def post(self, request, user_name, role_name): """ Assign a role to a user Args: request: Django rest framework request user_name: User name role_name : Role name Returns: Http status of the request """ try: if role_name not in ['admin', 'user-manager', 'resource-manager']: return BossHTTPError(404, "Invalid role name {}".format(role_name), 30000) with KeyCloakClient('BOSS') as kc: response = kc.map_role_to_user(user_name, role_name) return Response(serializer.data, status=201) except Exception as e: return BossHTTPError( 404, "Unable to map role {} to user {} in keycloak. {}".format( role_name, user_name, e), 30000)
def delete(self, request, user_name, role_name): """ Delete a user Args: request: Django rest framework request user_name: User name from the request role_name: Role name from the request Returns: Http status of the request """ try: if role_name not in ['admin', 'user-manager', 'resource-manager']: return BossHTTPError(404, "Invalid role name {}".format(role_name), 30000) with KeyCloakClient('BOSS') as kc: response = kc.remove_role_from_user(user_name, role_name) return Response(status=204) except Exception as e: return BossHTTPError( 404, "Unable to remove role {} from user {} in keycloak. {}".format( role_name, user_name, e), 30000)
def delete(self, request, group_name, user_name): """ Removes a user from a group Args: request: Django rest framework request group_name:Group name from the request user_name: User name from the request Returns: Http status of the request """ try: if group_name == 'public' or group_name == 'admin': return BossHTTPError( 'Cannot remove a user from the group {}. This is an admin managed group' .format(group_name), ErrorCodes.BAD_REQUEST) group = Group.objects.get(name=group_name) bgroup = BossGroup.objects.get(group=group) # Check the users permissions. if request.user.has_perm("maintain_group", bgroup): usr = User.objects.get(username=user_name) bgroup.group.user_set.remove(usr) return HttpResponse(status=204) else: return BossHTTPError( 'The user {} does not have the {} permission on the group {}' .format(request.user.username, 'maintain_group', group_name), ErrorCodes.MISSING_PERMISSION) except Group.DoesNotExist: return BossGroupNotFoundError(group_name) except User.DoesNotExist: return BossUserNotFoundError(user_name)
def get(self, request, user_name, role_name=None): """ Check if the user has a specific role Args: request: Django rest framework request user_name: User name role_name: Returns: True if the user has the role """ try: with KeyCloakClient('BOSS') as kc: resp = kc.get_realm_roles(user_name) roles = [r['name'] for r in resp] # DP TODO: filter roles array to limit to valid roles?? if role_name is None: return Response(roles, status=200) else: valid = ['admin', 'user-manager', 'resource-manager'] if role_name not in valid: return BossHTTPError( 404, "Invalid role name {}".format(role_name), 30000) exists = role_name in roles return Response(exists, status=200) except Exception as e: return BossHTTPError( 404, "Error getting user's {} roles from keycloak. {}".format( user_name, e), 30000)
def delete(self, request, collection, experiment): """ Delete a experiment Args: request: DRF Request object collection: Name of collection experiment: Experiment name to delete Returns: Http status """ try: collection_obj = Collection.objects.get(name=collection) experiment_obj = Experiment.objects.get(name=experiment, collection=collection_obj) if request.user.has_perm("delete", experiment_obj): # Are there channels that reference it serializer = ExperimentReadSerializer(experiment_obj) if len(serializer.get_valid_channels(experiment_obj)) > 0: # This experiment has channels that reference it and cannot be deleted return BossHTTPError(" Experiment {} has channels that reference it and cannot be deleted." "Please delete the channels first.".format(experiment), ErrorCodes.INTEGRITY_ERROR) experiment_obj.to_be_deleted = datetime.now() experiment_obj.save() return HttpResponse(status=204) else: return BossPermissionError('delete', experiment) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except Experiment.DoesNotExist: return BossResourceNotFoundError(experiment) except ProtectedError: return BossHTTPError("Cannot delete {}. It has channels that reference it." .format(experiment), ErrorCodes.INTEGRITY_ERROR)
