def get_authenticated_idx_and_idx_types(user=None, idx_keys=None, idx_type_keys=None): ''' Check permissions on elastic indexes and returns indexes that the given user can see''' # get all public idx_keys and idx_type_keys (idx_keys_public, idx_type_keys_public) = elastic_factory.get_idx_and_idx_type_keys(auth_public=True) # get all the private idx_keys and idx_type_keys (idx_keys_private, idx_type_keys_private) = elastic_factory.get_idx_and_idx_type_keys(auth_public=False) # user is None...return all public keys if user is None: return idx_keys_public, idx_type_keys_public idx_keys_auth = [] idx_type_keys_auth = [] # idx_keys or idx_type_keys is None, first fetch and add public keys # if idx_keys is None or idx_type_keys is None: if idx_keys is None: # First add all the public idx keys idx_keys_auth.extend(idx_keys_public) # Assign the idx keys that need to be checked idx_keys = idx_keys_private else: # don't add all, limit the one that the user has passed idx_keys_auth = [idx_key for idx_key in idx_keys if idx_key in idx_keys_public] if idx_type_keys is None: # First add all the public idx type keys idx_type_keys_auth.extend(idx_type_keys_public) # Assign the idx type keys that need to be checked idx_type_keys = idx_type_keys_private else: # don't add all, limit the one that the user has passed idx_type_keys_auth = [idx_key for idx_key in idx_type_keys if idx_key in idx_type_keys_public] # get elastic model names for the idx_keys and types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names(idx_keys=idx_keys, idx_type_keys=idx_type_keys) # @IgnorePep8 # check if the user has permissions to see the idx model model_names_idx_auth = _check_content_type_perms(model_names_idx, user) # check if the user has permissions to see the idx type model model_names_idx_types_auth = _check_content_type_perms(model_names_idx_types, user) # finally get the actual idx keys from model names and return them (idx_auth, idx_types_auth) = elastic_factory.get_keys_from_model_names(model_names_idx_auth, model_names_idx_types_auth) if idx_auth is not None and len(idx_auth) > 0: for idx in idx_auth: if idx not in idx_keys_auth: idx_keys_auth.append(idx) if idx_types_auth is not None and len(idx_types_auth) > 0: for idx in idx_types_auth: if idx not in idx_type_keys_auth: idx_type_keys_auth.append(idx) return (idx_keys_auth, idx_type_keys_auth)
def setUp(self): if 'pydgin_auth' in settings.INSTALLED_APPS: from pydgin_auth.elastic_model_factory import ElasticPermissionModelFactory from django.contrib.auth.models import Group # create elastic models ElasticPermissionModelFactory.create_dynamic_models() # create the default group READ Group.objects.get_or_create(name='READ')
def test_create_idx_type_model_permissions(self): elastic_dict = elastic_factory.get_elastic_settings_with_user_uploads() indexKey = 'CP_STATS_UD' user_upload_dict = list(elastic_dict[indexKey]['idx_type'].keys()) indexName = 'CP_STATS_UD' if len(user_upload_dict) > 1: indexType = user_upload_dict[0] else: indexType = 'UD-RANDOMTMPTEST' elastic_dict = ElasticSettings.attrs().get('IDX') idx_type_dict = {} idx_type_dict[indexType] = { 'label': 'testlabel', 'type': indexType } elastic_dict['CP_STATS_UD']['idx_type'] = idx_type_dict indexTypeModel = indexKey.lower() + elastic_factory.PERMISSION_MODEL_NAME_TYPE_DELIMITER + indexType.lower() + \ elastic_factory.PERMISSION_MODEL_TYPE_SUFFIX elastic_factory.create_idx_type_model_permissions( self.user, elastic_dict=elastic_dict, indexKey=indexName, indexTypeKey=indexType) # check if model exists db_models = elastic_factory.get_db_models( app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, existing=True) self.assertIn(indexTypeModel, db_models, ' model exists for ' + indexType) # check if permission exists content_type = None try: content_type = ContentType.objects.get( model=indexTypeModel.lower(), app_label=settings.ELASTIC_PERMISSION_MODEL_APP_NAME) except: pass permissions = None perm_code_name = 'can_read_' + indexTypeModel.lower() if content_type: permissions = Permission.objects.filter(content_type=content_type) self.assertIn(perm_code_name, [perm.codename for perm in permissions], 'perm present') # Request new instance of User user = get_object_or_404(User, pk=self.user.id) # Permission cache is repopulated from the database self.assertTrue( user.has_perm(settings.ELASTIC_PERMISSION_MODEL_APP_NAME + '.' + perm_code_name))
def test_elastic_model_names_round_trip(self): # getting the private ones (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names(auth_public=False) self.assertIn('target_mifsud_idx', model_names_idx, 'target_mifsud_idx found') self.assertIn('cp_stats_gwas-gwas-anderson_idx_type', model_names_idx_types, 'cp_stats_gwas-gwas-anderson_idx_type found') (idx_keys, idx_type_keys) = elastic_factory.get_keys_from_model_names(model_names_idx, model_names_idx_types) self.assertIn('TARGET_MIFSUD', idx_keys, 'TARGET_MIFSUD found') self.assertIn('CP_STATS_IC.IC-NAR_FARACO', idx_type_keys, 'CP_STATS_IC.IC-NAR_FARACO found')
