コード例 #1
0
ファイル: routes.py プロジェクト: weberjavi/periodo-server
def registered():
    if not request.args['state'] == session.pop('state_token'):
        abort(403)
    data = {
        'client_id': app.config['ORCID_CLIENT_ID'],
        'client_secret': app.config['ORCID_CLIENT_SECRET'],
        'code': request.args['code'],
        'grant_type': 'authorization_code',
        'redirect_uri': url_for('registered', _external=True),
        'scope': '/authenticate',
    }
    response = requests.post(
        'https://pub.orcid.org/oauth/token',
        headers={'Accept': 'application/json'},
        allow_redirects=True, data=data)
    credentials = response.json()
    if not response.status_code == 200:
        app.logger.error('Response to request for ORCID credentials was not OK')
        app.logger.error('Request: %s', data)
        app.logger.error('Response: %s', response.text)
    identity = auth.add_user_or_update_credentials(credentials)
    database.get_db().commit()
    return make_response(
        """
        <!doctype html>
        <head>
            <script type="text/javascript">
            localStorage.auth = '{}';
            window.close();
            </script>
        </head>
        <body>
        """.format(json.dumps(
            {'name': credentials['name'], 'token': identity.b64token.decode()}
        )))
コード例 #2
0
ファイル: commands.py プロジェクト: weberjavi/periodo-server
def set_permissions(orcid, permissions=None):
    if permissions is None:
        permissions = []

    needs = set()

    with app.app_context():
        db = database.get_db()
        cursor = db.cursor()
        cursor.execute("select id from user where id=?", [orcid])

        user = cursor.fetchone()

        if user is None:
            raise ValueError('No user with orcid "{}" in database.'.format(orcid))

        for permission_name in permissions:
            permission_attr = "{}_permission".format(permission_name)
            permission = getattr(auth, permission_attr, None)

            if permission is None:
                raise ValueError("No such permission: {}".format(permission_name))

            for need in permission.needs:
                needs.add(tuple(need))

        cursor.execute("UPDATE user SET permissions = ? WHERE id = ?", [json.dumps(list(needs)), orcid])

        db.commit()
コード例 #3
0
ファイル: resources.py プロジェクト: periodo/periodo-server
    def put(self, id):
        permission = auth.UpdatePatchPermission(id)
        if not permission.can():
            raise auth.PermissionDenied(permission)
        try:
            patch = JsonPatch(parse_json(request))
            affected_entities = patching.validate(
                patch, database.get_dataset())
        except ResourceError as e:
            return e.response()
        except patching.InvalidPatchError as e:
            if str(e) != 'Could not apply JSON patch to dataset.':
                return {'status': 400, 'message': str(e)}, 400