def get(self, request, collection, experiment, dataset, resolution, x_range, y_range, z_range): """ View to handle GET requests for a cuboid of data while providing all params :param request: DRF Request object :type request: rest_framework.request.Request :param collection: Unique Collection identifier, indicating which collection you want to access :param experiment: Experiment identifier, indicating which experiment you want to access :param dataset: Dataset identifier, indicating which channel or layer you want to access :param resolution: Integer indicating the level in the resolution hierarchy (0 = native) :param x_range: Python style range indicating the X coordinates of where to post the cuboid (eg. 100:200) :param y_range: Python style range indicating the Y coordinates of where to post the cuboid (eg. 100:200) :param z_range: Python style range indicating the Z coordinates of where to post the cuboid (eg. 100:200) :return: """ # Check if parsing completed without error. If an error did occur, return to user. if isinstance(request.data, BossParserError): return request.data.to_http() # Process request and validate try: req = BossRequest(request) except BossError as err: return BossHTTPError(err.args[0], err.args[1], err.args[2]) # Convert to Resource resource = project.BossResourceDjango(req) # Get bit depth try: self.bit_depth = resource.get_bit_depth() except ValueError: return BossHTTPError( "Unsupported data type: {}".format(resource.get_data_type()), ErrorCodes.TYPE_ERROR) # Make sure cutout request is under 1GB UNCOMPRESSED total_bytes = req.get_x_span() * req.get_y_span() * req.get_z_span( ) * len(req.get_time()) * (self.bit_depth / 8) if total_bytes > settings.CUTOUT_MAX_SIZE: return BossHTTPError( "Cutout request is over 1GB when uncompressed. Reduce cutout dimensions.", ErrorCodes.REQUEST_TOO_LARGE) # Get interface to SPDB cache cache = SpatialDB(settings.KVIO_SETTINGS, settings.STATEIO_CONFIG, settings.OBJECTIO_CONFIG) # Get the params to pull data out of the cache corner = (req.get_x_start(), req.get_y_start(), req.get_z_start()) extent = (req.get_x_span(), req.get_y_span(), req.get_z_span()) # Get a Cube instance with all time samples data = cache.cutout( resource, corner, extent, req.get_resolution(), [req.get_time().start, req.get_time().stop]) # Send data to renderer return Response(data)
def delete(self, request, coordframe): """ Delete a coordinate frame Args: request: DRF Request object coordframe: Name of coordinateframe to delete Returns: Http status """ try: coordframe_obj = CoordinateFrame.objects.get(name=coordframe) if request.user.has_perm("delete", coordframe_obj): # Are there experiments that reference it serializer = CoordinateFrameDeleteSerializer(coordframe_obj) if len(serializer.get_valid_exps(coordframe_obj)) > 0: # This collection has experiments that reference it and cannot be deleted return BossHTTPError(" Coordinate frame {} has experiments that reference it and cannot be deleted." "Please delete the experiments first.".format(coordframe), ErrorCodes.INTEGRITY_ERROR) coordframe_obj.to_be_deleted = datetime.now() coordframe_obj.save() return HttpResponse(status=204) else: return BossPermissionError('delete', coordframe) except CoordinateFrame.DoesNotExist: return BossResourceNotFoundError(coordframe) except ProtectedError: return BossHTTPError("Cannot delete {}. It has experiments that reference it.".format(coordframe), ErrorCodes.INTEGRITY_ERROR)
def get(self, request, collection, experiment, channel): """ Retrieve information about a channel. Args: request: DRF Request object collection: Collection name experiment: Experiment name channel: Channel name Returns : Channel """ try: collection_obj = Collection.objects.get(name=collection) experiment_obj = Experiment.objects.get(name=experiment, collection=collection_obj) channel_obj = Channel.objects.get(name=channel, experiment=experiment_obj) # Check for permissions if request.user.has_perm("read", channel_obj): if channel_obj.to_be_deleted is not None: return BossHTTPError("Invalid Request. This Resource has been marked for deletion", ErrorCodes.RESOURCE_MARKED_FOR_DELETION) serializer = ChannelReadSerializer(channel_obj) return Response(serializer.data) else: return BossPermissionError('read', channel) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except Experiment.DoesNotExist: return BossResourceNotFoundError(experiment) except Channel.DoesNotExist: return BossResourceNotFoundError(channel) except ValueError: return BossHTTPError("Value Error in post data", ErrorCodes.TYPE_ERROR)
