diff options
Diffstat (limited to 'gn3/auth/authorisation/resources')
| -rw-r--r-- | gn3/auth/authorisation/resources/data.py | 182 | ||||
| -rw-r--r-- | gn3/auth/authorisation/resources/models.py | 62 | ||||
| -rw-r--r-- | gn3/auth/authorisation/resources/views.py | 108 |
3 files changed, 83 insertions, 269 deletions
diff --git a/gn3/auth/authorisation/resources/data.py b/gn3/auth/authorisation/resources/data.py deleted file mode 100644 index 93b8e1d..0000000 --- a/gn3/auth/authorisation/resources/data.py +++ /dev/null @@ -1,182 +0,0 @@ -"""Handles the resource objects' data.""" -from typing import Any, Sequence - -from MySQLdb.cursors import DictCursor - -from gn3 import db_utils as gn3db -from gn3.auth import db as authdb -from gn3.auth.authorisation.groups import Group -from gn3.auth.authorisation.checks import authorised_p -from gn3.auth.authorisation.errors import InvalidData, NotFoundError - -def __fetch_grouped_data__( - conn: authdb.DbConnection, dataset_type: str) -> Sequence[dict[str, Any]]: - """Retrieve ids for all data that are linked to groups in the auth db.""" - with authdb.cursor(conn) as cursor: - cursor.execute( - "SELECT dataset_type, dataset_or_trait_id FROM linked_group_data " - "WHERE LOWER(dataset_type)=?", - (dataset_type,)) - return tuple(dict(row) for row in cursor.fetchall()) - -def __fetch_ungrouped_mrna_data__( - conn: gn3db.Connection, grouped_data, - offset: int = 0) -> Sequence[dict]: - """Fetch ungrouped mRNA Assay data.""" - query = ("SELECT psf.Id, psf.Name, psf.FullName, " - "ifiles.GN_AccesionId AS accession_id FROM ProbeSetFreeze AS psf " - "INNER JOIN InfoFiles AS ifiles ON psf.Name=ifiles.InfoPageName") - params: tuple[Any, ...] = tuple() - if bool(grouped_data): - clause = ", ".join(["%s"] * len(grouped_data)) - query = f"{query} WHERE psf.Id NOT IN ({clause})" - params = tuple(item["dataset_or_trait_id"] for item in grouped_data) - - query = f"{query} LIMIT 100 OFFSET %s" - with conn.cursor(DictCursor) as cursor: - cursor.execute(query, (params + (offset,))) - return tuple(dict(row) for row in cursor.fetchall()) - -def __fetch_ungrouped_geno_data__( - conn: gn3db.Connection, grouped_data, - offset: int = 0) -> Sequence[dict]: - """Fetch ungrouped Genotype data.""" - query = ("SELECT gf.Id, gf.Name, gf.FullName, " - "ifiles.GN_AccesionId AS accession_id FROM GenoFreeze AS gf " - "INNER JOIN InfoFiles AS ifiles ON gf.Name=ifiles.InfoPageName") - params: tuple[Any, ...] = tuple() - if bool(grouped_data): - clause = ", ".join(["%s"] * len(grouped_data)) - query = f"{query} WHERE gf.Id NOT IN ({clause})" - params = tuple(item["dataset_or_trait_id"] for item in grouped_data) - - query = f"{query} LIMIT 100 OFFSET %s" - with conn.cursor(DictCursor) as cursor: - cursor.execute(query, (params + (offset,))) - return tuple(dict(row) for row in cursor.fetchall()) - -def __fetch_ungrouped_pheno_data__( - conn: gn3db.Connection, grouped_data, - offset: int = 0) -> Sequence[dict]: - """Fetch ungrouped Phenotype data.""" - query = ("SELECT pf.Id, pf.Name, pf.FullName, " - "ifiles.GN_AccesionId AS accession_id FROM PublishFreeze AS pf " - "INNER JOIN InfoFiles AS ifiles ON pf.Name=ifiles.InfoPageName") - params: tuple[Any, ...] = tuple() - if bool(grouped_data): - clause = ", ".join(["%s"] * len(grouped_data)) - query = f"{query} WHERE pf.Id NOT IN ({clause})" - params = tuple(item["dataset_or_trait_id"] for item in grouped_data) - - query = f"{query} LIMIT 100 OFFSET %s" - with conn.cursor(DictCursor) as cursor: - cursor.execute(query, (params + (offset,))) - return tuple(dict(row) for row in cursor.fetchall()) - -def __fetch_ungrouped_data__( - conn: gn3db.Connection, dataset_type: str, - ungrouped: Sequence[dict[str, Any]]) -> Sequence[dict[str, Any]]: - """Fetch any ungrouped data.""" - fetch_fns = { - "mrna": __fetch_ungrouped_mrna_data__, - "genotype": __fetch_ungrouped_geno_data__, - "phenotype": __fetch_ungrouped_pheno_data__ - } - return fetch_fns[dataset_type](conn, ungrouped) - -@authorised_p(("system:data:link-to-group",), - error_description=( - "You do not have sufficient privileges to link data to (a) " - "group(s)."), - oauth2_scope="profile group resource") -def retrieve_ungrouped_data( - authconn: authdb.DbConnection, - gn3conn: gn3db.Connection, - dataset_type: str) -> Sequence[dict]: - """Retrieve any data not linked to any group.""" - if dataset_type not in ("mrna", "genotype", "phenotype"): - raise InvalidData( - "Requested dataset type is invalid. Expected one of " - "'mrna', 'genotype' or 'phenotype'.") - grouped_data = __fetch_grouped_data__(authconn, dataset_type) - return __fetch_ungrouped_data__(gn3conn, dataset_type, grouped_data) - -def __fetch_mrna_data_by_id__(conn: gn3db.Connection, dataset_id: str) -> dict: - """Fetch mRNA Assay data by ID.""" - with conn.cursor(DictCursor) as cursor: - cursor.execute( - "SELECT psf.Id, psf.Name, psf.FullName, " - "ifiles.GN_AccesionId AS accession_id FROM ProbeSetFreeze AS psf " - "INNER JOIN InfoFiles AS ifiles ON psf.Name=ifiles.InfoPageName " - "WHERE psf.Id=%s", - (dataset_id,)) - res = cursor.fetchone() - if res: - return dict(res) - raise NotFoundError("Could not find mRNA Assay data with the given ID.") - -def __fetch_geno_data_by_id__(conn: gn3db.Connection, dataset_id: str) -> dict: - """Fetch genotype data by ID.""" - with conn.cursor(DictCursor) as cursor: - cursor.execute( - "SELECT gf.Id, gf.Name, gf.FullName, " - "ifiles.GN_AccesionId AS accession_id FROM GenoFreeze AS gf " - "INNER JOIN InfoFiles AS ifiles ON gf.Name=ifiles.InfoPageName " - "WHERE gf.Id=%s", - (dataset_id,)) - res = cursor.fetchone() - if res: - return dict(res) - raise NotFoundError("Could not find Genotype data with the given ID.") - -def __fetch_pheno_data_by_id__(conn: gn3db.Connection, dataset_id: str) -> dict: - """Fetch phenotype data by ID.""" - with conn.cursor(DictCursor) as cursor: - cursor.execute( - "SELECT pf.Id, pf.Name, pf.FullName, " - "ifiles.GN_AccesionId AS accession_id FROM PublishFreeze AS pf " - "INNER JOIN InfoFiles AS ifiles ON pf.Name=ifiles.InfoPageName " - "WHERE pf.Id=%s", - (dataset_id,)) - res = cursor.fetchone() - if res: - return dict(res) - raise NotFoundError( - "Could not find Phenotype/Publish data with the given ID.") - -def __fetch_data_by_id( - conn: gn3db.Connection, dataset_type: str, dataset_id: str) -> dict: - """Fetch data from MySQL by ID.""" - fetch_fns = { - "mrna": __fetch_mrna_data_by_id__, - "genotype": __fetch_geno_data_by_id__, - "phenotype": __fetch_pheno_data_by_id__ - } - return fetch_fns[dataset_type](conn, dataset_id) - -@authorised_p(("system:data:link-to-group",), - error_description=( - "You do not have sufficient privileges to link data to (a) " - "group(s)."), - oauth2_scope="profile group resource") -def link_data_to_group( - authconn: authdb.DbConnection, gn3conn: gn3db.Connection, - dataset_type: str, dataset_id: str, group: Group) -> dict: - """Link the given data to the specified group.""" - the_data = __fetch_data_by_id(gn3conn, dataset_type, dataset_id) - with authdb.cursor(authconn) as cursor: - params = { - "group_id": str(group.group_id), "dataset_type": { - "mrna": "mRNA", "genotype": "Genotype", - "phenotype": "Phenotype" - }[dataset_type], - "dataset_or_trait_id": dataset_id, "dataset_name": the_data["Name"], - "dataset_fullname": the_data["FullName"], - "accession_id": the_data["accession_id"] - } - cursor.execute( - "INSERT INTO linked_group_data VALUES" - "(:group_id, :dataset_type, :dataset_or_trait_id, :dataset_name, " - ":dataset_fullname, :accession_id)", - params) - return params diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py