diff options
Diffstat (limited to 'gn3/auth/authorisation')
-rw-r--r-- | gn3/auth/authorisation/groups/data.py (renamed from gn3/auth/authorisation/resources/data.py) | 0 | ||||
-rw-r--r-- | gn3/auth/authorisation/groups/views.py | 93 | ||||
-rw-r--r-- | gn3/auth/authorisation/resources/models.py | 62 | ||||
-rw-r--r-- | gn3/auth/authorisation/resources/views.py | 108 |
4 files changed, 173 insertions, 90 deletions
diff --git a/gn3/auth/authorisation/resources/data.py b/gn3/auth/authorisation/groups/data.py index 93b8e1d..93b8e1d 100644 --- a/gn3/auth/authorisation/resources/data.py +++ b/gn3/auth/authorisation/groups/data.py diff --git a/gn3/auth/authorisation/groups/views.py b/gn3/auth/authorisation/groups/views.py index d3710f6..d21466c 100644 --- a/gn3/auth/authorisation/groups/views.py +++ b/gn3/auth/authorisation/groups/views.py @@ -6,15 +6,18 @@ from functools import partial from flask import request, jsonify, Response, Blueprint, current_app from gn3.auth import db +from gn3 import db_utils as gn3dbutils + from gn3.auth.dictify import dictify from gn3.auth.db_utils import with_db_connection +from .data import link_data_to_group, retrieve_ungrouped_data from .models import ( - user_group, all_groups, join_requests, GroupCreationError, - accept_reject_join_request, group_users as _group_users, + user_group, all_groups, DUMMY_GROUP, group_by_id, join_requests, + GroupCreationError, accept_reject_join_request, group_users as _group_users, create_group as _create_group) -from ..errors import AuthorisationError +from ..errors import InvalidData, AuthorisationError from ...authentication.users import User from ...authentication.oauth2.resource_server import require_oauth @@ -128,3 +131,87 @@ def reject_join_requests() -> Response: return jsonify(with_db_connection(partial( accept_reject_join_request, request_id=request_id, user=the_token.user, status="REJECTED"))) + +@groups.route("/<string:resource_type>/unlinked-data") +@require_oauth("profile group resource") +def unlinked_data(resource_type: str) -> Response: + """View data linked to the group but not linked to any resource.""" + if resource_type not in ("all", "mrna", "genotype", "phenotype"): + raise AuthorisationError(f"Invalid resource type {resource_type}") + + with require_oauth.acquire("profile group resource") as the_token: + db_uri = current_app.config["AUTH_DB"] + with db.connection(db_uri) as conn, db.cursor(conn) as cursor: + ugroup = user_group(cursor, the_token.user).maybe(# type: ignore[misc] + DUMMY_GROUP, lambda grp: grp) + if ugroup == DUMMY_GROUP: + return jsonify(tuple()) + type_filter = { + "all": "", + "mrna": 'WHERE dataset_type="mRNA"', + "genotype": 'WHERE dataset_type="Genotype"', + "phenotype": 'WHERE dataset_type="Phenotype"' + }[resource_type] + + except_filter = ( + "SELECT group_id, dataset_type, " + "dataset_id AS dataset_or_trait_id FROM mrna_resources " + "UNION " + "SELECT group_id, dataset_type, " + "trait_id AS dataset_or_trait_id FROM genotype_resources " + "UNION " + "SELECT group_id, dataset_type, " + "trait_id AS dataset_or_trait_id FROM phenotype_resources") + + ids_query = ("SELECT group_id, dataset_type, dataset_or_trait_id " + "FROM linked_group_data " + f"{type_filter} " + f"EXCEPT {except_filter} ") + cursor.execute(ids_query) + ids = cursor.fetchall() + + if ids: + clause = ", ".join(["(?, ?, ?)"] * len(ids)) + data_query = ( + "SELECT * FROM linked_group_data " + "WHERE (group_id, dataset_type, dataset_or_trait_id) " + f"IN (VALUES {clause})") + params = tuple(item for sublist in + ((row[0], row[1], row[2]) for row in ids) + for item in sublist) + cursor.execute(data_query, params) + return jsonify(tuple(dict(row) for row in cursor.fetchall())) + + return jsonify(tuple()) + +@groups.route("/<string:dataset_type>/ungrouped-data", methods=["GET"]) +@require_oauth("profile group resource") +def ungrouped_data(dataset_type: str) -> Response: + """View data not linked to any group.""" + if dataset_type not in ("all", "mrna", "genotype", "phenotype"): + raise AuthorisationError(f"Invalid dataset type {dataset_type}") + + with require_oauth.acquire("profile group resource") as _the_token: + with gn3dbutils.database_connection() as gn3conn: + return