From 99ebe582fe8ff2b852fc1fa13d84885cbc895bb5 Mon Sep 17 00:00:00 2001 From: Matthias Saimpert <matthias.saimpert@cern.ch> Date: Thu, 21 Dec 2023 14:56:50 +0100 Subject: [PATCH 1/3] attemps to fix ITkPD authentification issues --- viewer/functions/common.py | 33 +++++++++++++++++++++++++++++++++ viewer/functions/imports.py | 30 ++++++------------------------ viewer/pages/qc.py | 9 ++++++++- viewer/pages/toppage.py | 7 ++++++- 4 files changed, 53 insertions(+), 26 deletions(-) diff --git a/viewer/functions/common.py b/viewer/functions/common.py index 608b1f2e..00421f6e 100755 --- a/viewer/functions/common.py +++ b/viewer/functions/common.py @@ -440,6 +440,39 @@ def get_pd_user(): global pd_user return pd_user +def check_and_process(code1, code2): + global pd_client + + if not get_pd_client(): + process_request( code1, code2 ) + + pd_client = get_pd_client() + + if not pd_client: + logger.error('Failed in ITkPD authentication!') + return False + + user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) + + if session["institution"] is not None and + not ( any(element["name"] == session["institution"] for element in user["institutions"]) ): + logger.warning('Originally authenticated in ITkPD with user from different institute than in localDB! Updating this now with latest entered user codes.') + process_request(code1, code2) + + pd_client = get_pd_client() + + if not get_pd_client(): + logger.error('Failed in ITkPD authentication!') + return False + + user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) + + if not (session["institution"] in user["institutions"]): + logger.error( 'Failed in ITkPD authentication! ITkPD user institute still different than localDB!' ) + return False + + return True + ############################################################################# # Scan diff --git a/viewer/functions/imports.py b/viewer/functions/imports.py index 3798ed81..bae7f594 100755 --- a/viewer/functions/imports.py +++ b/viewer/functions/imports.py @@ -121,15 +121,9 @@ from module_qc_database_tools.utils import ( def download_worker( serialNumber, code1 = None, code2 = None, resetStage = None, skip_attachments = False, skip_synched = True, debug_mode = False ): global logger - - if not get_pd_client(): - process_request( code1, code2 ) - - pd_client = get_pd_client() - if not pd_client: - logger.error( 'Failed in ITkPD authentication!' ) - return + if not check_and_process(code1, code2): return + pd_client = get_pd_client() logger.info( f'download_worker(): serialNumber = {serialNumber}' ) logger.info( f'download_worker(): resetStage = {resetStage}' ) @@ -155,15 +149,9 @@ def upload_worker( serialNumber, code1 = None, code2 = None ): global logger - if not get_pd_client(): - process_request( code1, code2 ) - + if not check_and_process(code1, code2): return pd_client = get_pd_client() - if not pd_client: - logger.error( 'Failed in ITkPD authentication!' ) - return - logger.info( 'upload_worker(): serialNumber = {}'.format( serialNumber ) ) logger.info( 'upload_worker(): RecursiveUploader' ) @@ -174,7 +162,7 @@ def upload_worker( serialNumber, code1 = None, code2 = None ): RecursiveUploader( pd_client ).exec( serialNumber ) # step 2: sync FE configs - download_configs( serialNumber ) + download_configs( serialNumber, code1, code2 ) except Exception as e: logger.warning( traceback.format_exc() ) @@ -185,19 +173,13 @@ def upload_worker( serialNumber, code1 = None, code2 = None ): return -def download_configs( serialNumber ): +def download_configs( serialNumber, code1, code2 ): global logger - if not get_pd_client(): - process_request( code1, code2 ) - + if not check_and_process(code1, code2): return pd_client = get_pd_client() - if not pd_client: - logger.error( 'Failed in ITkPD authentication!' ) - return - try: cpt_doc = localdb.component.find_one( { 'serialNumber': serialNumber } ) diff --git a/viewer/pages/qc.py b/viewer/pages/qc.py index 01035eba..cbf9a9f4 100644 --- a/viewer/pages/qc.py +++ b/viewer/pages/qc.py @@ -154,7 +154,14 @@ def create_configs(): session['url'] = url_for( 'qc_api.create_configs', componentId = componentId ) logger.info( f'create_configs(): redirecting to itkdb_authenticate:' + url_for( 'user_api.itkdb_authenticate' ) ) return redirect( url_for( 'user_api.itkdb_authenticate' ) ) - + + user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) + if session["institution"] is not None and + not ( any(element["name"] == session["institution"] for element in user["institutions"]) ): + session['url'] = url_for( 'qc_api.create_configs', componentId = componentId ) + logger.info( f'create_configs(): redirecting to itkdb_authenticate:' + url_for( 'user_api.itkdb_authenticate' ) ) + return redirect( url_for('user_api.itkdb_authenticate') ) + # Call config generation alg try: module = Module(pd_client, serialNumber) diff --git a/viewer/pages/toppage.py b/viewer/pages/toppage.py index 11041be4..25debf7b 100644 --- a/viewer/pages/toppage.py +++ b/viewer/pages/toppage.py @@ -499,7 +499,12 @@ def assemble_module(): return redirect( url_for('user_api.itkdb_authenticate') ) pd_client = get_pd_client() - userinfo = request.form.get("userinfo", type=itkdb.core.User) + + user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) + if session["institution"] is not None and + not ( any(element["name"] == session["institution"] for element in user["institutions"]) ): + session['url'] = url_for('toppage_api.assemble_module') + return redirect( url_for('user_api.itkdb_authenticate') ) userdb = client.localdbtools -- GitLab From 670d7fcb8fde587dc19e9830d8e1519e642fadff Mon Sep 17 00:00:00 2001 From: Matthias Saimpert <matthias.saimpert@cern.ch> Date: Thu, 21 Dec 2023 15:10:36 +0100 Subject: [PATCH 2/3] fix typo --- viewer/functions/common.py | 4 ++-- viewer/pages/qc.py | 4 ++-- viewer/pages/toppage.py | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/viewer/functions/common.py b/viewer/functions/common.py index 00421f6e..6b18aa4e 100755 --- a/viewer/functions/common.py +++ b/viewer/functions/common.py @@ -454,8 +454,8 @@ def check_and_process(code1, code2): user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) - if session["institution"] is not None and - not ( any(element["name"] == session["institution"] for element in user["institutions"]) ): + if ( session["institution"] is not None and + not (any(element["name"] == session["institution"] for element in user["institutions"])) ): logger.warning('Originally authenticated in ITkPD with user from different institute than in localDB! Updating this now with latest entered user codes.') process_request(code1, code2) diff --git a/viewer/pages/qc.py b/viewer/pages/qc.py index cbf9a9f4..22b40890 100644 --- a/viewer/pages/qc.py +++ b/viewer/pages/qc.py @@ -156,8 +156,8 @@ def create_configs(): return redirect( url_for( 'user_api.itkdb_authenticate' ) ) user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) - if session["institution"] is not None and - not ( any(element["name"] == session["institution"] for element in user["institutions"]) ): + if ( session["institution"] is not None and + not (any(element["name"] == session["institution"] for element in user["institutions"])) ): session['url'] = url_for( 'qc_api.create_configs', componentId = componentId ) logger.info( f'create_configs(): redirecting to itkdb_authenticate:' + url_for( 'user_api.itkdb_authenticate' ) ) return redirect( url_for('user_api.itkdb_authenticate') ) diff --git a/viewer/pages/toppage.py b/viewer/pages/toppage.py index 25debf7b..d7bb44c4 100644 --- a/viewer/pages/toppage.py +++ b/viewer/pages/toppage.py @@ -501,8 +501,8 @@ def assemble_module(): pd_client = get_pd_client() user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) - if session["institution"] is not None and - not ( any(element["name"] == session["institution"] for element in user["institutions"]) ): + if ( session["institution"] is not None and + not (any(element["name"] == session["institution"] for element in user["institutions"])) ): session['url'] = url_for('toppage_api.assemble_module') return redirect( url_for('user_api.itkdb_authenticate') ) -- GitLab From 39989d08e5a23fdd0e1effbe7e00828c7492f94f Mon Sep 17 00:00:00 2001 From: Matthias Saimpert <matthias.saimpert@cern.ch> Date: Thu, 21 Dec 2023 16:04:52 +0100 Subject: [PATCH 3/3] fix to pass session info to threads --- viewer/functions/common.py | 8 ++++---- viewer/functions/imports.py | 14 +++++++------- viewer/pages/qc.py | 3 ++- viewer/pages/user.py | 4 +++- 4 files changed, 16 insertions(+), 13 deletions(-) diff --git a/viewer/functions/common.py b/viewer/functions/common.py index 6b18aa4e..9123f44c 100755 --- a/viewer/functions/common.py +++ b/viewer/functions/common.py @@ -440,7 +440,7 @@ def get_pd_user(): global pd_user return pd_user -def