def test_elastic_models_pydgin(self): '''check whether the right models are created for pydgin''' elastic_factory.create_dynamic_models() # check model names are created correctly expected_models = ['disease_idx', 'gene-pathway_idx_type', 'gene-interactions_idx_type', 'marker-ic_idx_type', 'publication-publication_idx_type', 'disease-disease_idx_type'] existing_models = elastic_factory.get_db_models(existing=True) for model in expected_models: self.assertIn(model, existing_models, 'Model exists: ' + model)
def test_get_elastic_model_names_chicp(self): '''check whether the right model names are created for chicp''' elastic_factory.create_dynamic_models() (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys(auth_public=False) (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('target_mifsud_idx', model_names_idx) self.assertIn('cp_stats_ic-ic-ms_imsgc_idx_type', model_names_idx_types) self.assertIn('cp_stats_ic-ic-nar_faraco_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-okada_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-stahl_idx_type', model_names_idx_types)
def test_get_idx_and_idx_type_keys_pydgin(self): '''create idx and idxtype keys for chicp''' elastic_factory.create_dynamic_models() # get all private idx and keys (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys( auth_public=False) # private idx keys self.assertIn('DISEASE', idx_keys) # public idx keys self.assertNotIn('GENE', idx_keys) self.assertNotIn('MARKER', idx_keys) self.assertNotIn('PUBLICATION', idx_keys) # private idx type keys self.assertIn('DISEASE.DISEASE', idx_type_keys) self.assertIn('GENE.PATHWAY', idx_type_keys) self.assertIn('GENE.INTERACTIONS', idx_type_keys) self.assertIn('PUBLICATION.PUBLICATION', idx_type_keys) # public idx type keys self.assertNotIn('GENE.GENE', idx_type_keys) self.assertNotIn('MARKER.MARKER', idx_type_keys) # get all public idx and keys (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys( auth_public=True) # private idx key self.assertNotIn('DISEASE', idx_keys) # public idx key self.assertIn('MARKER', idx_keys) self.assertIn('PUBLICATION', idx_keys) self.assertIn('GENE', idx_keys) # private idx type keys self.assertNotIn('DISEASE.DISEASE', idx_type_keys) self.assertNotIn('GENE.PATHWAY', idx_type_keys) self.assertNotIn('GENE.INTERACTIONS', idx_type_keys) self.assertNotIn('PUBLICATION.PUBLICATION', idx_type_keys) # public idx type keys self.assertIn('GENE.GENE', idx_type_keys) self.assertIn('MARKER.MARKER', idx_type_keys) self.assertIn('MARKER.MARKER', idx_type_keys) self.assertIn('MARKER.MARKER', idx_type_keys)
def test_elastic_models_pydgin(self): '''check whether the right models are created for pydgin''' elastic_factory.create_dynamic_models() # check model names are created correctly expected_models = [ 'disease_idx', 'gene-pathway_idx_type', 'gene-interactions_idx_type', 'marker-ic_idx_type', 'publication-publication_idx_type', 'disease-disease_idx_type' ] existing_models = elastic_factory.get_db_models(existing=True) for model in expected_models: self.assertIn(model, existing_models, 'Model exists: ' + model)
def test_create_idx_type_model_permissions(self): elastic_settings_before = ElasticSettings.attrs().get('IDX') user_types_before = elastic_settings_before['CP_STATS_UD']['idx_type'] self.assertEqual({}, user_types_before, 'CP_STATS_UD idx_type is empty') idx = "cp:hg19_userdata_bed" new_upload_file = "tmp_newly_uploaded_file" idx_type = new_upload_file os.system("curl -XPUT "+ElasticSettings.url()+"/"+idx+"/_mapping/"+idx_type+" -d '{\"" + idx_type + "\":{ \"properties\" : {\"message\" : {\"type\" : \"string\", \"store\" : true } } }}'") os.system("curl -XPUT "+ElasticSettings.url()+"/"+idx+"/"+idx_type+"/_meta -d '{\"label\": \"" + new_upload_file + "\", \"owner\": \""+self.user.username+"\", \"uploaded\": \"" + str(timezone.now())+"\"}'") elastic_settings_after = elastic_factory.create_idx_type_model_permissions(self.user, indexKey='CP_STATS_UD', indexTypeKey='UD-'+new_upload_file.upper(), # @IgnorePep8 new_upload_file="tmp_newly_uploaded_file") # @IgnorePep8 # elastic_settings_after = elastic_factory.get_elastic_settings_with_user_uploads(elastic_settings_before) user_types_after = elastic_settings_after['CP_STATS_UD']['idx_type'] self.assertTrue(len(user_types_after) > 0, "Has user idx_types ") self.assertTrue('UD-TMP_NEWLY_UPLOADED_FILE' in user_types_after) self.assertEqual(user_types_after['UD-TMP_NEWLY_UPLOADED_FILE']['type'], 'tmp_newly_uploaded_file')
