From c0eca9469d4433c89958568c3ae1f2f156b00d51 Mon Sep 17 00:00:00 2001 From: Gordon Krieger Date: Mon, 4 Dec 2023 18:28:59 +0000 Subject: [PATCH] correct handling for individual records by id --- bento_beacon/endpoints/individuals.py | 12 ++++++++++-- bento_beacon/utils/exceptions.py | 6 ++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/bento_beacon/endpoints/individuals.py b/bento_beacon/endpoints/individuals.py index df116aa..2f6b71a 100644 --- a/bento_beacon/endpoints/individuals.py +++ b/bento_beacon/endpoints/individuals.py @@ -28,6 +28,7 @@ ) from ..utils.search import biosample_id_search from ..utils.handover_utils import handover_for_ids +from ..utils.exceptions import NotFoundException individuals = Blueprint("individuals", __name__) @@ -122,11 +123,18 @@ def individuals_full_results(ids): return result_sets, numTotalResults +# forbidden / unauthorized if no permissions @individuals.route("/individuals/", methods=['GET', 'POST']) @authz_middleware.deco_require_permissions_on_resource({P_QUERY_DATA}) def individual_by_id(id): - # forbidden / unauthorized if no permissions - return beacon_result_set_response([id], 1) + result_sets, numTotalResults = individuals_full_results([id]) + + # return 404 if not found + # only authorized users will get 404 here, so this can't be used to probe ids + if not result_sets: + raise NotFoundException() + + return beacon_result_set_response(result_sets, numTotalResults) # ------------------------------------------------------- diff --git a/bento_beacon/utils/exceptions.py b/bento_beacon/utils/exceptions.py index 26f2603..9ea7bc0 100644 --- a/bento_beacon/utils/exceptions.py +++ b/bento_beacon/utils/exceptions.py @@ -21,3 +21,9 @@ def __init__(self, message="Invalid query", status_code=400): self.message = message self.status_code = status_code + +class NotFoundException(APIException): + def __init__(self, message="Not found", status_code=404): + super().__init__() + self.message = message + self.status_code = status_code