check_and_process(code1, code2): +def check_and_process(code1, code2, institution): global pd_client if not get_pd_client(): @@ -454,8 +454,8 @@ def check_and_process(code1, code2): user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) - if ( session["institution"] is not None and - not (any(element["name"] == session["institution"] for element in user["institutions"])) ): + if ( institution is not None and + not (any(element["name"] == institution for element in user["institutions"])) ): logger.warning('Originally authenticated in ITkPD with user from different institute than in localDB! Updating this now with latest entered user codes.') process_request(code1, code2) @@ -467,7 +467,7 @@ def check_and_process(code1, code2): user = pd_client.get("getUser", json={"userIdentity": pd_client.user.identity}) - if not (session["institution"] in user["institutions"]): + if ( not (any(element["name"] == institution for element in user["institutions"])) ): logger.error( 'Failed in ITkPD authentication! ITkPD user institute still different than localDB!' ) return False diff --git a/viewer/functions/imports.py b/viewer/functions/imports.py index bae7f594..cbd72fea 100755 --- a/viewer/functions/imports.py +++ b/viewer/functions/imports.py @@ -118,11 +118,11 @@ from module_qc_database_tools.utils import ( -def download_worker( serialNumber, code1 = None, code2 = None, resetStage = None, skip_attachments = False, skip_synched = True, debug_mode = False ): +def download_worker( serialNumber, code1 = None, code2 = None, resetStage = None, skip_attachments = False, skip_synched = True, debug_mode = False, institution = None ): global logger - if not check_and_process(code1, code2): return + if code1 is not None and code2 is not None and not check_and_process(code1, code2, institution): return pd_client = get_pd_client() logger.info( f'download_worker(): serialNumber = {serialNumber}' ) @@ -145,11 +145,11 @@ def download_worker( serialNumber, code1 = None, code2 = None, resetStage = None return -def upload_worker( serialNumber, code1 = None, code2 = None ): +def upload_worker( serialNumber, code1 = None, code2 = None, institution = None ): global logger - if not check_and_process(code1, code2): return + if code1 is not None and code2 is not None and not check_and_process(code1, code2, institution): return pd_client = get_pd_client() logger.info( 'upload_worker(): serialNumber = {}'.format( serialNumber ) ) @@ -162,7 +162,7 @@ def upload_worker( serialNumber, code1 = None, code2 = None ): RecursiveUploader( pd_client ).exec( serialNumber ) # step 2: sync FE configs - download_configs( serialNumber, code1, code2 ) + download_configs( serialNumber, code1, code2, institution ) except Exception as e: logger.warning( traceback.format_exc() ) @@ -173,11 +173,11 @@ def upload_worker( serialNumber, code1 = None, code2 = None ): return -def download_configs( serialNumber, code1, code2 ): +def download_configs( serialNumber, code1, code2, institution ): global logger - if not check_and_process(code1, code2): return + if code1 is not None and code2 is not None and not check_and_process(code1, code2, institution): return pd_client = get_pd_client() try: diff --git a/viewer/pages/qc.py b/viewer/pages/qc.py index 22b40890..fc61d840 100644 --- a/viewer/pages/qc.py +++ b/viewer/pages/qc.py @@ -2409,8 +2409,9 @@ def result_transceiver(): code1 = request.form.get('code1', None) code2 = request.form.get('code2', None) + institution = session["institution"] - thread = threading.Thread( target = upload_worker, args = ( module, code1, code2 ) ) + thread = threading.Thread( target = upload_worker, args = ( module, code1, code2, institution ) ) thread.start() return redirect( url_for('component_api.show_component', id=doc['_id'], collection='component') ) diff --git a/viewer/pages/user.py b/viewer/pages/user.py index 2ba9c4c1..53d1fcdd 100755 --- a/viewer/pages/user.py +++ b/viewer/pages/user.py @@ -240,7 +240,9 @@ def download_component(): elif stage == "submit": try: - thread = threading.Thread( target = download_worker, args = ( component_id, code1, code2, None, skip_attachments, skip_synched, debug_mode ) ) + institution = session["institution"] + + thread = threading.Thread( target = download_worker, args = ( component_id, code1, code2, None, skip_attachments, skip_synched, debug_mode, institution ) ) thread.start() time.sleep(3) -- GitLab