sartography
/
spiff-arena
mirror of https://github.com/sartography/spiff-arena.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added config to specify the absolute path to a permissions yaml file so a different one can be set outside of the app repo w/ burnettk

This commit is contained in:
jasquat 2023-05-04 14:44:24 -04:00
parent 5debe44391
commit c5d7a87e61
4 changed files with 17 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
spiffworkflow-backend/src/spiffworkflow_backend/config/__init__.py
View File

@ -88,18 +88,18 @@ def setup_config(app: Flask) -> None:
else: else:
app.config.from_pyfile(f"{app.instance_path}/config.py", silent=True) app.config.from_pyfile(f"{app.instance_path}/config.py", silent=True)
app.config["PERMISSIONS_FILE_FULLPATH"] = None if app.config["SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_ABSOLUTE_PATH"] is None:
permissions_file_name = app.config["SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME"] permissions_file_name = app.config["SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME"]
if permissions_file_name is not None: if permissions_file_name is not None:
app.config["PERMISSIONS_FILE_FULLPATH"] = os.path.join( app.config["SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_ABSOLUTE_PATH"] = os.path.join(
app.root_path, app.root_path,
"config", "config",
"permissions", "permissions",
permissions_file_name, permissions_file_name,
) )
print(f"base_permissions: loaded permissions file: {permissions_file_name}") print(f"base_permissions: loaded permissions file: {permissions_file_name}")
else: else:
print("base_permissions: no permissions file loaded") print("base_permissions: no permissions file loaded")
# unversioned (see .gitignore) config that can override everything and include secrets. # unversioned (see .gitignore) config that can override everything and include secrets.
# src/spiffworkflow_backend/config/secrets.py # src/spiffworkflow_backend/config/secrets.py

3
spiffworkflow-backend/src/spiffworkflow_backend/config/default.py
View File

@ -78,6 +78,9 @@ SPIFFWORKFLOW_BACKEND_ENCRYPTION_LIB = environ.get(
SPIFFWORKFLOW_BACKEND_LOG_TO_FILE = environ.get("SPIFFWORKFLOW_BACKEND_LOG_TO_FILE", default="false") == "true" SPIFFWORKFLOW_BACKEND_LOG_TO_FILE = environ.get("SPIFFWORKFLOW_BACKEND_LOG_TO_FILE", default="false") == "true"
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_ABSOLUTE_PATH = environ.get(
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_ABSOLUTE_PATH"
)
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get("SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME") SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get("SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME")
# Sentry Configuration # Sentry Configuration

2
spiffworkflow-backend/src/spiffworkflow_backend/routes/openid_blueprint/openid_blueprint.py
View File

@ -141,7 +141,7 @@ def get_users() -> Any:
"""Load users from a local configuration file.""" """Load users from a local configuration file."""
global permission_cache global permission_cache
if not permission_cache: if not permission_cache:
with open(current_app.config["PERMISSIONS_FILE_FULLPATH"]) as file: with open(current_app.config["SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_ABSOLUTE_PATH"]) as file:
permission_cache = yaml.safe_load(file) permission_cache = yaml.safe_load(file)
if "users" in permission_cache: if "users" in permission_cache:
return permission_cache["users"] return permission_cache["users"]

2
spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py
View File

@ -197,7 +197,7 @@ class AuthorizationService:
) )
permission_configs = None permission_configs = None
with open(current_app.config["PERMISSIONS_FILE_FULLPATH"]) as file: with open(current_app.config["SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_ABSOLUTE_PATH"]) as file:
permission_configs = yaml.safe_load(file) permission_configs = yaml.safe_load(file)
default_group = None default_group = None