def delete(self, request, group_name): """ Delete a group. The user has to be an admin or the creator of the group Args: request: Django rest framework request group_name: Group name from the request Returns: Http status of the request """ try: group = Group.objects.get(name=group_name) bgroup = BossGroup.objects.get(group=group) bpm = BossPrivilegeManager(request.user) if request.user == bgroup.creator or bpm.has_role('admin'): if group_name == ADMIN_GRP or group_name == PUBLIC_GRP: return BossHTTPError( 'Admin and public groups cannot be deleted.', ErrorCodes.BAD_REQUEST) else: group.delete() return Response(status=204) else: return BossHTTPError( 'Groups can only be deleted by the creator or administrator', ErrorCodes.MISSING_ROLE) except Group.DoesNotExist: return BossGroupNotFoundError(group_name)
def post(self, request, collection, experiment): """Create a new experiment View to create a new experiment and an associated bosskey for that experiment Args: request: DRF Request object collection : Collection name experiment : Experiment name Returns: Experiment """ experiment_data = request.data.copy() experiment_data['name'] = experiment try: # Get the collection information collection_obj = Collection.objects.get(name=collection) if request.user.has_perm("add", collection_obj): experiment_data['collection'] = collection_obj.pk # Update the coordinate frame if 'coord_frame' not in experiment_data: return BossHTTPError("This request requires a valid coordinate frame", ErrorCodes.INVALID_POST_ARGUMENT) coord_frame_obj = CoordinateFrame.objects.get(name=experiment_data['coord_frame']) experiment_data['coord_frame'] = coord_frame_obj.pk serializer = ExperimentSerializer(data=experiment_data) if serializer.is_valid(): serializer.save(creator=self.request.user) experiment_obj = Experiment.objects.get(name=experiment_data['name'], collection=collection_obj) # Assign permissions to the users primary group and admin group BossPermissionManager.add_permissions_primary_group(self.request.user, experiment_obj) BossPermissionManager.add_permissions_admin_group(experiment_obj) lookup_key = str(collection_obj.pk) + '&' + str(experiment_obj.pk) boss_key = collection_obj.name + '&' + experiment_obj.name LookUpKey.add_lookup(lookup_key, boss_key, collection_obj.name, experiment_obj.name) serializer = ExperimentReadSerializer(experiment_obj) return Response(serializer.data, status=status.HTTP_201_CREATED) else: return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT) else: return BossPermissionError('add', collection) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except CoordinateFrame.DoesNotExist: return BossResourceNotFoundError(experiment_data['coord_frame']) except ValueError: return BossHTTPError("Value Error.Collection id {} in post data needs to be an integer" .format(experiment_data['collection']), ErrorCodes.TYPE_ERROR)
def delete(self, request, group_name, user_name): """ Removes a maintainer from the group Args: request: Django rest framework request group_name:Group name from the request user_name: User name from the request Returns: Http status of the request """ try: if group_name == PUBLIC_GRP or group_name == ADMIN_GRP: return BossHTTPError( 'Cannot remove a maintainer from the group {}. This is an admin managed group' .format(group_name), ErrorCodes.BAD_REQUEST) if user_name is None: return BossHTTPError('Missing username parameter in post.', ErrorCodes.INVALID_URL) elif user_name == ADMIN_USER: return BossHTTPError( 'Cannot remove {} maintainer from any group'.format( ADMIN_USER), ErrorCodes.BAD_REQUEST) group = Group.objects.get(name=group_name) bgroup = BossGroup.objects.get(group=group) # Check the users permissions. if request.user.has_perm("maintain_group", bgroup): usr = User.objects.get(username=user_name) status = usr.has_perm('maintain_group', bgroup) if status is False: return BossHTTPError( 'The user {} does not have the {} permission on the group {}' .format(usr.username, 'maintain_group', group_name), ErrorCodes.MISSING_PERMISSION) else: remove_perm('maintain_group', usr, bgroup) return HttpResponse(status=204) else: return BossHTTPError( 'The user {} does not have the {} permission on the group {}' .format(request.user.username, 'maintain_group', group_name), ErrorCodes.MISSING_PERMISSION) except Group.DoesNotExist: return BossGroupNotFoundError(group_name) except User.DoesNotExist: return BossUserNotFoundError(user_name)