index c15463c..40e12ba 100644 --- a/gn3/auth/authorisation/resources/models.py +++ b/gn3/auth/authorisation/resources/models.py @@ -2,11 +2,13 @@ import json import sqlite3 from uuid import UUID, uuid4 +from functools import partial from typing import Any, Dict, Sequence, NamedTuple from gn3.auth import db from gn3.auth.dictify import dictify from gn3.auth.authentication.users import User +from gn3.auth.db_utils import with_db_connection from .checks import authorised_for @@ -262,3 +264,63 @@ def resource_by_id( bool(int(row["public"])))) raise NotFoundError(f"Could not find a resource with id '{resource_id}'") + +def __link_mrna_data_to_resource__( + conn: db.DbConnection, resource: Resource, dataset_id: str) -> dict: + """Link mRNA Assay data with a resource.""" + with db.cursor(conn) as cursor: + params = { + "group_id": str(resource.group.group_id), + "resource_id": str(resource.resource_id), + "dataset_type": "mRNA", + "dataset_id": dataset_id + } + cursor.execute( + "INSERT INTO mrna_resources VALUES" + "(:group_id, :resource_id, :dataset_type, :dataset_id)", + params) + return params + +def __link_geno_data_to_resource__( + conn: db.DbConnection, resource: Resource, dataset_id: str) -> dict: + """Link Genotype data with a resource.""" + with db.cursor(conn) as cursor: + params = { + "group_id": str(resource.group.group_id), + "resource_id": str(resource.resource_id), + "dataset_type": "Genotype", + "trait_id": dataset_id + } + cursor.execute( + "INSERT INTO genotype_resources VALUES" + "(:group_id, :resource_id, :dataset_type, :trait_id)", + params) + return params + +def __link_pheno_data_to_resource__( + conn: db.DbConnection, resource: Resource, dataset_id: str) -> dict: + """Link Phenotype data with a resource.""" + with db.cursor(conn) as cursor: + params = { + "group_id": str(resource.group.group_id), + "resource_id": str(resource.resource_id), + "dataset_type": "Phenotype", + "trait_id": dataset_id + } + cursor.execute( + "INSERT INTO phenotype_resources VALUES" + "(:group_id, :resource_id, :dataset_type, :trait_id)", + params) + return params + +def link_data_to_resource( + conn: db.DbConnection, user: User, resource_id: UUID, dataset_type: str, + dataset_id: str): + """Link data to resource.""" + resource = with_db_connection(partial( + resource_by_id, user=user, resource_id=resource_id)) + return { + "mrna": __link_mrna_data_to_resource__, + "genotype": __link_geno_data_to_resource__, + "phenotype": __link_pheno_data_to_resource__, + }[dataset_type.lower()](conn, resource, dataset_id) diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py index e373182..b2773a8 100644 --- a/gn3/auth/authorisation/resources/views.py +++ b/gn3/auth/authorisation/resources/views.py @@ -1,19 +1,15 @@ """The views/routes for the resources package""" import uuid -from functools import partial from flask import request, jsonify, Response, Blueprint, current_app as app -from gn3 import db_utils as gn3dbutils from gn3.auth.db_utils import with_db_connection -from .data import link_data_to_group, retrieve_ungrouped_data from .models import ( - resource_by_id, resource_categories, resource_category_by_id, - create_resource as _create_resource) + resource_by_id, resource_categories, link_data_to_resource, + resource_category_by_id, create_resource as _create_resource) -from ..errors import InvalidData, AuthorisationError -from ..groups.models import user_group, DUMMY_GROUP, group_by_id +from ..errors import InvalidData from ... import db from ...dictify import dictify @@ -56,86 +52,24 @@ def view_resource(resource_id: uuid.UUID) -> Response: return jsonify(dictify(resource_by_id( conn, the_token.user, resource_id))) -@resources.route("/<string:resource_type>/unlinked-data") -@require_oauth("profile group resource") -def