def create_data_access_policy(
policy: dto.DataAccessPolicyUpdate,
dao: DataAccessPolicyDao = Depends(),
session: Session = Depends(get_db),
):
""" Create a data access policy for the logged in user. """
with session:
validate_tool_exists(session, policy.tool)
data_access_policy = DataAccessPolicy(**policy.dict())
dao.add(session=session, data_access_policy=data_access_policy)
session.flush() # persist entity to get an id
return dto.DataAccessPolicy(**data_access_policy.__dict__)
def delete(self, session: Session, data_access_policy_id: int) -> bool:
""" Deletes a data access policy by id """
query = session.query(DataAccessPolicy).filter(
DataAccessPolicy.id == data_access_policy_id,
DataAccessPolicy.owner_rid == self.logged_in_user,
)
return 1 == query.delete()
def load_matching(session: Session,
data_access: DataAccess) -> List[DataAccessPolicy]:
""" Load all data access policies which permit the given data access """
owners = [owner.owner_rid for owner in data_access.data_owners]
date_of_access = data_access.timestamp.date()
query = session.query(DataAccessPolicy).filter(
DataAccessPolicy.owner_rid.in_(owners),
or_(
DataAccessPolicy.access_kind == data_access.access_kind,
DataAccessPolicy.access_kind == None,
),
or_(DataAccessPolicy.tool == data_access.tool,
DataAccessPolicy.tool == None),
or_(
DataAccessPolicy.user_rid == data_access.user_rid,
DataAccessPolicy.user_rid == None,
),
or_(
DataAccessPolicy.validity_period_end_date >= date_of_access,
DataAccessPolicy.validity_period_end_date == None,
),
or_(
DataAccessPolicy.validity_period_start_date <= date_of_access,
DataAccessPolicy.validity_period_end_date == None,
),
)
return query.all()
def load_all(
self,
session: Session,
date_start: Optional[dt.date] = None,
date_end: Optional[dt.date] = None,
limit: Optional[int] = None,
) -> List[DataAccess]:
""" Load all entries of the given data owner. """
query = session.query(DataAccess).filter(
DataAccess.data_owners.any(owner_rid=self.logged_in_user))
if date_start:
query = query.filter(func.DATE(DataAccess.timestamp) >= date_start)
if date_end:
query = query.filter(func.DATE(DataAccess.timestamp) <= date_end)
query = query.order_by(DataAccess.timestamp.desc())
if limit:
query = query.limit(limit)
data_accesses: List[DataAccess] = query.options(
# eager load data types
selectinload(DataAccess.data_types), ).all()
return data_accesses
def load_single(self, session: Session,
data_access_policy_id: int) -> Optional[DataAccessPolicy]:
""" Load a data access policy by id """
query = session.query(DataAccessPolicy).filter(
DataAccessPolicy.id == data_access_policy_id,
DataAccessPolicy.owner_rid == self.logged_in_user,
)
return query.first()
def load_all(self, session: Session) -> List[DataAccessPolicy]:
""" Load all data access policies for the given user. """
query = session.query(DataAccessPolicy).filter(
DataAccessPolicy.owner_rid == self.logged_in_user)
return query.all()
def add(self, session: Session, data_access_policy: DataAccessPolicy):
""" Insert a data access policy into the database """
data_access_policy.owner_rid = self.logged_in_user
session.add(data_access_policy)
def check_health(session: Session = Depends(get_db)):
try:
session.execute("SELECT 1")
except Exception as exc:
raise HTTPException(HTTP_500_INTERNAL_SERVER_ERROR,
detail="Database is unavailable.") from exc
def delete(session: Session, tool_name: str) -> bool:
""" Delete a tool by its name """
query = session.query(Tool).filter(Tool.name == tool_name)
return 1 == query.delete()
def load_single(session: Session, tool_name: str) -> Optional[Tool]:
query = session.query(Tool).filter(Tool.name == tool_name)
return query.first()
def load_all(session: Session) -> List[Tool]:
""" Load all tools form the database """
return session.query(Tool).all()
def add(session: Session, tool: Tool):
""" Insert a tool into the database """
session.add(tool)
def add(session: Session, data_access: DataAccess):
""" Insert a data access into the database """
session.add(data_access)