e8ffc5e45bd8e8de9f1c78347ea6b11fd4817a40 chmalee Mon Dec 2 12:37:53 2024 -0800 Generate api keys for each user and store them in hgcentral.hubSpaceKeys diff --git src/hg/hgHubConnect/hooks/pre-finish.c src/hg/hgHubConnect/hooks/pre-finish.c index 4822096..0361107 100644 --- src/hg/hgHubConnect/hooks/pre-finish.c +++ src/hg/hgHubConnect/hooks/pre-finish.c @@ -5,30 +5,31 @@ #include "common.h" #include "linefile.h" #include "hash.h" #include "options.h" #include "wikiLink.h" #include "customTrack.h" #include "userdata.h" #include "jsonQuery.h" #include "jsHelper.h" #include "errCatch.h" #include "obscure.h" #include "hooklib.h" #include "jksql.h" #include "hdb.h" #include "hubSpace.h" +#include "hubSpaceKeys.h" #include "md5.h" #include "cheapcgi.h" void usage() /* Explain usage and exit. */ { errAbort( "pre-finish - tus daemon pre-finish hook program\n" "usage:\n" " pre-finish < input\n" ); } /* Command line validation table. */ static struct optionSpec options[] = { @@ -67,38 +68,39 @@ char *reqLm = NULL; time_t lastModified = 0; char *parentDir = NULL; struct lineFile *lf = lineFileStdin(FALSE); char *request = lineFileReadAll(lf); struct jsonElement *req = jsonParse(request); fprintf(stderr, "Hook request:\n"); jsonPrintToFile(req, NULL, stderr, 0); char *reqCookie= jsonQueryString(req, "", "Event.HTTPRequest.Header.Cookie[0]", NULL); if (reqCookie) { setenv("HTTP_COOKIE", reqCookie, 0); } fprintf(stderr, "reqCookie='%s'\n", reqCookie); - userName = (loginSystemEnabled() || wikiLinkEnabled()) ? wikiLinkUserName() : NULL; - fprintf(stderr, "userName='%s'\n'", userName); + userName = getUserName(); if (!userName) { + // maybe an apiKey was provided, use that instead to look up the userName + char *apiKey = jsonQueryString(req, "", "Event.Upload.MetaData.apiKey", NULL); + userName = userNameForApiKey(apiKey); errAbort("not logged in"); } - else - { + fprintf(stderr, "userName='%s'\n'", userName); // NOTE: All Upload.MetaData values are strings fileName = cgiEncodeFull(jsonQueryString(req, "", "Event.Upload.MetaData.fileName", NULL)); fileSize = jsonQueryInt(req, "", "Event.Upload.Size", 0, NULL); fileType = jsonQueryString(req, "", "Event.Upload.MetaData.fileType", NULL); db = jsonQueryString(req, "", "Event.Upload.MetaData.genome", NULL); reqLm = jsonQueryString(req, "", "Event.Upload.MetaData.lastModified", NULL); lastModified = sqlLongLong(reqLm) / 1000; // yes Javascript dates are in millis parentDir = jsonQueryString(req, "", "Event.Upload.MetaData.parentDir", NULL); fprintf(stderr, "parentDir = '%s'\n", parentDir); fflush(stderr); // strip out plain leading '.' and '/' components // middle '.' components are dealt with later if (startsWith("./", parentDir) || startsWith("/", parentDir)) parentDir = skipBeyondDelimit(parentDir, '/'); fprintf(stderr, "parentDir = '%s'\n", parentDir); @@ -144,31 +146,30 @@ fprintf(stderr, "making directory '%s'\n", dataDir); // the directory needs to be 777, so ignore umask for now oldUmask = umask(0); makeDirsOnPath(dataDir); // restore umask umask(oldUmask); } copyFile(tusFile, dyStringContents(newFile)); // the files definitely should not be executable! chmod(dyStringContents(newFile), 0666); mustRemove(tusFile); mustRemove(tusInfo); dyStringCannibalize(&newFile); } } - } // we've passed all the checks so we can write a new or updated row // to the mysql table and return to the client that we were successful if (exitStatus == 0) { // create a hub for this upload, which can be edited later createNewTempHubForUpload(reqId, userName, db, fileName, fileType, parentDir); fprintf(stderr, "added hub.txt and hubSpace row for hub for file: '%s'\n", fileName); fflush(stderr); struct hubSpace *row = NULL; AllocVar(row); row->userName = userName; row->fileName = fileName; row->fileSize = fileSize; row->fileType = fileType;