aboutsummaryrefslogtreecommitdiff
path: root/gn_auth/auth
AgeCommit message (Collapse)Author
2024-03-13Rename "the_client" to "_client".Munyoki Kilyungi
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Remove unused imports.Munyoki Kilyungi
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Auto-pep8 this file.Munyoki Kilyungi
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Define Privilege/Role using frozen dataclass.Munyoki Kilyungi
* gn_auth/auth/authorisation/privileges.py: Import dataclass. Remove NamedTuple import. (Privilege): Use frozen dataclass. (Privelege.dictify): Delete. * gn_auth/auth/authorisation/resources/groups/views.py: Import dataclasses.asdict. (group_privileges): Replace dictify with asdict. (add_priv_to_role): Ditto. (delete_priv_from_role): Ditto. * gn_auth/auth/authorisation/resources/models.py: (assign_resource_user): Replace dictify with asdict. (unassign_resource_user): Ditto. * gn_auth/auth/authorisation/resources/system/views.py: Import dataclasses.asdict. Remove dictify import. (system_roles): Replace dictify with asdict. * gn_auth/auth/authorisation/resources/views.py: (resource_users): Replace dictify with asdict. (resources_authorisation): Ditto. * gn_auth/auth/authorisation/roles/models.py: Remove dictify and NameTuple import. (Role): Use frozen dataclass. (Role.dictify): Replace dictify(priv) with asdict(priv). * gn_auth/auth/authorisation/roles/views.py: Import dataclasses.asdict. Remove dictify import. (view_role): Replace dictify with asdict. * gn_auth/auth/authorisation/users/views.py: (user_roles): Replace dictify with asdict. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Define OAuth2Client using frozen dataclass.Munyoki Kilyungi
* gn_auth/auth/authentication/oauth2/models/oauth2client.py: Import dataclass, cached_property and ClientMixin. Remove NamedTuple import. (OAuth2Client): Use frozen dataclass and explicitly inherit from ClientMixin. (OAuth2Client.token_endpoint_auth_method): Make this a cached property. (OAuth2Client.client_type): Ditto. (OAuth2Client.id): Ditto. (OAuth2Client.grant_types): Ditto. (OAuth2Client.redirect_uris): Ditto. (OAuth2Client.response_types): Ditto. (OAuth2Client.scope): Ditto. (OAuth2Client.get_allowed_scope): Autopep-8 it. (client): Autopep-8 it and use kw args for OAuthClient. (client_by_id_and_secret): Ditto. (oauth2_clients): Ditto. (save_client): Ditto. (delete_client): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Define GroupRole using frozen dataclass.Munyoki Kilyungi
* gn_auth/auth/authorisation/resources/groups/models.py: Import dataclasses.asdict. Remove dictify import. (GroupRole): Use frozen dataclass. (GroupRole.dictify): Replace dictify(...) with self.role.dictify(). * gn_auth/auth/authorisation/resources/groups/views.py: (group_roles): Replace dictify with asdict. (view_group_role): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Define Group using a frozen dataclass.Munyoki Kilyungi
* gn_auth/auth/authorisation/data/genotypes.py: Import dataclasses.asdict. (link_genotype_data): Replace dictify with asdict. * gn_auth/auth/authorisation/data/mrna.py: Import dataclasses.asdict. (link_mrna_data): Replace dictify with asdict. * gn_auth/auth/authorisation/data/phenotypes.py: Import dataclasses.asdict. (link_phenotype_data): Replace dictify with asdict. * gn_auth/auth/authorisation/resources/groups/models.py: Import dataclass. (Group): Use frozen dataclass. (Group.dictify): Delete. (GroupRole.dictify): Replace dictify with asdict. * gn_auth/auth/authorisation/resources/groups/views.py: Import dataclasses.asdict. Remove dictify import. (list_groups): Replace dictify with asdict. (create_group): Ditto. * gn_auth/auth/authorisation/resources/views.py: (resource_users): Replace dictify with asdict. * gn_auth/auth/authorisation/users/views.py: Import dataclasses.asdict. Remove dictify import. (user_details): Replace dictify with asdict. (user_group): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Define OAuth2Token using a frozen dataclass.Munyoki Kilyungi
* gn_auth/auth/authentication/oauth2/endpoints/introspection.py (IntrospectionEndpoint.introspect_token): Replace token.get_scope() with token.scope. * gn_auth/auth/authentication/oauth2/models/oauth2token.py: Import dataclass, TokenMixin and cached_property. Delete NamedTuple import. (OAuth2Token): Use a frozen dataclass and explicitly inherit from TokenMixin. (OAuth2Token.expires_at): Make this a cached_property. (OAuth2Token.check_client): Add the "# pylint ..." in it's own line. Tested-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-13Define User using a frozen dataclass.Munyoki Kilyungi