def test_create_idx_type_model_permissions(self): elastic_settings_before = ElasticSettings.attrs().get('IDX') user_types_before = elastic_settings_before['CP_STATS_UD']['idx_type'] self.assertEqual({}, user_types_before, 'CP_STATS_UD idx_type is empty') idx = "cp:hg19_userdata_bed" new_upload_file = "tmp_newly_uploaded_file" idx_type = new_upload_file os.system( "curl -XPUT " + ElasticSettings.url() + "/" + idx + "/_mapping/" + idx_type + " -d '{\"" + idx_type + "\":{ \"properties\" : {\"message\" : {\"type\" : \"string\", \"store\" : true } } }}'" ) os.system("curl -XPUT " + ElasticSettings.url() + "/" + idx + "/" + idx_type + "/_meta -d '{\"label\": \"" + new_upload_file + "\", \"owner\": \"" + self.user.username + "\", \"uploaded\": \"" + str(timezone.now()) + "\"}'") elastic_settings_after = elastic_factory.create_idx_type_model_permissions( self.user, indexKey='CP_STATS_UD', indexTypeKey='UD-' + new_upload_file.upper(), # @IgnorePep8 new_upload_file="tmp_newly_uploaded_file") # @IgnorePep8 # elastic_settings_after = elastic_factory.get_elastic_settings_with_user_uploads(elastic_settings_before) user_types_after = elastic_settings_after['CP_STATS_UD']['idx_type'] self.assertTrue(len(user_types_after) > 0, "Has user idx_types ") self.assertTrue('UD-TMP_NEWLY_UPLOADED_FILE' in user_types_after) self.assertEqual( user_types_after['UD-TMP_NEWLY_UPLOADED_FILE']['type'], 'tmp_newly_uploaded_file')
def test_get_idx_and_idx_type_keys_pydgin(self): '''create idx and idxtype keys for chicp''' elastic_factory.create_dynamic_models() # get all private idx and keys (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys(auth_public=False) # private idx keys self.assertIn('DISEASE', idx_keys) # public idx keys self.assertNotIn('GENE', idx_keys) self.assertNotIn('MARKER', idx_keys) self.assertNotIn('PUBLICATION', idx_keys) # private idx type keys self.assertIn('DISEASE.DISEASE', idx_type_keys) self.assertIn('GENE.PATHWAY', idx_type_keys) self.assertIn('GENE.INTERACTIONS', idx_type_keys) self.assertIn('PUBLICATION.PUBLICATION', idx_type_keys) # public idx type keys self.assertNotIn('GENE.GENE', idx_type_keys) self.assertNotIn('MARKER.MARKER', idx_type_keys) # get all public idx and keys (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys(auth_public=True) # private idx key self.assertNotIn('DISEASE', idx_keys) # public idx key self.assertIn('MARKER', idx_keys) self.assertIn('PUBLICATION', idx_keys) self.assertIn('GENE', idx_keys) # private idx type keys self.assertNotIn('DISEASE.DISEASE', idx_type_keys) self.assertNotIn('GENE.PATHWAY', idx_type_keys) self.assertNotIn('GENE.INTERACTIONS', idx_type_keys) self.assertNotIn('PUBLICATION.PUBLICATION', idx_type_keys) # public idx type keys self.assertIn('GENE.GENE', idx_type_keys) self.assertIn('MARKER.MARKER', idx_type_keys) self.assertIn('MARKER.MARKER', idx_type_keys) self.assertIn('MARKER.MARKER', idx_type_keys)
def test_search_props(self): if 'pydgin_auth' in settings.INSTALLED_APPS: from pydgin_auth.elastic_model_factory import ElasticPermissionModelFactory from django.contrib.contenttypes.models import ContentType from django.contrib.auth.models import Group, User, Permission from django.shortcuts import get_object_or_404 ElasticPermissionModelFactory.create_dynamic_models() search_props = ElasticSettings.search_props("ALL") idx = search_props['idx'] idx_keys = search_props['idx_keys'] idx_type = search_props['idx_type'] self.assertIn('publications', idx, 'publications found in idx') self.assertIn('MARKER', idx_keys, 'MARKER found in idx_keys') self.assertIn('rs_merge', idx_type, 'rs_merge found in idx_type') # CREATE DIL group and add test_dil user to that group dil_group, created = Group.objects.get_or_create(name='DILX') self.assertTrue(created) dil_user = User.objects.create_user( username='******', email='*****@*****.**', password='******') dil_user.groups.add(dil_group) self.assertTrue(dil_user.groups.filter(name='DILX').exists()) # create permission for MARKER and IC test_model_name = 'marker-ic_idx_type' # create permissions on models and retest again to check if the idx type could be seen content_type, created = ContentType.objects.get_or_create( model=test_model_name, app_label="elastic", ) # get the permission ... already created can_read_permission = Permission.objects.get(content_type=content_type) self.assertEqual('can_read_marker-ic_idx_type', can_read_permission.codename, "idx type permission correct") # as soon as the permission is set for an index, the index becomes a restricted resource idx_types_visible = ElasticSettings.search_props("ALL")["idx_type"] self.assertFalse('immunochip' in idx_types_visible, 'immunochip idx type not visible') # now grant permission to dil_user and check if idx type is visible dil_group.permissions.add(can_read_permission) dil_user = get_object_or_404(User, pk=dil_user.id) idx_types_visible = ElasticSettings.search_props("ALL", dil_user)["idx_type"] self.assertTrue('immunochip' in idx_types_visible, 'immunochip idx type visible now')