def post(self, request, collection, experiment=None, channel=None): """ View to handle POST requests for metadata Args: request: DRF Request object collection: Collection Name specifying the collection you want to get the meta data for experiment: Experiment name. default = None channel: Channel name. Default = None Returns: """ if 'key' not in request.query_params or 'value' not in request.query_params: return BossHTTPError( "Missing optional argument key/value in the request", ErrorCodes.INVALID_POST_ARGUMENT) try: # Create the request dict request_args = { "service": "meta", "collection_name": collection, "experiment_name": experiment, "channel_name": channel, "key": request.query_params['key'], "value": request.query_params['value'] } req = BossRequest(request, request_args) lookup_key = req.get_lookup_key() except BossError as err: return err.to_http() if not lookup_key: return BossHTTPError( "Invalid request. Unable to parse the datamodel arguments", ErrorCodes.INVALID_POST_ARGUMENT) mkey = request.query_params['key'] value = request.query_params['value'] # Post Metadata the dynamodb database mdb = metadb.MetaDB() if mdb.get_meta(lookup_key, mkey): return BossHTTPError( "Invalid request. The key {} already exists".format(mkey), ErrorCodes.INVALID_POST_ARGUMENT) mdb.write_meta(lookup_key, mkey, value) return HttpResponse(status=201)
def get(self, request, collection, experiment=None, channel_layer=None): """ View to handle GET requests for metadata Args: request: DRF Request object collection: Collection Name experiment: Experiment name. default = None channel_layer: Channel or Layer name Returns: """ try: # Validate the request and get the lookup Key req = BossRequest(request) lookup_key = req.get_lookup_key() except BossError as err: return err.to_http() if not lookup_key or lookup_key == "": return BossHTTPError( "Invalid request. Unable to parse the datamodel arguments", ) if 'key' not in request.query_params: # List all keys that are valid for the query mdb = metadb.MetaDB() mdata = mdb.get_meta_list(lookup_key) keys = [] if mdata: for meta in mdata: keys.append(meta['key']) data = {'keys': keys} return Response(data) else: mkey = request.query_params['key'] mdb = metadb.MetaDB() mdata = mdb.get_meta(lookup_key, mkey) if mdata: data = {'key': mdata['key'], 'value': mdata['metavalue']} return Response(data) else: return BossHTTPError( "Invalid request. Key {} Not found in the database".format( mkey), ErrorCodes.INVALID_POST_ARGUMENT)
def get(self, request, collection, experiment): """ GET requests for a single instance of a experiment Args: request: DRF Request object collection: Collection name specifying the collection you want experiment: Experiment name specifying the experiment instance Returns : Experiment """ try: collection_obj = Collection.objects.get(name=collection) experiment_obj = Experiment.objects.get(name=experiment, collection=collection_obj) # Check for permissions if request.user.has_perm("read", experiment_obj): if experiment_obj.to_be_deleted is not None: return BossHTTPError("Invalid Request. This Resource has been marked for deletion", ErrorCodes.RESOURCE_MARKED_FOR_DELETION) serializer = ExperimentReadSerializer(experiment_obj) return Response(serializer.data) else: return BossPermissionError('read', experiment) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except Experiment.DoesNotExist: return BossResourceNotFoundError(experiment)
def delete(self, request, collection, experiment): """ Delete a experiment Args: request: DRF Request object collection: Name of collection experiment: Experiment name to delete Returns: Http status """ try: collection_obj = Collection.objects.get(name=collection) experiment_obj = Experiment.objects.get(name=experiment, collection=collection_obj) if request.user.has_perm("delete", experiment_obj): experiment_obj.delete() # # get the lookup key and delete all the meta data for this object # bosskey = collection + '&' + experiment # lkey = LookUpKey.get_lookup_key(bosskey) # mdb = MetaDB() # mdb.delete_meta_keys(lkey) # delete the lookup key for this object LookUpKey.delete_lookup_key(collection, experiment, None) return HttpResponse(status=204) else: return BossPermissionError('delete', experiment) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except Experiment.DoesNotExist: return BossResourceNotFoundError(experiment) except ProtectedError: return BossHTTPError("Cannot delete {}. It has channels or layers that reference " "it.".format(experiment), ErrorCodes.INTEGRITY_ERROR)
