Age | Commit message (Collapse) | Author |
|
* gn_auth/auth/authorisation/resources/views.py: Import time.
(get_user_roles_on_resource): Add a JWT bearer token to the
responses's header.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
|
|
|
|
|
|
|
|
* gn_auth/auth/authorisation/resources/views.py: Import operator.
(get_user_roles_on_resource): Flatten roles list.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/resources/models.py (resource_data): A
metadata resource is not linked to any data so we return an empty
tuple.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/resources/models.py
(user_roles_on_resources): New function.
* gn_auth/auth/authorisation/resources/views.py
(resources_authorisation): New endpoint.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
This reverts commit f5e833c0d72eaec80425203b15210ed304cc4811.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/resources/base.py: Import dataclass and
asdict. Remove NamedTuple and dictify.
(ResourceCategory): Use frozen dataclass.
(ResourceCategory.dictify): Delete.
(Resource): Use frozen dataclass.
(Resource.dictify): Delete.
* gn_auth/auth/authorisation/resources/models.py: Delete dictify
import.
(assign_resource_user): Replace dictify with asdict.
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/views.py: Import asdict.
Remove dictify import.
(list_resource_categories): Replace dictify with asdict.
(create_resource): Ditto.
(view_resource): Ditto.
(__safe_get_requests_page__): Ditto.
* gn_auth/auth/authorisation/users/views.py:
(user_resources): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/privileges.py: Import dataclass. Remove
NamedTuple import.
(Privilege): Use frozen dataclass.
(Privelege.dictify): Delete.
* gn_auth/auth/authorisation/resources/groups/views.py: Import
dataclasses.asdict.
(group_privileges): Replace dictify with asdict.
(add_priv_to_role): Ditto.
(delete_priv_from_role): Ditto.
* gn_auth/auth/authorisation/resources/models.py:
(assign_resource_user): Replace dictify with asdict.
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/system/views.py: Import
dataclasses.asdict. Remove dictify import.
(system_roles): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
(resources_authorisation): Ditto.
* gn_auth/auth/authorisation/roles/models.py: Remove dictify and
NameTuple import.
(Role): Use frozen dataclass.
(Role.dictify): Replace dictify(priv) with asdict(priv).
* gn_auth/auth/authorisation/roles/views.py: Import
dataclasses.asdict. Remove dictify import.
(view_role): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/views.py:
(user_roles): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/resources/groups/models.py: Import
dataclasses.asdict. Remove dictify import.
(GroupRole): Use frozen dataclass.
(GroupRole.dictify): Replace dictify(...) with self.role.dictify().
* gn_auth/auth/authorisation/resources/groups/views.py:
(group_roles): Replace dictify with asdict.
(view_group_role): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/data/genotypes.py: Import
dataclasses.asdict.
(link_genotype_data): Replace dictify with asdict.
* gn_auth/auth/authorisation/data/mrna.py: Import dataclasses.asdict.
(link_mrna_data): Replace dictify with asdict.
* gn_auth/auth/authorisation/data/phenotypes.py: Import
dataclasses.asdict.
(link_phenotype_data): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/groups/models.py: Import
dataclass.
(Group): Use frozen dataclass.
(Group.dictify): Delete.
(GroupRole.dictify): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/groups/views.py: Import
dataclasses.asdict. Remove dictify import.
(list_groups): Replace dictify with asdict.
(create_group): Ditto.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/views.py: Import
dataclasses.asdict. Remove dictify import.
(user_details): Replace dictify with asdict.
(user_group): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authentication/users.py: Import dataclass. Remove
NamedTuple and Tuple import.
(User): Use a frozen dataclass.
(User.get_user_id): Delete.
(User.dictify): Ditto.
* gn_auth/auth/authorisation/data/views.py: Import dataclasses.dict.
(authorisation): Replace user._asdict() with asdict(user).
(metadata_resources): Ditto.
* gn_auth/auth/authorisation/resources/groups/views.py:
(group_members): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/models.py: Import
dataclasses.asdict.
(assign_resource_user): Replace dictify(user) with asdict(user).
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/masquerade/views.py: Import
dataclasses.asdict.
(masquerade): Replace masq_user._asdict() with asdict(masq_user).
* gn_auth/auth/authorisation/users/views.py:
(list_all_users): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/data/views.py: (metadata_resources): New
end-point for authorising metadata data.
* gn_auth/auth/authorisation/resources/models.py: Import sqlite3.Row.
(__metadata_resource_data__): New function.
(__assign_resource_owner_role__): Add __metadata_resource_data__
to the "resource_data_function" map.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn_auth/auth/authorisation/data/views.py (authorisation): Fix typo.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
|
|
Handle the "NotFoundError" exception at the route level, since if we
do not, the application level handler takes over and simply returns a
JSON response with the details of the failure.
|
|
Previously, when the user would request to either import or delete the
collections they had created before logging in, the system would try
deleting the collections from the wrong key, leading to the
collections still showing up.
This commit fixes that by providing the code with the correct Redis
key to act upon.
|
|
The schema changed a while back, and the script that is used to make
all existing data public needs to be updated for the new schema. This
commit does exactly that.
|
|
Make the system admin creation code part of the core system, and
simply call it from the script(s). This will help with maintenance,
since the changes are done in a single place only.
|
|
|
|
|
|
|
|
|
|
|
|
Add an endpoint to help users get the resources authorisation by the
resource ids.
|
|
|
|
Get the resource used to control access to the InbredSet group by that
group's SpeciesId and InbredSetId.
|
|
|
|
|
|
|
|
Replace `group_user_roles_on_resources` table with `user_roles` for
the query that checks whether the user has appropriate permissions to
act on a specific resource.
|
|
Fetching resource data: system and group categories of resources do
not have associated genetic data.
This commit adds some code to temporarily handle that case as an edge
case before I can devote more time to fixing the issue in a much
better way.
|
|
Add a new `public-view` role to be assigned to all users on all
resources that are defined as publicly viewable.
Update code to make assign `public-view` role to a newly registered
user for all publicly viewable roles.
Update the code to assign/revoke the `public-view` role to/from users
whenever the resource is toggled to and from being publicly viewable.
Ensure that `public-view` is not revoked from system-administrators.
Ensure that `public-view` is not revoked from the group administrators
of the group that owns the resource.
|
|
|
|
|
|
The way the `gn_auth.auth.authorisation.roles.models.user_roles`
function works has changed: this commit updates the code to take that
into consideration and fix any errors.
|
|
* The system resource is public, and should be present for all users.
* Each user that is a member of a group, should have their group show
up in their list of resources.
* Fix the SQL join: add an `ON ...` clause.
|
|
|
|
With user groups being resources that users can act on (with the
recent changes), this commit moves the `groups` module to under the
`resources` module.
It also renames the `*_resources.py` modules by dropping the
`_resources` part since the code is under the `resources` module
anyway.
|
|
With the new schema, not all Resource objects are "owned" by a
group. Those that are, are linked together through a different db
table (`resource_ownership`).
This commit removes the `Group` object from `Resource` objects and
updates the `resource_ownership` where relevant.
|
|
Rather than using pymonad's Maybe monad and dealing with the
complexity it introduces, raise an exception if there is no group
found for the given resource.
|