jsonify(with_db_connection(partial( + retrieve_ungrouped_data, gn3conn=gn3conn, + dataset_type=dataset_type))) + +@groups.route("/data/link", methods=["POST"]) +@require_oauth("profile group resource") +def link_data() -> Response: + """Link selected data to specified group.""" + with require_oauth.acquire("profile group resource") as _the_token: + form = request.form + group_id = uuid.UUID(form["group_id"]) + dataset_id = form["dataset_id"] + dataset_type = form.get("dataset_type") + if dataset_type not in ("mrna", "genotype", "phenotype"): + raise InvalidData("Unexpected dataset type requested!") + def __link__(conn: db.DbConnection): + group = group_by_id(conn, group_id) + with gn3dbutils.database_connection() as gn3conn: + return link_data_to_group( + conn, gn3conn, dataset_type, dataset_id, group) + + return jsonify(with_db_connection(__link__)) diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py index c15463c..40e12ba 100644 --- a/gn3/auth/authorisation/resources/models.py +++ b/gn3/auth/authorisation/resources/models.py @@ -2,11 +2,13 @@ import json import sqlite3 from uuid import UUID, uuid4 +from functools import partial from typing import Any, Dict, Sequence, NamedTuple from gn3.auth import db from gn3.auth.dictify import dictify from gn3.auth.authentication.users import User +from gn3.auth.db_utils import with_db_connection from .checks import authorised_for @@ -262,3 +264,63 @@ def resource_by_id( bool(int(row["public"])))) raise NotFoundError(f"Could not find a resource with id '{resource_id}'") + +def __link_mrna_data_to_resource__( + conn: db.DbConnection, resource: Resource, dataset_id: str) -> dict: + """Link mRNA Assay data with a resource.""" + with db.cursor(conn) as cursor: + params = { + "group_id": str(resource.group.group_id), + "resource_id": str(resource.resource_id), + "dataset_type": "mRNA", + "dataset_id": dataset_id + } + cursor.execute( + "INSERT INTO mrna_resources VALUES" + "(:group_id, :resource_id, :dataset_type, :dataset_id)", + params) + return params + +def __link_geno_data_to_resource__( + conn: db.DbConnection, resource: Resource, dataset_id: str) -> dict: + """Link Genotype data with a resource.""" + with db.cursor(conn) as cursor: + params = { + "group_id": str(resource.group.group_id), + "resource_id": str(resource.resource_id), + "dataset_type": "Genotype", + "trait_id": dataset_id + } + cursor.execute( + "INSERT INTO genotype_resources VALUES" + "(:group_id, :resource_id, :dataset_type, :trait_id)", + params) + return params + +def __link_pheno_data_to_resource__( + conn: db.DbConnection, resource: Resource, dataset_id: str) -> dict: + """Link Phenotype data with a resource.""" + with db.cursor(conn) as cursor: + params = { + "group_id": str(resource.group.group_id), + "resource_id": str(resource.resource_id), + "dataset_type": "Phenotype", + "trait_id": dataset_id + } + cursor.execute( + "INSERT INTO phenotype_resources VALUES" + "(:group_id, :resource_id, :dataset_type, :trait_id)", + params) + return params + +def link_data_to_resource( + conn: db.DbConnection, user: User, resource_id: UUID, dataset_type: str, + dataset_id: str): + """Link data to resource.""" + resource = with_db_connection(partial( + resource_by_id, user=user, resource_id=resource_id)) + return { + "mrna": __link_mrna_data_to_resource__, + "genotype": __link_geno_data_to_resource__, + "phenotype": __link_pheno_data_to_resource__, + }[dataset_type.lower()](conn, resource, dataset_id) diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py index e373182..b2773a8 100644 --- a/gn3/auth/authorisation/resources/views.py +++ b/gn3/auth/authorisation/resources/views.py @@ -1,19 +1,15 @@ """The views/routes for the resources package""" import uuid -from functools import partial from flask import request, jsonify, Response, Blueprint, current_app as app -from gn3 import db_utils as gn3dbutils from gn3.auth.db_utils import with_db_connection -from .data import link_data_to_group, retrieve_ungrouped_data from .models import ( - resource_by_id, resource_categories, resource_category_by_id, - create_resource as _create_resource) + resource_by_id, resource_categories, link_data_to_resource, + resource_category_by_id, create_resource as _create_resource) -from ..errors import