def test_create_idx_type_model_permissions(self): elastic_dict = elastic_factory.get_elastic_settings_with_user_uploads() indexKey = 'CP_STATS_UD' user_upload_dict = list(elastic_dict[indexKey]['idx_type'].keys()) indexName = 'CP_STATS_UD' if len(user_upload_dict) > 1: indexType = user_upload_dict[0] else: indexType = 'UD-RANDOMTMPTEST' elastic_dict = ElasticSettings.attrs().get('IDX') idx_type_dict = {} idx_type_dict[indexType] = {'label': 'testlabel', 'type': indexType} elastic_dict['CP_STATS_UD']['idx_type'] = idx_type_dict indexTypeModel = indexKey.lower() + elastic_factory.PERMISSION_MODEL_NAME_TYPE_DELIMITER + indexType.lower() + \ elastic_factory.PERMISSION_MODEL_TYPE_SUFFIX elastic_factory.create_idx_type_model_permissions(self.user, elastic_dict=elastic_dict, indexKey=indexName, indexTypeKey=indexType) # check if model exists db_models = elastic_factory.get_db_models(app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, existing=True) self.assertIn(indexTypeModel, db_models, ' model exists for ' + indexType) # check if permission exists content_type = None try: content_type = ContentType.objects.get(model=indexTypeModel.lower(), app_label=settings.ELASTIC_PERMISSION_MODEL_APP_NAME) except: pass permissions = None perm_code_name = 'can_read_' + indexTypeModel.lower() if content_type: permissions = Permission.objects.filter(content_type=content_type) self.assertIn(perm_code_name, [perm.codename for perm in permissions], 'perm present') # Request new instance of User user = get_object_or_404(User, pk=self.user.id) # Permission cache is repopulated from the database self.assertTrue(user.has_perm(settings.ELASTIC_PERMISSION_MODEL_APP_NAME + '.' + perm_code_name))
def test_elastic_model_names_round_trip(self): # getting the private ones (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( auth_public=False) self.assertIn('target_mifsud_idx', model_names_idx, 'target_mifsud_idx found') self.assertIn('cp_stats_gwas-gwas-anderson_idx_type', model_names_idx_types, 'cp_stats_gwas-gwas-anderson_idx_type found') (idx_keys, idx_type_keys) = elastic_factory.get_keys_from_model_names( model_names_idx, model_names_idx_types) self.assertIn('TARGET_MIFSUD', idx_keys, 'TARGET_MIFSUD found') self.assertIn('CP_STATS_IC.IC-NAR_FARACO', idx_type_keys, 'CP_STATS_IC.IC-NAR_FARACO found')
def test_get_elastic_model_names_chicp(self): '''check whether the right model names are created for chicp''' elastic_factory.create_dynamic_models() (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys( auth_public=False) (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('target_mifsud_idx', model_names_idx) self.assertIn('cp_stats_ic-ic-ms_imsgc_idx_type', model_names_idx_types) self.assertIn('cp_stats_ic-ic-nar_faraco_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-okada_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-stahl_idx_type', model_names_idx_types)
def test_get_elastic_model_names_pydgin(self): '''check whether the right model names are created for pydgin''' # for pydgin, returns only models for private idx and idx_types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names() model_names = model_names_idx + model_names_idx_types self.assertIn('disease_idx', model_names) self.assertIn('gene-pathway_idx_type', model_names) self.assertIn('marker-ic_idx_type', model_names) self.assertIn('disease-disease_idx_type', model_names)
def test_get_elastic_model_names_pydgin(self): '''check whether the right model names are created for pydgin''' # for pydgin, returns only models for private idx and idx_types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names() model_names = model_names_idx + model_names_idx_types self.assertIn('disease_idx', model_names) self.assertIn('gene-pathway_idx_type', model_names) self.assertIn('marker-ic_idx_type', model_names) self.assertIn('disease-disease_idx_type', model_names)
def test_get_idx_and_idx_type_keys_cp(self): '''create idx and idxtype keys for chicp''' elastic_factory.create_dynamic_models() # usually you can get the IDX dict via ElasticSettings.attrs().get('IDX') (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys( auth_public=False) # private idx self.assertIn('TARGET_MIFSUD', idx_keys) self.assertIn('CP_STATS_UD', idx_keys) # private idx types self.assertIn('CP_STATS_IC.IC-MS_IMSGC', idx_type_keys) self.assertIn('CP_STATS_IC.IC-JIA_HINKS_UK', idx_type_keys) self.assertIn('CP_STATS_IC.IC-NAR_FARACO', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-BARRETT', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-ANDERSON', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-STAHL', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-OKADA', idx_type_keys) # public idx (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys( auth_public=True) # public idx self.assertIn('CP_STATS_IC', idx_keys) self.assertIn('CP_STATS_GWAS', idx_keys) self.assertIn('TARGET_MARTIN', idx_keys) self.assertIn('TARGET_CHICAGO', idx_keys) # public idx and idx_type self.assertIn('CP_STATS_IC.IC-T1D_ONENGUT', idx_type_keys) self.assertIn('CP_STATS_IC.IC-ATD_COOPER', idx_type_keys) self.assertIn('CP_STATS_IC.IC-CEL_TRYNKA', idx_type_keys) self.assertIn('CP_STATS_IC.IC-RA_EYRE', idx_type_keys) self.assertIn('CP_STATS_IC.IC-PBC_LIU', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-COOPER', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-DUBOIS', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-FRANKE', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-IMSGC', idx_type_keys)
def chicpeaFileUpload(request, url): filesDict = request.FILES user = request.user files = filesDict.getlist("files[]") snpTracks = list() idx = ElasticSettings.idx('CP_STATS_UD') for f in files: line = f.readlines()[0].decode() if line.startswith("#"): line = f.readlines()[1].decode() parts = re.split("\t", line) if re.match("\s", line): parts = re.split("\s", line) if len(parts) != 5: logger.warn("WARNING: unexpected number of columns ("+len(parts)+"): "+line) continue f.seek(0) bedFile = NamedTemporaryFile(delete=False) bedFile.write(f.read()) bedFile.close() idx_type = os.path.basename(bedFile.name) snpTracks.append({"value": "ud-"+idx_type, "text": f.name}) os.system("curl -XDELETE '"+ElasticSettings.url()+"/"+idx+"/"+idx_type+"'") call_command("index_search", indexName=idx, indexType=idx_type, indexBED=bedFile.name) logger.debug("index_search --indexName "+idx+" --indexType "+idx_type+" --indexBED "+bedFile.name) os.system("curl -XPUT "+ElasticSettings.url()+"/"+idx+"/"+idx_type+"/_meta -d '{\"label\": \"" + f.name + "\", \"owner\": \""+user.username+"\", \"uploaded\": \""+str(timezone.now())+"\"}'") bedFile.delete elastic_factory.create_idx_type_model_permissions(user, indexKey='CP_STATS_UD', indexTypeKey='UD-'+idx_type.upper()) context = dict() context['userSNPTracks'] = snpTracks return HttpResponse(json.dumps(context), content_type="application/json")
def test_get_keys_from_model_names(self): idx_model_names = ['disease_idx', 'gene_idx'] idx_type_model_names = ['gene-interactions_idx_type', 'marker-ic_idx_type', 'publication-publication_idx_type'] (idx_keys, idx_type_keys) = elastic_factory.get_keys_from_model_names(idx_model_names, idx_type_model_names) self.assertTrue('DISEASE' in idx_keys, 'got right idx key : DISEASE') self.assertTrue('GENE' in idx_keys, 'got right idx key : GENE') self.assertTrue('GENE.INTERACTIONS' in idx_type_keys, 'got right idx type key : GENE.INTERACTIONS') self.assertTrue('MARKER.IC' in idx_type_keys, 'got right idx type key : MARKER.IC') self.assertTrue('PUBLICATION.PUBLICATION' in idx_type_keys, 'got right idx type key : PUBLICATION.PUBLICATION')
def chicpeaFileUpload(request, url): filesDict = request.FILES user = request.user files = filesDict.getlist("files[]") snpTracks = list() idx = ElasticSettings.idx('CP_STATS_UD') for f in files: line = f.readlines()[0].decode() if line.startswith("#"): line = f.readlines()[1].decode() parts = re.split("\t", line) if re.match("\s", line): parts = re.split("\s", line) if len(parts) != 5: logger.warn("WARNING: unexpected number of columns ("+len(parts)+"): "+line) continue f.seek(0) bedFile = NamedTemporaryFile(delete=False) bedFile.write(f.read()) bedFile.close() idx_type = os.path.basename(bedFile.name) snpTracks.append({"value": "ud-"+idx_type, "text": f.name}) os.system("curl -XDELETE '"+ElasticSettings.url()+"/"+idx+"/"+idx_type+"'") call_command("index_search", indexName=idx, indexType=idx_type, indexBED=bedFile.name) logger.debug("index_search --indexName "+idx+" --indexType "+idx_type+" --indexBED "+bedFile.name) os.system("curl -XPUT "+ElasticSettings.url()+"/"+idx+"/"+idx_type+"/_meta -d '{\"label\": \"" + f.name + "\", \"owner\": \""+user.username+"\", \"uploaded\": \""+str(timezone.now())+"\"}'") bedFile.delete elastic_factory.create_idx_type_model_permissions(user, indexKey='CP_STATS_UD', indexTypeKey='UD-'+idx_type.upper()) context = dict() context['userSNPTracks'] = snpTracks return HttpResponse(json.dumps(context), content_type="application/json")
