def resolve_table_last_commit_timestamp(self, info, datastore_id, schema_name, table_name, **kwargs):
"""Retrieve the last time a table was modified.
"""
get_kwargs = {
'name__iexact': table_name,
'schema__datastore_id': shortcuts.from_global_id(datastore_id, True),
'schema__name__iexact': schema_name,
'workspace': info.context.workspace,
}
table = shortcuts.get_object_or_404(models.Table, **get_kwargs)
if not permissions.request_can_view_datastore(info, table.datastore):
raise errors.PermissionDenied()
ca_id = "table.last_commit.%s" % table.id
value = cache.get(ca_id)
if value is not None:
return value
value = (
inspector.get_engine(table.datastore)
.get_last_commit_time_for_table(schema_name, table_name)
)
cache.set(ca_id, value, (15 * 60))
return value
def func_wrapper(self, info, *args, **kwargs):
# We should not proceed if the user isn't authenticated.
if not info.context.user.is_authenticated:
raise errors.PermissionDenied()
instance = func(self, info, *args, **kwargs)
# Owners have super user power within a workspace.
if info.context.user.is_owner(info.context.workspace.id):
return instance
# We grab the datastore with the helper function if needed. Example would
# be when we return a table definition and need to get the related datastore.
if callable(wrapper_fcn):
datastore = wrapper_fcn(instance)
else:
datastore = instance
# Use helper function to conduct datastore permission check.
if not request_can_view_datastore(
info, datastore, check_if_owner=False):
raise errors.PermissionDenied()
return instance
def get_instance(cls, info, data):
"""It should check permissions as applicable.
"""
is_owner = info.context.user.is_owner(info.context.workspace.pk)
if not is_owner and not info.context.user.check_email(data['email']):
raise errors.PermissionDenied()
return models.Membership.objects.get(
user_id=data['email'],
workspace=info.context.workspace,
)
def resolve_schema_names_by_datastore(self, info, datastore_id, *args, **kwargs):
"""Retrieve a list of schema names for the provided datastore.
"""
get_kwargs = {
'workspace': info.context.workspace,
'pk': shortcuts.from_global_id(datastore_id, True),
}
datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)
if not permissions.request_can_view_datastore(info, datastore):
raise errors.PermissionDenied()
return sorted(datastore.schemas.values_list('name', flat=True))
def resolve_run_history(self, info, datastore_id, *args, **kwargs):
"""Retrieve the last 30 active runs.
"""
get_kwargs = {
'workspace': info.context.workspace,
'pk': shortcuts.from_global_id(datastore_id, True),
}
datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)
if not definition_permissions.request_can_view_datastore(info, datastore):
raise errors.PermissionDenied()
return datastore.run_history.filter(started_at__isnull=False).order_by('-started_at').prefetch_related('errors')
def resolve_table_names_by_schema(self, info, datastore_id, schema_name, **kwargs):
"""Retrieve a list of table names for the provided schema.
"""
get_kwargs = {
'name__iexact': schema_name,
'datastore_id': shortcuts.from_global_id(datastore_id, True),
'workspace': info.context.workspace,
}
schema = shortcuts.get_object_or_404(models.Schema, **get_kwargs)
if not permissions.request_can_view_datastore(info, schema.datastore):
raise errors.PermissionDenied()
return sorted(schema.tables.values_list('name', flat=True))
def get_serializer_kwargs(cls, root, info, **data):
instance = cls.get_instance(info, data)
if not instance:
raise errors.PermissionDenied()
return {
"instance": instance,
"data": {
"user": shortcuts.from_global_id(data['user_id'],
id_only=True),
},
"context": {
"request": info.context,
},
}
def get_serializer_kwargs(cls, root, info, **data):
"""Retrieve appropriate objects for the transaction.
"""
instance = cls.get_instance(info, data)
if not instance:
raise errors.PermissionDenied()
return {
"instance": instance,
"data": {
"object_permissions_enabled": not instance.object_permissions_enabled,
},
"context": {
"request": info.context,
},
}
def get_serializer_kwargs(cls, root, info, **data):
"""Retrieve appropriate objects for the transaction.
"""
instance = cls.get_instance(info, data)
if not instance or not instance.object_permissions_enabled:
raise errors.PermissionDenied()
return {
"instance": instance,
"data": {
"content_object": cls.get_content_object(info, data["object_id"]),
"privileges": data["privileges"],
},
"context": {
"request": info.context,
},
}
def resolve_datastore_assets(self, info, slug, search=None, *args, **kwargs):
"""Retrieve the assets for this datastore.
"""
get_kwargs = {
'workspace': info.context.workspace,
'slug__iexact': slug,
}
datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)
if not permissions.request_can_view_datastore(info, datastore):
raise errors.PermissionDenied()
queryset = models.Table.search_objects.execute(
search=search,
schema__datastore_id=datastore.id,
deleted_at__isnull=True,
)
return queryset.order_by('schema__name', 'name')
def resolve_workspace_users(self,
info,
workspace_id,
permissions=None,
active_only=False):
"""Retrieve team members of a Workspace that the current user belongs to.
"""
_type, node_id = graphql_relay.from_global_id(workspace_id)
if not info.context.user.permissions_for(node_id):
raise errors.PermissionDenied()
queryset = Membership.objects.filter(workspace_id=node_id)
if permissions:
queryset = queryset.filter(permissions__in=permissions)
if active_only:
queryset = queryset.filter(user__id__isnull=False)
return queryset.distinct()
def resolve_datastore_group_access_privileges(self, info, datastore_id):
"""Retrieve users and their permissions for the given datastore.
"""
get_kwargs = {
'workspace': info.context.workspace,
'pk': shortcuts.from_global_id(datastore_id, True),
}
datastore = shortcuts.get_object_or_404(models.Datastore, **get_kwargs)
if not permissions.request_can_view_datastore(info, datastore):
raise errors.PermissionDenied()
groups = get_groups_with_perms(
obj=datastore,
attach_perms=True,
)
return [
{'name': group.name, 'privileges': privileges, 'pk': group.pk}
for group, privileges in groups.items()
]
def get_serializer_kwargs(cls, root, info, **data):
"""Transform input into serializer format.
"""
instance = cls.get_instance(info, data)
if not instance:
raise errors.PermissionDenied()
properties = {
p['id']: p['value']
for p in data['properties'] if 'id' in p
}
return {
"instance": instance,
"data": {
"properties": properties,
},
"partial": True,
"context": {
"request": info.context,
},
}