aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-05-29auth: Enable registration of OAuth2 clientsFrederick Muriuki Muriithi
Add UI and code to enable the administrative user to register new OAuth2 clients that can access the API server.
2023-05-29Enable Administrator login on GN3Frederick Muriuki Muriithi
* gn3/auth/authentication/oauth2/views.py: Remove endpoint * gn3/auth/authorisation/users/admin/__init__.py: New admin module * gn3/auth/authorisation/users/admin/ui.py: New admin module * gn3/auth/authorisation/users/admin/views.py: New admin module * gn3/auth/views.py: Use new admin module * gn3/errors.py: Fix linting errors * gn3/templates/login.html: New html template * main.py: Fix linting errors
2023-05-29Move docs to Gemtext repo.Frederick Muriuki Muriithi
2023-05-27Document Use of OAuth2 ClientsFrederick Muriuki Muriithi
* docs/authentication_and_authorisation/oauth2_clients.md: New documentation * gn3/auth/authentication/oauth2/server.py: Raise appropriate error if no client is found. * gn3/auth/authentication/oauth2/views.py: Handle exception in the case where a UI should be presented to the user, rather than presenting the raw JSON response to the user. * gn3/errors.py: Handle any authlib OAuth2Error at the application's top-level * gn3/templates/oauth2/oauth2_error.html: Handle any authlib OAuth2Error at the application's top-level
2023-05-27Add notes on retrieving user IDsFrederick Muriuki Muriithi
2023-05-26Document CLI Utility CommandsFrederick Muriuki Muriithi
Document some CLI utility commands useful for development and for supporting the operation of the GN3 app.
2023-05-25Add some error checks.Frederick Muriuki Muriithi
2023-05-25Script to assign existing data to publicly-visible resourcesFrederick Muriuki Muriithi
A script to assign existing data not assigned to any group to publicly-visible resources.
2023-05-25Set whether resource is publicly viewable on creationFrederick Muriuki Muriithi
2023-05-23auth: Enable user masqueradeFrederick Muriuki Muriithi
Enable users with the appropriate privileges to masquerade as other users by providing an endpoint that provides a new token for the "masqueradee"
2023-05-23Document how to log out information in GN3Frederick Muriuki Muriithi
2023-05-22Use string literal concatenation to make genofile_path line shorterzsloan
2023-05-22Fix quotes when setting genofile_pathzsloan
2023-05-22Fix return typing for get_trait_sample_datazsloan
2023-05-22Change type from 'any' to 'Any'zsloan
2023-05-22Use f-string for setting genofile_pathzsloan
Also set default value for os.environ.get("GENENETWORK_FILES")
2023-05-22Include encoding in open statement to address pylint W1514zsloan
2023-05-22Initialize 'line'; previous pylint complained because line might not be ↵zsloan
initialized (if the genofile was empty, for example)
2023-05-22Use 'with open()' syntaxzsloan
Initialize samplelist variable
2023-05-22Remove unused variable this_datazsloan
2023-05-22Include all samples in trait sample datazsloan
This is necessary in order to allow for editing the values of samples that don't currently have values
2023-05-22Fix sample data CSV query to only fetch distinct sampleszsloan
There's probably a better way to fix this query (it was previously returning each sample twice), but DISTINCT was the easiest way I could come up with
2023-05-22Fix get_trait_sample_data functionzsloan
2023-05-22Fix retrieve_sample_list function to correctly get genofile_pathzsloan
2023-05-22Commit update/insert queries, since they don't seem to be executed otherwise ↵zsloan
after the recent changes to the DB
2023-05-22Add function for retrieving group name (given group ID)zsloan
2023-05-22Add function for retrieving phenotype sample data as dictzsloan
2023-05-22Add function for retrieving samplelist from .geno filezsloan
2023-05-22Make directory at "path" and all intermediate ones.Frederick Muriuki Muriithi
Make the directory at the given path, and any intermediate ones to avoid errors in the indexing code when the directory, or its parent(s) do not exist.