        db = database.get_db()
        curs = db.cursor()
        curs.execute('''
UPDATE patch_request SET
original_patch = ?,
updated_entities = ?,
removed_entities = ?,
updated_by = ?
WHERE id = ?
        ''', (patch.to_string(),
              json.dumps(sorted(affected_entities['updated'])),
              json.dumps(sorted(affected_entities['removed'])),
              g.identity.id, id)
        )
        db.commit()
コード例 #4
0
ファイル: auth.py プロジェクト: weberjavi/periodo-server
def get_identity(b64token, cursor=None):
    if cursor is None:
        cursor = database.get_db().cursor()
    rows = cursor.execute('''
    SELECT
    user.id AS user_id,
    user.permissions AS user_permissions,
    patch_request.id AS patch_request_id,
    strftime("%s","now") > token_expires_at AS token_expired
    FROM user LEFT JOIN patch_request
    ON user.id = patch_request.created_by AND patch_request.open = 1
    WHERE user.b64token = ?''', (b64token,)).fetchall()
    if not rows:
        return UnauthenticatedIdentity(
            'invalid_token', 'The access token is invalid')
    if rows[0]['token_expired']:
        return UnauthenticatedIdentity(
            'invalid_token', 'The access token expired')
    identity = Identity(rows[0]['user_id'], auth_type='bearer')
    identity.b64token = b64token
    for p in json.loads(rows[0]['user_permissions']):
        identity.provides.add(tuple(p))
    for r in rows:
        if r['patch_request_id'] is not None:
            identity.provides.add(UpdatePatchNeed(value=r['patch_request_id']))
    return identity
コード例 #5
0
 def setUp(self):
     self.db_fd, app.config['DATABASE'] = tempfile.mkstemp()
     app.config['TESTING'] = True
     commands.init_db()
     commands.load_data(filepath('test-data.json'))
     self.client = app.test_client()
     with open(filepath('test-patch-replace-values-1.json')) as f:
         self.patch = f.read()
     with app.app_context():
         self.unauthorized_identity = auth.add_user_or_update_credentials({
             'name': 'Dangerous Dan',
             'access_token': 'f7e00c02-6f97-4636-8499-037446d95446',
             'expires_in': 631138518,
             'orcid': '0000-0000-0000-000X',
         })
         db = database.get_db()
         curs = db.cursor()
         curs.execute('UPDATE user SET permissions = ? WHERE name = ?',
                      ('[]', 'Dangerous Dan'))
         self.user_identity = auth.add_user_or_update_credentials({
             'name': 'Regular Gal',
             'access_token': '5005eb18-be6b-4ac0-b084-0443289b3378',
             'expires_in': 631138518,
             'orcid': '1234-5678-9101-112X',
         })
         self.admin_identity = auth.add_user_or_update_credentials({
             'name': 'Super Admin',
             'access_token': 'f7c64584-0750-4cb6-8c81-2932f5daabb8',
             'expires_in': 3600,
             'orcid': '1211-1098-7654-321X',
         }, (ActionNeed('accept-patch'),))
         db.commit()
コード例 #6
0
ファイル: routes.py プロジェクト: periodo/periodo-server
def registered():
    if not request.args['state'] == session.pop('state_token', None):
        abort(403)
    data = {
        'client_id': app.config['ORCID_CLIENT_ID'],
        'client_secret': app.config['ORCID_CLIENT_SECRET'],
        'code': request.args['code'],
        'grant_type': 'authorization_code',
        'redirect_uri': build_redirect_uri(cli=('cli' in request.args)),
        'scope': '/authenticate',
    }
    response = requests.post(
        'https://orcid.org/oauth/token',
        headers={'Accept': 'application/json'},
        allow_redirects=True, data=data)
    if not response.status_code == 200:
        app.logger.error('Response to request for ORCID credential was not OK')
        app.logger.error('Request: %s', data)
        app.logger.error('Response: %s', response.text)
    credentials = response.json()
    if 'name' not in credentials or len(credentials['name']) == 0:
        # User has made their name private, so just use their ORCID as name
        credentials['name'] = credentials['orcid']
    identity = auth.add_user_or_update_credentials(credentials)
    database.get_db().commit()
    if 'cli' in request.args:
        return make_response(
            ('Your token is: {}'.format(identity.b64token.decode()),
             {'Content-Type': 'text/plain'}))
    else:
        return make_response("""
        <!doctype html>
        <head>
            <script type="text/javascript">
            parent.postMessage(
              {{ name: {}, token: {} }},
              "{}"
            )
            window.close();
            </script>
        </head>
        <body>
        """.format(
            json.dumps(credentials['name']),
            json.dumps(identity.b64token.decode()),
            request.host_url
        ))
コード例 #7
0
ファイル: patching.py プロジェクト: weberjavi/periodo-server
def add_new_version_of_dataset(data):
    now = database.query_db(
        "SELECT CAST(strftime('%s', 'now') AS INTEGER) AS now", one=True)['now']
    cursor = database.get_db().cursor()
    cursor.execute(
        'INSERT into DATASET (data, description, created_at) VALUES (?,?,?)',
        (json.dumps(data), void.describe_dataset(data, now), now))
    return cursor.lastrowid
コード例 #8
0
ファイル: patching.py プロジェクト: periodo/periodo-server
def merge(patch_id, user_id):
    row = database.query_db(
        'SELECT * FROM patch_request WHERE id = ?', (patch_id,), one=True)

    if not row:
        raise MergeError('No patch with ID {}.'.format(patch_id))
    if row['merged']:
        raise MergeError('Patch is already merged.')
    if not row['open']:
        raise MergeError('Closed patches cannot be merged.')

    dataset = database.get_dataset()
    mergeable = is_mergeable(row['original_patch'], dataset)

    if not mergeable:
        raise UnmergeablePatchError('Patch is not mergeable.')

    data = json.loads(dataset['data'])
    original_patch = from_text(row['original_patch'])
    applied_patch, id_map = replace_skolem_ids(
        original_patch, data, database.get_removed_entity_keys())
    created_entities = set(id_map.values())

