Fix #7344 require premium for sbatch (#7348)

radiasoft · Nov 6, 2024 · a51a4cc · a51a4cc
1 parent cadc5a2
commit a51a4cc
Show file tree

Hide file tree

Showing 8 changed files with 95 additions and 4 deletions.
diff --git a/sirepo/api_auth.py b/sirepo/api_auth.py
@@ -33,6 +33,7 @@ def check_api_call(qcall, func):
         a.REQUIRE_COOKIE_SENTINEL,
         a.REQUIRE_USER,
         a.REQUIRE_ADM,
+        a.REQUIRE_PREMIUM,
     ):
         if not qcall.cookie.has_sentinel():
             raise sirepo.util.SRException("missingCookies", None)
@@ -42,6 +43,8 @@ def check_api_call(qcall, func):
             qcall.auth.require_email_user()
         elif expect == a.REQUIRE_ADM:
             qcall.auth.require_adm()
+        elif expect == a.REQUIRE_PREMIUM:
+            qcall.auth.require_premium()
     elif expect == a.ALLOW_VISITOR:
         pass
     elif expect == a.INTERNAL_TEST:

diff --git a/sirepo/api_perm.py b/sirepo/api_perm.py
@@ -32,6 +32,8 @@ class APIPerm(aenum.Flag):
     REQUIRE_USER = aenum.auto()
     #: only usable on internal test systems
     INTERNAL_TEST = aenum.auto()
+    #: a user with a a premium subscription is required
+    REQUIRE_PREMIUM = aenum.auto()
 
 
 #: A user can access APIs decorated with these permissions even if they don't have the role

diff --git a/sirepo/auth/__init__.py b/sirepo/auth/__init__.py
@@ -517,6 +517,10 @@ def require_email_user(self):
         if m != METHOD_EMAIL:
             raise sirepo.util.Forbidden(f"method={m} is not email for uid={i}")
 
+    def require_premium(self):
+        if not self.is_premium_user():
+            raise sirepo.util.Forbidden(f"not premium user")
+
     def require_user(self):
         """Asserts whether user is logged in
 

diff --git a/sirepo/job_api.py b/sirepo/job_api.py
@@ -211,7 +211,7 @@ async def api_runStatus(self):
         # runStatus receives models when an animation status if first queried
         return await self._request_api(_request_content=self._request_content(PKDict()))
 
-    @sirepo.quest.Spec("require_user")
+    @sirepo.quest.Spec("require_premium")
     async def api_sbatchLogin(self):
         r = self._request_content(
             PKDict(computeJobHash="unused", jobRunMode=sirepo.job.SBATCH),
@@ -221,7 +221,7 @@ async def api_sbatchLogin(self):
         r.pkdel("data")
         return await self._request_api(_request_content=r)
 
-    @sirepo.quest.Spec("require_user")
+    @sirepo.quest.Spec("require_premium")
     async def api_sbatchLoginStatus(self):
         return await self._request_api(
             _request_content=self._request_content(

