Classification user groups authorization policies #27
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…projects breakdown.
…tats breakdown stats
…ials. add initial logic for queried user group context policy
…up stats visibilities
…ble stats and update specs
yuenmichelle1
force-pushed
the
classification-user-groups-authorization-policies
branch
from
d94c25f
to
6c5c679
Compare
zwolf
approved these changes
Sep 6, 2023
|
|
||
| def queried_user_group | ||
| url = "/user_groups/#{params[:id]}" | ||
| panoptes_application_client.panoptes.get(url)['user_groups'][0] |
There was a problem hiding this comment.
These calls out to panoptes can be memoized in order to prevent repeats by adding @queried_user_group ||= to the return line. It doesn't seem like either one of these get called more than once intentionally, but it's something to keep in mind so that you don't repeat API requests unnecessarily.
| memberships_url = "/memberships?user_id=#{classification_user_group.user_id}&user_group_id=#{classification_user_group.user_group_id}" | ||
|
|
||
| @user_client_with_membership = double(Panoptes::Client, me: me_hash).tap do |client| | ||
| allow(client).to receive(:is_a?).and_return(false) |
There was a problem hiding this comment.
What is this protecting against? Does something ask the client this somewhere?
There was a problem hiding this comment.
Yeah..we don't need this line. We are not asking the the client this anywhere.
Co-authored-by: Zach Wolfenbarger <[email protected]>
![hound[bot]](https://avatars.githubusercontent.com/in/3598?s=60&v=4){kind=small}
yuenmichelle1
deleted the
classification-user-groups-authorization-policies
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Introduces classification user group authorization policies. See wiki for Authorizations info https://github.com/zooniverse/eras/wiki/API-Callout-Examples#authorizations-1
But if you do not feel like clicking ^ link, see below:
Authentication
Dependent on what you are querying. See below for more info
Authorizations
Permissions are dependent on 3 factors (unless you are a panoptes_admin, then you have full permission):
If you are querying group aggregate stats (i.e.
individual_stats_breakdownisfalseor not a parameter in your request):public_show_allpublic_agg_show_ind_if_memberpublic_agg_onlyprivate_show_agg_and_indprivate_agg_onlyIf you are querying individual stats breakdown (i.e.
individual_stats_breakdownistrue):public_show_allpublic_agg_show_ind_if_memberpublic_agg_onlyprivate_show_agg_and_indprivate_agg_only