def create_one_dsr(
as_test=True,
dsi_uuid=None,
access_token=None,
payload=None,
):
# server_api = get_server_api()
### ACCESS TOKEN
if access_token == None:
test_user_access_token = client_login(as_test=False,
only_access_token=True)
else:
test_user_access_token = access_token
log_.debug('=== test_user_access_token : %s', test_user_access_token)
### DSI UUID
if dsi_uuid == None:
try:
test_dsi_uuid = get_random_dsi_uuid(only_test_dsi=True)
except:
test_dsi = create_one_dsi(as_test=False)
test_dsi_uuid = test_dsi['data']['dsi_uuid']
else:
test_dsi_uuid = dsi_uuid
### PAYLOAD
if payload == None:
random_int = random.randint(0, 1000)
dsr_test_payload = {
"is_test_data": True,
"auth_preview": "opendata",
"auth_modif": "private",
"data": {
"field_01": f"test DSR - {random_int}"
}
}
else:
dsr_test_payload = payload
### REQUEST
headers = {
'accept': 'application/json',
'access_token': test_user_access_token,
}
# url = f"{server_api}{config.API_V1_STR}/crud/dataset/{test_dsi_uuid}/dsr/create"
url = f"{config.API_V1_STR}/crud/dataset/{test_dsi_uuid}/dsr/create"
# response = requests.post(
response = client.post(url, json=dsr_test_payload, headers=headers)
resp = response.json()
log_.debug('=== resp : \n%s', pformat(resp))
if as_test:
assert response.status_code == 200
else:
return resp
def client_register(as_test=True):
response_ano_json = client_anonymous_login(as_test=False)
response_ano_access_token = response_ano_json['tokens']['access_token']
register_test = {
"user_register": {
"name": "Elinor",
"surname": "Ostrom",
"email": "*****@*****.**",
"password": "******",
}
}
url = f"{config.API_V1_STR}/register"
response = client.post(url,
json=login_test,
headers={
'accept': 'application/json',
'access_token': response_ano_access_token
})
log_.debug("=== client_register / response : \n%s",
pformat(response.json()))
resp = response.json()
if as_test:
log_.debug('=== client_register / resp : \n%s', pformat(resp))
assert response.status_code == 200
assert resp['tokens']['access_token']
else:
return resp
def remove_many_documents(
index_name: str = None,
doc_type: str = None,
params: dict = None,
user: dict = None,
):
""" remove a document from ES / MongoDB """
log_.debug("function : %s", inspect.stack()[0][3])
log_.debug("locals() : \n%s", pformat(locals()))
status = {'status_code': 200}
res = {}
if ES_ENABLED:
res_es, status_es = remove_es_index(
index_name=index_name,
doc_type=doc_type,
)
log_.debug("res_es : \n%s", pformat(res_es))
res, status = res_es, status_es
if MONGODB_ENABLED:
res_mongodb, status_mongodb = remove_mongodb_many_documents(
collection=doc_type,
index_name=index_name,
doc_type=doc_type,
)
log_.debug("res_mongodb : \n%s", pformat(res_mongodb))
log_.debug("res : \n%s", pformat(res))
print()
return res, status
def create_dsr(
dsi_uuid: str = None,
dsr_uuid: str = None,
query_params: dict = None,
body = None,
user: dict = None
):
""" create a dsr in ES / MongoDB """
### check if DSI exists first
### add document
res, status = create_document(
index_name = dsi_uuid,
doc_type = DSR_DOC_TYPE,
doc_uuid = dsr_uuid,
params = query_params,
body = body,
user = user
)
log_.debug( "status : \n%s", pformat(status))
log_.debug( "res : \n%s", pformat(res))