def test_get_idx_and_idx_type_keys_cp(self): '''create idx and idxtype keys for chicp''' elastic_factory.create_dynamic_models() # usually you can get the IDX dict via ElasticSettings.attrs().get('IDX') (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys(auth_public=False) # private idx self.assertIn('TARGET_MIFSUD', idx_keys) self.assertIn('CP_STATS_UD', idx_keys) # private idx types self.assertIn('CP_STATS_IC.IC-MS_IMSGC', idx_type_keys) self.assertIn('CP_STATS_IC.IC-JIA_HINKS_UK', idx_type_keys) self.assertIn('CP_STATS_IC.IC-NAR_FARACO', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-BARRETT', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-ANDERSON', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-STAHL', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-OKADA', idx_type_keys) # public idx (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys(auth_public=True) # public idx self.assertIn('CP_STATS_IC', idx_keys) self.assertIn('CP_STATS_GWAS', idx_keys) self.assertIn('TARGET_MARTIN', idx_keys) self.assertIn('TARGET_CHICAGO', idx_keys) # public idx and idx_type self.assertIn('CP_STATS_IC.IC-T1D_ONENGUT', idx_type_keys) self.assertIn('CP_STATS_IC.IC-ATD_COOPER', idx_type_keys) self.assertIn('CP_STATS_IC.IC-CEL_TRYNKA', idx_type_keys) self.assertIn('CP_STATS_IC.IC-RA_EYRE', idx_type_keys) self.assertIn('CP_STATS_IC.IC-PBC_LIU', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-COOPER', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-DUBOIS', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-FRANKE', idx_type_keys) self.assertIn('CP_STATS_GWAS.GWAS-IMSGC', idx_type_keys)
def test_get_keys_from_model_names(self): idx_model_names = ['disease_idx', 'gene_idx'] idx_type_model_names = [ 'gene-interactions_idx_type', 'marker-ic_idx_type', 'publication-publication_idx_type' ] (idx_keys, idx_type_keys) = elastic_factory.get_keys_from_model_names( idx_model_names, idx_type_model_names) self.assertTrue('DISEASE' in idx_keys, 'got right idx key : DISEASE') self.assertTrue('GENE' in idx_keys, 'got right idx key : GENE') self.assertTrue('GENE.INTERACTIONS' in idx_type_keys, 'got right idx type key : GENE.INTERACTIONS') self.assertTrue('MARKER.IC' in idx_type_keys, 'got right idx type key : MARKER.IC') self.assertTrue('PUBLICATION.PUBLICATION' in idx_type_keys, 'got right idx type key : PUBLICATION.PUBLICATION')
def get_authenticated_idx_and_idx_types(user=None, idx_keys=None, idx_type_keys=None): ''' Check permissions on elastic indexes and returns indexes that the given user can see''' # get all public idx_keys and idx_type_keys (idx_keys_public, idx_type_keys_public) = elastic_factory.get_idx_and_idx_type_keys( auth_public=True) # get all the private idx_keys and idx_type_keys (idx_keys_private, idx_type_keys_private) = elastic_factory.get_idx_and_idx_type_keys( auth_public=False) # user is None...return all public keys if user is None: return idx_keys_public, idx_type_keys_public idx_keys_auth = [] idx_type_keys_auth = [] # idx_keys or idx_type_keys is None, first fetch and add public keys # if idx_keys is None or idx_type_keys is None: if idx_keys is None: # First add all the public idx keys idx_keys_auth.extend(idx_keys_public) # Assign the idx keys that need to be checked idx_keys = idx_keys_private else: # don't add all, limit the one that the user has passed idx_keys_auth = [ idx_key for idx_key in idx_keys if idx_key in idx_keys_public ] if idx_type_keys is None: # First add all the public idx type keys idx_type_keys_auth.extend(idx_type_keys_public) # Assign the idx type keys that need to be checked idx_type_keys = idx_type_keys_private else: # don't add all, limit the one that the user has passed idx_type_keys_auth = [ idx_key for idx_key in idx_type_keys if idx_key in idx_type_keys_public ] # get elastic model names for the idx_keys and types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys, idx_type_keys=idx_type_keys) # @IgnorePep8 # check if the user has permissions to see the idx model model_names_idx_auth = _check_content_type_perms(model_names_idx, user) # check if the user has permissions to see the idx type model model_names_idx_types_auth = _check_content_type_perms( model_names_idx_types, user) # finally get the actual idx keys from model names and return them (idx_auth, idx_types_auth) = elastic_factory.get_keys_from_model_names( model_names_idx_auth, model_names_idx_types_auth) if idx_auth is not None and len(idx_auth) > 0: for idx in idx_auth: if idx not in idx_keys_auth: idx_keys_auth.append(idx) if idx_types_auth is not None and len(idx_types_auth) > 0: for idx in idx_types_auth: if idx not in idx_type_keys_auth: idx_type_keys_auth.append(idx) return (idx_keys_auth, idx_type_keys_auth)
terms_agreed.boolean = True terms_agreed.admin_order_field = 'is_terms_agreed' def persons(self): '''Returns all the users appended by , for a GROUP''' return ', '.join(['<a href="%s">%s</a>' % (reverse('admin:auth_user_change', args=(x.id,)), x.username) for x in self.user_set.all().order_by('username')]) persons.allow_tags = True class UserAdmin(UserAdmin): '''ModelAdmin Class to alter the display for Users''' list_display = ['username', 'email', 'first_name', 'last_name', 'is_active', terms_agreed, staff, adm, roles, last] list_filter = ['groups', 'is_staff', 'is_superuser', 'is_active'] class GroupAdmin(GroupAdmin): '''ModelAdmin Class to alter the display for Groups''' list_display = ['name', persons] list_display_links = ['name'] admin.site.unregister(User) admin.site.unregister(Group) admin.site.register(User, UserAdmin) admin.site.register(Group, GroupAdmin) admin.site.register(Permission) # call to create elastic models based on the elastic settings ElasticPermissionModelFactory.create_dynamic_models()
