Age | Commit message (Collapse) | Author |
|
Setting the scope as a list of strings was leading to errors when attempting
to logout. This commit leaves the scope as a string to avoid the errors.
|
|
Stop treating not finding a group for a user as an error, since that is an
actual expected state in the system at some point. Rather, restore the use of
Maybe rather than using Either.
We can raise the NotFoundError at the API level rather than at database
retrival level.
|
|
|
|
Refactor to use the `.either` method call in a cleaner way.
Rework the imports.
|
|
Add endpoint to retrieve the group in which the user is a member.
|
|
|
|
Define a Protocol type to use with the `dictify` function and implement the
`dictify` methods for the various classes.
|
|
To allow for different error codes for the various exceptions, store the
error_code in the exception objects and retrieve it from there when generating
the response.
|
|
|
|
* gn3/api/search.py (parse_location_field): Use decimals, not floats, when
converting to megabases.
|
|
* gn3/api/search.py (parse_position_field): New function.
(parse_query): Associate the position prefix with the parse_position_field
field processor.
|
|
* gn3/api/search.py (parse_position): New function.
(parse_location_field): Use parse_position.
* tests/unit/test_search.py: Import parse_position from gn3.api.search.
(test_parse_position_close_to_zero_location): New test.
|
|
* gn3/api/search.py (parse_query): Alias the position prefix with pos.
|
|
* gn3/api/search.py (parse_query): Rename the mb prefix to position.
|
|
* gn3/api/search.py (query_subqueries, query_terms, parse_synteny_field,
is_synteny_on, remove_synteny_field): Delete functions.
(parse_query): Assume triplets mean synteny is requested.
|
|
* gn3/api/search.py (parse_location_field): Use comprehension.
|
|
|
|
* gn3/auth/authorisation/checks.py: Enable passing user to authorisation
checking function. Raise error on authorisation failure for consistent error
handling.
* gn3/auth/authorisation/groups.py: Add user to group, updating the privileges
as appropriate.
* gn3/auth/authorisation/resources.py: Fix resources querying
* gn3/auth/authorisation/roles.py: Assign/revoke roles by name
* gn3/auth/authorisation/views.py: Create group
* migrations/auth/20221108_01_CoxYh-create-the-groups-table.py: Add
group_metadata field
* tests/unit/auth/fixtures/group_fixtures.py: fix tests
* tests/unit/auth/test_groups.py: fix tests
* tests/unit/auth/test_resources.py: fix tests
* tests/unit/auth/test_roles.py: fix tests
|
|
|
|
|
|
|
|
|
|
|
|
If the token already exists, then update the details rather than trying to
insert.
|
|
* gn3/auth/authentication/oauth2/grants/password_grant.py: Return user rather
than boolean
* gn3/auth/authentication/oauth2/models/oauth2client.py: provide optional
`user` argument to allow flexibility in setting up the client's user
* gn3/auth/authentication/oauth2/models/oauth2token.py: Set token and client
user correctly
* gn3/auth/authentication/oauth2/server.py: Set token user from the request
|
|
To avoid having to manually rebuild some default data for exploration of
concepts while developing the system, add a way to build up the test users and
oauth2 clients to use for testing.
|
|
* gn3/api/search.py (apply_si_suffix): Downcase before applying SI suffix.
|
|
Decimals are exact and do not introduce tiny errors in the range limits like
floats are wont to do.
* gn3/api/search.py: Import Decimal from decimal.
(apply_si_suffix): Use decimals, not floats, to manipulate range limits.
|
|
Suffixes are the last character, not everything but the last character.
* gn3/api/search.py (apply_si_suffix): Only look for SI suffix in the last
character.
|
|
Prior to this commit, when there was no SI suffix (such as in a plain
suffix-less number), the last digit would be dropped!
* gn3/api/search.py (apply_si_suffix): Apply SI suffix only if last character
is an actual suffix.
|
|
The code checking for errors was buggy and would let empty values through.
The sqlite3.IntegrityError exception was not being handled correctly, and
would cause a failure in the application.
This commit fixes the issues noted above.
* gn3/auth/authorisation/roles.py: fix bug in generating query params
* gn3/auth/authorisation/views.py: fix error checking code. Raise exception if
email is already registered.
|
|
* gn3/api/search.py (parse_location_field): Ensure limits of chromosomal
interval is non-negative.
|
|
* gn3/api/search.py (parse_location_field): Convert point locations to a +/-
50 kbase range.
|
|
* gn3/api/search.py (parse_location_field): Accept a single species query
argument instead of separate species and species prefix arguments.