return res, status
def view_dsi(
dsi_uuid: str = None,
query_params: dict = {},
user: dict = {},
):
""" get a dsi from ES / MongoDB """
### TO DO
### check user's auth
res_dsi, status_dsi = view_document(
index_name = DSI_DOC_TYPE,
doc_type = 'metadata',
doc_uuid = dsi_uuid,
query_params = query_params,
user = user,
)
# log_.debug( "res_dsi : \n%s", pformat(res_dsi))
# log_.debug( "status_dsi : \n%s", pformat(status_dsi))
### TO DO
### check user's auth
has_user_auth = is_user_authorized(
user = user,
doc_auth = DocAuthData(**res_dsi['_source']),
level = 'read',
)
# level = level,
log_.debug( "has_user_auth : \n%s", pformat(has_user_auth))
return res_dsi, status_dsi
def remove_dsr(
dsi_uuid: str = None,
dsr_uuid: str = None,
query_params: dict = None,
user: dict = None
):
""" remove a dsr from ES / MongoDB """
### get dsr infos
res_dsr, status_dsr = view_document(
index_name = dsi_uuid,
doc_type = DSR_DOC_TYPE,
doc_uuid = dsr_uuid,
query_params = query_params,
user = user
)
log_.debug( "res_dsr : \n%s", pformat(res_dsr))
log_.debug( "status_dsr : \n%s", pformat(status_dsr))
### TO DO
### check user's auth
has_user_auth = is_user_authorized(
user = user,
doc_auth = DocAuthData( **res_dsr['_source'] ),
level = 'delete',
)
log_.debug( "has_user_auth : \n%s", pformat(has_user_auth))
### remove doc
if query_params['full_remove'] == True :
### remove corresponding DSR doc
res, status = remove_document(
index_name = dsi_uuid,
doc_type = DSR_DOC_TYPE,
doc_uuid = dsr_uuid,
params = query_params,
user = user
)
else :
### update corresponding DSR doc as 'deleted'
res, status = update_document(
index_name = dsi_uuid,
doc_type = DSR_DOC_TYPE,
doc_uuid = dsr_uuid,
params = query_params,
body = { 'is_deleted' : True },
user = user
)
log_.debug( "res : \n%s", pformat(res))
log_.debug( "status : \n%s", pformat(status))
return res, status
def test_create_one_dsr(client_access_token):
test_dsi = create_one_dsi(access_token=client_access_token, as_test=False)
log_.debug('=== test_dsi : \n%s', pformat(test_dsi))
assert test_dsi['data']['is_test_data'] == True
test_dsi_uuid = test_dsi['data']['dsi_uuid']
log_.debug('=== test_dsi_uuid : %s', test_dsi_uuid)
create_one_dsr(dsi_uuid=test_dsi_uuid)
def delete_one_dsi(
as_test=True,
server_api=None,
dsi_uuid=None,
access_token=None,
full_remove=False,
):
if server_api == None:
server_api = get_server_api()
# log_.debug ('=== server_api : %s', server_api)
if dsi_uuid == None:
test_dsi = create_one_dsi(as_test=False)
assert test_dsi['data']['is_test_data'] == True
dsi_uuid = test_dsi['data']['dsi_uuid']
### get test user
if access_token == None:
test_user_access_token = client_login(as_test=False,
only_access_token=True)
log_.debug('=== delete_one_dsi / test_user_access_token : %s',
test_user_access_token)
else:
test_user_access_token = access_token
params_delete = {
'full_remove': full_remove,
}
headers = {
'accept': 'application/json',
'access_token': test_user_access_token,
}
# url =f"{server_api}{config.API_V1_STR}/dsi/remove/{dsi_uuid}"
url = f"{config.API_V1_STR}/dsi/remove/{dsi_uuid}"
### send request
# response = requests.delete(
response = client.delete(
f"{server_api}{config.API_V1_STR}/dsi/remove/{dsi_uuid}",
