def get_authenticated_idx_and_idx_types(user=None, idx_keys=None, idx_type_keys=None): ''' Check permissions on elastic indexes and returns indexes that the given user can see''' # get all public idx_keys and idx_type_keys (idx_keys_public, idx_type_keys_public) = elastic_factory.get_idx_and_idx_type_keys(auth_public=True) # get all the private idx_keys and idx_type_keys (idx_keys_private, idx_type_keys_private) = elastic_factory.get_idx_and_idx_type_keys(auth_public=False) # user is None...return all public keys if user is None: return idx_keys_public, idx_type_keys_public idx_keys_auth = [] idx_type_keys_auth = [] # idx_keys or idx_type_keys is None, first fetch and add public keys # if idx_keys is None or idx_type_keys is None: if idx_keys is None: # First add all the public idx keys idx_keys_auth.extend(idx_keys_public) # Assign the idx keys that need to be checked idx_keys = idx_keys_private else: # don't add all, limit the one that the user has passed idx_keys_auth = [idx_key for idx_key in idx_keys if idx_key in idx_keys_public] if idx_type_keys is None: # First add all the public idx type keys idx_type_keys_auth.extend(idx_type_keys_public) # Assign the idx type keys that need to be checked idx_type_keys = idx_type_keys_private else: # don't add all, limit the one that the user has passed idx_type_keys_auth = [idx_key for idx_key in idx_type_keys if idx_key in idx_type_keys_public] # get elastic model names for the idx_keys and types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names(idx_keys=idx_keys, idx_type_keys=idx_type_keys) # @IgnorePep8 # check if the user has permissions to see the idx model model_names_idx_auth = _check_content_type_perms(model_names_idx, user) # check if the user has permissions to see the idx type model model_names_idx_types_auth = _check_content_type_perms(model_names_idx_types, user) # finally get the actual idx keys from model names and return them (idx_auth, idx_types_auth) = elastic_factory.get_keys_from_model_names(model_names_idx_auth, model_names_idx_types_auth) if idx_auth is not None and len(idx_auth) > 0: for idx in idx_auth: if idx not in idx_keys_auth: idx_keys_auth.append(idx) if idx_types_auth is not None and len(idx_types_auth) > 0: for idx in idx_types_auth: if idx not in idx_type_keys_auth: idx_type_keys_auth.append(idx) return (idx_keys_auth, idx_type_keys_auth)
def test_get_elastic_model_names_pydgin(self): '''check whether the right model names are created for pydgin''' # for pydgin, returns only models for private idx and idx_types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names() model_names = model_names_idx + model_names_idx_types self.assertIn('disease_idx', model_names) self.assertIn('gene-pathway_idx_type', model_names) self.assertIn('marker-ic_idx_type', model_names) self.assertIn('disease-disease_idx_type', model_names)
def test_elastic_model_names_round_trip(self): # getting the private ones (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names(auth_public=False) self.assertIn('target_mifsud_idx', model_names_idx, 'target_mifsud_idx found') self.assertIn('cp_stats_gwas-gwas-anderson_idx_type', model_names_idx_types, 'cp_stats_gwas-gwas-anderson_idx_type found') (idx_keys, idx_type_keys) = elastic_factory.get_keys_from_model_names(model_names_idx, model_names_idx_types) self.assertIn('TARGET_MIFSUD', idx_keys, 'TARGET_MIFSUD found') self.assertIn('CP_STATS_IC.IC-NAR_FARACO', idx_type_keys, 'CP_STATS_IC.IC-NAR_FARACO found')
def test_get_elastic_model_names_pydgin(self): '''check whether the right model names are created for pydgin''' # for pydgin, returns only models for private idx and idx_types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names() model_names = model_names_idx + model_names_idx_types self.assertIn('disease_idx', model_names) self.assertIn('gene-pathway_idx_type', model_names) self.assertIn('marker-ic_idx_type', model_names) self.assertIn('disease-disease_idx_type', model_names)
def test_get_elastic_model_names_chicp(self): '''check whether the right model names are created for chicp''' elastic_factory.create_dynamic_models() (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys(auth_public=False) (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('target_mifsud_idx', model_names_idx) self.assertIn('cp_stats_ic-ic-ms_imsgc_idx_type', model_names_idx_types) self.assertIn('cp_stats_ic-ic-nar_faraco_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-okada_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-stahl_idx_type', model_names_idx_types)