    # Should this be ordered?
    new_data = applied_patch.apply(data)

    db = database.get_db()
    curs = db.cursor()
    curs.execute(
        '''
        UPDATE patch_request
        SET merged = 1,
            open = 0,
            merged_at = strftime('%s', 'now'),
            merged_by = ?,
            applied_to = ?,
            created_entities = ?,
            identifier_map = ?,
            applied_patch = ?
        WHERE id = ?;
        ''',
        (user_id,
         dataset['id'],
         json.dumps(sorted(created_entities)),
         json.dumps(id_map),
         applied_patch.to_string(),
         row['id'])
    )
    version_id = add_new_version_of_dataset(new_data)
    curs.execute(
        '''
        UPDATE patch_request
        SET resulted_in = ?
        WHERE id = ?;
        ''',
        (version_id, row['id'])
    )
コード例 #9
0
ファイル: patching.py プロジェクト: periodo/periodo-server
def create_request(patch, user_id):
    dataset = database.get_dataset()
    affected_entities = validate(patch, dataset)
    cursor = database.get_db().cursor()
    cursor.execute('''
INSERT INTO patch_request
(created_by, updated_by, created_from, updated_entities, removed_entities,
 original_patch)
VALUES (?, ?, ?, ?, ?, ?)
    ''', (user_id, user_id, dataset['id'],
          json.dumps(sorted(affected_entities['updated'])),
          json.dumps(sorted(affected_entities['removed'])),
          patch.to_string()))
    return cursor.lastrowid
コード例 #10
0
ファイル: patching.py プロジェクト: periodo/periodo-server
def add_comment(patch_id, user_id, message):
    row = database.query_db(
        'SELECT * FROM patch_request WHERE id = ?', (patch_id,), one=True)

    if not row:
        raise MergeError('No patch with ID {}.'.format(patch_id))

    db = database.get_db()
    curs = db.cursor()
    curs.execute(
        '''
        INSERT INTO patch_request_comment
        (patch_request_id, author, message)
        VALUES (?, ?, ?)
        ''',
        (patch_id, user_id, message)
    )
コード例 #11
0
ファイル: patching.py プロジェクト: periodo/periodo-server
def reject(patch_id, user_id):
    row = database.query_db(
        'SELECT * FROM patch_request WHERE id = ?', (patch_id,), one=True)

    if not row:
        raise MergeError('No patch with ID {}.'.format(patch_id))
    if row['merged']:
        raise MergeError('Patch is already merged.')
    if not row['open']:
        raise MergeError('Closed patches cannot be merged.')

    db = database.get_db()
    curs = db.cursor()
    curs.execute(
        '''
        UPDATE patch_request
        SET merged = 0,
            open = 0,
            merged_at = strftime('%s', 'now'),
            merged_by = ?
        WHERE id = ?;
        ''',
        (user_id, row['id'],)
    )
コード例 #12
0
ファイル: auth.py プロジェクト: weberjavi/periodo-server
def add_user_or_update_credentials(credentials, extra_permissions=()):
    orcid = 'http://orcid.org/{}'.format(credentials['orcid'])
    b64token = b64encode(credentials['access_token'].encode())
    permissions = (ActionNeed('submit-patch'),) + extra_permissions
    db = database.get_db()
    cursor = db.cursor()
    cursor.execute('''
    INSERT OR IGNORE INTO user (
    id,
    name,
    permissions,
    b64token,
    token_expires_at,
    credentials)
    VALUES (?, ?, ?, ?, strftime('%s','now') + ?, ?) ''',
                   (orcid,
                    credentials['name'],
                    json.dumps(permissions),
                    b64token,
                    credentials['expires_in'],
                    json.dumps(credentials)))
    if not cursor.lastrowid:  # user with this id already in DB
        cursor.execute('''
        UPDATE user SET
        name = ?,
        b64token = ?,
        token_expires_at = strftime('%s','now') + ?,
        credentials = ?
        WHERE id = ?''',
                       (credentials['name'],
                        b64token,
                        credentials['expires_in'],
                        json.dumps(credentials),
                        orcid))

    return get_identity(b64token, cursor)
コード例 #13
0
ファイル: commands.py プロジェクト: weberjavi/periodo-server
def init_db():
    with app.app_context():
        db = database.get_db()
        with app.open_resource("schema.sql", mode="r") as schema_file:
            db.cursor().executescript(schema_file.read())
        db.commit()
コード例 #14
0
ファイル: nanopub.py プロジェクト: periodo/periodo-server
def make_nanopub(period_id, version):
    cursor = database.get_db().cursor()

