Hello,
I was wondering if anyone knows if it is possible to authenticate a DSS user to a project web app that is both public but they do not have project access to.
I have been using code that looks like this:
@app.route('/authenticate')
def authenticate():
try:
request_headers = dict(request.headers)
# Get the auth of the user performing the request
# If the user is not authenticated, this will raise
client = dataiku.api_client()
auth_info = client.get_auth_info_from_browser_headers(request_headers)
print ("User doing the query is %s" % auth_info["authIdentifier"])
user = list(filter(lambda user: user["login"].lower() == auth_info["authIdentifier"].lower(), client.list_users()))[0]
# Allows only workspace admins to have access to portal
# Get workspace admins list
workspace_admins = dataiku.Dataset('workspace_admins')
workspace_admins_df = workspace_admins.get_dataframe()
fltr_df = workspace_admins_df.loc[workspace_admins_df['admin_username'] == user['login'].lower()]
admin_workspaces_lst = fltr_df.workspace_id.tolist()
if len(admin_workspaces_lst) > 0:
return json.dumps({"status":"ok","data":user['login'].lower()})
else:
# User is not allowed to enter portal
return json.dumps({"status":"ok","data":"forbidden"})
except dataikuapi.utils.DataikuException as err:
return json.dumps({"status":"ok","data":"not_authenticated"})
except Exception as err:
logger.error(traceback.format_exc())
return traceback.format_exc(), 500
For users that don't have project access they see the following error in their browser.
You do not have permission to read-use for dashboard...."
It lists the web app and project name after the "...".
Thank you for your help!
Adam
