aboutsummaryrefslogtreecommitdiff
path: root/migrations
AgeCommit message (Collapse)Author
2023-01-18auth: Allow non-member users to access group resourcesFrederick Muriuki Muriithi
Allow users that are not members of a particular group to be granted access to that group's resources via an explicit role assignment. This is accomplished by removing the `FOREIGN KEY(group_id, user_id)` constraint.
2023-01-16auth: update privileges formatFrederick Muriuki Muriithi
Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name> rather than using a UUID, to reduce indirection levels. * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration to change the schema and IDs for the privileges. * Update code to use new privileges format * gn3/auth/authorisation/checks.py * gn3/auth/authorisation/groups.py * gn3/auth/authorisation/privileges.py * gn3/auth/authorisation/resources.py * gn3/auth/authorisation/roles.py * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py * tests/unit/auth/fixtures/role_fixtures.py * tests/unit/auth/test_groups.py * tests/unit/auth/test_privileges.py * tests/unit/auth/test_roles.py
2023-01-11auth: assign default role. separate group creation from group adminFrederick Muriuki Muriithi
A newly registered user will have the ability to create a group. Once a user is a member of a group, either by creating a new group, or being added to a group, they should not be able to create any more groups, i.e. they lose the 'create-group' (and/or equivalent) privileges. This means that the group-administration privileges should be separated from the group-creation privilege. * gn3/auth/authorisation/roles.py: assign default roles to user on registration * gn3/auth/authorisation/views.py: assign default roles to user on registration * migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py: separate group-creation role from group-administration role. * tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test user * tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the expected results for the test
2022-12-21migrations: create the authorisation_code tableFrederick Muriuki Muriithi
* migrations/auth/20221219_03_PcTrb-create-authorisation-code-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration
2022-12-21migrations: create oauth2_tokens tableFrederick Muriuki Muriithi
* migrations/auth/20221219_02_buSEU-create-oauth2-tokens-table.py * tests/unit/auth/test_migrations_create_tables.py
2022-12-21migrations: New migrationFrederick Muriuki Muriithi
* migrations/auth/20221219_01_CI3tN-create-oauth2-clients-table.py: New migration * tests/unit/auth/test_migrations_create_tables.py: tests for new migration
2022-12-08migrations: Add column `public` to `resources` tableFrederick Muriuki Muriithi
* migrations/auth/20221208_01_sSdHz-add-public-column-to-resources-table.py: new migration script. * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration script
2022-12-06migrations: Add `group_user_roles_on_resources` tableFrederick Muriuki Muriithi
* migrations/auth/20221206_01_BbeF9-create-group-user-roles-on-resources-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: Test creation of table * tests/unit/auth/test_migrations_indexes.py: Test creation of index
2022-11-17Migrations: Create `group_users` tableFrederick Muriuki Muriithi
* migrations/auth/20221117_02_fmuZh-create-group-users-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-17Migrations: Add column `group_role_id` to `group_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221117_01_RDlfx-modify-group-roles-add-group-role-id.py: new migration * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
2022-11-16tests: Add tests for privilegesFrederick Muriuki Muriithi
* migrations/auth/20221116_01_nKUmX-add-privileges-to-group-leader-role.py: new migration to fix data errors. * tests/unit/auth/test_privileges.py: test privileges
2022-11-14Migrations: Create `user_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221114_05_hQun6-create-user-roles-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Add `user_editable` field to roles tableFrederick Muriuki Muriithi
Some roles will not be user editable to prevent inconsistencies, and possible privilege escalation. * migrations/auth/20221110_05_BaNtL-create-roles-table.py: Add `user_editable` column to table * migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: Set `group-leader` role as not user editable
2022-11-14Migrations: Create the `group-leader` role and give it privilegesFrederick Muriuki Muriithi
* migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: new migration * tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new migration
2022-11-14Migrations: Create `group_roles` tableFrederick Muriuki Muriithi
* migrations/auth/20221110_05_BaNtL-create-roles-table.py: modify migration * migrations/auth/20221114_03_PtWjc-create-group-roles-table.py: new migration * tests/unit/auth/test_migrations_create_tables.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Drop `generic_role*` tablesFrederick Muriuki Muriithi
Drop the `generic_role*` tables, since what they were envisioned for can be handled a different, (arguably) more simple way. * migrations/auth/20221114_02_DKKjn-drop-generic-role-tables.py: new migration * tests/unit/auth/test_migrations_drop_tables.py: test new migration
2022-11-14Migrations: Add generic_role_privileges tableFrederick Muriuki Muriithi
Add table `generic_role_privileges` table to link the generic roles to the privileges they provide. * migrations/auth/20221114_01_n8gsF-create-generic-role-privileges-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-14Migrations: Migration for initial privilegesFrederick Muriuki Muriithi
* migrations/auth/20221113_01_7M0hv-enumerate-initial-privileges.py: new migration. * tests/unit/auth/test_migrations_insert_data_into_empty_table.py: test new migration.