    cursor.execute(
        '''
        SELECT
            patch.id as patch_id,

            patch.merged_at,
            patch.merged_by,
            patch.created_by,

            dataset.data
        FROM patch_request AS patch
        LEFT JOIN dataset ON patch.resulted_in = dataset.id
        WHERE
            patch.created_entities LIKE ?
            OR
            patch.updated_entities LIKE ?
        ORDER BY patch.id ASC
        LIMIT ?, 1;
        ''',
        ('%"' + identifier.prefix(period_id) + '"%',
         '%"' + identifier.prefix(period_id) + '"%',
         version - 1)
    )

    result = cursor.fetchone()

    if not result:
        raise PeriodNotFoundError(
            'Could not find version {} of period {}'.format(
                version, period_id))

    data = json.loads(result['data'])

    authority_id = identifier.prefix(
        period_id[:identifier.AUTHORITY_SEQUENCE_LENGTH + 1])
    authority = data['authorities'][authority_id]
    source = authority['source']
    period = authority['periods'][identifier.prefix(period_id)]
    period['authority'] = authority_id

    nanopub_uri = '{}/nanopub{}'.format(
        identifier.prefix(period_id), version)
    patch_uri = identifier.prefix('h#change-{}'.format(result['patch_id']))

    context = data['@context'].copy()
    context['np'] = 'http://nanopub.org/nschema#'
    context['pub'] = data['@context']['@base'] + nanopub_uri + '#'
    context['prov'] = 'http://www.w3.org/ns/prov#'

    # TODO: Pop "source" from period and include it in the provenance
    # graph?

    return {
        "@context": context,
        "@graph": [
            {
                "@id": "pub:head",
                "@graph": {
                    "@id": nanopub_uri,
                    "@type": "np:Nanopublication",
                    "np:hasAssertion": as_uri("pub:assertion"),
                    "np:hasProvenance": as_uri("pub:provenance"),
                    "np:hasPublicationInfo": as_uri("pub:pubinfo"),
                }
            },
            {
                "@id": "pub:assertion",
                "@graph": [period]
            },
            {
                "@id": "pub:provenance",
                "@graph": [
                    {
                        "@id": 'pub:assertion',
                        "dc:source": source
                    }
                ]
            },
            {
                "@id": "pub:pubinfo",
                "@graph": [
                    {
                        "@id": nanopub_uri,
                        "prov:wasGeneratedBy": as_uri(patch_uri),
                        "prov:asGeneratedAtTime": result['merged_at'],
                        "prov:wasAttributedTo": [
                            as_uri(result['merged_by']),
                            as_uri(result['created_by'])
                        ]
                    }
                ]
            }
        ]
    }
コード例 #15
0
ファイル: void.py プロジェクト: periodo/periodo-server
def describe_dataset(data, created_at):
    cursor = database.get_db().cursor()
    contributors = cursor.execute('''
    SELECT DISTINCT created_by, updated_by
    FROM patch_request
    WHERE merged = 1
    AND id > 1''').fetchall()

    with open(os.path.join(os.path.dirname(__file__), 'void-stub.ttl')) as f:
        description_g = Graph().parse(file=f, format='turtle')
    ns = Namespace(description_g.value(
        predicate=RDF.type, object=VOID.DatasetDescription))
    dataset_g = Graph().parse(data=json.dumps(data), format='json-ld')

    partitions = description_g.objects(
        subject=ns.d, predicate=VOID.classPartition)
    for part in partitions:
        clazz = description_g.value(subject=part, predicate=VOID['class'])
        entity_count = len(dataset_g.query('''
        SELECT DISTINCT ?s
        WHERE {
          ?s a <%s> .
          FILTER (STRSTARTS(STR(?s), "%s"))
        }''' % (clazz, ns)))
        description_g.add(
            (part, VOID.entities, Literal(entity_count, datatype=XSD.integer)))