def test_elastic_model_names_round_trip(self): # getting the private ones (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( auth_public=False) self.assertIn('target_mifsud_idx', model_names_idx, 'target_mifsud_idx found') self.assertIn('cp_stats_gwas-gwas-anderson_idx_type', model_names_idx_types, 'cp_stats_gwas-gwas-anderson_idx_type found') (idx_keys, idx_type_keys) = elastic_factory.get_keys_from_model_names( model_names_idx, model_names_idx_types) self.assertIn('TARGET_MIFSUD', idx_keys, 'TARGET_MIFSUD found') self.assertIn('CP_STATS_IC.IC-NAR_FARACO', idx_type_keys, 'CP_STATS_IC.IC-NAR_FARACO found')
def test_get_elastic_model_names_chicp(self): '''check whether the right model names are created for chicp''' elastic_factory.create_dynamic_models() (idx_keys, idx_type_keys) = elastic_factory.get_idx_and_idx_type_keys( auth_public=False) (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('target_mifsud_idx', model_names_idx) self.assertIn('cp_stats_ic-ic-ms_imsgc_idx_type', model_names_idx_types) self.assertIn('cp_stats_ic-ic-nar_faraco_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-okada_idx_type', model_names_idx_types) self.assertIn('cp_stats_gwas-gwas-stahl_idx_type', model_names_idx_types)
def test_get_authenticated_idx_and_idx_types(self): elastic_factory.create_dynamic_models() # As user is none we should get back only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(user=None) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # As user is not none and we have assigned the user to any group we should get back # only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # Create test_dil user and assign the user to DIL group dil_group, created = Group.objects.get_or_create(name='DIL') self.assertTrue(created) dil_user = User.objects.create_user(username='******', email='*****@*****.**', password='******') dil_user.groups.add(dil_group) self.assertTrue(dil_user.groups.filter(name='DIL').exists()) all_groups_of_dil_user = dil_user.groups.values_list('name', flat=True) self.assertTrue("DIL" in all_groups_of_dil_user, "Found DIL in groups") self.assertTrue("READ" in all_groups_of_dil_user, "Found READ in groups") # get private idx and assign permission to dil_user (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( auth_public=False) test_idx_model = model_names_idx[0] test_idx_type_model = model_names_idx_types[1] self.assertTrue(test_idx_model.endswith('_idx'), 'Idx model ends with _idx') self.assertTrue(test_idx_type_model.endswith('_idx_type'), 'Idx type model ends with _idx_type') # create permissions on models and retest again to check if the idx could be seen content_type_idx, created_idx = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) content_type_idx_type, created_idx_type = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_type_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) # The idx and idx_type should already exists in db, so created should be false self.assertFalse(created_idx, test_idx_model + ' is available ') self.assertFalse(created_idx_type, test_idx_type_model + ' is available ') self.assertIsNotNone(content_type_idx, content_type_idx.name + ' is not None') self.assertIsNotNone(content_type_idx_type, content_type_idx_type.name + ' is not None') # create permission and assign ...Generally we create via admin interface can_read_permission_idx, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx) self.assertIsNotNone( can_read_permission_idx, ' Permission is available ' + can_read_permission_idx.name) can_read_permission_idx_type, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx_type) self.assertIsNotNone( can_read_permission_idx_type, ' Permission is available ' + can_read_permission_idx_type.name) # now grant access to test_dil and check if the user can see the index # Add the permission to dil_group dil_group.permissions.add(can_read_permission_idx) dil_group.permissions.add(can_read_permission_idx_type) dil_user = get_object_or_404(User, pk=dil_user.id) available_group_perms = dil_user.get_group_permissions() self.assertTrue('elastic.can_read_' + test_idx_model.lower() in available_group_perms) self.assertTrue('elastic.can_read_' + test_idx_type_model.lower() in available_group_perms) # Try to get the authenticated idx and idx_types keys again (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(dil_user) (idx_model_name_auth, idx_type_model_name_auth) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys_auth, idx_type_keys=idx_type_keys_auth) self.assertTrue(test_idx_model in idx_model_name_auth) self.assertTrue(test_idx_type_model in idx_type_model_name_auth) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # pass just one index key and index type and check for returned keys and types # publication idx is public and publication.publication is private idx_keys = ['PUBLICATION'] idx_type_keys = ['PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types( self.user, idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('PUBLICATION', idx_keys_auth) self.assertNotIn('PUBLICATION.PUBLICATION', idx_type_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') # pass only one idx_keys and one idx type keys idx_keys = ['PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types( self.user, idx_keys=idx_keys, ) self.assertIn('PUBLICATION', idx_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') self.assertTrue(len(idx_type_keys_auth) == 3, 'Got back 3 idx types') # pass only one idx type keys and idx keys idx_type_keys = ['MARKER.MARKER', 'PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types( self.user, idx_type_keys=idx_type_keys, ) self.assertTrue(len(idx_keys_auth) == 3, 'Got back only one idx') # as publication is private and we have passed the regular user this is right self.assertTrue(len(idx_type_keys_auth) == 1, 'Got back 0 idx types')
def test_get_authenticated_idx_and_idx_types(self): elastic_factory.create_dynamic_models() # As user is none we should get back only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(user=None) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # As user is not none and we have assigned the user to any group we should get back # only public idx and idx_type keys (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # Create test_dil user and assign the user to DIL group dil_group, created = Group.objects.get_or_create(name='DIL') self.assertTrue(created) dil_user = User.objects.create_user( username='******', email='*****@*****.**', password='******') dil_user.groups.add(dil_group) self.assertTrue(dil_user.groups.filter(name='DIL').exists()) all_groups_of_dil_user = dil_user.groups.values_list('name', flat=True) self.assertTrue("DIL" in all_groups_of_dil_user, "Found DIL in groups") self.assertTrue("READ" in all_groups_of_dil_user, "Found READ in groups") # get private idx and assign permission to dil_user (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names(auth_public=False) test_idx_model = model_names_idx[0] test_idx_type_model = model_names_idx_types[1] self.assertTrue(test_idx_model.endswith('_idx'), 'Idx model ends with _idx') self.assertTrue(test_idx_type_model.endswith('_idx_type'), 'Idx type model ends with _idx_type') # create permissions on models and retest again to check if the idx could be seen content_type_idx, created_idx = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) content_type_idx_type, created_idx_type = ContentType.objects.get_or_create( # @UnusedVariable model=test_idx_type_model, app_label=elastic_factory.PERMISSION_MODEL_APP_NAME, ) # The idx and idx_type should already exists in db, so created should be false self.assertFalse(created_idx, test_idx_model + ' is available ') self.assertFalse(created_idx_type, test_idx_type_model + ' is available ') self.assertIsNotNone(content_type_idx, content_type_idx.name + ' is not None') self.assertIsNotNone(content_type_idx_type, content_type_idx_type.name + ' is not None') # create permission and assign ...Generally we create via admin interface can_read_permission_idx, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx) self.assertIsNotNone(can_read_permission_idx, ' Permission is available ' + can_read_permission_idx.name) can_read_permission_idx_type, create_permission_idx = Permission.objects.get_or_create( # @UnusedVariable content_type=content_type_idx_type) self.assertIsNotNone(can_read_permission_idx_type, ' Permission is available ' + can_read_permission_idx_type.name) # now grant access to test_dil and check if the user can see the index # Add the permission to dil_group dil_group.permissions.add(can_read_permission_idx) dil_group.permissions.add(can_read_permission_idx_type) dil_user = get_object_or_404(User, pk=dil_user.id) available_group_perms = dil_user.get_group_permissions() self.assertTrue('elastic.can_read_' + test_idx_model.lower() in