diff --git a/sirepo/api_auth.py b/sirepo/api_auth.py index 065446e8f2..ab484d77d9 100644 --- a/sirepo/api_auth.py +++ b/sirepo/api_auth.py @@ -33,6 +33,7 @@ def check_api_call(qcall, func): a.REQUIRE_COOKIE_SENTINEL, a.REQUIRE_USER, a.REQUIRE_ADM, + a.REQUIRE_PREMIUM, ): if not qcall.cookie.has_sentinel(): raise sirepo.util.SRException("missingCookies", None) @@ -42,6 +43,8 @@ def check_api_call(qcall, func): qcall.auth.require_email_user() elif expect == a.REQUIRE_ADM: qcall.auth.require_adm() + elif expect == a.REQUIRE_PREMIUM: + qcall.auth.require_premium() elif expect == a.ALLOW_VISITOR: pass elif expect == a.INTERNAL_TEST: diff --git a/sirepo/api_perm.py b/sirepo/api_perm.py index f5d39e0ed6..1c28eb750b 100644 --- a/sirepo/api_perm.py +++ b/sirepo/api_perm.py @@ -32,6 +32,8 @@ class APIPerm(aenum.Flag): REQUIRE_USER = aenum.auto() #: only usable on internal test systems INTERNAL_TEST = aenum.auto() + #: a user with a a premium subscription is required + REQUIRE_PREMIUM = aenum.auto() #: A user can access APIs decorated with these permissions even if they don't have the role diff --git a/sirepo/auth/__init__.py b/sirepo/auth/__init__.py index d9ecbffba0..a521abcb1d 100644 --- a/sirepo/auth/__init__.py +++ b/sirepo/auth/__init__.py @@ -517,6 +517,10 @@ def require_email_user(self): if m != METHOD_EMAIL: raise sirepo.util.Forbidden(f"method={m} is not email for uid={i}") + def require_premium(self): + if not self.is_premium_user(): + raise sirepo.util.Forbidden(f"not premium user") + def require_user(self): """Asserts whether user is logged in diff --git a/sirepo/job_api.py b/sirepo/job_api.py index 5780758ee6..f103f3441e 100644 --- a/sirepo/job_api.py +++ b/sirepo/job_api.py @@ -211,7 +211,7 @@ async def api_runStatus(self): # runStatus receives models when an animation status if first queried return await self._request_api(_request_content=self._request_content(PKDict())) - @sirepo.quest.Spec("require_user") + @sirepo.quest.Spec("require_premium") async def api_sbatchLogin(self): r = self._request_content( PKDict(computeJobHash="unused", jobRunMode=sirepo.job.SBATCH), @@ -221,7 +221,7 @@ async def api_sbatchLogin(self): r.pkdel("data") return await self._request_api(_request_content=r) - @sirepo.quest.Spec("require_user") + @sirepo.quest.Spec("require_premium") async def api_sbatchLoginStatus(self): return await self._request_api( _request_content=self._request_content( diff --git a/sirepo/package_data/static/en/plans.html b/sirepo/package_data/static/en/plans.html new file mode 100644 index 0000000000..937920ba26 --- /dev/null +++ b/sirepo/package_data/static/en/plans.html @@ -0,0 +1,69 @@ + + + + + + + + + + RadiaSoft + + + + + + +
+
+
+ +
+ +
+
+
+
+

Sirepo Plans

+

+ You are running a private instance of sirepo. +
+ license +

+
+
+
+

Sirepo Plans

+

You should only see this page if you are developing Sirepo.

+
+
+
+
+ + +
+ + diff --git a/sirepo/package_data/static/js/sirepo-components.js b/sirepo/package_data/static/js/sirepo-components.js index 896a6a4072..6d38f0baa9 100644 --- a/sirepo/package_data/static/js/sirepo-components.js +++ b/sirepo/package_data/static/js/sirepo-components.js @@ -4757,7 +4757,11 @@ SIREPO.app.directive('sbatchLoginModal', function() {
-
+ +
{{ warning }}
@@ -4793,6 +4797,7 @@ SIREPO.app.directive('sbatchLoginModal', function() { _resetLoginFormText(); $scope.authState = authState; + $scope.plansUrl = SIREPO.APP_SCHEMA.constants.plansUrl; $scope.sbatchLoginService = sbatchLoginService; $scope.cancel = () => { diff --git a/sirepo/package_data/static/js/sirepo.js b/sirepo/package_data/static/js/sirepo.js index 190ddfe85a..4807260c68 100644 --- a/sirepo/package_data/static/js/sirepo.js +++ b/sirepo/package_data/static/js/sirepo.js @@ -303,6 +303,14 @@ SIREPO.app.factory('authState', function(appDataService, appState, errorService, controller.warningText = 'Server reported an error, please contact support@radiasoft.net.'; }; + self.isPremiumUser = function() { + if (! self.paymentPlan) { + throw new Error("isPremiumUser: user not logged in"); + } + // positive test (vs just testing 'basic') + return ['enterprise', 'premium'].indexOf(self.paymentPlan) >= 0; + }; + self.paymentPlanName = function() { return SIREPO.APP_SCHEMA.constants.paymentPlans[self.paymentPlan]; }; diff --git a/sirepo/package_data/static/json/schema-common.json b/sirepo/package_data/static/json/schema-common.json index 0a1ec195de..27cec16054 100644 --- a/sirepo/package_data/static/json/schema-common.json +++ b/sirepo/package_data/static/json/schema-common.json @@ -222,7 +222,7 @@ "enterprise": "Sirepo Enterprise", "premium": "Sirepo Professional" }, - "plansUrl": "/en/plans.html", + "plansUrl": "/plans", "simulationSourceExtension": "py" }, "cookies": {