params=params_delete,
headers=headers)
log_.debug('=== delete_one_dsi / response : \n%s', pformat(response))
if as_test:
assert response.status_code == 200
else:
# resp = response.json()
# log_.debug ('=== delete_one_dsi / resp : \n%s', pformat(resp) )
# return resp
return response
def get_one_dsr(
as_test=True,
only_test_data=False,
dsi_uuid=None,
access_token=None,
):
server_api = get_server_api()
# log_.debug('=== server_api : %s', server_api)
### get test user
if access_token == None:
test_user_access_token = client_login(as_test=False,
only_access_token=True)
else:
test_user_access_token = access_token
log_.debug('=== update_one_dsr / test_user_access_token : %s',
test_user_access_token)
### get DSI UUID
if dsi_uuid == None:
test_dsi = create_one_dsi(as_test=False)
assert test_dsi['data']['is_test_data'] == True
test_dsi_uuid = test_dsi['data']['dsi_uuid']
else:
test_dsi_uuid = dsi_uuid
log_.debug('=== test_get_one_dsr / test_dsi_uuid : %s', test_dsi_uuid)
### get DSR UUID
test_dsr = create_one_dsr(as_test=False, dsi_uuid=test_dsi_uuid)
log_.debug('=== test_get_one_dsr / test_dsr : \n%s', pformat(test_dsr))
test_dsr_uuid = test_dsr['data']['dsr_uuid']
log_.debug('=== test_get_one_dsr / test_dsr_uuid : %s', test_dsr_uuid)
headers = {
'accept': 'application/json',
'access_token': test_user_access_token,
}
# url = f"{server_api}{config.API_V1_STR}/crud/dataset/{test_dsi_uuid}/dsr/get_one/{test_dsr_uuid}"
url = f"{config.API_V1_STR}/crud/dataset/{test_dsi_uuid}/dsr/get_one/{test_dsr_uuid}"
### get DSRs list
# response = requests.get(
response = client.get(url, headers=headers)
resp = response.json()
log_.debug('=== test_get_one_dsr / resp : \n%s', pformat(resp))
if as_test:
assert response.status_code == 200
else:
return resp
def create_one_dsi(
as_test=True,
access_token=None,
payload=None,
):
# server_api = get_server_api()
# log_.debug ('=== server_api : %s', server_api)
### ACCESS TOKEN
if access_token == None:
test_user_access_token = client_login(as_test=False,
only_access_token=True)
else:
test_user_access_token = access_token
log_.debug('=== create_one_dsi / test_user_access_token : %s',
test_user_access_token)
### PAYLOAD
if payload == None:
random_int = random.randint(0, 1000)
dsi_test_payload = {
"title": f"my test DSI - test {random_int}",
"description": "my DSI description - test {random_int}",
"licence": "MIT",
"is_geodata": False,
"auth_preview": "opendata",
"auth_modif": "private",
"is_test_data": True
}
else:
dsi_test_payload = payload
### REQUEST
headers = {
'accept': 'application/json',
'access_token': test_user_access_token,
}
# url = f"{server_api}{config.API_V1_STR}/dsi/create"
url = f"{config.API_V1_STR}/dsi/create"
# response = requests.post(
response = client.post(url, json=dsi_test_payload, headers=headers)
resp = response.json()
log_.debug('=== create_one_dsi / resp : \n%s', pformat(resp))
if as_test:
assert response.status_code == 200
else:
return resp
def get_user_claims(
api_key_query: str = Security(api_key_query),
api_key_header: str = Security(api_key_header),
api_key_cookie: str = Security(api_key_cookie),
):
"""
get user from API key
"""
### DEBUGGING
print()
print("->- " * 40)
log_.debug(">>> get_user_claims...")
