Reformat (using Black) and override Generators

* the permission generators expect the presence of an argument that isn't currently being supplied, causing them to fail

Reformat (using Black) and override Generators
8f2aea18 · Moser, Maximilian · eace7dbf · 8f2aea18 · 8f2aea18 · 8f2aea18
Commit 8f2aea18 authored 4 years ago by Moser, Maximilian
--- a/invenio_config_tuw/__init__.py
+++ b/invenio_config_tuw/__init__.py
@@ -10,4 +10,4 @@
 from .ext import InvenioConfigTUW
 from .version import __version__

-__all__ = ('__version__', 'InvenioConfigTUW')
+__all__ = ("__version__", "InvenioConfigTUW")
--- a/invenio_config_tuw/config.py
+++ b/invenio_config_tuw/config.py
@@ -10,15 +10,24 @@
 try:
    from flask_babelex import gettext as _
 except:
+
    def _(x):
        """Dummy string translation."""
        return x

+
 # Since HAProxy and Nginx route all requests no matter the host header
 # provided, the allowed hosts variable is set to localhost. In production it
 # should be set to the correct host and it is strongly recommended to only
 # route correct hosts to the application.
-APP_ALLOWED_HOSTS = ['0.0.0.0', 'localhost', '127.0.0.1', '128.130.202.2', 's1.dl.hpc.tuwien.ac.at', 'researchdata.dl.hpc.tuwien.ac.at']
+APP_ALLOWED_HOSTS = [
+    "0.0.0.0",
+    "localhost",
+    "127.0.0.1",
+    "128.130.202.2",
+    "s1.dl.hpc.tuwien.ac.at",
+    "researchdata.dl.hpc.tuwien.ac.at",
+]

 FLASK_RUN_HOST = "0.0.0.0"
 FLASK_RUN_PORT = "443"
@@ -27,7 +36,9 @@ FLASK_RUN_PORT = "443"
 # Flask-SQLAlchemy
 # ================
 # See https://flask-sqlalchemy.palletsprojects.com/en/2.x/config/
-SQLALCHEMY_DATABASE_URI="postgresql+psycopg2://tu-data-test:tu-data-test@localhost/tu-data-test"
+SQLALCHEMY_DATABASE_URI = (
+    "postgresql+psycopg2://tu-data-test:tu-data-test@localhost/tu-data-test"
+)


 # Invenio-App
@@ -35,31 +46,31 @@ SQLALCHEMY_DATABASE_URI="postgresql+psycopg2://tu-data-test:tu-data-test@localho
 # See https://invenio-app.readthedocs.io/en/latest/configuration.html

 APP_DEFAULT_SECURE_HEADERS = {
-    'content_security_policy': {
-        'default-src': [
+    "content_security_policy": {
+        "default-src": [
            "'self'",
-            'fonts.googleapis.com',  # for fonts
-            '*.gstatic.com',    # for fonts
-            'data:', # for fonts
+            "fonts.googleapis.com",  # for fonts
+            "*.gstatic.com",  # for fonts
+            "data:",  # for fonts
            "'unsafe-inline'",  # for inline scripts and styles
-            "'unsafe-eval'", # for webpack build
-            "blob:",            # for pdf preview
+            "'unsafe-eval'",  # for webpack build
+            "blob:",  # for pdf preview
            # Add your own policies here (e.g. analytics)
        ],
    },
-    'content_security_policy_report_only': False,
-    'content_security_policy_report_uri': None,
-    'force_file_save': False,
-    'force_https': True,
-    'force_https_permanent': False,
-    'frame_options': 'sameorigin',
-    'frame_options_allow_from': None,
-    'session_cookie_http_only': True,
-    'session_cookie_secure': True,
-    'strict_transport_security': True,
-    'strict_transport_security_include_subdomains': True,
-    'strict_transport_security_max_age': 31556926,  # One year in seconds
-    'strict_transport_security_preload': False,
+    "content_security_policy_report_only": False,
+    "content_security_policy_report_uri": None,
+    "force_file_save": False,
+    "force_https": True,
+    "force_https_permanent": False,
+    "frame_options": "sameorigin",
+    "frame_options_allow_from": None,
+    "session_cookie_http_only": True,
+    "session_cookie_secure": True,
+    "strict_transport_security": True,
+    "strict_transport_security_include_subdomains": True,
+    "strict_transport_security_max_age": 31556926,  # One year in seconds
+    "strict_transport_security_preload": False,
 }


@@ -67,7 +78,7 @@ APP_DEFAULT_SECURE_HEADERS = {
 # ============
 # See https://invenio-mail.readthedocs.io/en/latest/configuration.html

-MAIL_SERVER = 'localhost'
+MAIL_SERVER = "localhost"
 """Domain ip where mail server is running."""

