From fcdf8aac87d96a3d369ba493c4a971bdd118a2e4 Mon Sep 17 00:00:00 2001 From: lukepereira Date: Fri, 8 Mar 2024 10:20:48 -0500 Subject: [PATCH] fix(website): allow unauthenticated users to view datasets (#1263) --- .../main/kotlin/org/loculus/backend/config/SecurityConfig.kt | 3 +++ website/src/pages/datasets/[datasetId].astro | 4 ---- website/src/services/datasetCitationApi.ts | 3 --- website/src/utils/shouldMiddlewareEnforceLogin.ts | 2 +- 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/backend/src/main/kotlin/org/loculus/backend/config/SecurityConfig.kt b/backend/src/main/kotlin/org/loculus/backend/config/SecurityConfig.kt index 13d2c0a9e..e19ea358d 100644 --- a/backend/src/main/kotlin/org/loculus/backend/config/SecurityConfig.kt +++ b/backend/src/main/kotlin/org/loculus/backend/config/SecurityConfig.kt @@ -50,6 +50,9 @@ class SecurityConfig { private val getEndpointsThatArePublic = arrayOf( "/data-use-terms/*", + "/get-dataset", + "/get-dataset-records", + "get-dataset-cited-by-publication", ) @Bean diff --git a/website/src/pages/datasets/[datasetId].astro b/website/src/pages/datasets/[datasetId].astro index 00fec946b..a15112165 100644 --- a/website/src/pages/datasets/[datasetId].astro +++ b/website/src/pages/datasets/[datasetId].astro @@ -7,7 +7,6 @@ import { getRuntimeConfig } from '../../config'; import BaseLayout from '../../layouts/BaseLayout.astro'; import { DatasetCitationClient } from '../../services/datasetCitationClient.ts'; import type { Dataset } from '../../types/datasetCitation'; -import { createAuthorizationHeader } from '../../utils/createAuthorizationHeader.ts'; import { getAccessToken } from '../../utils/getAccessToken'; const clientConfig = getRuntimeConfig().public; @@ -20,17 +19,14 @@ const datasetClient = DatasetCitationClient.create(); const datasetResponse = (await datasetClient.call('getDataset', { params: { datasetId, version }, - headers: createAuthorizationHeader(accessToken), })) as any; const datasetRecordsResponse = (await datasetClient.call('getDatasetRecords', { params: { datasetId, version }, - headers: createAuthorizationHeader(accessToken), })) as any; const datasetCitedByResponse = (await datasetClient.call('getDatasetCitedBy', { params: { datasetId, version }, - headers: createAuthorizationHeader(accessToken), })) as any; const getDatasetByVersion = (datasetVersions: Dataset[], version: string) => { diff --git a/website/src/services/datasetCitationApi.ts b/website/src/services/datasetCitationApi.ts index 0f44cef3a..f503f42e6 100644 --- a/website/src/services/datasetCitationApi.ts +++ b/website/src/services/datasetCitationApi.ts @@ -26,7 +26,6 @@ const getDatasetCitedByEndpoint = makeEndpoint({ method: 'get', path: '/get-dataset-cited-by-publication?datasetId=:datasetId&version=:version', alias: 'getDatasetCitedBy', - parameters: [authorizationHeader], response: citedByResult, errors: [notAuthorizedError], }); @@ -35,7 +34,6 @@ const getDatasetEndpoint = makeEndpoint({ method: 'get', path: '/get-dataset?datasetId=:datasetId&version=:version', alias: 'getDataset', - parameters: [authorizationHeader], response: datasets, errors: [notAuthorizedError], }); @@ -44,7 +42,6 @@ const getDatasetRecordsEndpoint = makeEndpoint({ method: 'get', path: '/get-dataset-records?datasetId=:datasetId&version=:version', alias: 'getDatasetRecords', - parameters: [authorizationHeader], response: datasetRecords, errors: [notAuthorizedError], }); diff --git a/website/src/utils/shouldMiddlewareEnforceLogin.ts b/website/src/utils/shouldMiddlewareEnforceLogin.ts index 468dc616c..38d28605b 100644 --- a/website/src/utils/shouldMiddlewareEnforceLogin.ts +++ b/website/src/utils/shouldMiddlewareEnforceLogin.ts @@ -10,7 +10,7 @@ function getEnforcedLoginRoutes(configuredOrganisms: string[]) { enforcedLoginRoutesCache[cacheKey] = [ new RegExp('^/user/?'), - new RegExp(`^/datasets/?`), + new RegExp(`^/datasets\/?$`), ...organismSpecificRoutes, ]; }