(parse_query): Pass parse_location_field a single species query argument.
|
|
Fix a number of tests and fixtures that were not conforming to the FOREIGN KEY
constraints:
* Each test that creates a new "object" needs to clean up after itself
* Each fixture that sets up test data needs to clean up after itself
|
|
Enable the FOREIGN KEY constraints for the connections to the database to help
with queries that would otherwise lead to data corruption.
|
|
* gn3/api/search.py (remove_synteny_field): Tolerate WEIGHT operator in parsed
search queries.
|
|
* gn3/api/search.py: Import gzip, Path from pathlib and curry from
pymonad.tools.
(IntervalLiftoverFunction): New variable.
(query_subqueries, query_terms, field_processor_or, liftover,
liftover_interval, parse_synteny_field, is_synteny_on, remove_synteny_field):
New functions.
(parse_location_field): Generalize to support synteny searches.
(parse_query): Support synteny search queries.
(search_results): Pass synteny files directory to parse_query.
|
|
* gn3/api/search.py: Import partial and reduce from functools. Import Callable
from typing.
(ChromosomalPosition, ChromosomalInterval, FieldProcessor): New classes.
(apply_si_suffix, combine_queries, parse_location_field, interval_start,
interval_end): New functions.
(parse_query): Add field processors for location shorthands.
|
|
* gn3/api/search.py (parse_query): New function.
(search_results): Use parse_query.
|
|
Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name>
rather than using a UUID, to reduce indirection levels.
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration
to change the schema and IDs for the privileges.
* Update code to use new privileges format
* gn3/auth/authorisation/checks.py
* gn3/auth/authorisation/groups.py
* gn3/auth/authorisation/privileges.py
* gn3/auth/authorisation/resources.py
* gn3/auth/authorisation/roles.py
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py
* tests/unit/auth/fixtures/role_fixtures.py
* tests/unit/auth/test_groups.py
* tests/unit/auth/test_privileges.py
* tests/unit/auth/test_roles.py
|
|
A newly registered user will have the ability to create a group.
Once a user is a member of a group, either by creating a new group, or being
added to a group, they should not be able to create any more groups, i.e. they
lose the 'create-group' (and/or equivalent) privileges.
This means that the group-administration privileges should be separated from
the group-creation privilege.
* gn3/auth/authorisation/roles.py: assign default roles to user on
registration
* gn3/auth/authorisation/views.py: assign default roles to user on
registration
* migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py:
separate group-creation role from group-administration role.
* tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test
user
* tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the
expected results for the test
|
|
|
|
If the registration details pass the validations steps, then persist the
details in the database and respond with details about the newly created user.
* gn3/auth/authentication/users.py: new functions
* `save_user`: create and persist a new user
* `set_user_password`: hash and persist the new password for the given user
* gn3/auth/authorisation/views.py: Persist the user details and respond with
the newly persisted user details.
|
|
* gn3/app.py: register top-level error handlers. reorganise oauth2 blueprint.
* gn3/auth/__init__.py: reorganise oaut2 blueprint.
* gn3/auth/authentication/oauth2/views.py: reorganise oauth2 blueprint.
* gn3/auth/authorisation/exceptions.py -> gn3/auth/authorisation/errors.py
* gn3/auth/authorisation/groups.py: rename file/module
* gn3/auth/authorisation/resources.py: rename file/module
* gn3/auth/authorisation/views.py: Add `/register-user` endpoint
* gn3/auth/blueprint.py: reorganise oauth2 blueprint.
* gn3/errors.py: register top-level error handlers.
|
|
* gn3/app.py: import blueprint from authorisation views inorder to get all
endpoints
* gn3/auth/authentication/oauth2/views.py: remove the `/user` endpoint
* gn3/auth/authorisation/views.py: add the `/user` endpoint and add the group
information to the user details.
|
|
Resource roles will be returned as part of the resources request.
* gn3/auth/authorisation/roles.py: Simplify query - only get non-resource
roles
* gn3/auth/authorisation/views.py: update docstring
|
|
* gn3/auth/authorisation/roles.py: Fetch roles from DB
* gn3/auth/authorisation/views.py: Provide API endpoint for user roles
* tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly
Fix linting and typing issues in the following files:
* gn3/auth/authentication/oauth2/resource_server.py
* gn3/auth/authentication/oauth2/views.py
* tests/unit/auth/fixtures/oauth2_client_fixtures.py
|
|
Add a resource server with the validator for the bearer token to protect the
resources endpoints.
Add a protected `/user` endpoint that returns the user details for valid
tokens.
* gn3/auth/authentication/oauth2/resource_server.py: new file
* gn3/auth/authentication/oauth2/views.py: add /user endpoint
|
|
* gn3/settings.py: leave `OAUTH2_ACCESS_TOKEN_GENERATOR` in its default
setting
* tests/unit/auth/fixtures/oauth2_client_fixtures.py: setup
`AUTHLIB_INSECURE_TRANSPORT` before running the OAuth2 tests
* tests/unit/conftest.py: setup the test application's configuration correctly
for the tests.
|