def put(self, request, coordframe): """ Update a coordinate frame using django rest framework Args: request: DRF Request object coordframe: Coordinate frame name Returns: CoordinateFrame """ try: # Check if the object exists coordframe_obj = CoordinateFrame.objects.get(name=coordframe) if request.user.has_perm("update", coordframe_obj): serializer = CoordinateFrameUpdateSerializer(coordframe_obj, data=request.data, partial=True) if serializer.is_valid(): serializer.save() # return the object back to the user coordframe = serializer.data['name'] coordframe_obj = CoordinateFrame.objects.get(name=coordframe) serializer = CoordinateFrameSerializer(coordframe_obj) return Response(serializer.data) else: return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT) else: return BossPermissionError('update', coordframe) except CoordinateFrame.DoesNotExist: return BossResourceNotFoundError(coordframe)
def post(self, request, coordframe): """Create a new coordinate frame View to create a new coordinate frame Args: request: DRF Request object coordframe : Coordinate frame name Returns: CoordinateFrame """ coordframe_data = request.data.copy() coordframe_data['name'] = coordframe serializer = CoordinateFrameSerializer(data=coordframe_data) if serializer.is_valid(): serializer.save(creator=self.request.user) coordframe_obj = CoordinateFrame.objects.get(name=coordframe_data['name']) # Assign permissions to the users primary group and admin group BossPermissionManager.add_permissions_primary_group(self.request.user, coordframe_obj) BossPermissionManager.add_permissions_admin_group(coordframe_obj) return Response(serializer.data, status=status.HTTP_201_CREATED) else: return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT)
def put(self, request, collection): """ Update a collection using django rest framework Args: request: DRF Request object collection: Collection name Returns: Collection """ try: # Check if the object exists collection_obj = Collection.objects.get(name=collection) # Check for permissions if request.user.has_perm("update", collection_obj): serializer = CollectionSerializer(collection_obj, data=request.data, partial=True) if serializer.is_valid(): serializer.save() # update the lookup key if you update the name if 'name' in request.data and request.data['name'] != collection: lookup_key = str(collection_obj.pk) boss_key = request.data['name'] LookUpKey.update_lookup(lookup_key, boss_key, request.data['name']) return Response(serializer.data) else: return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT) else: return BossPermissionError('update', collection) except Collection.DoesNotExist: return BossResourceNotFoundError(collection)
def get(self, request, collection, experiment, channel_layer): """ Retrieve information about a channel. Args: request: DRF Request object collection: Collection name experiment: Experiment name channel_layer: Channel or Layer name Returns : ChannelLayer """ try: collection_obj = Collection.objects.get(name=collection) experiment_obj = Experiment.objects.get(name=experiment, collection=collection_obj) channel_layer_obj = ChannelLayer.objects.get(name=channel_layer, experiment=experiment_obj) # Check for permissions if request.user.has_perm("read", channel_layer_obj): serializer = ChannelLayerSerializer(channel_layer_obj) return Response(serializer.data) else: return BossPermissionError('read', channel_layer) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except Experiment.DoesNotExist: return BossResourceNotFoundError(experiment) except ChannelLayer.DoesNotExist: return BossResourceNotFoundError(channel_layer) except ValueError: return BossHTTPError("Value Error in post data", ErrorCodes.TYPE_ERROR)
