Skip to content

Feat(Auth): Display public data if user not auth#188

Open
arnaudfnr wants to merge 6 commits into
mainfrom
arnaudfnr/add_public_map_endpoint
Open

Feat(Auth): Display public data if user not auth#188
arnaudfnr wants to merge 6 commits into
mainfrom
arnaudfnr/add_public_map_endpoint

Conversation

@arnaudfnr

Copy link
Copy Markdown
Collaborator

As a an unauthenticated user, I only have access to public data.
When I login, the map diplsays confidential data.

Futher to come:

In the next PR, only data according to user's project will be displayed.

Capture.video.du.2026-07-11.11-54-27.mp4

@arnaudfnr
arnaudfnr marked this pull request as ready for review July 11, 2026 09:58
Comment thread backend/maps/views.py
Comment thread backend/maps/views.py Outdated


def get_map(user):
return map if user.is_authenticated else public_map No newline at end of file

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So it means that public layers/data should be duplicated in both config.json and public_config.json ?

From a coordo consumer PoV, I would expect either

  • to have a "public" attribute directly on the layer and still one config.json
  • to have a "merger" that allows backend side to create a map from both public and "private" configs (so that what is in public does not need to be copied in the private config)
public_config_path = settings.BASE_DIR / "configs" / "public_config.json"
config_path = settings.BASE_DIR / "configs" / "config.json"

public_map = Map.from_file(public_config_path)
map = Map.from_files(public_config_path, config_path)  # from_files allow to specify multiple JSON files)

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How to know what is public data and private data ? This depends on the data itself. In All4trees case, there is the 'conf' field in form data that allows us to know.
I added a second config.json just to add a line 'filter' on each layer to filter out data with conf=0 (i.e private data). This filter could certainly be added at runtime, though.

@david-bretaud-dev david-bretaud-dev left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One suggestion/improvement to make config files declaration easier, but I have no vision on Coordo side (so no blocker to get the approval)

@arnaudfnr
arnaudfnr force-pushed the arnaudfnr/add_public_map_endpoint branch from 9b22638 to 4c20e9d Compare July 13, 2026 13:09
@arnaudfnr
arnaudfnr force-pushed the arnaudfnr/add_public_map_endpoint branch from 4c20e9d to 66d1e44 Compare July 15, 2026 15:14
Comment thread backend/configs/public_config.json Outdated
@@ -0,0 +1,210 @@
{

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't it be deleted ?

}
},
{
"id": "seed",

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we remove from config.json the seed layers then ?
And rename config.json to all4trees_config.json ?

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seed layers have already been removed because there is now a bug when importing seed data in coordo

Comment thread backend/maps/views.py
user_map = copy(map)
if user.is_authenticated:
project = user.project
if (project.lower() != ADMIN_PROJECT):

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't it be an equal ? I want to apply the filter on project when the user is part of the project

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope, admin project, means all4trees, ike Cathalijne, which will have a visibility on all associative projects.

Comment thread backend/maps/views.py
return DatapackageManager(request).remove_foreign_key()


def get_map(user):

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This makes the endpoint definitely "all4trees only", maybe let's reflect in the naming of the methods (get_all4trees_map)

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's why I separated seed and all4trees.

@david-bretaud-dev david-bretaud-dev left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I approve to not block you, however I think we need to think of what we want to do with the backend, which direction we want to take on the separation between all4trees and seed.

Here we are kind of in-between an agnostic approach (seed gets its own config file) but hardcoding stuff that matches all4trees only (only authenticated users regarding all4trees).

Would be nice to clarify with the team what is the strategy:

  1. We do all the endpoints and configs with "hardcoded" config for all4trees (init step), then when ready we can introduce tenant-oriented endpoints and make only the end of the flow agnostic (getting the map and applying filters)
  2. We do directly clear distinction between what is agnostic vs what is tenant-oriented (but doing stuff only for all4trees), e.g. getting the map for all 4 trees with all4trees filters should be on an "all4trees" endpoint=>
    data4trees.services.d4g.fr/api/maps/all4trees/style.json

@arnaudfnr

arnaudfnr commented Jul 18, 2026

Copy link
Copy Markdown
Collaborator Author

I approve to not block you, however I think we need to think of what we want to do with the backend, which direction we want to take on the separation between all4trees and seed.

Here we are kind of in-between an agnostic approach (seed gets its own config file) but hardcoding stuff that matches all4trees only (only authenticated users regarding all4trees).

Would be nice to clarify with the team what is the strategy:

  1. We do all the endpoints and configs with "hardcoded" config for all4trees (init step), then when ready we can introduce tenant-oriented endpoints and make only the end of the flow agnostic (getting the map and applying filters)
  2. We do directly clear distinction between what is agnostic vs what is tenant-oriented (but doing stuff only for all4trees), e.g. getting the map for all 4 trees with all4trees filters should be on an "all4trees" endpoint=>
    data4trees.services.d4g.fr/api/maps/all4trees/style.json

you're right, bu we don't have any news from Seed, therefore I don't know if we will end the project for them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants