From 76d3e88ee2e80d734acab68652feff4e266f3f7a Mon Sep 17 00:00:00 2001 From: index-git Date: Tue, 17 Oct 2023 15:14:02 +0200 Subject: [PATCH] Fix patch saving layer file before access right validation --- src/layman/layer/rest_workspace_layer.py | 14 +++---- .../wrong_input/wrong_input_test.py | 37 +++++++++++++++++++ 2 files changed, 44 insertions(+), 7 deletions(-) diff --git a/src/layman/layer/rest_workspace_layer.py b/src/layman/layer/rest_workspace_layer.py index 2fd9965d7..b5cbcb889 100644 --- a/src/layman/layer/rest_workspace_layer.py +++ b/src/layman/layer/rest_workspace_layer.py @@ -211,6 +211,13 @@ def patch(workspace, layername): layer_result = {} + kwargs.update({'actor_name': authn.get_authn_username()}) + rest_util.setup_patch_access_rights(request.form, kwargs) + util.pre_publication_action_check(workspace, + layername, + kwargs, + ) + if delete_from is not None: request_method = request.method.lower() deleted = util.delete_layer(workspace, layername, source=delete_from, http_method=request_method) @@ -245,13 +252,6 @@ def patch(workspace, layername): elif input_files: shutil.move(temp_dir, input_file.get_layer_input_file_dir(workspace, layername)) publications.set_wfs_wms_status(workspace, LAYER_TYPE, layername, settings.EnumWfsWmsStatus.PREPARING) - kwargs.update({'actor_name': authn.get_authn_username()}) - - rest_util.setup_patch_access_rights(request.form, kwargs) - util.pre_publication_action_check(workspace, - layername, - kwargs, - ) util.patch_layer( workspace, diff --git a/tests/dynamic_data/publications/wrong_input/wrong_input_test.py b/tests/dynamic_data/publications/wrong_input/wrong_input_test.py index 57649b487..b60435df2 100644 --- a/tests/dynamic_data/publications/wrong_input/wrong_input_test.py +++ b/tests/dynamic_data/publications/wrong_input/wrong_input_test.py @@ -1352,6 +1352,43 @@ class Key(Enum): Key.RUN_ONLY_CASES: frozenset([RestMethod.PATCH, WithChunksDomain.FALSE, CompressDomain.FALSE]), Key.SPECIFIC_CASES: {}, }, + 'write_rights_without_layer': { + Key.PUBLICATION_TYPE: process_client.LAYER_TYPE, + Key.WORKSPACE: OWNER, + Key.POST_BEFORE_TEST_ARGS: { + 'access_rights': { + 'read': 'EVERYONE', + 'write': 'EVERYONE', + }, + 'actor_name': OWNER, + }, + Key.REST_ARGS: { + 'file_paths': ['sample/layman.layer/small_layer.geojson'], + 'access_rights': { + 'read': 'EVERYONE', + 'write': EDITOR, + }, + 'actor_name': EDITOR, + }, + Key.EXCEPTION: LaymanError, + Key.EXPECTED_EXCEPTION: { + 'http_code': 400, + 'sync': True, + 'code': 43, + 'message': 'Wrong access rights.', + 'data': { + 'access_rights': {'read': ['EVERYONE'], 'write': ['wrong_input_editor']}, + 'message': 'Owner of the personal workspace have to keep write right.', + 'actor_name': 'wrong_input_editor', + 'owner': 'wrong_input_owner', + 'publication_name': '{publication_name}', + 'workspace_name': '{workspace}', + }, + }, + Key.MANDATORY_CASES: frozenset([RestMethod.PATCH, WithChunksDomain.FALSE, CompressDomain.FALSE]), + Key.RUN_ONLY_CASES: frozenset([RestMethod.PATCH, WithChunksDomain.FALSE, CompressDomain.FALSE]), + Key.SPECIFIC_CASES: {}, + }, }