user = {
'_id': None,
'is_anonymous': True,
'auth': {
'conf_usr': False,
'role': 'anonymous'
},
'infos': {
'email': 'anonymous'
},
'profile': {
'lang': 'en'
},
}
api_key = get_only_api_key(api_key_query, api_key_header, api_key_cookie)
if api_key:
if AUTH_MODE != 'no_auth':
resp_auth = distantAuthCall(func_name="token_claims",
token=api_key)
log_.debug("resp_auth : \n%s", pformat(resp_auth))
### TO DO : remap response corresponding to config / env
return resp_auth['claims']
elif AUTH_MODE == 'no_auth' and api_key == API_KEY:
user['_id'] = 'system'
user['auth']['authenticated'] = True
return user
else:
return user
else:
return user
def test_get_list_dsr(
client_access_token,
as_test=True,
test_dsi_uuid=None,
):
resp = get_list_dsr(
access_token=client_access_token,
dsi_uuid=test_dsi_uuid,
)
log_.debug('=== test_get_list_dsr / resp : \n%s', pformat(resp))
if as_test == False:
return resp
def view_mongodb_document(
m_client_db=get_mongodb_database(),
collection=None,
index_name=None,
doc_type=None,
doc_uuid=None,
):
"""Function to view a MongoDB document."""
status = { 'status_code' : 200 }
log_.debug( "function : %s", inspect.stack()[0][3] )
log_.debug( "locals() : \n%s", pformat(locals()))
db = m_client_db[ collection ]
### TO DO
res = db.find_one(
{ "_id" : doc_uuid },
{ "_id": 0 } ### projection fields
)
log_.debug( "res : \n%s", pformat(res))
res_list = list(res)
log_.debug( "res_list : \n%s", pformat(res_list))
print()
return res_list, status
def build_mongodb_query(
query={},
doc_uuid=None
):
"""Function to build a MONGODB search query."""
log_.debug( "function : %s", inspect.stack()[0][3] )
log_.debug( "locals() : \n%s", pformat(locals()))
### TO DO ...
search_query = {
}
return search_query
def get_random_dsi_uuid(only_test_dsi=False):
test_dsi_list = get_list_dsi(as_test=False)
# log_.debug ('=== get_random_dsi_uuid / test_dsi_list : \n%s', pformat(test_dsi_list))
full_dsi_list = test_dsi_list['data']
if only_test_dsi:
testable_dsi = [i for i in full_dsi_list if i['is_test_data'] == True]
test_dsi = secure_random.choice(testable_dsi)
else:
test_dsi = secure_random.choice(full_dsi_list)
test_dsi_uuid = test_dsi['dsi_uuid']
log_.debug('=== get_random_dsi_uuid / test_dsi_uuid : %s', test_dsi_uuid)
return test_dsi_uuid
def test_search_for_dsi(client_access_token):
### create some DSI
identifiers = [{
"title": "AA",
"description": "aaa BB",
"auth_preview": "private",
"auth_modif": "commons"
}, {
"title": "BB",
"description": "bbb CC",
"auth_preview": "opendata",
"auth_modif": "private"
}, {
"title": "CC",
"description": "ccc AA BB",
"auth_preview": "private",
"auth_modif": "team"
}]
log_.debug('=== test_search_for_dsi / identifiers (A) : \n%s',
pformat(identifiers))
for id in identifiers:
payload_ = create_dsi_payload(title_content=id['title'],
description_content=id['description'],
auth_preview=id['auth_preview'],
auth_modif=id['auth_modif'])
log_.debug('=== test_search_for_dsi / payload_ : \n%s',
pformat(payload_))
test_dsi = create_one_dsi(
access_token=client_access_token,
as_test=False,
payload=payload_,
)
log_.debug('=== test_search_for_dsi / test_dsi : \n%s',
pformat(test_dsi))
assert test_dsi['data']['is_test_data'] == True
id['dsi_uuid'] = test_dsi['data']['dsi_uuid']
log_.debug('=== test_search_for_dsi / identifiers (B) : \n%s',
pformat(identifiers))
### randomly choose a DSI from its identifier
test_dsi = secure_random.choice(identifiers)
results = search_dsi(access_token=client_access_token, )
log_.debug('=== test_search_for_dsi / results : \n%s', pformat(results))
async def get_api_key(
api_key_query: str = Security(api_key_query),
api_key_header: str = Security(api_key_header),
api_key_cookie: str = Security(api_key_cookie),
):
"""
get API access token
"""
### DEBUGGING
print()
print("->- " * 40)
log_.debug(">>> get_api_key...")