def test_get_authenticated_idx_and_idx_types(self): elastic_factory.create_dynamic_models() # As user is none we should get back only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(user=None) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # As user is not none and we have assigned the user to any group we should get back # only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # Create test_dil user and assign the user to DIL group dil_group, created = Group.objects.get_or_create(name='DIL') self.assertTrue(created) dil_user = User.objects.create_user(username='******', email='*****@*****.**', password='******') dil_user.groups.add(dil_group) self.assertTrue(dil_user.groups.filter(name='DIL').exists()) all_groups_of_dil_user = dil_user.groups.values_list('name', flat=True) self.assertTrue("DIL" in all_groups_of_dil_user, "Found DIL in groups") self.assertTrue("READ" in all_groups_of_dil_user, "Found READ in groups") # get private idx and assign permission to dil_user (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( auth_public=False) test_idx_model = model_names_idx[0] test_idx_type_model = model_names_idx_types[1] self.assertTrue(test_idx_model.endswith('_idx'), 'Idx model ends with _idx') self.assertTrue(test_idx_type_model.endswith('_idx_type'), 'Idx type model ends with _idx_type') # create permissions on models and retest again to check if the idx could be seen content_type_idx, created_idx = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) content_type_idx_type, created_idx_type = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_type_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) # The idx and idx_type should already exists in db, so created should be false self.assertFalse(created_idx, test_idx_model + ' is available ') self.assertFalse(created_idx_type, test_idx_type_model + ' is available ') self.assertIsNotNone(content_type_idx, content_type_idx.name + ' is not None') self.assertIsNotNone(content_type_idx_type, content_type_idx_type.name + ' is not None') # create permission and assign ...Generally we create via admin interface can_read_permission_idx, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx) self.assertIsNotNone( can_read_permission_idx, ' Permission is available ' + can_read_permission_idx.name) can_read_permission_idx_type, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx_type) self.assertIsNotNone( can_read_permission_idx_type, ' Permission is available ' + can_read_permission_idx_type.name) # now grant access to test_dil and check if the user can see the index # Add the permission to dil_group dil_group.permissions.add(can_read_permission_idx) dil_group.permissions.add(can_read_permission_idx_type) dil_user = get_object_or_404(User, pk=dil_user.id) available_group_perms = dil_user.get_group_permissions() self.assertTrue('elastic.can_read_' + test_idx_model.lower() in available_group_perms) self.assertTrue('elastic.can_read_' + test_idx_type_model.lower() in available_group_perms) # Try to get the authenticated idx and idx_types keys again (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(dil_user) (idx_model_name_auth, idx_type_model_name_auth) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys_auth, idx_type_keys=idx_type_keys_auth) self.assertTrue(test_idx_model in idx_model_name_auth) self.assertTrue(test_idx_type_model in idx_type_model_name_auth) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # pass just one index key and index type and check for returned keys and types # publication idx is public and publication.publication is private idx_keys = ['PUBLICATION'] idx_type_keys = ['PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types( self.user, idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('PUBLICATION', idx_keys_auth) self.assertNotIn('PUBLICATION.PUBLICATION', idx_type_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') # pass only one idx_keys and one idx type keys idx_keys = ['PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types( self.user, idx_keys=idx_keys, ) self.assertIn('PUBLICATION', idx_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') self.assertTrue(len(idx_type_keys_auth) == 3, 'Got back 3 idx types') # pass only one idx type keys and idx keys idx_type_keys = ['MARKER.MARKER', 'PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types( self.user, idx_type_keys=idx_type_keys, ) self.assertTrue(len(idx_keys_auth) == 3, 'Got back only one idx') # as publication is private and we have passed the regular user this is right self.assertTrue(len(idx_type_keys_auth) == 1, 'Got back 0 idx types')
