aboutsummaryrefslogtreecommitdiff
path: root/migrations/auth
AgeCommit message (Collapse)Author
2023-10-10Remove authentication from GN3Frederick Muriuki Muriithi
Authentication should be handled by the auth server (gn-auth) and thus, this commit removes code handling user authentication from the GN3 system.
2023-04-21auth: Attach linked data to specific resources.Frederick Muriuki Muriithi
2023-04-10Migrations for linking genotype files.Frederick Muriuki Muriithi
2023-04-04Add tables to link genotype dataFrederick Muriuki Muriithi
2023-03-22auth: migrations for linking phenotype dataFrederick Muriuki Muriithi
2023-03-22auth: Remove the tables used for linking data to resourcesFrederick Muriuki Muriithi
The way data is linked to the resources needs to be reworked. This commit removes all the existing migration scripts that created the tables formerly used for linking data in preparation for reworking the system.
2023-03-18auth: resources: Disallow duplicate resource names.Frederick Muriuki Muriithi
2023-03-13Add 'ON UPDATE/DELETE' clauses to foreign keys.Frederick Muriuki Muriithi
2023-03-06auth: privileges/roles: fix issues caught by tests.Frederick Muriuki Muriithi
2023-03-06auth: resources: Enable assigning a user roles on resourcesFrederick Muriuki Muriithi
2023-02-21auth: resources: Attach resource data and list unlinked data.Frederick Muriuki Muriithi
Load the data that is attached to a particular resource together with the resource. List any unlinked data: useful when linking data to resources.
2023-02-21auth: migrations: Link to data in main dbFrederick Muriuki Muriithi
Provide the `linked_group_data` table to be used to link to data in the main database. Update the `mrna_resources`, `genotype_resources` and `phenotype_resources` tables to rely on the `linked_group_data` table.
2023-02-10auth: migrations: new privilege and roleFrederick Muriuki Muriithi
Add a new data distribution privilege Add a new system-administrator role
2023-02-09auth: Reject request to join a group.Frederick Muriuki Muriithi
* gn3/auth/authorisation/groups/models.py: Modify function to either accept or reject join requests. * gn3/auth/authorisation/groups/views.py: Provide endpoint to reject join requests. * migrations/auth/20230207_01_r0bkZ-create-group-join-requests-table.py: Prevent user from applying to join the same group more than once.
2023-02-08auth: groups: handle join requests.Frederick Muriuki Muriithi
2023-02-07auth: groups: Enable users to request to join group.Frederick Muriuki Muriithi
2023-02-06auth: resource: Enable viewing the details of a resource.Frederick Muriuki Muriithi
2023-01-23auth: create group: Fix group creation.Frederick Muriuki Muriithi
* gn3/auth/authorisation/checks.py: Enable passing user to authorisation checking function. Raise error on authorisation failure for consistent error handling. * gn3/auth/authorisation/groups.py: Add user to group, updating the privileges as appropriate. * gn3/auth/authorisation/resources.py: Fix resources querying * gn3/auth/authorisation/roles.py: Assign/revoke roles by name * gn3/auth/authorisation/views.py: Create group * migrations/auth/20221108_01_CoxYh-create-the-groups-table.py: Add group_metadata field * tests/unit/auth/fixtures/group_fixtures.py: fix tests * tests/unit/auth/test_groups.py: fix tests * tests/unit/auth/test_resources.py: fix tests * tests/unit/auth/test_roles.py: fix tests
2023-01-18auth: Fix tests after enforcing FOREIGN KEY constraintFrederick Muriuki Muriithi
Fix a number of tests and fixtures that were not conforming to the FOREIGN KEY constraints: * Each test that creates a new "object" needs to clean up after itself * Each fixture that sets up test data needs to clean up after itself
2023-01-18auth: Allow non-member users to access group resourcesFrederick Muriuki Muriithi
Allow users that are not members of a particular group to be granted access to that group's resources via an explicit role assignment. This is accomplished by removing the `FOREIGN KEY(group_id, user_id)` constraint.