def post(self, request, user_name, role_name): """ Assign a role to a user Args: request: Django rest framework request user_name: User name of user to assign role to role_name : Role name of role to assign to user Returns: None """ # DP NOTE: admin role has to be assigned manually in Keycloak if role_name == 'admin': return BossHTTPError("Cannot assign 'admin' role", ErrorCodes.INVALID_ROLE) # DP NOTE: user-manager role can only be modified by an admin if role_name == 'user-manager': resp = check_for_admin(request.user) if resp is not None: return resp try: with KeyCloakClient('BOSS') as kc: response = kc.map_role_to_user(user_name, role_name) return Response(status=201) except KeyCloakError: msg = "Unable to map role '{}' to user '{}' in Keycloak".format( role_name, user_name) return BossKeycloakError(msg)
def delete(self, request, collection, experiment, channel_layer): """ Delete a Channel or a Layer Args: request: DRF Request object collection: Collection name experiment: Experiment name channel_layer: Channel or Layer name Returns : Http status """ try: collection_obj = Collection.objects.get(name=collection) experiment_obj = Experiment.objects.get(name=experiment, collection=collection_obj) channel_layer_obj = ChannelLayer.objects.get(name=channel_layer, experiment=experiment_obj) if request.user.has_perm("delete", channel_layer_obj): channel_layer_obj.delete() # delete the lookup key for this object LookUpKey.delete_lookup_key(collection, experiment, channel_layer) return HttpResponse(status=204) else: return BossPermissionError('delete', channel_layer) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except Experiment.DoesNotExist: return BossResourceNotFoundError(experiment) except ChannelLayer.DoesNotExist: return BossResourceNotFoundError(channel_layer) except ProtectedError: return BossHTTPError("Cannot delete {}. It has layers that reference it.".format(channel_layer), ErrorCodes.INTEGRITY_ERROR)
def post(self, request, group_name, user_name): """ Adds a user to a group Args: request: Django rest framework request group_name: Group name from the request user_name: User name from the request Returns: Http status of the request """ try: group = Group.objects.get(name=group_name) bgroup = BossGroup.objects.get(group=group) # Check the users permissions. if request.user.has_perm("maintain_group", bgroup): usr = User.objects.get(username=user_name) bgroup.group.user_set.add(usr) return HttpResponse(status=204) else: return BossHTTPError( 'The user {} does not have the {} permission on the group {}' .format(request.user.username, 'maintain_group', group_name), ErrorCodes.MISSING_PERMISSION) except Group.DoesNotExist: return BossGroupNotFoundError(group_name) except User.DoesNotExist: return BossUserNotFoundError(user_name)
def get(self, request, collection): """ Get a single instance of a collection Args: request: DRF Request object collection: Collection name specifying the collection you want Returns: Collection """ try: collection_obj = Collection.objects.get(name=collection) # Check for permissions if request.user.has_perm("read", collection_obj): if collection_obj.to_be_deleted is not None: return BossHTTPError("Invalid Request. This Resource has been marked for deletion", ErrorCodes.RESOURCE_MARKED_FOR_DELETION) serializer = CollectionSerializer(collection_obj) return Response(serializer.data, status=200) else: return BossPermissionError('read', collection) except Collection.DoesNotExist: return BossResourceNotFoundError(collection)
def delete(self, request, ingest_job_id): """ Args: request: ingest_job_id: Returns: """ try: ingest_mgmr = IngestManager() ingest_job = ingest_mgmr.get_ingest_job(ingest_job_id) # Check permissions if not self.is_user_or_admin(request, ingest_job): return BossHTTPError( "Only the creator or admin can cancel an ingest job", ErrorCodes.INGEST_NOT_CREATOR) # "DELETED" status is 3 ingest_mgmr.cleanup_ingest_job(ingest_job, 3) blog = BossLogger().logger blog.info("Deleted Ingest Job {}".format(ingest_job_id)) return Response(status=status.HTTP_204_NO_CONTENT) except BossError as err: return err.to_http()
def delete(self, request, user_name, role_name): """ Unasign a role from a user Args: request: Django rest framework request user_name: User name of user to unassign role from role_name : Role name of role to unassign from user Returns: None """ # DP NOTE: admin role has to be removed manually in Keycloak if role_name == 'admin': return BossHTTPError("Cannot remove 'admin' role", ErrorCodes.INVALID_ROLE) # DP NOTE: user-manager role can only be modified by an admin if role_name == 'user-manager': resp = check_for_admin(request.user) if resp is not None: return resp try: with self.get_keycloak_client() as kc: response = kc.remove_role_from_user(user_name, role_name) return Response(status=204) except KeyCloakError: msg = "Unable to remove role '{}' from user '{}' in Keycloak".format( role_name, user_name) return BossKeycloakError(msg)