2023-05-19auth: Provide user and resource info in the trait dataFrederick Muriuki Muriithi
Provide the user and resource_id information in each trait's authorisation details to help with linking on the UI end.
2023-05-19auth: Check for json on authorisation endpoint. Add user data.Frederick Muriuki Muriithi
Ensure the authorisation endpoint expects only JSON. Add the user data to the response from the endpoint.
2023-05-18auth: Rename collectionsFrederick Muriuki Muriithi
Enable renaming collections.
2023-05-18auth: user collections: Add and/or remove traits.Frederick Muriuki Muriithi
2023-05-17auth: Delete collections by ID.Frederick Muriuki Muriithi
2023-05-17auth: Import/Delete Anonymous CollectionsFrederick Muriuki Muriithi
Add code to enable the importation/deletion of anonymous collections in the active session to the authenticated user's collections.
2023-05-16auth: View a collection by its ID.Frederick Muriuki Muriithi
2023-05-15collections: Move code to new package. Create new collections.Frederick Muriuki Muriithi
Move the code to a new package. Enable the creation of new collection by both authenticated and anonymous users.
2023-05-12auth: Provide separate endpoint for anonymous collections.Frederick Muriuki Muriithi
2023-05-11auth: Fix bug with migration of user collectionsFrederick Muriuki Muriithi
The code, as written previously had a subtle bug - if the user created a new collection before they had tried accessing their list of collections, the older code would not have migrated the older collections. This commit fixes that by enabling the migration of older collections, whether or not the user has created a collection with their new accounts.
2023-05-10auth: Add the /oauth2/user/collections/list endpointFrederick Muriuki Muriithi
Add an endpoint to list a user's collections. This only works for logged in users.
2023-05-10auth: Only check deliverability of emails at registration.Frederick Muriuki Muriithi
Check only that the email format is correct, but don't bother with the deliverability check during authentication. The deliverability check is done at registration.
2023-05-09auth: Implement "Authorization Code Flow"auth/implement-authorization-code-flowFrederick Muriuki Muriithi
Implement the "Authorization Code Flow" for the authentication of users. * gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and save the authorisation code. * gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the `AuthorisationCode` model * gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo * gn3/auth/authentication/oauth2/server.py: Register the `AuthorisationCodeGrant` grant with the server. * gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint * gn3/templates/base.html: New HTML Templates of authorisation UI * gn3/templates/common-macros.html: New HTML Templates of authorisation UI * gn3/templates/oauth2/authorise-user.html: New HTML Templates of authorisation UI * main.py: Allow both "code" and "token" response types.
2023-04-27auth: Retrieve `system:*` privileges from resource rolesFrederick Muriuki Muriithi
With the assignment of `system:*` privileges to roles, we need to check for their existence when doing authorisation. This commit provides a hack for that, seeing as user groups (and the system itself) are not treated as resources, and therefore the way to fetch the privileges is not entirely consistent.
2023-04-27auth: List also the non-resource privileges the user hasFrederick Muriuki Muriithi
While creating new group roles, enable the listing of non-resource privileges, e.g. `system:group:*` and `system:user:*` that the user has to allow for them to be used in role creation.
2023-04-27auth: Add authorisation checks for role editting.Frederick Muriuki Muriithi
2023-04-27oauth2: Provide missing `user_editable` argument.Frederick Muriuki Muriithi
2023-04-25auth: bug: Provide missing `user_editable` argument.Frederick Muriuki Muriithi
2023-04-25auth: provide `user_editable` flag in dictified outputFrederick Muriuki Muriithi
2023-04-25auth: Roles: Check for editabilityFrederick Muriuki Muriithi
Some roles should not be user-editable, and as such, we need to check before allowing any edits on such roles. This commit makes that possible.
2023-04-24auth: Return the actual privileges for the userFrederick Muriuki Muriithi
Previously, the `oauth2/data/authorisation` endpoint was returning hard-coded values for the privileges assigned to the user for each resource. In this change, we rework to return the actual privileges for the user.