| Age | Commit message (Expand) | Author |
|---|
| 2024-10-03 | BugFix: Remove duplicates from resources list...Issue:
https://issues.genenetwork.org/issues/gn-auth/resources-duplicates-in-resources-list
The query was returning multiple instances of the same resource in
situations where a user had more than one role of a particular resource.
| Frederick Muriuki Muriithi |
| 2024-09-30 | Refactor: Initialise phenotype package...* Move code into a new phenotypes package and update references.
* Add new functions to fetch linked resources from GN3 data
identifiers — this is useful for auth
* Provide endpoint to fetch authorisation details for a specific
phenotype.
| Frederick Muriuki Muriithi |
| 2024-09-30 | Extract function to prevent circular dependencies. | Frederick Muriuki Muriithi |
| 2024-09-25 | Implement genotype resource creation via API with resource data...Create the resource, assign the resource-owner role and link the
resource's data in a single API call.
| Frederick Muriuki Muriithi |
| 2024-09-25 | Extract common role assignment to its own module | Frederick Muriuki Muriithi |
| 2024-09-16 | Pass cursor rather than connection to create_resource function...In order to decouple the `create_resource` function from the related
functions that assign roles to users, this commit changes the code to
pass in a cursor rather than a connection.
The cursor will be the same cursor passed into the role assignment
functions ensuring that the resource creation and role assignment
happen in a single transaction.
| Frederick Muriuki Muriithi |
| 2024-09-13 | Notes: Add note on some items that could go into hooks. | Frederick Muriuki Muriithi |
| 2024-06-25 | Roles: Get rid of use of GroupRole; use Role directly for resources...The GroupRole idea was flawed, and led to a critical bug that would
have allowed privilege escalation. This uses the Role directly acting
on a specific resource when assigning said role to a user.
| Frederick Muriuki Muriithi |
| 2024-06-20 | Reorganise test fixtures. Fix tests and issues caught....Reorganise test fixtures to more closely follow the design of the auth
system.
Fix the broken tests due to refactors and fix all issues caught by the
running tests.
| Frederick Muriuki Muriithi |
| 2024-06-17 | Don't save the resource-owner role as a resource role...The 'resource-owner' role is a system-default role that applies to
most resources, but should not be editable by users. This commit
removes the code that was linking the role with each resource, leading
it to being presented to the user as a editable role.
| Frederick Muriuki Muriithi |
| 2024-06-07 | Update role assignment: user resource_roles table...We no longer use the group_roles table, and have moved to the less
privilege-escalation-prone resource_roles table. This commit updates
the queries to use the newer resource_roles table.
| Frederick Muriuki Muriithi |
| 2024-04-24 | Move the errors module up one level to break circular dependencies. | Frederick Muriuki Muriithi |
| 2024-04-23 | pylint: Fix linting errors. | Frederick Muriuki Muriithi |
| 2024-03-30 | Update call: Drop unused argument in call. | Frederick Muriuki Muriithi |
| 2024-03-21 | Return empty tuples when metadata is queried for data....* gn_auth/auth/authorisation/resources/models.py (resource_data): A
metadata resource is not linked to any data so we return an empty
tuple.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Add extra endpoint to get user authorisation given a resource name....* gn_auth/auth/authorisation/resources/models.py
(user_roles_on_resources): New function.
* gn_auth/auth/authorisation/resources/views.py
(resources_authorisation): New endpoint.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Revert "Add an extra endpoint for metadata authorisation."...This reverts commit f5e833c0d72eaec80425203b15210ed304cc4811.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define Resource/ResourceCategory using frozen dataclass....* gn_auth/auth/authorisation/resources/base.py: Import dataclass and
asdict. Remove NamedTuple and dictify.
(ResourceCategory): Use frozen dataclass.
(ResourceCategory.dictify): Delete.
(Resource): Use frozen dataclass.
(Resource.dictify): Delete.
* gn_auth/auth/authorisation/resources/models.py: Delete dictify
import.
(assign_resource_user): Replace dictify with asdict.
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/views.py: Import asdict.
Remove dictify import.
(list_resource_categories): Replace dictify with asdict.
(create_resource): Ditto.
(view_resource): Ditto.
(__safe_get_requests_page__): Ditto.
* gn_auth/auth/authorisation/users/views.py:
(user_resources): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define Privilege/Role using frozen dataclass....* gn_auth/auth/authorisation/privileges.py: Import dataclass. Remove
NamedTuple import.
(Privilege): Use frozen dataclass.
(Privelege.dictify): Delete.
* gn_auth/auth/authorisation/resources/groups/views.py: Import
dataclasses.asdict.
(group_privileges): Replace dictify with asdict.
(add_priv_to_role): Ditto.
(delete_priv_from_role): Ditto.
* gn_auth/auth/authorisation/resources/models.py:
(assign_resource_user): Replace dictify with asdict.
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/system/views.py: Import
dataclasses.asdict. Remove dictify import.