    linksets = description_g.subjects(predicate=RDF.type, object=VOID.Linkset)
    for linkset in linksets:
        target = description_g.value(
            subject=linkset, predicate=VOID.objectsTarget)
        predicate = description_g.value(
            subject=linkset, predicate=VOID.linkPredicate)
        uriSpace = description_g.value(
            subject=target, predicate=VOID.uriSpace).value
        triples = len(dataset_g.query('''
SELECT ?s ?p ?o
WHERE {
  ?s <%s> ?o .
  FILTER (STRSTARTS(STR(?o), "%s")) .
}''' % (predicate, uriSpace)))
        description_g.add(
            (linkset, VOID.triples, Literal(triples, datatype=XSD.integer)))

    def add_to_description(p, o):
        description_g.add((ns.d, p, o))

    add_to_description(
        DCTERMS.modified,
        Literal(utils.isoformat(created_at), datatype=XSD.dateTime))

    add_to_description(
        DCTERMS.provenance,
        URIRef(utils.absolute_url(data['@context']['@base'], 'history')
               + '#changes')
    )

    add_to_description(
        VOID.triples, Literal(len(dataset_g), datatype=XSD.integer))

    for row in contributors:
        add_to_description(
            DCTERMS.contributor, URIRef(row['created_by']))
        if row['updated_by']:
            add_to_description(
                DCTERMS.contributor, URIRef(row['updated_by']))

    return description_g.serialize(format='turtle')
コード例 #16
0
def history():
    g = Graph()
    changelog = Collection(g, URIRef("#changelog"))
    cursor = database.get_db().cursor()
    for row in cursor.execute(
        """
SELECT
  id,
  created_at,
  created_by,
  updated_by,
  merged_at,
  merged_by,
  applied_to,
  resulted_in,
  created_entities,
  updated_entities,
  removed_entities
FROM patch_request
WHERE merged = 1
ORDER BY id ASC
"""
    ).fetchall():
        change = URIRef("#change-{}".format(row["id"]))
        patch = URIRef("#patch-{}".format(row["id"]))
        g.add((patch, FOAF.page, PERIODO[identifier.prefix(url_for("patch", id=row["id"]))]))
        g.add((change, PROV.startedAtTime, Literal(utils.isoformat(row["created_at"]), datatype=XSD.dateTime)))
        g.add((change, PROV.endedAtTime, Literal(utils.isoformat(row["merged_at"]), datatype=XSD.dateTime)))
        dataset = PERIODO[identifier.prefix(url_for("abstract_dataset"))]
        version_in = PERIODO[identifier.prefix(url_for("abstract_dataset", version=row["applied_to"]))]
        g.add((version_in, PROV.specializationOf, dataset))
        version_out = PERIODO[identifier.prefix(url_for("abstract_dataset", version=row["resulted_in"]))]
        g.add((version_out, PROV.specializationOf, dataset))

        g.add((change, PROV.used, version_in))
        g.add((change, PROV.used, patch))
        g.add((change, PROV.generated, version_out))

        def add_entity_version(entity_id):
            entity = PERIODO[entity_id]
            entity_version = PERIODO[entity_id + "?version={}".format(row["resulted_in"])]
            g.add((entity_version, PROV.specializationOf, entity))
            g.add((change, PROV.generated, entity_version))
            return entity_version

        for entity_id in json.loads(row["created_entities"]):
            add_entity_version(entity_id)

        for entity_id in json.loads(row["updated_entities"]):
            entity_version = add_entity_version(entity_id)
            prev_entity_version = PERIODO[entity_id + "?version={}".format(row["applied_to"])]
            g.add((entity_version, PROV.wasRevisionOf, prev_entity_version))

        for entity_id in json.loads(row["removed_entities"]):
            g.add((change, PROV.invalidated, PERIODO[entity_id]))

        for field, term in (("created_by", "submitted"), ("updated_by", "updated"), ("merged_by", "merged")):
            if row[field] == "initial-data-loader":
                continue
            agent = URIRef(row[field])
            association = URIRef("#patch-{}-{}".format(row["id"], term))
            g.add((change, PROV.wasAssociatedWith, agent))
            g.add((change, PROV.qualifiedAssociation, association))
            g.add((association, PROV.agent, agent))
            g.add((association, PROV.hadRole, PERIODO[identifier.prefix(url_for("vocab") + "#" + term)]))

        changelog.append(change)

    def ordering(o):
        if o["@id"] == "#changelog":
            # sort first
            return " "
        return o["@id"]

    jsonld = json.loads(g.serialize(format="json-ld", context=CONTEXT).decode("utf-8"))
    jsonld["history"] = sorted(jsonld["history"], key=ordering)
    return json.dumps(jsonld, sort_keys=True)