def test_get_authenticated_idx_and_idx_types(self): elastic_factory.create_dynamic_models() # As user is none we should get back only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(user=None) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # As user is not none and we have assigned the user to any group we should get back # only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # Create test_dil user and assign the user to DIL group dil_group, created = Group.objects.get_or_create(name='DIL') self.assertTrue(created) dil_user = User.objects.create_user( username='******', email='*****@*****.**', password='******') dil_user.groups.add(dil_group) self.assertTrue(dil_user.groups.filter(name='DIL').exists()) all_groups_of_dil_user = dil_user.groups.values_list('name', flat=True) self.assertTrue("DIL" in all_groups_of_dil_user, "Found DIL in groups") self.assertTrue("READ" in all_groups_of_dil_user, "Found READ in groups") # get private idx and assign permission to dil_user (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names(auth_public=False) test_idx_model = model_names_idx[0] test_idx_type_model = model_names_idx_types[1] self.assertTrue(test_idx_model.endswith('_idx'), 'Idx model ends with _idx') self.assertTrue(test_idx_type_model.endswith('_idx_type'), 'Idx type model ends with _idx_type') # create permissions on models and retest again to check if the idx could be seen content_type_idx, created_idx = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) content_type_idx_type, created_idx_type = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_type_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) # The idx and idx_type should already exists in db, so created should be false self.assertFalse(created_idx, test_idx_model + ' is available ') self.assertFalse(created_idx_type, test_idx_type_model + ' is available ') self.assertIsNotNone(content_type_idx, content_type_idx.name + ' is not None') self.assertIsNotNone(content_type_idx_type, content_type_idx_type.name + ' is not None') # create permission and assign ...Generally we create via admin interface can_read_permission_idx, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx) self.assertIsNotNone(can_read_permission_idx, ' Permission is available ' + can_read_permission_idx.name) can_read_permission_idx_type, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx_type) self.assertIsNotNone(can_read_permission_idx_type, ' Permission is available ' + can_read_permission_idx_type.name) # now grant access to test_dil and check if the user can see the index # Add the permission to dil_group dil_group.permissions.add(can_read_permission_idx) dil_group.permissions.add(can_read_permission_idx_type) dil_user = get_object_or_404(User, pk=dil_user.id) available_group_perms = dil_user.get_group_permissions() self.assertTrue('elastic.can_read_' + test_idx_model.lower() in available_group_perms) self.assertTrue('elastic.can_read_' + test_idx_type_model.lower() in available_group_perms) # Try to get the authenticated idx and idx_types keys again (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(dil_user) (idx_model_name_auth, idx_type_model_name_auth) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys_auth, idx_type_keys=idx_type_keys_auth) self.assertTrue(test_idx_model in idx_model_name_auth) self.assertTrue(test_idx_type_model in idx_type_model_name_auth) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # pass just one index key and index type and check for returned keys and types # publication idx is public and publication.publication is private idx_keys = ['PUBLICATION'] idx_type_keys = ['PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user, idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('PUBLICATION', idx_keys_auth) self.assertNotIn('PUBLICATION.PUBLICATION', idx_type_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') # pass only one idx_keys and one idx type keys idx_keys = ['PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user, idx_keys=idx_keys, ) self.assertIn('PUBLICATION', idx_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') self.assertTrue(len(idx_type_keys_auth) == 3, 'Got back 3 idx types') # pass only one idx type keys and idx keys idx_type_keys = ['MARKER.MARKER', 'PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user, idx_type_keys=idx_type_keys, ) self.assertTrue(len(idx_keys_auth) == 3, 'Got back only one idx') # as publication is private and we have passed the regular user this is right self.assertTrue(len(idx_type_keys_auth) == 1, 'Got back 0 idx types')