# api_key = None
# # anonymous_claims = {
# # "_id" : None,
# # "auth" : {
# # "role" : None,
# # },
# # "renew_pwd" : False,
# # "reset_pwd" : False,
# # "confirm_email" : False,
# # }
api_key = get_only_api_key(api_key_query, api_key_header, api_key_cookie)
if api_key:
if AUTH_MODE != 'no_auth':
resp_auth = distantAuthCall(func_name="token_claims",
token=api_key)
log_.debug(">>> resp_auth : \n%s", pformat(resp_auth))
return api_key
else:
if AUTH_MODE == 'no_auth':
if api_key == API_KEY:
return True
else:
raise HTTPException(status_code=HTTP_403_FORBIDDEN,
detail="Could not validate credentials...")
# return True
else:
raise HTTPException(
status_code=HTTP_403_FORBIDDEN,
detail="Could not validate credentials... at all")
async def get_user_infos(
api_key_query: str = Security(api_key_query),
api_key_header: str = Security(api_key_header),
api_key_cookie: str = Security(api_key_cookie),
):
"""
get user from API key
"""
### DEBUGGING
print()
print("->- " * 40)
log_.debug(">>> get_user_infos...")
user = get_user_claims(api_key_query, api_key_header, api_key_cookie)
log_.debug(">>> user : \n%s", pformat(user))
return user
def search_dsi(access_token=None,
dsi_uuid=None,
q=None,
version="last",
filter_=None,
version_n=None,
page_n=1,
per_page=10,
sort_by=None,
sort_order="asc",
shuffle_seed=None,
field_to_return=None,
fields_to_return=None,
only_data=False):
log_.debug("search_dsi / access_token : %s", access_token)
### create search params
query_params = {
"dsi_uuid": dsi_uuid,
"q": q,
"version": "last",
"filter": filter_,
"version_n": version_n,
"page_n": page_n,
"per_page": per_page,
"sort_by": sort_by,
"sort_order": sort_order,
"shuffle_seed": shuffle_seed,
"field_to_return": field_to_return,
"fields_to_return": fields_to_return,
"only_data": only_data
}
### launch search
test_result = get_list_dsi(access_token=access_token,
as_test=False,
page_number=1,
results_per_page=100,
params=query_params)
return test_result
async def get_api_key_optional(
api_key_query: str = Security(api_key_query),
api_key_header: str = Security(api_key_header),
api_key_cookie: str = Security(api_key_cookie),
):
### DEBUGGING
print()
print("->- " * 40)
log_.debug(">>> get_api_key_optional...")
# api_key = None
# # anonymous_claims = {
# # "_id" : None,
# # "auth" : {
# # "role" : None,
# # },
# # "renew_pwd" : False,
# # "reset_pwd" : False,
# # "confirm_email" : False,
# # }
# if api_key_query :
# api_key = api_key_query
# elif api_key_header and api_key == None :
# api_key = api_key_header
# elif api_key_cookie and api_key == None :
# api_key = api_key_cookie
api_key = get_only_api_key(api_key_query, api_key_header, api_key_cookie)
if api_key:
if AUTH_MODE != 'no_auth':
resp_auth = distantAuthCall(func_name="token_claims",
token=api_key)
log_.debug(">>> resp_auth : \n%s", pformat(resp_auth))
return api_key
else:
return False
def test_update_one_dsr_no_full_update_with_data(client_access_token):
random_int = random.randint(0, 1000)
# test_user_access_token = client_login( as_test = False, only_access_token=True )
test_user_access_token = client_access_token
update_data_one = {
"update_data": {
"data": {
"field_01": f"my data field_01 data +BIS+ - {random_int}",
"field_02": f"my data field_02 data +BIS+ - {random_int}",
"field_03": f"my data field_03 data +BIS+ - {random_int}",
}
}
}
resp_one = update_one_dsr(as_test=False,
update_data=update_data_one,
full_update=False,
access_token=test_user_access_token)
log_.debug(
'=== test_update_one_dsr_no_full_update_with_data / resp_one : \n%s',
pformat(resp_one))
dsi_uuid = resp_one['data']['dsi_uuid']