* gn_auth/auth/authentication/users.py: Import dataclass. Remove NamedTuple and Tuple import. (User): Use a frozen dataclass. (User.get_user_id): Delete. (User.dictify): Ditto. * gn_auth/auth/authorisation/data/views.py: Import dataclasses.dict. (authorisation): Replace user._asdict() with asdict(user). (metadata_resources): Ditto. * gn_auth/auth/authorisation/resources/groups/views.py: (group_members): Replace dictify with asdict. * gn_auth/auth/authorisation/resources/models.py: Import dataclasses.asdict. (assign_resource_user): Replace dictify(user) with asdict(user). (unassign_resource_user): Ditto. * gn_auth/auth/authorisation/resources/views.py: (resource_users): Replace dictify with asdict. * gn_auth/auth/authorisation/users/masquerade/views.py: Import dataclasses.asdict. (masquerade): Replace masq_user._asdict() with asdict(masq_user). * gn_auth/auth/authorisation/users/views.py: (list_all_users): Replace dictify with asdict. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-08Correctly check for the refresh_token.Munyoki Kilyungi
* gn_auth/auth/authentication/oauth2/endpoints/utilities.py (query_token): Replace "if" with "match" syntax. Also, correctly check for the "refresh_token". Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-08Replace "if" branching with "monad_from_none_or_value".Munyoki Kilyungi
* gn_auth/auth/authentication/oauth2/models/authorization_code.py: Import "monad_from_none_or_value". (authorisation_code): Replace if branching for Nothing/Just check with "monad_from_none_or_value". * gn_auth/auth/authentication/oauth2/models/oauth2token.py: Import "monad_from_none_or_value". (__token_from_resultset__): Replace if branching for Nothing/Just check with "monad_from_none_or_value". (token_by_access_token): Ditto. (token_by_refresh_token): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-08Rename "__5_MINUTES__" to "EXPIRY_IN_SECONDS".Munyoki Kilyungi
* gn_auth/auth/authentication/oauth2/models/authorization_code.py (AuthorisationCode.__5_MINUTES__): Rename this to EXPIRY_IN_SECONDS. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-08Explicitly add keyword arguments to AuthorisationCode.Munyoki Kilyungi
This improves readability. * gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py (AuthorisationCodeGrant.save_authorization_code): Use keyword arguments. * gn_auth/auth/authentication/oauth2/models/authorization_code.py (authorisation_code): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-08Remove "raise" in auth.db Protocol classes.Munyoki Kilyungi
* gn_auth/auth/db/protocols.py (DbCursor): Remove "raise" in DBCursor Protocol. See: <https://typing.readthedocs.io/en/latest/spec/protocol.html>
2024-03-04Add an extra endpoint for metadata authorisation.Munyoki Kilyungi
* gn_auth/auth/authorisation/data/views.py: (metadata_resources): New end-point for authorising metadata data. * gn_auth/auth/authorisation/resources/models.py: Import sqlite3.Row. (__metadata_resource_data__): New function. (__assign_resource_owner_role__): Add __metadata_resource_data__ to the "resource_data_function" map. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-04Fix minor typo.Munyoki Kilyungi
* gn_auth/auth/authorisation/data/views.py (authorisation): Fix typo. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-03-04Remove redundant error code for InvalidData.Munyoki Kilyungi
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
2024-02-29Allow POST for JSON requests.Frederick Muriuki Muriithi
2024-02-28Handle the "NotFoundError" exception at the route levelFrederick Muriuki Muriithi
Handle the "NotFoundError" exception at the route level, since if we do not, the application level handler takes over and simply returns a JSON response with the details of the failure.
2023-12-18Provide the correct Redis keyFrederick Muriuki Muriithi
Previously, when the user would request to either import or delete the collections they had created before logging in, the system would try deleting the collections from the wrong key, leading to the collections still showing up. This commit fixes that by providing the code with the correct Redis key to act upon.
2023-11-28Remove bcrypt as a dependencyFrederick Muriuki Muriithi
BCrypt has been superceded by argon, and this commit removes it and all code depending on it from the repository.
2023-11-23Scripts: Update script for newer db schemaFrederick Muriuki Muriithi
The schema changed a while back, and the script that is used to make all existing data public needs to be updated for the new schema. This commit does exactly that.
