Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error on import if home directory isn't writable #10

Closed
PeterJCLaw opened this issue Jan 30, 2019 · 1 comment
Closed

Error on import if home directory isn't writable #10

PeterJCLaw opened this issue Jan 30, 2019 · 1 comment
Assignees
@tswast
Labels
type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.

Comments

@PeterJCLaw
Copy link

Hi,

I'm using this library via https://github.com/pydata/pandas-gbq.

As a result of the way that _get_default_credentials_path works, when pydata-google-auth is imported it will error if the user's home directory is not writeable. As this happens on import there appears to be no way for the user to avoid this, even if they do not intend to use the library to write to disk (including not using any of the credentials caches).

This makes the library hard to use in restricted environments, including those which might not have accessible writeable space.

The easiest reproduction is to override $HOME to something non-writeable:

$ HOME=/root python -c 'import pydata_google_auth'
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/home/peter/.virtualenvs/styleme/lib/python3.5/site-packages/pydata_google_auth/__init__.py", line 2, in <module>
    from .auth import default
  File "/home/peter/.virtualenvs/styleme/lib/python3.5/site-packages/pydata_google_auth/auth.py", line 16, in <module>
    from pydata_google_auth import cache
  File "/home/peter/.virtualenvs/styleme/lib/python3.5/site-packages/pydata_google_auth/cache.py", line 233, in <module>
    READ_WRITE = ReadWriteCredentialsCache()
  File "/home/peter/.virtualenvs/styleme/lib/python3.5/site-packages/pydata_google_auth/cache.py", line 165, in __init__
    self._path = _get_default_credentials_path(_DIRNAME, _FILENAME)
  File "/home/peter/.virtualenvs/styleme/lib/python3.5/site-packages/pydata_google_auth/cache.py", line 37, in _get_default_credentials_path
    os.makedirs(config_path)
  File "/home/peter/.virtualenvs/styleme/lib/python3.5/os.py", line 231, in makedirs
    makedirs(head, mode, exist_ok)
  File "/home/peter/.virtualenvs/styleme/lib/python3.5/os.py", line 241, in makedirs
    mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/root/.config'

Fixing #7 might help with this, though ideally it would be possible to use the library without it requiring disk access at all.
@PeterJCLaw PeterJCLaw mentioned this issue Jan 30, 2019
Closed
@tswast tswast added type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns. help wanted labels Jan 30, 2019
@tswast
Copy link
Collaborator

tswast commented Jan 30, 2019

Thanks for pointing this out! Yeah, that's definitely a bug that it fails at import time.

I do intend for this library to be useful without disk access. It should (but obviously doesn't right now) fail gracefully if it cannot write to the cache directory for credentials.

I think the fix we should do in this case is not have any side effects like creating a directory in _get_default_credentials_path. Instead, the directory should be created when the credentials are saved to disk.

@tswast tswast self-assigned this Feb 1, 2019
@tswast tswast mentioned this issue Feb 1, 2019
Merged
@tswast tswast closed this as completed in #11 Feb 1, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tswast tswast

Labels
type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tswast @PeterJCLaw