Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

View and publish perms #132

Merged
merged 2 commits into from
Jun 28, 2022
Merged

View and publish perms #132

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
553847d
Update prefix publishing messaging
HadleyKing Jun 21, 2022
fbaa013
Fix #131
HadleyKing Jun 28, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file modified admin_only/db.sqlite3.dev
View file
Open in desktop
Binary file not shown.
93 changes: 0 additions & 93 deletions bco_api/api/scripts/method_specific/POST_api_objects_drafts_create.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,101 +50,8 @@ def post_api_objects_drafts_create(request):
# Since bulk_request is an array, go over each
# item in the array.

# TODO: Not sure why the first one is treated differently if there is a single
# request. Need to compare the code - the second block might be all we
# need.
if len(bulk_request) == 1:
creation_object = bulk_request[0]
standardized = creation_object["prefix"].upper()
if (
"add_" + standardized in prefix_perms
and "draft_" + standardized in prefix_perms
):
if Group.objects.filter(
name=creation_object["owner_group"].lower()
).exists():
constructed_name = object_naming_info["uri_regex"].replace(
"root_uri", object_naming_info["root_uri"]
)
constructed_name = constructed_name.replace("prefix", standardized)
prefix_location = constructed_name.index(standardized)
prefix_length = len(standardized)
constructed_name = constructed_name[0 : prefix_location + prefix_length]
prefix_counter = prefix_table.objects.get(prefix=standardized)
creation_object["object_id"] = (
constructed_name
+ "_"
+ "{:06d}".format(prefix_counter.n_objects)
+ "/DRAFT"
)
# import pdb; pdb.set_trace()
creation_object["contents"]["object_id"] = creation_object["object_id"]
bco_id = creation_object["object_id"]
owner_group = Group.objects.get(name=creation_object["owner_group"])
creation_object["owner_group"] = owner_group.name
creation_object["owner_user"] = user.username
creation_object["prefix"] = standardized
creation_object["state"] = "DRAFT"
creation_object["last_update"] = timezone.now()
objects_written = db_utils.write_object(
p_app_label="api",
p_model_name="BCO",
p_fields=[
"contents",
"last_update",
"object_id",
"owner_group",
"owner_user",
"prefix",
"schema",
"state",
],
p_data=creation_object,
)
prefix_counter.n_objects = prefix_counter.n_objects + 1
prefix_counter.save()

if objects_written < 1:
# Issue with writing out to DB
return Response(
status=status.HTTP_400_BAD_REQUEST,
data="The request could not be processed with the"
" parameters provided.",
)

return Response(
status=status.HTTP_201_CREATED,
data={
"request_status": "SUCCESS",
"status_code": "201",
"message": f"The object with ID {bco_id} was"
" created on the server.",
"object_id": bco_id,
},
)

else:
# Update the request status.
returning.append(db_utils.messages(parameters={})["400_bad_request"])
any_failed = True

else:
# Update the request status.
return Response(
status=status.HTTP_401_UNAUTHORIZED,
data={
"request_status": "FAILURE",
"status_code": "401",
"message": "The token provided does not have draft"
f"permissions for prefix {standardized}.",
},
)

for creation_object in bulk_request:
# Standardize the prefix.
import pdb

pdb.set_trace()
standardized = creation_object["prefix"].upper()

# Require the macro-level and draft-specific permissions.
Expand Down
2 changes: 1 addition & 1 deletion bco_api/api/scripts/method_specific/POST_api_objects_drafts_publish.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,7 @@ def post_api_objects_drafts_publish(request):
# Update the request status.
returning.append(
db_utils.messages(parameters={"prefix": prefix})[
"401_prefix_unauthorized"
"401_prefix_publish_unauthorized"
]
)
any_failed = True
Expand Down
28 changes: 18 additions & 10 deletions bco_api/api/scripts/method_specific/POST_api_objects_search.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
"""

from itertools import chain

from api.models import BCO
from api.model.prefix import Prefix
from api.scripts.utilities import UserUtils
Expand Down Expand Up @@ -46,28 +47,34 @@ def post_api_objects_search(request):
search_value = ""
user_utils = UserUtils.UserUtils()
user_info = request._user
user_prefixes = user_utils.prefixes_for_user(user_object=user_info)

prefix_perms = user_utils.prefix_perms_for_user(
flatten=True, user_object=user_info, specific_permission=["add"]
)

if search_type == "bco_id":
if user_info.username == "anon":
bco_list = BCO.objects.filter(
publish_list = BCO.objects.filter(
object_id__icontains=search_value, state="PUBLISHED"
)
result_list = chain(bco_list.values(*return_values))
if user_info.username == "anon":
result_list = chain(publish_list.values(*return_values))
else:
user_objects = get_objects_for_user(
user=user_info, perms=[], klass=BCO, any_perm=True
)
bco_list = BCO.objects.filter(object_id__icontains=search_value).exclude(
draft_list = BCO.objects.filter(
object_id__icontains=search_value,
prefix__in=user_prefixes,
state="DRAFT"
).exclude(
state="DELETE"
)
for i in bco_list:
if i not in user_objects:
bco_list.exclude(pk=i.id)
bco_list = draft_list.union(publish_list)
result_list = chain(bco_list.values(*return_values))

if search_type == "prefix":
search_value = search_value.upper()
user_prefixes = user_utils.prefixes_for_user(user_object=user_info)
try:
prefix = Prefix.objects.get(prefix=search_value).prefix

Expand All @@ -77,7 +84,7 @@ def post_api_objects_search(request):
data={
"request_status": "FAILURE",
"status_code": "404",
"message": "The prefix was not found on the server.",
"message": "That prefix was not found on this server.",
},
)

Expand All @@ -94,7 +101,7 @@ def post_api_objects_search(request):
"request_status": "FAILURE",
"status_code": "403",
"message": "The token provided does not have sufficient"
" permissions for the requested object.",
" permissions for the requested prefix.",
},
)

Expand All @@ -110,5 +117,6 @@ def post_api_objects_search(request):
.exclude(state="DELETE")
.values(*return_values)
)
# print(len(list(result_list)))

return Response(status=status.HTTP_200_OK, data=result_list)
9 changes: 8 additions & 1 deletion bco_api/api/scripts/utilities/DbUtils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -672,7 +672,14 @@ def messages(self, parameters, p_content=False):
"401_prefix_unauthorized": {
"request_status": "FAILURE",
"status_code": "401",
"message": "The token provided does not have draft permissions for prefix '"
"message": "The token provided does not have draft permissions for this prefix '"
+ parameters["prefix"]
+ "'.",
},
"401_prefix_publish_unauthorized": {
"request_status": "FAILURE",
"status_code": "401",
"message": "The token provided does not have publish permissions for this prefix '"
+ parameters["prefix"]
+ "'.",
},
Expand Down