Hello,
I was wondering if anyone knows if it is possible to authenticate a DSS user to a project web app that is both public but they do not have project access to.
I have been using code that looks like this:
@app.route('/authenticate')
def authenticate():
try:
request_headers = dict(request.headers)
# Get the auth of the user performing the request
# If the user is not authenticated, this will raise
client = dataiku.api_client()
auth_info = client.get_auth_info_from_browser_headers(request_headers)
print ("User doing the query is %s" % auth_info["authIdentifier"])
user = list(filter(lambda user: user["login"].lower() == auth_info["authIdentifier"].lower(), client.list_users()))[0]
# Allows only workspace admins to have access to portal
# Get workspace admins list
workspace_admins = dataiku.Dataset('workspace_admins')
workspace_admins_df = workspace_admins.get_dataframe()
fltr_df = workspace_admins_df.loc[workspace_admins_df['admin_username'] == user['login'].lower()]
admin_workspaces_lst = fltr_df.workspace_id.tolist()
if len(admin_workspaces_lst) > 0:
return json.dumps({"status":"ok","data":user['login'].lower()})
else:
# User is not allowed to enter portal
return json.dumps({"status":"ok","data":"forbidden"})
except dataikuapi.utils.DataikuException as err:
return json.dumps({"status":"ok","data":"not_authenticated"})
except Exception as err:
logger.error(traceback.format_exc())
return traceback.format_exc(), 500
For users that don't have project access they see the following error in their browser.
You do not have permission to read-use for dashboard...."
It lists the web app and project name after the "...".
Thank you for your help!
Adam
The error that the user receives by the way appears to be from Dataiku itself. It's error type is
"errorType":"com.dataiku.dip.exceptions.UnauthorizedException"