unlinked_data(resource_type: str) -> Response: - """View data linked to the group but not linked to any resource.""" - if resource_type not in ("all", "mrna", "genotype", "phenotype"): - raise AuthorisationError(f"Invalid resource type {resource_type}") - - with require_oauth.acquire("profile group resource") as the_token: - db_uri = app.config["AUTH_DB"] - with db.connection(db_uri) as conn, db.cursor(conn) as cursor: - ugroup = user_group(cursor, the_token.user).maybe(# type: ignore[misc] - DUMMY_GROUP, lambda grp: grp) - if ugroup == DUMMY_GROUP: - return jsonify(tuple()) - type_filter = { - "all": "", - "mrna": 'WHERE dataset_type="mRNA"', - "genotype": 'WHERE dataset_type="Genotype"', - "phenotype": 'WHERE dataset_type="Phenotype"' - }[resource_type] - - except_filter = ( - "SELECT group_id, dataset_type, " - "dataset_id AS dataset_or_trait_id FROM mrna_resources " - "UNION " - "SELECT group_id, dataset_type, " - "trait_id AS dataset_or_trait_id FROM genotype_resources " - "UNION " - "SELECT group_id, dataset_type, " - "trait_id AS dataset_or_trait_id FROM phenotype_resources") - - ids_query = ("SELECT group_id, dataset_type, dataset_or_trait_id " - "FROM linked_group_data " - f"{type_filter} " - f"EXCEPT {except_filter} ") - cursor.execute(ids_query) - ids = cursor.fetchall() - - if ids: - clause = ", ".join(["(?, ?, ?)"] * len(ids)) - data_query = ( - "SELECT * FROM linked_group_data " - "WHERE (group_id, dataset_type, dataset_or_trait_id) " - f"IN (VALUES {clause})") - params = tuple(item for sublist in - ((row[0], row[1], row[2]) for row in ids) - for item in sublist) - cursor.execute(data_query, params) - return jsonify(tuple(dict(row) for row in cursor.fetchall())) - - return jsonify(tuple()) - -@resources.route("/<string:dataset_type>/ungrouped-data", methods=["GET"]) -@require_oauth("profile group resource") -def ungrouped_data(dataset_type: str) -> Response: - """View data not linked to any group.""" - if dataset_type not in ("all", "mrna", "genotype", "phenotype"): - raise AuthorisationError(f"Invalid dataset type {dataset_type}") - - with require_oauth.acquire("profile group resource") as _the_token: - with gn3dbutils.database_connection() as gn3conn: - return jsonify(with_db_connection(partial( - retrieve_ungrouped_data, gn3conn=gn3conn, - dataset_type=dataset_type))) - @resources.route("/data/link", methods=["POST"]) @require_oauth("profile group resource") -def link_data() -> Response: - """Link selected data to specified group.""" - with require_oauth.acquire("profile group resource") as _the_token: +def link_data(): + """Link group data to a specific resource.""" + try: form = request.form - group_id = uuid.UUID(form["group_id"]) - dataset_id = form["dataset_id"] - dataset_type = form.get("dataset_type") - if dataset_type not in ("mrna", "genotype", "phenotype"): - raise InvalidData("Unexpected dataset type requested!") - def __link__(conn: db.DbConnection): - group = group_by_id(conn, group_id) - with gn3dbutils.database_connection() as gn3conn: - return link_data_to_group( - conn, gn3conn, dataset_type, dataset_id, group) - - return jsonify(with_db_connection(__link__)) + assert "resource_id" in form, "Resource ID not provided." + assert "dataset_id" in form, "Dataset ID not provided." + assert "dataset_type" in form, "Dataset type not specified" + assert form["dataset_type"].lower() in ( + "mrna", "genotype", "phenotype"), "Invalid dataset type provided." + + with require_oauth.acquire("profile group resource") as the_token: + def __link__(conn: db.DbConnection): + return link_data_to_resource( + conn, the_token.user, uuid.UUID(form["resource_id"]), + form["dataset_type"], form["dataset_id"]) + + return jsonify(with_db_connection(__link__)) + except AssertionError as aserr: + raise InvalidData(aserr.args[0]) from aserr |