2022-11-10Migrations: Add columns to 'privileges' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_08_23psB-add-privilege-category-and-privilege-description-columns-to-privileges-table.py: new migration * tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
2022-11-10Migrations: migration for `role_privileges` tableFrederick Muriuki Muriithi
* migrations/auth/20221110_07_7WGa1-create-role-privileges-table.py: new migration Commit ee72678fabb86d66ba7d61d26643cc73df94ee5d only contains tests for this migration.
2022-11-10Migrations: migration for 'generic_roles' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_06_Pq2kT-create-generic-roles-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-10Migrations: migration for 'roles' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_05_BaNtL-create-roles-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration * tests/unit/auth/test_migrations_indexes.py: test new migration
2022-11-10Migrations: migration for 'genotype_resources' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_04_6PRFQ-create-genotype-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-10Migrations: Add migration for 'phenotype_resources' tableFrederick Muriuki Muriithi
* migrations/auth/20221110_03_ka3W0-create-phenotype-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test for new migration
2022-11-10Migrations: Add migration for mrna_resources tableFrederick Muriuki Muriithi
* migrations/auth/20221110_02_z1dWf-create-mrna-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test for new migration
2022-11-10Migrations: Add migration for 'resources' tableFrederick Muriuki Muriithi
* gn3/migrations.py: Minor change * migrations/auth/20221110_01_WtZ1I-create-resources-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-09Migrations: Add `resource_meta` field to `resource_categories` tableFrederick Muriuki Muriithi
2022-11-08Migrations: Init `resource_categories` with initial categoriesFrederick Muriuki Muriithi
* migrations/auth/20221108_04_CKcSL-init-data-in-resource-categories-table.py: new migration. * tests/unit/auth/test_migration_init_data_in_resource_categories_table.py: test new migration.
2022-11-08Migrations: Create `resource_categories` table.Frederick Muriuki Muriithi
* migrations/auth/20221108_03_Pbhb1-create-resource-categories-table.py: new migration. * tests/unit/auth/test_create_table_migrations.py: test new migration.
2022-11-08Migrations: Create `privileges` table.Frederick Muriuki Muriithi
* migrations/auth/20221108_02_wxTr9-create-privileges-table.py: new migration * tests/unit/auth/test_create_table_migrations.py: test new migration
2022-11-08Add migration to create the groups table.Frederick Muriuki Muriithi
2022-11-03Add credentials checkingFrederick Muriuki Muriithi
* gn3/auth/authentication.py: new function `credentials_in_database` * gn3/auth/authentication/__init__.py: replace package with module * gn3/settings.py: new `AUTH_MIGRATIONS` configuration variable * migrations/auth/20221103_02_sGrIs-create-user-credentials-table.py: new migration * tests/unit/auth/test_credentials.py: test the `credentials_in_database` function * tests/unit/conftest.py: more test fixtures
2022-11-03Initialise the Auth(entic|oris)ation packagesFrederick Muriuki Muriithi
Initialise the authentication/authorisation system packages and set up the initial database migrations to set up the system. * README.md: Add documentation on migrations * gn3/auth/__init__.py: init package * gn3/auth/authentication/__init__.py: init package * gn3/auth/authorisation/__init__.py: init package * gn3/migrations.py: provide migration utilities * migrations/auth/20221103_01_js9ub-initialise-the-auth-entic-oris-ation-database.py: new migration * tests/unit/auth/test_init_database.py: test new migration applies and rolls back as expected * tests/unit/conftest.py: fixtures for unit tests * yoyo.auth.ini: basic configuration for yoyo-migration for auth system migrations