| Age | Commit message (Collapse) | Author |
|---|
|
Some roles should not be user-editable, and as such, we need to check before
allowing any edits on such roles. This commit makes that possible.
|
|
|
|
|
|
Remove the deprecated function and fix a myriad of bugs that arise from
removing the function.
Issue: https://issues.genenetwork.org/issues/bugfix_coupling_current_app_and_db_utils
|
|
|
|
|
|
The way data is linked to the resources needs to be reworked. This commit
removes all the existing migration scripts that created the tables formerly
used for linking data in preparation for reworking the system.
|
|
|
|
Implement the code to migrate the data from redis to SQLite.
|
|
To avoid repeating the same thing in multiple places, leading to errors and
breakages, reuse the same basic functions for password hashing.
|
|
|
|
Provide the `linked_group_data` table to be used to link to data in the main
database.
Update the `mrna_resources`, `genotype_resources` and `phenotype_resources`
tables to rely on the `linked_group_data` table.
|
|
When user has no roles assigned, return an empty tuple rather than
pymonad.maybe.Nothing to ease maintenance.
|
|
|
|
|
|
|
|
|
|
Split the views/routes into separate modules each dealing with a narrower
scope of the application to aid in maintenance, and help with making the
development easier.
|
|
* tests/unit/test_search.py (test_apply_si_suffix_kilo,
test_apply_si_suffix_mega, test_apply_si_suffix_giga): Update docstring
indicating that we expect the exact integer value.
|
|
* gn3/api/search.py (parse_position): New function.
(parse_location_field): Use parse_position.
* tests/unit/test_search.py: Import parse_position from gn3.api.search.
(test_parse_position_close_to_zero_location): New test.
|
|
* gn3/auth/authorisation/checks.py: Enable passing user to authorisation
checking function. Raise error on authorisation failure for consistent error
handling.
* gn3/auth/authorisation/groups.py: Add user to group, updating the privileges
as appropriate.
* gn3/auth/authorisation/resources.py: Fix resources querying
* gn3/auth/authorisation/roles.py: Assign/revoke roles by name
* gn3/auth/authorisation/views.py: Create group
* migrations/auth/20221108_01_CoxYh-create-the-groups-table.py: Add
group_metadata field
* tests/unit/auth/fixtures/group_fixtures.py: fix tests
* tests/unit/auth/test_groups.py: fix tests
* tests/unit/auth/test_resources.py: fix tests
* tests/unit/auth/test_roles.py: fix tests
|
|
|
|
|
|
* tests/unit/test_search.py: New file.
|
|
Fix a number of tests and fixtures that were not conforming to the FOREIGN KEY
constraints:
* Each test that creates a new "object" needs to clean up after itself
* Each fixture that sets up test data needs to clean up after itself
|
|
Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name>
rather than using a UUID, to reduce indirection levels.
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration
to change the schema and IDs for the privileges.
* Update code to use new privileges format
* gn3/auth/authorisation/checks.py
* gn3/auth/authorisation/groups.py
* gn3/auth/authorisation/privileges.py
* gn3/auth/authorisation/resources.py
* gn3/auth/authorisation/roles.py
* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py
* tests/unit/auth/fixtures/role_fixtures.py
* tests/unit/auth/test_groups.py
* tests/unit/auth/test_privileges.py
* tests/unit/auth/test_roles.py
|
|
A newly registered user will have the ability to create a group.
Once a user is a member of a group, either by creating a new group, or being
added to a group, they should not be able to create any more groups, i.e. they
lose the 'create-group' (and/or equivalent) privileges.
This means that the group-administration privileges should be separated from
the group-creation privilege.
* gn3/auth/authorisation/roles.py: assign default roles to user on
registration
* gn3/auth/authorisation/views.py: assign default roles to user on
registration
* migrations/auth/20230111_01_Wd6IZ-remove-create-group-privilege-from-group-leader.py:
separate group-creation role from group-administration role.
* tests/unit/auth/fixtures/user_fixtures.py: Add group-creation role to test
user
* tests/unit/auth/test_roles.py: Add the group-creation role explicitly in the
expected results for the test
|
|
* gn3/auth/authorisation/roles.py: Fetch roles from DB
* gn3/auth/authorisation/views.py: Provide API endpoint for user roles
* tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly
Fix linting and typing issues in the following files:
* gn3/auth/authentication/oauth2/resource_server.py
* gn3/auth/authentication/oauth2/views.py
* tests/unit/auth/fixtures/oauth2_client_fixtures.py
|
|
Since test functions are defined starting with "test_", rename the fixture to
more clearly indicate it is a fixture (fxtr_*), an not a test in itself.
|
|
* gn3/settings.py: leave `OAUTH2_ACCESS_TOKEN_GENERATOR` in its default
setting
* tests/unit/auth/fixtures/oauth2_client_fixtures.py: setup
`AUTHLIB_INSECURE_TRANSPORT` before running the OAuth2 tests
* tests/unit/conftest.py: setup the test application's configuration correctly
for the tests.
|
|
Add code to implement the OAuth2 flow.
