def _delete_entity_type_attribute(args):
if args.force or (not args.force and mcmd.io.ask.confirm(
'Are you sure you want to delete attribute {} of entity type {}?'.
format(args.attribute, args.resource))):
io.start('Deleting attribute {} of entity {}'.format(
highlight(args.attribute), highlight(args.resource)))
response = client.get(api.rest2('sys_md_Attribute'),
params={
'q':
'entity=={};name=={}'.format(
args.resource, args.attribute)
})
attribute_id = response.json()['items'][0]['id']
client.delete(api.rest2('sys_md_Attribute/{}'.format(attribute_id)))
def _get_settings():
molgenis_settings = get(api.rest2('sys_md_EntityType'),
params={
'q': 'extends==sys_set_settings',
'attrs': '~id'
}).json()['items']
return [setting['id'] for setting in molgenis_settings]
def _add_role_membership(user: User, role: Role):
"""
Adds a membership manually because the identities API can't add memberships to non-group roles.
"""
io.start('Making user {} a member of role {}'.format(
highlight(user.username), highlight(role.name)))
membership = {'user': user.id, 'role': role.id, 'from': timestamp()}
data = {'entities': [membership]}
post(api.rest2('sys_sec_RoleMembership'), data=data)
def _get_group_id(group_name) -> str:
groups = get(api.rest2('sys_sec_Group'),
params={
'attrs': 'id',
'q': 'name=={}'.format(group_name)
}).json()['items']
if len(groups) == 0:
raise McmdError('No group found with name {}'.format(groups))
else:
return groups[0]['id']
def _get_role(role_name: str) -> Role:
roles = get(api.rest2('sys_sec_Role'),
params={
'attrs': 'id,name,label,group(id,name)',
'q': 'name=={}'.format(role_name)
}).json()['items']
if len(roles) == 0:
raise McmdError('No role found with name {}'.format(role_name))
else:
return map_to_role(roles[0])
def _get_group_roles(group: Group) -> List[Role]:
roles = get(api.rest2('sys_sec_Role'),
params={
'attrs': 'id,name,label,group(id,name)',
'q': 'group=={}'.format(group.id)
}).json()['items']
if len(roles) == 0:
raise McmdError('No roles found for group {}'.format(group.name))
return [map_to_role(role) for role in roles]
def _delete_packages_in_package(package_id):
response = client.get(api.rest2(ResourceType.PACKAGE.get_entity_id()),
params={
'attrs': 'id',
'q': 'parent==' + package_id
})
package_ids = [
entity_type['id'] for entity_type in response.json()['items']
]
if len(package_ids) > 0:
_delete_rows(ResourceType.PACKAGE.get_entity_id(), package_ids)
def _get_user(user_name: str) -> User:
users = get(api.rest2('sys_sec_User'),
params={
'attrs': 'id,username',
'q': 'username=={}'.format(user_name)
}).json()['items']
if len(users) == 0:
raise McmdError('Unknown user {}'.format(user_name))
else:
return map_to_user(users[0])
def _is_member(user: User, role: Role) -> bool:
memberships = get(api.rest2('sys_sec_RoleMembership'),
params={
'attrs':
'id',
'q':
"user=={};role=={};(to=='',to=ge={})".format(
user.id, role.id, timestamp())
}).json()['items']
return len(memberships) > 0
def add_role(args):
role_name = to_role_name(args.rolename)
io.start('Adding role {}'.format(highlight(role_name)))
role = {'name': role_name, 'label': role_name}
if args.includes:
role_names = [to_role_name(name) for name in args.includes]
role['includes'] = _get_role_ids(role_names)
if args.group:
group_name = _to_group_name(args.group)
role['group'] = _get_group_id(group_name)
data = {'entities': [role]}
post(api.rest2('sys_sec_Role'), data=data)
def add_token(args):
io.start('Adding token %s for user %s' %
(highlight(args.token), highlight(args.user)))
user = get(api.rest2('sys_sec_User'),
params={
'attrs': 'id',
'q': 'username=={}'.format(args.user)
})
if user.json()['total'] == 0:
raise McmdError('Unknown user %s' % args.user)
user_id = user.json()['items'][0]['id']
data = {'User': user_id, 'token': args.token}
post(api.rest1('sys_sec_Token'), data=data)
def _get_role_ids(role_names) -> List[str]:
roles = get(api.rest2('sys_sec_Role'),
params={
'attrs': 'id,name',
'q': 'name=in=({})'.format(','.join(role_names))
}).json()['items']
name_to_id = {role['name']: role['id'] for role in roles}
not_found = list()
for role_name in role_names:
if role_name not in name_to_id:
not_found.append(role_name)
if len(not_found) > 0:
raise McmdError("Couldn't find role(s) {}".format(
' and '.join(not_found)))
else:
return list(name_to_id.values())
def _get_group_membership(user: User,
group: Group) -> Optional[RoleMembership]:
group_roles = _get_group_roles(group)
group_role_ids = [role.id for role in group_roles]
memberships = get(
api.rest2('sys_sec_RoleMembership'),
params={
'attrs':
'id,user(id,username),role(id,name,label,group(id,name))',
'q':
"user=={};role=in=({});(to=='',to=ge={})".format(
user.id, ','.join(group_role_ids), timestamp())
}).json()['items']
if len(memberships) == 0:
return None
else:
return map_to_role_membership(memberships[0])
def check_token():
"""Queries the Token table to see if the set token is valid. The Token table is an arbitrary choice but will work
because it should always be accessible to the superuser exclusively."""
if _as_user:
return
try:
response = requests.get(api.rest2('sys_sec_Token'),
params={'q': 'token=={}'.format(_token)},
headers={
'Content-Type': 'application/json',
'x-molgenis-token': _token
})
response.raise_for_status()
except HTTPError as e:
if e.response.status_code == 401:
_login()
else:
raise McmdError(str(e))
except requests.exceptions.ConnectionError:
raise MolgenisOfflineError()
def role_exists(role_input):
log.debug('Checking if role %s exists' % role_input)
response = get(api.rest2('sys_sec_Role'),
params={'q': 'name==' + to_role_name(role_input)})
return int(response.json()['total']) > 0
def _delete_rows(entity_type, rows):
client.delete_data(api.rest2(entity_type), rows)
def _get_first_row_id(entity):
settings = get(api.rest2(entity), params={'attrs': '~id'}).json()['items']
return settings[0]['id']
def user_exists(username):
log.debug('Checking if user %s exists' % username)
response = get(api.rest2('sys_sec_User'),
params={'q': 'username==' + username})
return int(response.json()['total']) > 0