diff --git a/sirepo/package_data/static/en/plans.html b/sirepo/package_data/static/en/plans.html
@@ -0,0 +1,69 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <meta http-equiv="X-UA-Compatible" content="ie=edge">
+  <link rel="shortcut icon" href="/static/img/favicon.ico">
+  <link rel="icon" type="image/png" href="/static/img/favicon.png">
+  <link rel="apple-touch-icon" href="/static/img/favicon.png">
+  <title>RadiaSoft</title>
+  <link href="/static/css/ext/bootstrap-3.3.7.min.css" rel="stylesheet">
+  <link href="/en/css/landing.css" rel="stylesheet">
+  <script src="/static/js/ext/jquery-2.2.4.min.js"></script>
+  <script src="/static/js/ext/bootstrap-3.3.7.min.js"></script>
+</head>
+<body class="landing">
+  <div class="header-strip"></div>
+  <div class="max-width-container">
+    <header>
+      <nav class="navbar navbar-static-top main-nav">
+        <a class="home-link" href="/">
+          <img src="/en/img/sirepo-by-radiasoft-logo.png" class="logo" alt="Sirepo" />
+        </a>
+      </nav>
+    </header>
+
+    <main>
+      <section class="content-block intro">
+        <div class="row">
+          <div class="col-lg-8 center-block intro-content">
+            <h2>Sirepo Plans</h2>
+            <p>
+              You are running a private instance of sirepo.
+              <br/>
+              <a href="https://www.apache.org/licenses/LICENSE-2.0"> license </a>
+            </p>
+          </div>
+          <section style="background: white;" >
+            <br/>
+            <h3 style="margin: 1em;">Sirepo Plans</h3>
+            <p>You should only see this page if you are developing Sirepo.</p>
+          </section>
+        </div>
+      </section>
+    </main>
+
+    <footer>
+      <div class="row">
+        <div class="col-lg-12 center-block footer-content">
+          <img class="footer-sirepo" src="/en/img/sirepo-logo-white.png" alt="Sirepo" />
+
+          <nav class="footer-nav">
+            <ul>
+              <li><a href="https://radiasoft.net">RadiaSoft Home</a></li>
+            </ul>
+          </nav>
+
+          <div class="footer-radiasoft">
+            <img src="/en/img/radiasoft-logo-white.png" alt="RadiaSoft" />
+            <p>
+              &copy;2022 RadiaSoft
+            </p>
+          </div>
+        </div>
+      </div>
+    </footer>
+  </div>
+</body>
+</html>
diff --git a/sirepo/package_data/static/js/sirepo-components.js b/sirepo/package_data/static/js/sirepo-components.js
@@ -4757,7 +4757,11 @@ SIREPO.app.directive('sbatchLoginModal', function() {
                     <button data-ng-click="cancel()" type="button" class="close" data-ng-disabled="! sbatchLoginService.query('showLogin')"><span>&times;</span></button>
                     </div>
                     <div class="modal-body">
-                        <form name="sbatchLoginModalForm">
+                        <div data-ng-show="! authState.isPremiumUser()" class="alert alert-warning" role="alert">
+                        <h4 class="alert-heading"><b>Please upgrade</b></h4>
+                        <p>Supercomputer and HPC services are only available with <a data-ng-href="{{ plansUrl }}" target="_blank">one of our paid plans</a>.</p>
+                        </div>
+                        <form name="sbatchLoginModalForm" data-ng-show="authState.isPremiumUser()">
                             <div class="sr-input-warning">{{ warning }}</div>
                             <div class="form-group">
                                 <input type="text" class="form-control" name="username" placeholder="username" autocomplete="username" data-ng-model="username" />
@@ -4793,6 +4797,7 @@ SIREPO.app.directive('sbatchLoginModal', function() {
 
 	    _resetLoginFormText();
 	    $scope.authState = authState;
+            $scope.plansUrl = SIREPO.APP_SCHEMA.constants.plansUrl;
 	    $scope.sbatchLoginService = sbatchLoginService;
 
             $scope.cancel = () => {

diff --git a/sirepo/package_data/static/js/sirepo.js b/sirepo/package_data/static/js/sirepo.js
@@ -303,6 +303,14 @@ SIREPO.app.factory('authState', function(appDataService, appState, errorService,
         controller.warningText = 'Server reported an error, please contact support@radiasoft.net.';
     };
 
+    self.isPremiumUser = function() {
+        if (! self.paymentPlan) {
+            throw new Error("isPremiumUser: user not logged in");
+        }
+        // positive test (vs just testing 'basic')
+        return ['enterprise', 'premium'].indexOf(self.paymentPlan) >= 0;
+    };
+
     self.paymentPlanName = function() {
         return SIREPO.APP_SCHEMA.constants.paymentPlans[self.paymentPlan];
     };

diff --git a/sirepo/package_data/static/json/schema-common.json b/sirepo/package_data/static/json/schema-common.json
@@ -222,7 +222,7 @@
                 "enterprise": "Sirepo Enterprise",
                 "premium": "Sirepo Professional"
             },
-            "plansUrl": "/en/plans.html",
+            "plansUrl": "/plans",
             "simulationSourceExtension": "py"
         },
         "cookies": {