -117,6 +117,12 @@ class User(Author):
         from nomad import infrastructure
         return infrastructure.keycloak.get_user(*args, **kwargs)  # type: ignore
 
+    def full_user(self) -> 'User':
+        ''' Returns a User object with all attributes loaded from the user management system. '''
+        from nomad import infrastructure
+        assert self.user_id is not None
+        return infrastructure.keycloak.get_user(user_id=self.user_id)  # type: ignore
+
 
 class UserReference(metainfo.Reference):
     '''