(system_roles): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
(resources_authorisation): Ditto.
* gn_auth/auth/authorisation/roles/models.py: Remove dictify and
NameTuple import.
(Role): Use frozen dataclass.
(Role.dictify): Replace dictify(priv) with asdict(priv).
* gn_auth/auth/authorisation/roles/views.py: Import
dataclasses.asdict. Remove dictify import.
(view_role): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/views.py:
(user_roles): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define User using a frozen dataclass....* gn_auth/auth/authentication/users.py: Import dataclass. Remove
NamedTuple and Tuple import.
(User): Use a frozen dataclass.
(User.get_user_id): Delete.
(User.dictify): Ditto.
* gn_auth/auth/authorisation/data/views.py: Import dataclasses.dict.
(authorisation): Replace user._asdict() with asdict(user).
(metadata_resources): Ditto.
* gn_auth/auth/authorisation/resources/groups/views.py:
(group_members): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/models.py: Import
dataclasses.asdict.
(assign_resource_user): Replace dictify(user) with asdict(user).
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/masquerade/views.py: Import
dataclasses.asdict.
(masquerade): Replace masq_user._asdict() with asdict(masq_user).
* gn_auth/auth/authorisation/users/views.py:
(list_all_users): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-04 | Add an extra endpoint for metadata authorisation....* gn_auth/auth/authorisation/data/views.py: (metadata_resources): New
end-point for authorising metadata data.
* gn_auth/auth/authorisation/resources/models.py: Import sqlite3.Row.
(__metadata_resource_data__): New function.
(__assign_resource_owner_role__): Add __metadata_resource_data__
to the "resource_data_function" map.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2023-11-23 | Scripts: Update script for newer db schema...The schema changed a while back, and the script that is used to make
all existing data public needs to be updated for the new schema. This
commit does exactly that.
| Frederick Muriuki Muriithi |
| 2023-11-02 | mypy: Fix typing errors. | Frederick Muriuki Muriithi |
| 2023-10-12 | Bugs: Fix query and provide default function for inbredset-group | Frederick Muriuki Muriithi |
| 2023-10-10 | Get authorisation by resource_ids...Add an endpoint to help users get the resources authorisation by the
resource ids.
| Frederick Muriuki Muriithi |
| 2023-10-10 | Temporarily return no data for resources of types system and group. | Frederick Muriuki Muriithi |
| 2023-09-27 | typing: fix and ignore typing issues. | Frederick Muriuki Muriithi |
| 2023-09-27 | Bug: Fix issue with viewing resources of type "group". | Frederick Muriuki Muriithi |
| 2023-09-26 | Handle temporary edge cases...Fetching resource data: system and group categories of resources do
not have associated genetic data.
This commit adds some code to temporarily handle that case as an edge
case before I can devote more time to fixing the issue in a much
better way.
| Frederick Muriuki Muriithi |
| 2023-09-26 | Add System resource, and group resource(s) to list of user resources...* The system resource is public, and should be present for all users.
* Each user that is a member of a group, should have their group show
up in their list of resources.
* Fix the SQL join: add an `ON ...` clause.
| Frederick Muriuki Muriithi |
| 2023-09-26 | Move `groups` package under `resources` package...With user groups being resources that users can act on (with the
recent changes), this commit moves the `groups` module to under the
`resources` module.
It also renames the `*_resources.py` modules by dropping the
`_resources` part since the code is under the `resources` module
anyway.
| Frederick Muriuki Muriithi |
| 2023-09-26 | Remove group from resource objects...With the new schema, not all Resource objects are "owned" by a
group. Those that are, are linked together through a different db
table (`resource_ownership`).
This commit removes the `Group` object from `Resource` objects and
updates the `resource_ownership` where relevant.
| Frederick Muriuki Muriithi |
| 2023-09-26 | Raise exception if no group for `resource_group`...Rather than using pymonad's Maybe monad and dealing with the
complexity it introduces, raise an exception if there is no group
found for the given resource.
| Frederick Muriuki Muriithi |
| 2023-09-26 | Add `resource_group` function to retrieve the owning group...Some resources are "owned" by specific user groups. This commit adds a
way to retrieve those "owners" where relevant.
| Frederick Muriuki Muriithi |
| 2023-09-26 | Extract resource-type-specific code into separate modules...For easier maintenance, extract the code that relates to specific
resource types/categories into separate modules, each dealing with a
single resource type/category.
| Frederick Muriuki Muriithi |
| 2023-09-26 | Extract basic resource types to a separate module. | Frederick Muriuki Muriithi |
| 2023-08-08 | Use relative imports to break circular import errors | Frederick Muriuki Muriithi |
| 2023-08-07 | Change imports to new unified db module. | Frederick Muriuki Muriithi |
| 2023-08-07 | Update module name/path...Change from gn3 to gn_auth
| Frederick Muriuki Muriithi |
| 2023-08-04 | Copy over files from GN3 repository. | Frederick Muriuki Muriithi |
