Exporter: Fix Executing as Non-Root User

The TokenStore class checked access when initializing. When running the exporter as non-root user with a Hub, that has authentication disabled, then access to the token store is not necessary. This is the case for the tutorial.
holesch · Aug 16, 2024 · b3e5813 · b3e5813
1 parent fdb2a6d
commit b3e5813
Showing 1 changed file with 10 additions and 8 deletions.
diff --git a/not_my_board/_auth/_login.py b/not_my_board/_auth/_login.py
@@ -17,6 +17,9 @@ def __init__(self, hub_url, http_client, token_store_path):
         self._show_claims = None
         self._token_store = _TokenStore(token_store_path)
 
+        # fail early, if user doesn't have permission
+        self._token_store.check_access()
+
     async def _context_stack(self, stack):
         url = f"{self._hub_url}/api/v1/auth-info"
         auth_info = await self._http.get_json(url)
@@ -114,16 +117,15 @@ async def get_id_token(self):
 
 class _TokenStore(util.ContextStack):
     def __init__(self, path_str=None):
-        path = pathlib.Path(path_str)
-
-        if not path.exists():
-            path.parent.mkdir(parents=True, exist_ok=True)
-            path.touch(mode=0o600)
+        self._path = pathlib.Path(path_str)
 
-        if not os.access(path, os.R_OK | os.W_OK):
-            raise RuntimeError(f"Not allowed to access {path}")
+    def check_access(self):
+        if not self._path.exists():
+            self._path.parent.mkdir(parents=True, exist_ok=True)
+            self._path.touch(mode=0o600)
 
-        self._path = path
+        if not os.access(self._path, os.R_OK | os.W_OK):
+            raise RuntimeError(f"Not allowed to access {self._path}")
 
     async def _context_stack(self, stack):
         self._f = stack.enter_context(self._path.open("r+"))