Age | Commit message (Expand) | Author |
2023-03-22 | auth: migrations for linking phenotype data | Frederick Muriuki Muriithi |
2023-03-22 | auth: Remove the tables used for linking data to resources...The way data is linked to the resources needs to be reworked. This commit
removes all the existing migration scripts that created the tables formerly
used for linking data in preparation for reworking the system.
| Frederick Muriuki Muriithi |
2023-03-18 | auth: resources: Disallow duplicate resource names. | Frederick Muriuki Muriithi |
2023-03-13 | Add 'ON UPDATE/DELETE' clauses to foreign keys. | Frederick Muriuki Muriithi |
2023-03-06 | auth: privileges/roles: fix issues caught by tests. | Frederick Muriuki Muriithi |
2023-03-06 | auth: resources: Enable assigning a user roles on resources | Frederick Muriuki Muriithi |
2023-02-21 | auth: resources: Attach resource data and list unlinked data....Load the data that is attached to a particular resource together with the
resource.
List any unlinked data: useful when linking data to resources.
| Frederick Muriuki Muriithi |
2023-02-21 | auth: migrations: Link to data in main db...Provide the `linked_group_data` table to be used to link to data in the main
database.
Update the `mrna_resources`, `genotype_resources` and `phenotype_resources`
tables to rely on the `linked_group_data` table.
| Frederick Muriuki Muriithi |
2023-02-10 | auth: migrations: new privilege and role...Add a new data distribution privilege
Add a new system-administrator role
| Frederick Muriuki Muriithi |
2023-02-09 | auth: Reject request to join a group....* gn3/auth/authorisation/groups/models.py: Modify function to either accept or
reject join requests.
* gn3/auth/authorisation/groups/views.py: Provide endpoint to reject join
requests.
* migrations/auth/20230207_01_r0bkZ-create-group-join-requests-table.py:
Prevent user from applying to join the same group more than once.
| Frederick Muriuki Muriithi |
2023-02-08 | auth: groups: handle join requests. | Frederick Muriuki Muriithi |
2023-02-07 | auth: groups: Enable users to request to join group. | Frederick Muriuki Muriithi |
2023-02-06 | auth: resource: Enable viewing the details of a resource. | Frederick Muriuki Muriithi |
2023-01-23 | auth: create group: Fix group creation....* gn3/auth/authorisation/checks.py: Enable passing user to authorisation
checking function. Raise error on authorisation failure for consistent error
handling.
* gn3/auth/authorisation/groups.py: Add user to group, updating the privileges
as appropriate.
* gn3/auth/authorisation/resources.py: Fix resources querying
* gn3/auth/authorisation/roles.py: Assign/revoke roles by name
* gn3/auth/authorisation/views.py: Create group
* migrations/auth/20221108_01_CoxYh-create-the-groups-table.py: Add
group_metadata field
* tests/unit/auth/fixtures/group_fixtures.py: fix tests
* tests/unit/auth/test_groups.py: fix tests
* tests/unit/auth/test_resources.py: fix tests
* tests/unit/auth/test_roles.py: fix tests
| Frederick Muriuki Muriithi |
2023-01-18 | auth: Fix tests after enforcing FOREIGN KEY constraint...Fix a number of tests and fixtures that were not conforming to the FOREIGN KEY
constraints:
* Each test that creates a new "object" needs to clean up after itself
* Each fixture that sets up test data needs to clean up after itself
| Frederick Muriuki Muriithi |
2023-01-18 | auth: Allow non-member users to access group resources...Allow users that are not members of a particular group to be granted access to
that group's resources via an explicit role assignment. This is accomplished
by removing the `FOREIGN KEY(group_id, user_id)` constraint.
| Frederick Muriuki Muriithi |
2023-01-16 | auth: update privileges format...Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name>
rather than using a UUID, to reduce indirection levels.
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration
to change the schema and IDs for the privileges.
