aboutsummaryrefslogtreecommitdiff
path: root/uploader/upload
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-07-29 14:38:32 -0500
committerFrederick Muriuki Muriithi2024-08-05 09:52:18 -0500
commitd3fd64fb5237febb9628c4ccbd259969327ab2ec (patch)
tree81ef0ec177188ca80b6f95c277bf9684cfaddccd /uploader/upload
parent09642e11e318d149cf628d6b536e04443845665d (diff)
downloadgn-uploader-d3fd64fb5237febb9628c4ccbd259969327ab2ec.tar.gz
Put endpoints behind an authorisation check
Put all endpoints that cause data changes behind authorisation.
Diffstat (limited to 'uploader/upload')
-rw-r--r--uploader/upload/rqtl2.py19
1 files changed, 19 insertions, 0 deletions
diff --git a/uploader/upload/rqtl2.py b/uploader/upload/rqtl2.py
index 6aed1f7..ff7556d 100644
--- a/uploader/upload/rqtl2.py
+++ b/uploader/upload/rqtl2.py
@@ -32,6 +32,7 @@ from uploader.files import save_file, fullpath
from uploader.dbinsert import species as all_species
from uploader.db_utils import with_db_connection, database_connection
+from uploader.authorisation import require_login
from uploader.db.platforms import platform_by_id, platforms_by_species
from uploader.db.averaging import averaging_methods, averaging_method_by_id
from uploader.db.tissues import all_tissues, tissue_by_id, create_new_tissue
@@ -53,8 +54,10 @@ from uploader.db.datasets import (
rqtl2 = Blueprint("rqtl2", __name__)
+
@rqtl2.route("/", methods=["GET", "POST"])
@rqtl2.route("/select-species", methods=["GET", "POST"])
+@require_login
def select_species():
"""Select the species."""
if request.method == "GET":
@@ -72,6 +75,7 @@ def select_species():
@rqtl2.route("/upload/species/<int:species_id>/select-population",
methods=["GET", "POST"])
+@require_login
def select_population(species_id: int):
"""Select/Create the population to organise data under."""
with database_connection(app.config["SQL_URI"]) as conn:
@@ -101,6 +105,7 @@ def select_population(species_id: int):
@rqtl2.route("/upload/species/<int:species_id>/create-population",
methods=["POST"])
+@require_login
def create_population(species_id: int):
"""Create a new population for the given species."""
population_page = redirect(url_for("upload.rqtl2.select_population",
@@ -143,6 +148,7 @@ class __RequestError__(Exception): #pylint: disable=[invalid-name]
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle"),
methods=["GET", "POST"])
+@require_login
def upload_rqtl2_bundle(species_id: int, population_id: int):
"""Allow upload of R/qtl2 bundle."""
with database_connection(app.config["SQL_URI"]) as conn:
@@ -241,6 +247,7 @@ def chunks_directory(uniqueidentifier: str) -> Path:
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle-chunked"),
methods=["GET"])
+@require_login
def upload_rqtl2_bundle_chunked_get(# pylint: disable=["unused-argument"]
species_id: int,
population_id: int
@@ -285,6 +292,7 @@ def __merge_chunks__(targetfile: Path, chunkpaths: tuple[Path, ...]) -> Path:
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle-chunked"),
methods=["POST"])
+@require_login
def upload_rqtl2_bundle_chunked_post(species_id: int, population_id: int):
"""
Extension to the `upload_rqtl2_bundle` endpoint above that allows large
@@ -343,6 +351,7 @@ def upload_rqtl2_bundle_chunked_post(species_id: int, population_id: int):
@rqtl2.route("/upload/species/rqtl2-bundle/qc-status/<uuid:jobid>",
methods=["GET", "POST"])
+@require_login
def rqtl2_bundle_qc_status(jobid: UUID):
"""Check the status of the QC jobs."""
with (Redis.from_url(app.config["REDIS_URL"], decode_responses=True) as rconn,
@@ -564,6 +573,7 @@ def with_errors(endpointthunk: Callable, *checkfns):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/select-geno-dataset"),
methods=["POST"])
+@require_login
def select_geno_dataset(species_id: int, population_id: int):
"""Select from existing geno datasets."""
with database_connection(app.config["SQL_URI"]) as conn:
@@ -602,6 +612,7 @@ def select_geno_dataset(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/create-geno-dataset"),
methods=["POST"])
+@require_login
def create_geno_dataset(species_id: int, population_id: int):
"""Create a new geno dataset."""
with database_connection(app.config["SQL_URI"]) as conn:
@@ -671,6 +682,7 @@ def create_geno_dataset(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/select-tissue"),
methods=["POST"])
+@require_login
def select_tissue(species_id: int, population_id: int):
"""Select from existing tissues."""
with database_connection(app.config["SQL_URI"]) as conn:
@@ -701,6 +713,7 @@ def select_tissue(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/create-tissue"),
methods=["POST"])
+@require_login
def create_tissue(species_id: int, population_id: int):
"""Add new tissue, organ or biological material to the system."""
form = request.form
@@ -745,6 +758,7 @@ def create_tissue(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/select-probeset-study"),
methods=["POST"])
+@require_login
def select_probeset_study(species_id: int, population_id: int):
"""Select or create a probeset study."""
with database_connection(app.config["SQL_URI"]) as conn:
@@ -780,6 +794,7 @@ def select_probeset_study(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/select-probeset-dataset"),
methods=["POST"])
+@require_login
def select_probeset_dataset(species_id: int, population_id: int):
"""Select or create a probeset dataset."""
with database_connection(app.config["SQL_URI"]) as conn:
@@ -820,6 +835,7 @@ def select_probeset_dataset(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/create-probeset-study"),
methods=["POST"])
+@require_login
def create_probeset_study(species_id: int, population_id: int):
"""Create a new probeset study."""
errorclasses = "alert-error error-rqtl2 error-rqtl2-create-probeset-study"
@@ -882,6 +898,7 @@ def create_probeset_study(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/create-probeset-dataset"),
methods=["POST"])
+@require_login
def create_probeset_dataset(species_id: int, population_id: int):#pylint: disable=[too-many-return-statements]
"""Create a new probeset dataset."""
errorclasses = "alert-error error-rqtl2 error-rqtl2-create-probeset-dataset"
@@ -973,6 +990,7 @@ def create_probeset_dataset(species_id: int, population_id: int):#pylint: disabl
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/dataset-info"),
methods=["POST"])
+@require_login
def select_dataset_info(species_id: int, population_id: int):
"""
If `geno` files exist in the R/qtl2 bundle, prompt user to provide the
@@ -1065,6 +1083,7 @@ def select_dataset_info(species_id: int, population_id: int):
@rqtl2.route(("/upload/species/<int:species_id>/population/<int:population_id>"
"/rqtl2-bundle/confirm-bundle-details"),
methods=["POST"])
+@require_login
def confirm_bundle_details(species_id: int, population_id: int):
"""Confirm the details and trigger R/qtl2 bundle processing..."""
redisuri = app.config["REDIS_URL"]