def check_owner(dataset=None, trait_id=None, resource_id=None):
if resource_id:
resource_info = get_resource_info(resource_id)
if g.user_session.user_id == resource_info['owner_id']:
return resource_id
else:
resource_id = get_resource_id(dataset, trait_id)
if resource_id:
resource_info = get_resource_info(resource_id)
if g.user_session.user_id == resource_info['owner_id']:
return resource_id
return False
def check_resource_availability(dataset, trait_id=None):
# At least for now assume temporary entered traits are accessible
if type(dataset) == str or dataset.type == "Temp":
return webqtlConfig.DEFAULT_PRIVILEGES
resource_id = get_resource_id(dataset, trait_id)
# ZS: This should never be false, but it's technically possible if
# a non-Temp dataset somehow had a type other than
# Publish/ProbeSet/Geno
if resource_id:
resource_info = get_resource_info(resource_id)
# If resource isn't already in redis, add it with default
# privileges
if not resource_info:
resource_info = add_new_resource(dataset, trait_id)
# Check if super-user - we should probably come up with some
# way to integrate this into the proxy
if g.user_session.user_id in Redis.smembers("super_users"):
return webqtlConfig.SUPER_PRIVILEGES
response = None
the_url = GN_PROXY_URL + "available?resource={}&user={}".format(
resource_id, g.user_session.user_id)
try:
response = json.loads(requests.get(the_url).content)
except:
response = resource_info['default_mask']
return response
def manage_resource():
params = request.form if request.form else request.args
if 'resource_id' in request.args:
resource_id = request.args['resource_id']
admin_status = check_owner_or_admin(resource_id=resource_id)
resource_info = get_resource_info(resource_id)
group_masks = resource_info['group_masks']
group_masks_with_names = get_group_names(group_masks)
default_mask = resource_info['default_mask']['data']
owner_id = resource_info['owner_id']
owner_display_name = None
if owner_id != "none":
owner_info = get_user_by_unique_column("user_id", owner_id)
if 'name' in owner_info:
owner_display_name = owner_info['full_name']
elif 'user_name' in owner_info:
owner_display_name = owner_info['user_name']
elif 'email_address' in owner_info:
owner_display_name = owner_info['email_address']
return render_template("admin/manage_resource.html",
owner_name=owner_display_name,
resource_id=resource_id,
resource_info=resource_info,
default_mask=default_mask,
group_masks=group_masks_with_names,
admin_status=admin_status)
def add_group_to_resource():
resource_id = request.form['resource_id']
admin_status = check_owner_or_admin(resource_id=resource_id)
if admin_status == "owner" or admin_status == "edit-admins" or admin_status == "edit-access":
if 'selected_group' in request.form:
group_id = request.form['selected_group']
resource_info = get_resource_info(resource_id)
default_privileges = resource_info['default_mask']
return render_template("admin/set_group_privileges.html",
resource_id=resource_id,
group_id=group_id,
default_privileges=default_privileges)
elif all(key in request.form
for key in ('data_privilege', 'metadata_privilege',
'admin_privilege')):
group_id = request.form['group_id']
group_name = get_group_info(group_id)['name']
access_mask = {
'data': request.form['data_privilege'],
'metadata': request.form['metadata_privilege'],
'admin': request.form['admin_privilege']
}
add_access_mask(resource_id, group_id, access_mask)
flash(
"Privileges have been added for group {}.".format(group_name),
"alert-info")
return redirect(url_for("manage_resource",
resource_id=resource_id))
else:
return render_template("admin/search_for_groups.html",
resource_id=resource_id)
else:
return redirect(url_for("no_access_page"))
def check_admin(resource_id=None):
the_url = "http://localhost:8080/available?resource={}&user={}".format(
resource_id, g.user_session.user_id)
try:
response = json.loads(requests.get(the_url).content)['admin']
except:
resource_info = get_resource_info(resource_id)
response = resource_info['default_mask']['admin']
if 'edit-admins' in response:
return "edit-admins"
elif 'edit-access' in response:
return "edit-access"
else:
return "not-admin"
def check_admin(resource_id=None):
the_url = GN_PROXY_URL + "available?resource={}&user={}".format(
resource_id, g.user_session.user_id)
try:
response = json.loads(requests.get(the_url).content)['admin']
except:
resource_info = get_resource_info(resource_id)
response = resource_info['default_mask']['admin']
if type(response) is list:
if 'edit-admins' in response:
return 'edit_admins'
elif 'edit-access' in response:
return 'edit-access'
return response
def change_default_privileges():
resource_id = request.form['resource_id']
admin_status = check_owner_or_admin(resource_id=resource_id)
if admin_status == "owner" or admin_status == "edit-admins":
resource_info = get_resource_info(resource_id)
default_mask = resource_info['default_mask']
if request.form['open_to_public'] == "True":
default_mask['data'] = 'view'
else:
default_mask['data'] = 'no-access'
resource_info['default_mask'] = default_mask
add_resource(resource_info)
flash("Your changes have been saved.", "alert-info")
return redirect(url_for("manage_resource", resource_id=resource_id))
else:
return redirect(url_for("no_access_page"))
def check_owner_or_admin(dataset=None, trait_id=None, resource_id=None):
if not resource_id:
if dataset.type == "Temp":
return "not-admin"
else:
resource_id = get_resource_id(dataset, trait_id)
if g.user_session.user_id in Redis.smembers("super_users"):
return "owner"
resource_info = get_resource_info(resource_id)
if resource_info:
if g.user_session.user_id == resource_info['owner_id']:
return "owner"
else:
return check_admin(resource_id)
return "not-admin"
def view_group():
params = request.form if request.form else request.args
group_id = params['id']
group_info = get_group_info(group_id)
admins_info = []
user_is_admin = False
if g.user_session.user_id in group_info['admins']:
user_is_admin = True
for user_id in group_info['admins']:
if user_id:
user_info = get_user_by_unique_column("user_id", user_id)
admins_info.append(user_info)
members_info = []
for user_id in group_info['members']:
if user_id:
user_info = get_user_by_unique_column("user_id", user_id)
members_info.append(user_info)
#ZS: This whole part might not scale well with many resources
resources_info = []
all_resources = get_resources()
for resource_id in all_resources:
resource_info = get_resource_info(resource_id)
group_masks = resource_info['group_masks']
if group_id in group_masks:
this_resource = {}
privileges = group_masks[group_id]
this_resource['id'] = resource_id
this_resource['name'] = resource_info['name']
this_resource['data'] = privileges['data']
this_resource['metadata'] = privileges['metadata']
this_resource['admin'] = privileges['admin']
resources_info.append(this_resource)
return render_template("admin/view_group.html",
group_info=group_info,
admins=admins_info,
members=members_info,
user_is_admin=user_is_admin,
resources=resources_info)