dsr_uuid = resp_one['data']['dsr_uuid']
update_data_bis = {
"update_data": {
"data": {
"field_02":
f"my updated field_02 data +BIS+ - {random_int + 1}",
}
}
}
resp_bis = update_one_dsr(
# as_test = False,
full_update=False,
update_data=update_data_bis,
dsi_uuid=dsi_uuid,
dsr_uuid=dsr_uuid,
access_token=test_user_access_token)
def view_dsr(
dsi_uuid: str = None,
dsr_uuid: str = None,
query_params: dict = None,
user: dict = None
):
""" get a dsr from ES / MongoDB """
### TO DO
### check user's auth
res, status = view_document(
index_name = dsi_uuid,
doc_type = DSR_DOC_TYPE,
doc_uuid = dsr_uuid,
query_params = query_params,
user = user
)
log_.debug( "res : \n%s", pformat(res))
log_.debug( "status : \n%s", pformat(status))
### TO DO
### check user's auth
has_user_auth = is_user_authorized(
user = user,
doc_auth = DocAuthData( **res['_source'] ),
level = 'read',
)
log_.debug( "has_user_auth : \n%s", pformat(has_user_auth))
return res, status
def remove_mongodb_many_documents(
m_client_db=get_mongodb_database(),
collection=None,
index_name=None,
doc_type=None,
):
"""Function to delete a list of documents."""
status = { 'status_code' : 200 }
log_.debug( "function : %s", inspect.stack()[0][3] )
log_.debug( "locals() : \n%s", pformat(locals()))
db = m_client_db[ collection ]
### TO DO
# build query
query = {}
doc_query = build_mongodb_query( query )
# find and delete many document
try :
res = db.delete_many( doc_query )
except :
res = None
status = {
'status_code' : 500,
'error' : "",
'info' : "",
}
log_.debug( "res : \n%s", pformat(res))
print()
return res, status
async def post_login_infos(
*,
resp_: Response,
request: Request,
# access_token: str = p_access_token,
user_login: UserLogin = Body(..., embed=True),
api_key: APIKey = Depends(get_api_key),
):
"""
Needs an anonymous access_token
"""
### DEBUGGING
print()
print("-+- " * 40)
log_.debug("POST / %s", inspect.stack()[0][3])
time_start = datetime.now()
log_.debug("user_login : \n%s", pformat(user_login.dict()))
log_.debug("request : \n%s", pformat(request.__dict__))
resp_login = distantAuthCall(api_request=request,
query={},
payload={**user_login.dict()},
func_name='login_user',
token=api_key)
return resp_login
def create_version_document(
index_name: str = None,
doc_type: str = None,
doc_uuid: str = None,
params: dict = None,
version: int = None,
body=None,
user: dict = None,
):
""" create a version document in MongoDB """
log_.debug("function : %s", inspect.stack()[0][3])
log_.debug("locals() : \n%s", pformat(locals()))
if ES_ENABLED:
pass
if MONGODB_ENABLED:
body["version"] = version
pass
status = {'status_code': 200}
res = {}
log_.debug("res : \n%s", pformat(res))
print()
return res, status
def update_index_check(index_name: str = None,
doc_type: str = None,
doc_uuid: str = None,
index_params: dict = None,
user: dict = None):
""" update an index if doesn't already exist"""
log_.debug("function : %s", inspect.stack()[0][3])
log_.debug("locals() : \n%s", pformat(locals()))
### check if index exists in ES
is_index = check_index(
index_name=index_name,
doc_type=doc_type,
doc_uuid=doc_uuid,
)
status = {'status_code': 200}
res = {}
### TO DO
if ES_ENABLED:
### if doesn't exist, create it
pass
### TO DO
if MONGODB_ENABLED:
### check if index exists in MONGODB
### if doesn't exist, create it
pass
log_.debug("res : \n%s", pformat(res))
return res, status
async def anonymous_login(
resp_: Response,
request: Request,
):
"""
Gets an anonymous access_token
"""
### DEBUGGING
print()
print("-+- " * 40)
log_.debug("GET / %s", inspect.stack()[0][3])
time_start = datetime.now()