2023-11-22Move system admin creationFrederick Muriuki Muriithi
Make the system admin creation code part of the core system, and simply call it from the script(s). This will help with maintenance, since the changes are done in a single place only.
2023-11-22Only commit on successful queryFrederick Muriuki Muriithi
Only commit changes if the queries are successful.
2023-11-13Bug: Fix typo in queryFrederick Muriuki Muriithi
2023-11-13Update check for adminsFrederick Muriuki Muriithi
2023-11-02mypy: Fix typing errors.Frederick Muriuki Muriithi
2023-11-02pylint: Fix linting errors.Frederick Muriuki Muriithi
2023-10-12Bugs: Fix query and provide default function for inbredset-groupFrederick Muriuki Muriithi
2023-10-10Get authorisation by resource_idsFrederick Muriuki Muriithi
Add an endpoint to help users get the resources authorisation by the resource ids.
2023-10-10Temporarily return no data for resources of types system and group.Frederick Muriuki Muriithi
2023-10-09Fetch InbredSet group resource ID by SpeciesId and InbredSetIdFrederick Muriuki Muriithi
Get the resource used to control access to the InbredSet group by that group's SpeciesId and InbredSetId.
2023-09-27typing: fix and ignore typing issues.Frederick Muriuki Muriithi
2023-09-27linting: Remove unused import, handle unused variableFrederick Muriuki Muriithi
2023-09-27Bug: Fix issue with viewing resources of type "group".Frederick Muriuki Muriithi
2023-09-26Update queryFrederick Muriuki Muriithi
Replace `group_user_roles_on_resources` table with `user_roles` for the query that checks whether the user has appropriate permissions to act on a specific resource.
2023-09-26Handle temporary edge casesFrederick Muriuki Muriithi
Fetching resource data: system and group categories of resources do not have associated genetic data. This commit adds some code to temporarily handle that case as an edge case before I can devote more time to fixing the issue in a much better way.
2023-09-26Add `public-view` role. Assign it to users.Frederick Muriuki Muriithi
Add a new `public-view` role to be assigned to all users on all resources that are defined as publicly viewable. Update code to make assign `public-view` role to a newly registered user for all publicly viewable roles. Update the code to assign/revoke the `public-view` role to/from users whenever the resource is toggled to and from being publicly viewable. Ensure that `public-view` is not revoked from system-administrators. Ensure that `public-view` is not revoked from the group administrators of the group that owns the resource.
2023-09-26Update fetching a single roleFrederick Muriuki Muriithi
2023-09-26Initialise package to handle resources of type "system".Frederick Muriuki Muriithi
2023-09-26Update /roles endpoint: rework code for new `user_roles` functionFrederick Muriuki Muriithi
The way the `gn_auth.auth.authorisation.roles.models.user_roles` function works has changed: this commit updates the code to take that into consideration and fix any errors.
2023-09-26Add System resource, and group resource(s) to list of user resourcesFrederick Muriuki Muriithi
* The system resource is public, and should be present for all users. * Each user that is a member of a group, should have their group show up in their list of resources. * Fix the SQL join: add an `ON ...` clause.
2023-09-26Update `user_roles`: Return roles for user by resource.Frederick Muriuki Muriithi
2023-09-26Move `groups` package under `resources` packageFrederick Muriuki Muriithi
With user groups being resources that users can act on (with the recent changes), this commit moves the `groups` module to under the `resources` module. It also renames the `*_resources.py` modules by dropping the `_resources` part since the code is under the `resources` module anyway.
2023-09-26Remove group from resource objectsFrederick Muriuki Muriithi
With the new schema, not all Resource objects are "owned" by a group. Those that are, are linked together through a different db table (`resource_ownership`). This commit removes the `Group` object from `Resource` objects and updates the `resource_ownership` where relevant.
2023-09-26Raise exception if no group for `resource_group`Frederick Muriuki Muriithi
Rather than using pymonad's Maybe monad and dealing with the complexity it introduces, raise an exception if there is no group found for the given resource.
2023-09-26Add `resource_group` function to retrieve the owning groupFrederick Muriuki Muriithi
Some resources are "owned" by specific user groups. This commit adds a way to retrieve those "owners" where relevant.
2023-09-26Extract resource-type-specific code into separate modulesFrederick Muriuki Muriithi
For easier maintenance, extract the code that relates to specific resource types/categories into separate modules, each dealing with a single resource type/category.
2023-09-26Extract basic resource types to a separate module.Frederick Muriuki Muriithi
2023-08-23pylint: Remove statement calling non-existent memberFrederick Muriuki Muriithi