-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: ensure transfers can occur between non-HA mapped collections by triggering incremental-like authorization for data_access scope. #67
base: main
Are you sure you want to change the base?
Conversation
…triggering incremental-like authorization for data_access scope.
001e43e
to
0ccba54
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall I think this is an okay approach. Might ask Kurt or Josh though if you want an expert's view
) and not destination['non_functional'] and not is_share | ||
|
||
if is_non_ha_mapped: | ||
data_access_scope = "https://auth.globus.org/scopes/" + destination["id"] + "/data_access" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A lot of this string concatenation stuff can be cleaned up using python f-strings
def retry_transfer(): | ||
transfer_data = session['_inflight_transfer'] | ||
return transfer_datasets(transfer_data) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this actually retrying or is this to handle the redirect back from auth after doing the consent flow?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably less of a retry and more of a first attempt after realizing we need an authorization hop... maybe process_inflight_transfer()
is more explicit?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I think that name is a better description of the function
Thanks for this! I was able to get my portal working with v5 endpoints using this. Would love to see this merged, maybe with a migration/update guide in the readme for those of us who have only been following the v5 changes from a distance. I did have to add |
Non-HA, Mapped Collections will require an additional
data_access
scope before a transfer can be successfully be initiated. This code change will trigger a redirect to Globus Auth for the additional required scope (on it's own, and as a dependent of the portal scope) and retry the transfer when a user selects a Non-HA, Mapped Collection on the Globus Helper page.