def test_change_acl(self):
with self.app.app_context():
public_grants = {'CanonicalUser': '******', 'Group': 'READ'}
private_grants = {'CanonicalUser': '******'}
bit_store = BitStore('test_pub', 'test_package', body='test')
s3 = boto3.client('s3')
bucket_name = self.app.config['S3_BUCKET_NAME']
s3.create_bucket(Bucket=bucket_name)
metadata_key = bit_store.build_s3_key('datapackage.json')
bit_store.save_metadata()
res = s3.get_object_acl(Bucket=bucket_name, Key=metadata_key)
owner_id = res['Owner']['ID']
aws_all_user_group_url = 'http://acs.amazonaws.com/groups/global/AllUsers'
full_control = filter(
lambda grant: grant['Permission'] == 'FULL_CONTROL',
res['Grants'])
self.assertEqual(len(full_control), 1)
self.assertEqual(full_control[0].get('Grantee')['ID'], owner_id)
read_control = filter(lambda grant: grant['Permission'] == 'READ',
res['Grants'])
self.assertEqual(len(read_control), 1)
self.assertEqual(read_control[0].get('Grantee')['URI'],
aws_all_user_group_url)
# for grant in res['Grants']:
# self.assertTrue(grant['Permission'] ==
# public_grants[grant['Grantee']['Type']])
#
bit_store.change_acl("private")
res = s3.get_object_acl(Bucket=bucket_name, Key=metadata_key)
full_control = filter(
lambda grant: grant['Permission'] == 'FULL_CONTROL',
res['Grants'])
self.assertEqual(len(full_control), 1)
self.assertEqual(full_control[0].get('Grantee')['ID'], owner_id)
read_control = filter(lambda grant: grant['Permission'] == 'READ',
res['Grants'])
self.assertEqual(len(read_control), 0)
def undelete_data_package(publisher, package):
"""
DPR data package un-delete operation.
This API is responsible for un-mark the mark for delete of data package
---
tags:
- package
parameters:
- in: path
name: publisher
type: string
required: true
description: publisher name
- in: path
name: package
type: string
required: true
description: package name
- in: header
name: Authorization
type: string
required: true
description: >
Jwt token in format of "bearer {token}.
The token can be generated from /api/auth/token"
responses:
500:
description: Internal Server Error
200:
description: Success Message
schema:
id: put_package_success
properties:
status:
type: string
default: OK
"""
try:
bitstore = BitStore(publisher=publisher, package=package)
status_acl = bitstore.change_acl('public-read')
status_db = Package.change_status(publisher, package,
PackageStateEnum.active)
if status_acl and status_db:
return jsonify({"status": "OK"}), 200
if not status_acl:
raise Exception('Failed to change acl')
if not status_db:
raise Exception('Failed to change status')
except Exception as e:
app.logger.error(e)
return handle_error('GENERIC_ERROR', e.message, 500)
def finalize_metadata(publisher, package):
"""
DPR metadata finalize operation.
This API is responsible for getting data from S3 and push it to RDS.
---
tags:
- package
parameters:
- in: path
name: publisher
type: string
required: true
description: publisher name
- in: path
name: package
type: string
required: true
description: package name
- in: header
name: Authorization
type: string
required: true
description: >
Jwt token in format of "bearer {token}.
The token can be generated from /api/auth/token"
responses:
200:
description: Data transfer complete
400:
description: JWT is invalid
401:
description: Invalid Header for JWT
403:
description: User name and publisher not matched
404:
description: User not found
500:
description: Internal Server Error
"""
try:
user = _request_ctx_stack.top.current_user
user_id = user['user']
user = User.query.filter_by(id=user_id).first()
if user is not None:
if user.name == publisher:
bit_store = BitStore(publisher, package)
body = bit_store.get_metadata_body()
if body is not None:
bit_store.change_acl('public-read')
readme = bit_store.get_s3_object(
bit_store.get_readme_object_key())
Package.create_or_update(name=package,
publisher_name=publisher,
descriptor=body,
readme=readme)
return jsonify({"status": "OK"}), 200
raise Exception("Failed to get data from s3")
return handle_error('NOT_PERMITTED',
'user name and publisher not matched', 403)
return handle_error('USER_NOT_FOUND', 'user not found', 404)
except Exception as e:
app.logger.error(e)
return handle_error('GENERIC_ERROR', e.message, 500)
