async def create_user(
user: UserModel,
enforcer: casbin.Enforcer = Depends(get_enforcer),
db: Session = Depends(get_db),
current_user: Auth0ClaimsPatched = Depends(get_current_user)):
user_dict = user.dict()
# Drop the roles field if it was provided.
user_dict.pop('roles', None)
new_user = User(id=current_user.username if current_user.username else 42)
new_user_version = UserVersion(data=strip_metadata(user_dict),
server_version=settings.server_version)
new_user_version.user = new_user
new_user.current = new_user_version
add_owner(new_user, current_user.username)
db.add_all([new_user, new_user_version])
db.commit()
add_policy(enforcer,
user=current_user.username,
path=f"/user/{str(new_user.id)}",
method="GET")
add_policy(enforcer,
user=current_user.username,
path=f"/user/{str(new_user.id)}",
method="PUT")
return add_role(enforcer, versioned_row_to_dict(new_user,
new_user_version))
async def create_permission(
run_id: int,
method: str,
user_id: str,
enforcer: casbin.Enforcer = Depends(get_enforcer),
current_user: Auth0ClaimsPatched = Depends(get_current_user)):
if not check_access(enforcer,
user=current_user.username,
path=f"/run/{str(run_id)}",
method="PUT"):
raise HTTPException(status_code=403, detail='Insufficient Permissions')
add_policy(enforcer, user=user_id, path=f"/run/{run_id}", method=method)
return success
def post(self):
user_dict = request.json
# Drop the roles field if it was provided.
user_dict.pop('roles', None)
user = User(id=request.current_user["sub"] if request.
current_user["sub"] else 42)
user_version = UserVersion(data=strip_metadata(user_dict),
server_version=app.config['SERVER_VERSION'])
user_version.user = user
user.current = user_version
add_owner(user)
db.session.add_all([user, user_version])
db.session.commit()
add_policy(path=f"/user/{str(user.id)}", method="GET")
add_policy(path=f"/user/{str(user.id)}", method="PUT")
return add_role(versioned_row_to_dict(api, user, user_version))
async def create_protocol(
protocol: ProtocolModel,
enforcer: casbin.Enforcer = Depends(get_enforcer),
db: Session = Depends(get_db),
current_user: Auth0ClaimsPatched = Depends(get_current_user)):
protocol_dict = protocol.dict()
protocol = Protocol()
protocol_version = ProtocolVersion(data=strip_metadata(protocol_dict),
server_version=settings.server_version)
protocol_version.protocol = protocol
protocol.current = protocol_version
add_owner(protocol, current_user.username)
db.add_all([protocol, protocol_version])
db.commit()
add_policy(enforcer,
user=current_user.username,
path=f"/protocol/{str(protocol.id)}",
method="GET")
add_policy(enforcer,
user=current_user.username,
path=f"/protocol/{str(protocol.id)}",
method="PUT")
add_policy(enforcer,
user=current_user.username,
path=f"/protocol/{str(protocol.id)}",
method="DELETE")
return versioned_row_to_dict(protocol, protocol_version)
def post(self):
run_dict = request.json
protocol_id = extract_protocol_id(run_dict)
run_dict.pop('protocol', None)
if not protocol_id:
abort(400)
return
protocol = Protocol.query.get(protocol_id)
if not protocol:
abort(400)
return
run = Run()
run_version = RunVersion(data=strip_metadata(run_dict),
server_version=app.config['SERVER_VERSION'])
run_version.run = run
run.current = run_version
run.protocol_version_id = protocol.version_id
add_owner(run)
db.session.add_all([run, run_version])
samples = get_samples(run, run_version)
if samples:
for sample in samples:
db.session.merge(sample)
db.session.commit()
add_policy(path=f"/run/{str(run.id)}", method="GET")
add_policy(path=f"/run/{str(run.id)}", method="PUT")
add_policy(path=f"/run/{str(run.id)}", method="DELETE")
return run_to_dict(run, run_version)
def post(self):
protocol_dict = request.json
protocol = Protocol()
protocol_version = ProtocolVersion(
data=strip_metadata(protocol_dict),
server_version=app.config['SERVER_VERSION'])
protocol_version.protocol = protocol
protocol.current = protocol_version
add_owner(protocol)
db.session.add_all([protocol, protocol_version])
db.session.commit()
add_policy(path=f"/protocol/{str(protocol.id)}", method="GET")
add_policy(path=f"/protocol/{str(protocol.id)}", method="PUT")
add_policy(path=f"/protocol/{str(protocol.id)}", method="DELETE")
return versioned_row_to_dict(api, protocol, protocol_version)
async def create_run(
run: RunModel,
enforcer: casbin.Enforcer = Depends(get_enforcer),
db: Session = Depends(get_db),
current_user: Auth0ClaimsPatched = Depends(get_current_user)):
run_dict = run.dict()
protocol_id = extract_protocol_id(run_dict)
run_dict.pop('protocol', None)
if not protocol_id:
raise HTTPException(status_code=400, detail='Invalid Protocol ID')
protocol = db.query(Protocol).get(protocol_id)
if not protocol:
raise HTTPException(status_code=400,
detail='Invalid Protocol (Not Found)')
new_run = Run()
new_run_version = RunVersion(data=strip_metadata(run_dict),
server_version=settings.server_version)
new_run_version.run = new_run
new_run.current = new_run_version
new_run.protocol_version_id = protocol.version_id
add_owner(new_run, current_user.username)
db.add_all([new_run, new_run_version])
samples = get_samples(new_run_version, protocol.current)
if samples:
for sample in samples:
db.merge(sample)
db.commit()
add_policy(enforcer,
user=current_user.username,
path=f"/run/{str(new_run.id)}",
method="GET")
add_policy(enforcer,
user=current_user.username,
path=f"/run/{str(new_run.id)}",
method="PUT")
add_policy(enforcer,
user=current_user.username,
path=f"/run/{str(new_run.id)}",
method="DELETE")
return run_to_dict(new_run, new_run_version)
def post(self, protocol_id, method, user_id):
add_policy(user=user_id,
path=f"/protocol/{protocol_id}",
method=method)
return {'success': True}
def post(self, run_id, method, user_id):
add_policy(user=user_id, path=f"/run/{run_id}", method=method)
return {'success': True}