def __init__(self, smtp_conf=None, **kwargs):
super(SubmissionTransaction, self).__init__(role='submit', **kwargs)
self.app_config = capp.config
if utils.should_send_email(self.app_config):
self.smtp_conf = smtp_conf
roles = get_program_project_roles(*self.project_id.split('-', 1))
if ROLE_SUBMIT not in roles:
self.record_error(
'You do not have submit permission for project {}'.format(
self.project_id),
type=EntityErrors.INVALID_PERMISSIONS)
return
self.project_node = utils.lookup_project(self.db_driver, self.program,
self.project)
def __init__(self, transaction, node):
super(DeletionEntity, self).__init__(transaction, node)
self.action = 'delete'
self.dependents = {
# entity.node.node_id: entity
}
if isinstance(node, MissingNode):
self.neighbors = ()
return
self.neighbors = (edge.src for edge in node.edges_in)
# Check user permissions for deleting nodes
roles = get_program_project_roles(
*self.transaction.project_id.split('-', 1))
if 'delete' not in roles:
self.record_error(
'You do not have delete permission for project {}'.format(
self.transaction.project_id))
def get_user_roles(self):
return get_program_project_roles(
*self.transaction.project_id.split('-', 1)
)
def file_operations(program, project, file_uuid):
"""
Handle molecular file operations. This will only be available once the
user has created a file entity with GDC id ``uuid`` via the
``/<program>/<project>/`` endppoint.
This endpoint is an S3 compatible endpoint as described here:
http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectOps.html
Supported operations:
PUT /<program>/<project>/files/<uuid>
Upload data using single PUT. The request body should contain
binary data of the file
PUT /internal/<program>/<project>/files/<uuid>/reassign
Manually (re)assign the S3 url for a given node
DELETE /<program>/<project>/files/<uuid>
Delete molecular data from object storage.
POST /<program>/<project>/files/<uuid>?uploads
Initiate Multipart Upload.
PUT /<program>/<project>/files/<uuid>?partNumber=PartNumber&uploadId=UploadId
Upload Part.
POST /<program>/<project>/files/<uuid>?uploadId=UploadId
Complete Multipart Upload
DELETE /<program>/<project>/files/<uuid>?uploadId=UploadId
Abort Multipart Upload
GET /<program>/<project>/files/<uuid>?uploadId=UploadId
List Parts
:param str program: |program_id|
:param str project: |project_id|
:param str uuid: The GDC id of the file to upload.
:reqheader Content-Type: |reqheader_Content-Type|
:reqheader Accept: |reqheader_Accept|
:reqheader X-Auth-Token: |reqheader_X-Auth-Token|
:resheader Content-Type: |resheader_Content-Type|
:statuscode 200: Success.
:statuscode 404: File not found.
:statuscode 403: Unauthorized request.
:statuscode 405: Method Not Allowed.
:statuscode 400: Bad Request.
"""
headers = {
k: v
for k, v in flask.request.headers.iteritems()
if v and k != 'X-Auth-Token'
}
url = flask.request.url.split('?')
args = url[-1] if len(url) > 1 else ''
if flask.request.method == 'GET':
if flask.request.args.get('uploadId'):
action = 'list_parts'
else:
raise UserError('Method GET not allowed on file', code=405)
elif flask.request.method == 'POST':
if flask.request.args.get('uploadId'):
action = 'complete_multipart'
elif flask.request.args.get('uploads') is not None:
action = 'initiate_multipart'
else:
action = 'upload'
elif flask.request.method == 'PUT':
if reassign:
# admin only
auth.current_user.require_admin()
action = 'reassign'
elif flask.request.args.get('partNumber'):
action = 'upload_part'
else:
action = 'upload'
elif flask.request.method == 'DELETE':
if flask.request.args.get('uploadId'):
action = 'abort_multipart'
else:
action = 'delete'
else:
raise UserError('Unsupported file operation', code=405)
project_id = program + '-' + project
role = PERMISSIONS[action]
roles = auth.get_program_project_roles(*project_id.split('-', 1))
if role not in roles:
raise AuthError("You don't have {} role to do '{}'".format(
role, action))
resp = utils.proxy_request(
project_id,
file_uuid,
flask.request.stream,
args,
headers,
flask.request.method,
action,
dry_run,
)
if dry_run or action == 'reassign':
return resp
return flask.Response(resp.read(),
status=resp.status,
headers=resp.getheaders(),
mimetype='text/xml')