2023-01-16auth: update privileges formatFrederick Muriuki Muriithi
Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name> rather than using a UUID, to reduce indirection levels. * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration to change the schema and IDs for the privileges. * Update code to use new privileges format * gn3/auth/authorisation/checks.py * gn3/auth/authorisation/groups.py * gn3/auth/authorisation/privileges.py * gn3/auth/authorisation/resources.py * gn3/auth/authorisation/roles.py * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py * tests/unit/auth/fixtures/role_fixtures.py * tests/unit/auth/test_groups.py * tests/unit/auth/test_privileges.py * tests/unit/auth/test_roles.py
2023-01-11auth: assign default role. separate group creation from group adminFrederick Muriuki Muriithi
A newly registered user will have the ability to create a group. Once a user is a member of a group, either by creating a new group, or being added to a group, they should not be able to create any more groups, i.e. they lose the 'create-group' (and/or equivalent) privileges. This means that the group-administration privileges should be separated from the group-creation privilege. * gn3/auth/authorisation/roles.py: assign default roles to user on registration * gn3/auth/authorisation/views.py: assign default roles to user on registration * migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py: separate group-creation role from group-administration role. * tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test user * tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the expected results for the test
2022-12-21migrations: create the authorisation_code tableFrederick Muriuki Muriithi
* migrations/auth/20221219_03_PcTrb-create-authorisation-code-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration
2022-12-21migrations: create oauth2_tokens tableFrederick Muriuki Muriithi
* migrations/auth/20221219_02_buSEU-create-oauth2-tokens-table.py * tests/unit/auth/test_migrations_create_tables.py
2022-12-21migrations: New migrationFrederick Muriuki Muriithi
* migrations/auth/20221219_01_CI3tN-create-oauth2-clients-table.py: New migration * tests/unit/auth/test_migrations_create_tables.py: tests for new migration
2022-12-08migrations: Add column `public` to `resources` tableFrederick Muriuki Muriithi
* migrations/auth/20221208_01_sSdHz-add-public-column-to-resources-table.py: new migration script. * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration script
2022-12-06migrations: Add `group_user_roles_on_resources` tableFrederick Muriuki Muriithi
* migrations/auth/20221206_01_BbeF9-create-group-user-roles-on-resources-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: Test creation of table * tests/unit/auth/test_migrations_indexes.py: Test creation of index
2022-11-17Migrations: Create `group_users` tableFrederick Muriuki Muriithi
* migrations/auth/20221117_02_fmuZh-create-group-users-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-17Migrations: Add column `group_role_id` to `group_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221117_01_RDlfx-modify-group-roles-add-group-role-id.py: new migration * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
2022-11-16tests: Add tests for privilegesFrederick Muriuki Muriithi
* migrations/auth/20221116_01_nKUmX-add-privileges-to-group-leader-role.py: new migration to fix data errors. * tests/unit/auth/test_privileges.py: test privileges
2022-11-14Migrations: Create `user_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221114_05_hQun6-create-user-roles-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Add `user_editable` field to roles tableFrederick Muriuki Muriithi
Some roles will not be user editable to prevent inconsistencies, and possible privilege escalation. * migrations/auth/20221110_05_BaNtL-create-roles-table.py: Add `user_editable` column to table * migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: Set `group-leader` role as not user editable
2022-11-14Migrations: Create the `group-leader` role and give it privilegesFrederick Muriuki Muriithi
* migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: new migration * tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new migration
2022-11-14Migrations: Create `group_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221110_05_BaNtL-create-roles-table.py: modify migration * migrations/auth/20221114_03_PtWjc-create-group-roles-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Drop `generic_role*` tablesFrederick Muriuki Muriithi
Drop the `generic_role*` tables, since what they were envisioned for can be handled a different, (arguably) more simple way. * migrations/auth/20221114_02_DKKjn-drop-generic-role-tables.py: new migration * tests/unit/auth/test_migrations_drop_tables.py: test new migration
2022-11-14Migrations: Add generic_role_privileges tableFrederick Muriuki Muriithi
Add table `generic_role_privileges` table to link the generic roles to the privileges they provide. * migrations/auth/20221114_01_n8gsF-create-generic-role-privileges-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Migration for initial privilegesFrederick Muriuki Muriithi
* migrations/auth/20221113_01_7M0hv-enumerate-initial-privileges.py: new migration. * tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new migration.
2022-11-10Migrations: Add columns to 'privileges' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_08_23psB-add-privilege-category-and-privilege-description-columns-to-privileges-table.py: new migration * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
2022-11-10Migrations: migration for `role_privileges` tableFrederick Muriuki Muriithi
* migrations/auth/20221110_07_7WGa1-create-role-privileges-table.py: new migration Commit ee72678fabb86d66ba7d61d26643cc73df94ee5d only contains tests for this migration.
2022-11-10Migrations: migration for 'generic_roles' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_06_Pq2kT-create-generic-roles-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-10Migrations: migration for 'roles' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_05_BaNtL-create-roles-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-10Migrations: migration for 'genotype_resources' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_04_6PRFQ-create-genotype-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-10Migrations: Add migration for 'phenotype_resources' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_03_ka3W0-create-phenotype-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test for new migration
2022-11-10Migrations: Add migration for mrna_resources tableFrederick Muriuki Muriithi
* migrations/auth/20221110_02_z1dWf-create-mrna-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test for new migration
2022-11-10Migrations: Add migration for 'resources' tableFrederick Muriuki Muriithi
* gn3/migrations.py: Minor change * migrations/auth/20221110_01_WtZ1I-create-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-09Migrations: Add `resource_meta` field to `resource_categories` tableFrederick Muriuki Muriithi
2022-11-08Migrations: Init `resource_categories` with initial categoriesFrederick Muriuki Muriithi
* migrations/auth/20221108_04_CKcSL-init-data-in-resource-categories-table.py: new migration. * tests/unit/auth/test_migration_init_data_in_resource_categories_table.py: test new migration.
2022-11-08Migrations: Create `resource_categories` table.Frederick Muriuki Muriithi
* migrations/auth/20221108_03_Pbhb1-create-resource-categories-table.py: new migration. * tests/unit/auth/test_create_table_migrations.py: test new migration.
2022-11-08Migrations: Create `privileges` table.Frederick Muriuki Muriithi
* migrations/auth/20221108_02_wxTr9-create-privileges-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-08Add migration to create the groups table.Frederick Muriuki Muriithi