InvalidData, AuthorisationError -from ..groups.models import user_group, DUMMY_GROUP, group_by_id +from ..errors import InvalidData from ... import db from ...dictify import dictify @@ -56,86 +52,24 @@ def view_resource(resource_id: uuid.UUID) -> Response: return jsonify(dictify(resource_by_id( conn, the_token.user, resource_id))) -@resources.route("/<string:resource_type>/unlinked-data") -@require_oauth("profile group resource") -def unlinked_data(resource_type: str) -> Response: - """View data linked to the group but not linked to any resource.""" - if resource_type not in ("all", "mrna", "genotype", "phenotype"): - raise AuthorisationError(f"Invalid resource type {resource_type}") - - with require_oauth.acquire("profile group resource") as the_token: - db_uri = app.config["AUTH_DB"] - with db.connection(db_uri) as conn, db.cursor(conn) as cursor: - ugroup = user_group(cursor, the_token.user).maybe(# type: ignore[misc] - DUMMY_GROUP, lambda grp: grp) - if ugroup == DUMMY_GROUP: - return jsonify(tuple()) - type_filter = { - "all": "", - "mrna": 'WHERE dataset_type="mRNA"', - "genotype": 'WHERE dataset_type="Genotype"', - "phenotype": 'WHERE dataset_type="Phenotype"' - }[resource_type] - - except_filter = ( - "SELECT group_id, dataset_type, " - "dataset_id AS dataset_or_trait_id FROM mrna_resources " - "UNION " - "SELECT group_id, dataset_type, " - "trait_id AS dataset_or_trait_id FROM genotype_resources " - "UNION " - "SELECT group_id, dataset_type, " - "trait_id AS dataset_or_trait_id FROM phenotype_resources") - - ids_query = ("SELECT group_id, dataset_type, dataset_or_trait_id " - "FROM linked_group_data " - f"{type_filter} " - f"EXCEPT {except_filter} ") - cursor.execute(ids_query) - ids = cursor.fetchall() - - if ids: - clause = ", ".join(["(?, ?, ?)"] * len(ids)) - data_query = ( - "SELECT * FROM linked_group_data " - "WHERE (group_id, dataset_type, dataset_or_trait_id) " - f"IN (VALUES {clause})") - params = tuple(item for sublist in - ((row[0], row[1], row[2]) for row in ids) - for item in sublist) - cursor.execute(data_query, params) - return jsonify(tuple(dict(row) for row in cursor.fetchall())) - - return jsonify(tuple()) - -@resources.route("/<string:dataset_type>/ungrouped-data", methods=["GET"]) -@require_oauth("profile group resource") -def ungrouped_data(dataset_type: str) -> Response: - """View data not linked to any group.""" - if dataset_type not in ("all", "mrna", "genotype", "phenotype"): - raise AuthorisationError(f"Invalid dataset type {dataset_type}") - - with require_oauth.acquire("profile group resource") as _the_token: - with gn3dbutils.database_connection() as gn3conn: - return jsonify(with_db_connection(partial( - retrieve_ungrouped_data, gn3conn=gn3conn, - dataset_type=dataset_type))) - @resources.route("/data/link", methods=["POST"]) @require_oauth("profile group resource") -def link_data() -> Response: - """Link selected data to specified group.""" - with require_oauth.acquire("profile group resource") as _the_token: +def link_data(): + """Link group data to a specific resource.""" + try: form = request.form - group_id = uuid.UUID(form["group_id"]) - dataset_id = form["dataset_id"] - dataset_type = form.get("dataset_type") - if dataset_type not in ("mrna", "genotype", "phenotype"): - raise InvalidData("Unexpected dataset type requested!") - def __link__(conn: db.DbConnection): - group = group_by_id(conn, group_id) - with gn3dbutils.database_connection() as gn3conn: - return link_data_to_group( - conn, gn3conn, dataset_type, dataset_id, group) - - return jsonify(with_db_connection(__link__)) + assert "resource_id" in form, "Resource ID not provided." + assert "dataset_id" in form, "Dataset ID not provided." + assert "dataset_type" in form, "Dataset type not specified" + assert form["dataset_type"].lower() in ( + "mrna", "genotype", "phenotype"), "Invalid dataset type provided." + + with require_oauth.acquire("profile group resource") as the_token: + def __link__(conn: db.DbConnection): + return link_data_to_resource( + conn, the_token.user, uuid.UUID(form["resource_id"]), + form["dataset_type"], form["dataset_id"]) + + return jsonify(with_db_connection(__link__)) + except AssertionError as aserr: + raise InvalidData(aserr.args[0]) from aserr |