diff --git a/app.py b/app.py index e31c270..910eb29 100644 --- a/app.py +++ b/app.py @@ -5,6 +5,7 @@ from starlette.responses import StreamingResponse, JSONResponse from fastapi.middleware.cors import CORSMiddleware from based import db import psycopg +import puremagic from secrets import token_hex from minio import Minio from minio.helpers import ObjectWriteResult @@ -87,19 +88,33 @@ async def getAccessToken(userData: AuthModel): 200: {"model": list[TableDefinition], "description": "List of tables"}, 403: { "model": ErrorResponse, - "description": "Requesting this endpoint requires admin-level user access token", + "description": "Requesting this endpoint requires access token", }, }, ) async def listTables(access_token: str | None = Header(default=None)): - is_admin = check_if_admin_access_token(connector, access_token) - if not is_admin: + tds: list[TableDefinition] = [] + + try: + _user, _ = get_user_by_access_token(connector, access_token) + if not _user: + raise Exception("Not allowed") + except Exception as e: return JSONResponse( - ErrorResponse(error="Not allowed").dict(), - status_code=status.HTTP_403_FORBIDDEN, + ErrorResponse(error=str(e)).dict(), status_code=status.HTTP_403_FORBIDDEN ) - return [TableDefinition.parse_obj(table) for table in connector.tables()] + is_admin = check_if_admin_access_token(connector, access_token) + for table in connector.tables(): + td = TableDefinition.parse_obj(table) + if not is_admin: + acl = get_user_permissions_for_table(connector, td.table_name, _user) + if acl != AccessType.READ and acl != AccessType.READ_WRITE: + continue + + tds.append(td) + + return tds @app.post( @@ -425,9 +440,6 @@ async def items( try: is_admin = check_if_admin_access_token(connector, access_token) - if table_info["system"] and not is_admin: - raise Exception("Not allowed") - user, group = get_user_by_access_token(connector, access_token) if not user: raise Exception("Not allowed") @@ -908,13 +920,19 @@ async def createAsset( filename = f"unnamed" filename = f"{token_hex()}_{filename}" + try: + mime = puremagic.from_stream(asset.file, mime=True) + if not mime: + mime = "application/octet-stream" + except: + mime = "application/octet-stream" + asset.file.seek(0) + result: ObjectWriteResult = minioClient.put_object( BUCKET_NAME, filename, data=asset.file, - content_type=( - asset.content_type if asset.content_type else "application/octet-stream" - ), + content_type=mime, length=asset.size, ) if not result: @@ -923,7 +941,7 @@ async def createAsset( status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, ) - ok, e = create_asset(connector, filename, "", str(result.version_id)) + ok, e = create_asset(connector, filename, "", str(result.version_id), mime) if not ok: if e: return JSONResponse( diff --git a/db_models.py b/db_models.py index e2ce0bb..a18ca36 100644 --- a/db_models.py +++ b/db_models.py @@ -108,6 +108,7 @@ ASSETS_TABLE_SCHEMA = [ TextColumnDefinition("name"), TextColumnDefinition("description", default=""), TextColumnDefinition("fid"), + TextColumnDefinition("mime"), TextColumnDefinition("tags", default=""), ] @@ -117,4 +118,5 @@ class Asset(BaseModel): name: str description: str fid: str + mime: str tags: str diff --git a/dba.py b/dba.py index 90f3bf9..f33855b 100644 --- a/dba.py +++ b/dba.py @@ -464,7 +464,7 @@ def drop_table(conn: DBConnector, table_name: str): return False, e -def create_asset(conn: DBConnector, name: str, description: str, fid: str): +def create_asset(conn: DBConnector, name: str, description: str, fid: str, mime: str): try: conn.insertIntoTable( ASSETS_TABLE_NAME, @@ -472,6 +472,7 @@ def create_asset(conn: DBConnector, name: str, description: str, fid: str): "name": name, "description": description, "fid": fid, + "mime": mime, }, ) return True, None