available_group_perms) self.assertTrue('elastic.can_read_' + test_idx_type_model.lower() in available_group_perms) # Try to get the authenticated idx and idx_types keys again (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(dil_user) (idx_model_name_auth, idx_type_model_name_auth) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys_auth, idx_type_keys=idx_type_keys_auth) self.assertTrue(test_idx_model in idx_model_name_auth) self.assertTrue(test_idx_type_model in idx_type_model_name_auth) self.assertIn('MARKER', idx_keys_auth) self.assertIn('GENE', idx_keys_auth) self.assertIn('PUBLICATION', idx_keys_auth) self.assertIn('MARKER.MARKER', idx_type_keys_auth) self.assertIn('MARKER.HISTORY', idx_type_keys_auth) self.assertIn('GENE.GENE', idx_type_keys_auth) # pass just one index key and index type and check for returned keys and types # publication idx is public and publication.publication is private idx_keys = ['PUBLICATION'] idx_type_keys = ['PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user, idx_keys=idx_keys, idx_type_keys=idx_type_keys) self.assertIn('PUBLICATION', idx_keys_auth) self.assertNotIn('PUBLICATION.PUBLICATION', idx_type_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') # pass only one idx_keys and one idx type keys idx_keys = ['PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user, idx_keys=idx_keys, ) self.assertIn('PUBLICATION', idx_keys_auth) self.assertTrue(len(idx_keys_auth) == 1, 'Got back only one idx') self.assertTrue(len(idx_type_keys_auth) == 3, 'Got back 3 idx types') # pass only one idx type keys and idx keys idx_type_keys = ['MARKER.MARKER', 'PUBLICATION.PUBLICATION'] idx_keys_auth = [] idx_type_keys_auth = [] (idx_keys_auth, idx_type_keys_auth) = get_authenticated_idx_and_idx_types(self.user, idx_type_keys=idx_type_keys, ) self.assertTrue(len(idx_keys_auth) == 3, 'Got back only one idx') # as publication is private and we have passed the regular user this is right self.assertTrue(len(idx_type_keys_auth) == 1, 'Got back 0 idx types')
def get_authenticated_idx_and_idx_types(user=None, idx_keys=None, idx_type_keys=None): ''' Check permissions on elastic indexes and returns indexes that the given user can see''' # get all public idx_keys and idx_type_keys (idx_keys_public, idx_type_keys_public) = elastic_factory.get_idx_and_idx_type_keys( auth_public=True) # get all the private idx_keys and idx_type_keys (idx_keys_private, idx_type_keys_private) = elastic_factory.get_idx_and_idx_type_keys( auth_public=False) # user is None...return all public keys if user is None: return idx_keys_public, idx_type_keys_public idx_keys_auth = [] idx_type_keys_auth = [] # idx_keys or idx_type_keys is None, first fetch and add public keys # if idx_keys is None or idx_type_keys is None: if idx_keys is None: # First add all the public idx keys idx_keys_auth.extend(idx_keys_public) # Assign the idx keys that need to be checked idx_keys = idx_keys_private else: # don't add all, limit the one that the user has passed idx_keys_auth = [ idx_key for idx_key in idx_keys if idx_key in idx_keys_public ] if idx_type_keys is None: # First add all the public idx type keys idx_type_keys_auth.extend(idx_type_keys_public) # Assign the idx type keys that need to be checked idx_type_keys = idx_type_keys_private else: # don't add all, limit the one that the user has passed idx_type_keys_auth = [ idx_key for idx_key in idx_type_keys if idx_key in idx_type_keys_public ] # get elastic model names for the idx_keys and types (model_names_idx, model_names_idx_types) = elastic_factory.get_elastic_model_names( idx_keys=idx_keys, idx_type_keys=idx_type_keys) # @IgnorePep8 # check if the user has permissions to see the idx model model_names_idx_auth = _check_content_type_perms(model_names_idx, user) # check if the user has permissions to see the idx type model model_names_idx_types_auth = _check_content_type_perms( model_names_idx_types, user) # finally get the actual idx keys from model names and return them (idx_auth, idx_types_auth) = elastic_factory.get_keys_from_model_names( model_names_idx_auth, model_names_idx_types_auth) if idx_auth is not None and len(idx_auth) > 0: for idx in idx_auth: if idx not in idx_keys_auth: idx_keys_auth.append(idx) if idx_types_auth is not None and len(idx_types_auth) > 0: for idx in idx_types_auth: if idx not in idx_type_keys_auth: idx_type_keys_auth.append(idx) return (idx_keys_auth, idx_type_keys_auth)