# response = "How cool is this?"
resp_login_anon = distantAuthCall(api_request=None,
query={},
payload={},
func_name='login_anonymous')
return resp_login_anon
def get_list_dsi(
as_test=True,
page_number=1,
results_per_page=100,
access_token=None,
params=None,
):
# server_api = get_server_api()
# log_.debug('=== get_list_dsi / server_api : %s', server_api)
if access_token == None:
test_user_access_token = client_login(as_test=False,
only_access_token=True)
else:
test_user_access_token = access_token
log_.debug('=== test_user_access_token : %s', test_user_access_token)
if params == None:
params = {'page_n': page_number, 'per_page': results_per_page}
headers = {
'accept': 'application/json',
'access_token': test_user_access_token,
}
# url = f"{server_api}{config.API_V1_STR}/dsi/list",
url = f"{config.API_V1_STR}/dsi/list"
# response = requests.get(
response = client.get(url, params=params, headers=headers)
resp = response.json()
# log_.debug ('=== resp : \n%s', pformat(resp) )
if as_test:
log_.debug('=== get_list_dsi / resp : \n%s', pformat(resp))
assert response.status_code == 200
else:
return resp
def create_dsi(
dsi_uuid: str = None,
query_params: dict = None,
body = None,
user: dict = None
):
""" create a dsi in ES / MongoDB """
log_.debug("body : \n%s", pformat(body) )
### create index if not existing
index, status_index = create_index_check(
index_name = DSI_DOC_TYPE,
doc_type = 'metadata',
doc_uuid = dsi_uuid,
index_params = query_params,
user = user,
)
### create metadata doc
res, status = create_document(
index_name = DSI_DOC_TYPE,
doc_type = 'metadata',
doc_uuid = dsi_uuid,
params = query_params,
body = body,
user = user,
)
### TO DO
### loop if necessary to create dmt | dmf
# log_.debug( "res : \n%s", pformat(res))
# log_.debug( "status : \n%s", pformat(status))
return res, status
def is_user_authorized(user: dict = {},
doc_auth: DocAuthData = DocAuthData(),
level='read'):
# level: str = None
log_.debug("function : %s", inspect.stack()[0][3])
log_.debug("locals() : \n%s", pformat(locals()))
### user auth data
user_infos = user.get('infos', None)
user_email = user_infos.get('email', 'no_email')
user_auth = user.get('auth', None)
user_role = user_auth.get('role', None)
### doc auth data
log_.debug("doc_auth.dict() : \n%s", pformat(doc_auth.dict()))
doc_owner = doc_auth.owner
doc_team = doc_auth.team
doc_auth_preview = doc_auth.auth_preview
doc_auth_modif = doc_auth.auth_modif
### check if user is the doc's owner / creator
is_user_owner = user_email == doc_owner
### check if user is authorized as team member
is_user_authorized_in_team = False
user_from_team = {'roles': None}
if is_user_owner == False:
# cf : https://workingninja.com/check-if-value-exists-list-dictionaries
is_user_in_team = any(
team_member.get('email') == user_email for team_member in doc_team)
if is_user_in_team:
for member in doc_team:
if member['email'] == user_email:
user_from_team = member
if user_from_team['roles'] and level in user_from_team['roles']:
is_user_authorized_in_team = True
else:
user_from_team = {
'roles': ['read', 'edit', 'delete', 'manage', 'comment']
}
is_authorized = {
'auth': is_user_owner or is_user_authorized_in_team,
'user_roles': user_from_team['roles'],
'is_owner': is_user_owner,
}
return is_authorized