* Add test fixtures for setting up users and OAuth2 clients
* Add tests for token generation with the "Password Grant" flow
* Fix some issues with test due to changes in the database connection's
row_factory
|
|
* migrations/auth/20221219_03_PcTrb-create-authorisation-code-table.py: new
migration
* tests/unit/auth/test_migrations_create_tables.py: test new migration
|
|
* migrations/auth/20221219_02_buSEU-create-oauth2-tokens-table.py
* tests/unit/auth/test_migrations_create_tables.py
|
|
* migrations/auth/20221219_01_CI3tN-create-oauth2-clients-table.py: New
migration
* tests/unit/auth/test_migrations_create_tables.py: tests for new migration
|
|
|
|
|
|
|
|
Split the fixtures into separate modules for easier management
* tests/unit/auth/conftest.py: Import all from the `fixtures` package. Delete
all fixtures from the file
* tests/unit/auth/fixtures/__init__.py: new `fixtures` package
* tests/unit/auth/fixtures/group_fixtures.py: new groups fixtures module
* tests/unit/auth/fixtures/migration_fixtures.py: new migrations fixtures
module
* tests/unit/auth/fixtures/resource_fixtures.py: new resources fixtures module
* tests/unit/auth/fixtures/role_fixtures.py: new roles fixtures module
* tests/unit/auth/fixtures/user_fixtures.py: new users fixtures module
|
|
* gn3/auth/authorisation/resources.py: dummy `user_resources` function
* tests/unit/auth/conftest.py: (incomplete): Add some fixtures for testing the
`user_resources` function
* tests/unit/auth/test_resources.py: test the `user_resources` function
|
|
The addition of the `public` field in the `resources` table, led to some
previously passing tests to fail. This commit fixes the failures, and cleans
up some pylint issues.
* gn3/auth/authorisation/resources.py: add `public` to db queries
* tests/unit/auth/test_groups.py: fix pylint issues
|
|
* gn3/auth/authorisation/resources.py: new functions
* resource_categories: retrieves all resource categories
* public_resources: retrieves all public resources
* tests/unit/auth/test_resources.py: test `public_resources` function
|
|
* gn3/auth/authorisation/groups.py: new `user_group` function
* tests/unit/auth/test_groups.py: test `user_group` function
|
|
* migrations/auth/20221208_01_sSdHz-add-public-column-to-resources-table.py:
new migration script.
* tests/unit/auth/test_migrations_add_remove_columns.py: test new migration
script
|
|
* migrations/auth/20221206_01_BbeF9-create-group-user-roles-on-resources-table.py:
new migration
* tests/unit/auth/test_migrations_create_tables.py: Test creation of table
* tests/unit/auth/test_migrations_indexes.py: Test creation of index
|
|
|
|
|
|
|
|
* tests/unit/computations/test_rust_correlation.py: The underlying code
changed and the test needed to be updated to test the correct thing.
|
|
* gn3/auth/authorisation/groups.py: base `MembershipError` on new
`AuthorisationError` base exception. Use new authentication checking
decorator.
* gn3/auth/authorisation/privileges.py: Change argument to User object rather
than UUID object
* gn3/auth/authorisation/roles.py: Use new authentication checking decorator.
* tests/unit/auth/test_groups.py: use `conftest.TEST_USER`
* tests/unit/auth/test_privileges.py: use `conftest.TEST_USER`
* tests/unit/auth/test_roles.py: use `conftest.TEST_USER`
|
|
* gn3/auth/authentication/checks.py: new `authenticated_p` decorator to apply
on any function that requires the user to be authenticated before it runs.
* gn3/auth/authorisation/checks.py: use a `auth.authentication.users.User`
object rather than a UUID object in the global `g`.
* gn3/auth/authorisation/groups.py: Implement the `authenticated_user_group`
function to get the group(s) in which the currently authenticated user
belongs.
* gn3/auth/authorisation/resources.py: Implement the `create_resource`
function correctly.
* tests/unit/auth/conftest.py: extract the User objects into a global variable
for reusability with the tests.
* tests/unit/auth/test_resources.py: Use global user objects from conftest in
the tests. Set a User object (rather than UUID) in the global `g` variable.
|