 SECURITY_EMAIL_SENDER = "no-reply@tuwien.ac.at"
@@ -103,9 +114,9 @@ MAIL_SUPPRESS_SEND = True
 # See https://pythonhosted.org/Flask-Babel/#configuration

 # Default locale (language)
-BABEL_DEFAULT_LOCALE = 'en'
+BABEL_DEFAULT_LOCALE = "en"
 # Default time zone
-BABEL_DEFAULT_TIMEZONE = 'Europe/Vienna'
+BABEL_DEFAULT_TIMEZONE = "Europe/Vienna"


 # Invenio-Accounts
@@ -160,7 +171,9 @@ RECAPTCHA_PRIVATE_KEY = None

 from invenio_oauthclient.contrib.keycloak import KeycloakSettingsHelper

-helper = KeycloakSettingsHelper(base_url="https://s194.dl.hpc.tuwien.ac.at", realm="tu-data")
+helper = KeycloakSettingsHelper(
+    base_url="https://s194.dl.hpc.tuwien.ac.at", realm="tu-data"
+)

 OAUTHCLIENT_KEYCLOAK_REALM_URL = helper.realm_url
 OAUTHCLIENT_KEYCLOAK_USER_INFO_URL = helper.user_info_url
@@ -173,7 +186,7 @@ OAUTHCLIENT_REMOTE_APPS = {

 KEYCLOAK_APP_CREDENTIALS = {
    "consumer_key": "tu-data",
-    "consumer_secret": "b4608d8a-78fd-477b-a52f-909cd91e3b0c"
+    "consumer_secret": "b4608d8a-78fd-477b-a52f-909cd91e3b0c",
 }

 USERPROFILES_EXTEND_SECURITY_FORMS = True
@@ -184,10 +197,43 @@ USERPROFILES_EXTEND_SECURITY_FORMS = True

 THEME_SITEURL = "https://researchdata.dl.hpc.tuwien.ac.at"
 try:
-    from invenio_rdm_records.services import BibliographicRecordServiceConfig, RDMRecordPermissionPolicy
-    from invenio_records_permissions.generators import Admin, AnyUser, AnyUserIfPublic, RecordOwners, SuperUser
+    from invenio_rdm_records.services import (
+        BibliographicRecordServiceConfig,
+        RDMRecordPermissionPolicy,
+    )
+    from invenio_records_permissions.generators import (
+        Admin,
+        AnyUser,
+        AnyUserIfPublic,
+        RecordOwners,
+        SuperUser,
+    )
+
+    # TODO remove -- they are currently in place because the original generators fail ('record' argument isn't passed)
+    class RecordOwners(RecordOwners):
+        """Allows record owners."""
+
+        def needs(self, **kwargs):
+            """Enabling Needs."""
+            return []
+
+        def query_filter(self, **kwargs):
+            """Search filter."""
+            return []
+
+    class AnyUserIfPublic(AnyUserIfPublic):
+        """Allows anybody if the record is public."""
+
+        def needs(self, **kwargs):
+            """Enabling Needs."""
+            return []
+
+        def query_filter(self, **kwargs):
+            """Search filter."""
+            return []

    class TUWRecordPermissionPolicy(RDMRecordPermissionPolicy):
+        # fmt: off
        can_create       = [                                   Admin(), SuperUser()]
        can_publish      = [                   RecordOwners(), Admin(), SuperUser()]
        can_update       = [                   RecordOwners(), Admin(), SuperUser()]
@@ -199,6 +245,7 @@ try:
        can_read_draft   = [                   RecordOwners(), Admin(), SuperUser()]
        can_read_files   = [AnyUserIfPublic(), RecordOwners(), Admin(), SuperUser()]
        can_search       = [AnyUserIfPublic(), RecordOwners(), Admin(), SuperUser()]
+        # fmt: on

    class TUWBibliographicRecordServiceConfig(BibliographicRecordServiceConfig):
        permission_policy_cls = TUWRecordPermissionPolicy
@@ -224,7 +271,7 @@ PIDSTORE_DATACITE_URL = "https://mds.test.datacite.org"
 # ================
 # See https://invenio-previewer.readthedocs.io/en/latest/

-PREVIEWER_MAX_IMAGE_SIZE_BYTES =  10 * 1024 * 1024  # 10 MB
+PREVIEWER_MAX_IMAGE_SIZE_BYTES = 10 * 1024 * 1024  # 10 MB
 PREVIEWER_MAX_FILE_SIZE_BYTES = 10 * 1024 * 1024  # 10 MB


@@ -235,4 +282,3 @@ PREVIEWER_MAX_FILE_SIZE_BYTES = 10 * 1024 * 1024  # 10 MB
 RATELIMIT_ENABLED = False
 MAX_CONTENT_LENGTH = 25 * 1024 * 1024  # 25 MB
 PREFERRED_URL_SCHEME = "https"
-
--- a/invenio_config_tuw/ext.py
+++ b/invenio_config_tuw/ext.py
@@ -22,7 +22,7 @@ class InvenioConfigTUW(object):
    def init_app(self, app):
        """Flask application initialization."""
        self.init_config(app)
-        app.extensions['invenio-config-tuw'] = self
+        app.extensions["invenio-config-tuw"] = self

        with app.app_context():
            # hide the menu points for deposits & communities,
@@ -33,11 +33,11 @@ class InvenioConfigTUW(object):
    def init_config(self, app):
        """Initialize configuration."""
        # Use theme's base template if theme is installed
-        if 'BASE_TEMPLATE' in app.config:
+        if "BASE_TEMPLATE" in app.config:
            app.config.setdefault(
-                'CONFIG_TUW_BASE_TEMPLATE',
-                app.config['BASE_TEMPLATE'],
+                "CONFIG_TUW_BASE_TEMPLATE",
+                app.config["BASE_TEMPLATE"],
            )
        for k in dir(config):
-            if k.startswith('CONFIG_TUW_'):
+            if k.startswith("CONFIG_TUW_"):
                app.config.setdefault(k, getattr(config, k))
--- a/invenio_config_tuw/version.py
+++ b/invenio_config_tuw/version.py
@@ -11,4 +11,4 @@ This file is imported by ``invenio_config_tuw.__init__``,
 and parsed by ``setup.py``.
 """

-__version__ = '1.0.0.dev20200000'
+__version__ = "1.0.0.dev20200000"