* Update code to use new privileges format
* gn3/auth/authorisation/checks.py
* gn3/auth/authorisation/groups.py
* gn3/auth/authorisation/privileges.py
* gn3/auth/authorisation/resources.py
* gn3/auth/authorisation/roles.py
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py
* tests/unit/auth/fixtures/role_fixtures.py
* tests/unit/auth/test_groups.py
* tests/unit/auth/test_privileges.py
* tests/unit/auth/test_roles.py
| Frederick Muriuki Muriithi |
2023-01-11 | auth: assign default role. separate group creation from group admin...A newly registered user will have the ability to create a group.
Once a user is a member of a group, either by creating a new group, or being
added to a group, they should not be able to create any more groups, i.e. they
lose the 'create-group' (and/or equivalent) privileges.
This means that the group-administration privileges should be separated from
the group-creation privilege.
* gn3/auth/authorisation/roles.py: assign default roles to user on
registration
* gn3/auth/authorisation/views.py: assign default roles to user on
registration
* migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py:
separate group-creation role from group-administration role.
* tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test
user
* tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the
expected results for the test
| Frederick Muriuki Muriithi |
2022-12-21 | migrations: create the authorisation_code table...* migrations/auth/20221219_03_PcTrb-create-authorisation-code-table.py: new
migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
| Frederick Muriuki Muriithi |
2022-12-21 | migrations: create oauth2_tokens table...* migrations/auth/20221219_02_buSEU-create-oauth2-tokens-table.py
* tests/unit/auth/test_migrations_create_tables.py
| Frederick Muriuki Muriithi |
2022-12-21 | migrations: New migration...* migrations/auth/20221219_01_CI3tN-create-oauth2-clients-table.py: New
migration
* tests/unit/auth/test_migrations_create_tables.py: tests for new migration
| Frederick Muriuki Muriithi |
2022-12-08 | migrations: Add column `public` to `resources` table...* migrations/auth/20221208_01_sSdHz-add-public-column-to-resources-table.py:
new migration script.
* tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
script
| Frederick Muriuki Muriithi |
2022-12-06 | migrations: Add `group_user_roles_on_resources` table...* migrations/auth/20221206_01_BbeF9-create-group-user-roles-on-resources-table.py:
new migration
* tests/unit/auth/test_migrations_create_tables.py: Test creation of table
* tests/unit/auth/test_migrations_indexes.py: Test creation of index
| Frederick Muriuki Muriithi |
2022-11-17 | Migrations: Create `group_users` table...* migrations/auth/20221117_02_fmuZh-create-group-users-table.py: new migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-17 | Migrations: Add column `group_role_id` to `group_roles` table...* migrations/auth/20221117_01_RDlfx-modify-group-roles-add-group-role-id.py:
new migration
* tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-16 | tests: Add tests for privileges...* migrations/auth/20221116_01_nKUmX-add-privileges-to-group-leader-role.py:
new migration to fix data errors.
* tests/unit/auth/test_privileges.py: test privileges
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Create `user_roles` table...* migrations/auth/20221114_05_hQun6-create-user-roles-table.py: new migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Add `user_editable` field to roles table...Some roles will not be user editable to prevent inconsistencies, and possible
privilege escalation.
* migrations/auth/20221110_05_BaNtL-create-roles-table.py: Add `user_editable`
column to table
* migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: Set
`group-leader` role as not user editable
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Create the `group-leader` role and give it privileges...* migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: new migration
* tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new
migration
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Create `group_roles` table...* migrations/auth/20221110_05_BaNtL-create-roles-table.py: modify migration
* migrations/auth/20221114_03_PtWjc-create-group-roles-table.py: new migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Drop `generic_role*` tables...Drop the `generic_role*` tables, since what they were envisioned for can be
handled a different, (arguably) more simple way.
* migrations/auth/20221114_02_DKKjn-drop-generic-role-tables.py: new migration
* tests/unit/auth/test_migrations_drop_tables.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Add generic_role_privileges table...Add table `generic_role_privileges` table to link the generic roles to the
privileges they provide.
* migrations/auth/20221114_01_n8gsF-create-generic-role-privileges-table.py:
new migration
* tests/unit/auth/test_create_table_migrations.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-14 | Migrations: Migration for initial privileges...* migrations/auth/20221113_01_7M0hv-enumerate-initial-privileges.py: new
migration.
* tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new
migration.
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: Add columns to 'privileges' table...* migrations/auth/20221110_08_23psB-add-privilege-category-and-privilege-description-columns-to-privileges-table.py:
new migration
* tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: migration for `role_privileges` table...* migrations/auth/20221110_07_7WGa1-create-role-privileges-table.py: new
migration
Commit ee72678fabb86d66ba7d61d26643cc73df94ee5d only contains tests for this
migration.
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: migration for 'generic_roles' table...* migrations/auth/20221110_06_Pq2kT-create-generic-roles-table.py: new
migration
* tests/unit/auth/test_create_table_migrations.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: migration for 'roles' table...* migrations/auth/20221110_05_BaNtL-create-roles-table.py: new migration
* tests/unit/auth/test_create_table_migrations.py: test new migration
* tests/unit/auth/test_migrations_indexes.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: migration for 'genotype_resources' table...* migrations/auth/20221110_04_6PRFQ-create-genotype-resources-table.py: new
migration
* tests/unit/auth/test_create_table_migrations.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: Add migration for 'phenotype_resources' table...* migrations/auth/20221110_03_ka3W0-create-phenotype-resources-table.py: new
migration
* tests/unit/auth/test_create_table_migrations.py: test for new migration
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: Add migration for mrna_resources table...* migrations/auth/20221110_02_z1dWf-create-mrna-resources-table.py: new
migration
* tests/unit/auth/test_create_table_migrations.py: test for new migration
| Frederick Muriuki Muriithi |
2022-11-10 | Migrations: Add migration for 'resources' table...* gn3/migrations.py: Minor change
* migrations/auth/20221110_01_WtZ1I-create-resources-table.py: new migration
* tests/unit/auth/test_create_table_migrations.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-09 | Migrations: Add `resource_meta` field to `resource_categories` table | Frederick Muriuki Muriithi |
2022-11-08 | Migrations: Init `resource_categories` with initial categories...* migrations/auth/20221108_04_CKcSL-init-data-in-resource-categories-table.py:
new migration.
* tests/unit/auth/test_migration_init_data_in_resource_categories_table.py:
test new migration.
| Frederick Muriuki Muriithi |
2022-11-08 | Migrations: Create `resource_categories` table....* migrations/auth/20221108_03_Pbhb1-create-resource-categories-table.py: new
migration.
* tests/unit/auth/test_create_table_migrations.py: test new migration.
| Frederick Muriuki Muriithi |
2022-11-08 | Migrations: Create `privileges` table....* migrations/auth/20221108_02_wxTr9-create-privileges-table.py: new migration
* tests/unit/auth/test_create_table_migrations.py: test new migration
| Frederick Muriuki Muriithi |
2022-11-08 | Add migration to create the groups table. | Frederick Muriuki Muriithi |
2022-11-03 | Add credentials checking...* gn3/auth/authentication.py: new function `credentials_in_database`
* gn3/auth/authentication/__init__.py: replace package with module
* gn3/settings.py: new `AUTH_MIGRATIONS` configuration variable
* migrations/auth/20221103_02_sGrIs-create-user-credentials-table.py: new
migration
* tests/unit/auth/test_credentials.py: test the `credentials_in_database`
function
* tests/unit/conftest.py: more test fixtures
| Frederick Muriuki Muriithi |
2022-11-03 | Initialise the Auth(entic|oris)ation packages...Initialise the authentication/authorisation system packages and set up the
initial database migrations to set up the system.
* README.md: Add documentation on migrations
* gn3/auth/__init__.py: init package
* gn3/auth/authentication/__init__.py: init package
* gn3/auth/authorisation/__init__.py: init package
* gn3/migrations.py: provide migration utilities
* migrations/auth/20221103_01_js9ub-initialise-the-auth-entic-oris-ation-database.py:
new migration
* tests/unit/auth/test_init_database.py: test new migration applies and rolls
back as expected
* tests/unit/conftest.py: fixtures for unit tests
* yoyo.auth.ini: basic configuration for yoyo-migration for auth system
migrations
| Frederick Muriuki Muriithi |