def post(self, request, collection): """Create a new collection View to create a new collection and an associated bosskey for that collection Args: request: DRF Request object collection : Collection name Returns: Collection """ col_data = request.data.copy() col_data['name'] = collection # Save the object serializer = CollectionSerializer(data=col_data) if serializer.is_valid(): serializer.save(creator=self.request.user) collection_obj = Collection.objects.get(name=col_data['name']) # Assign permissions to the users primary group and admin group BossPermissionManager.add_permissions_primary_group(self.request.user, collection_obj) BossPermissionManager.add_permissions_admin_group(collection_obj) lookup_key = str(collection_obj.pk) boss_key = collection_obj.name LookUpKey.add_lookup(lookup_key, boss_key, collection_obj.name) return Response(serializer.data, status=status.HTTP_201_CREATED) else: return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT)
def delete(self, request, collection, experiment=None, channel=None): """ View to handle the delete requests for metadata Args: request: DRF Request object collection: Collection name. Default = None experiment: Experiment name. Default = None channel: Channel name . Default = None Returns: """ if 'key' not in request.query_params: return BossHTTPError( "Missing optional argument key in the request", ErrorCodes.INVALID_POST_ARGUMENT) try: # Create the request dict request_args = { "service": "meta", "collection_name": collection, "experiment_name": experiment, "channel_name": channel, "key": request.query_params['key'], } req = BossRequest(request, request_args) lookup_key = req.get_lookup_key() except BossError as err: return err.to_http() if not lookup_key: return BossHTTPError( "Invalid request. Unable to parse the datamodel arguments", ErrorCodes.INVALID_POST_ARGUMENT) mkey = request.query_params['key'] # Delete metadata from the dynamodb database mdb = metadb.MetaDB() response = mdb.delete_meta(lookup_key, mkey) if 'Attributes' in response: return HttpResponse(status=204) else: return BossHTTPError("[ERROR]- Key {} not found ".format(mkey), ErrorCodes.INVALID_POST_ARGUMENT)
def post(self, request, group_name, user_name): """ Adds a maintainer to a group Args: request: Django rest framework request group_name: Group name from the request user_name: User name from the request Returns: Http status of the request """ try: if group_name == 'public' or group_name == 'admin': return BossHTTPError( 'Cannot add a maintainer to the group {}. This is an admin managed group' .format(group_name), ErrorCodes.BAD_REQUEST) if user_name is None: return BossHTTPError('Missing username in post.', ErrorCodes.INVALID_URL) group = Group.objects.get(name=group_name) bgroup = BossGroup.objects.get(group=group) # Check the users permissions. if request.user.has_perm("maintain_group", bgroup): usr = User.objects.get(username=user_name) # assign permissions to the creator of the group group_perms = [ perm.codename for perm in get_perms_for_model(BossGroup) ] for permission in group_perms: assign_perm(permission, usr, bgroup) return HttpResponse(status=204) else: return BossHTTPError( 'The user {} does not have the {} permission on the group {}' .format(request.user.username, 'maintain_group', group_name), ErrorCodes.MISSING_PERMISSION) except Group.DoesNotExist: return BossGroupNotFoundError(group_name) except User.DoesNotExist: return BossUserNotFoundError(user_name)
def check_for_admin(user): bpm = BossPrivilegeManager(user) if not bpm.has_role('admin'): return BossHTTPError( str(user) + " does not have the required role 'admin'", ErrorCodes.MISSING_ROLE) else: return None
def post(self, request, group_name, collection, experiment=None, channel_layer=None): """ Add permissions to a resource Add new permissions for a existing group and resource object Args: request: Django rest framework request group_name: Group name of an existing group collection: Collection name from the request experiment: Experiment name from the request channel_layer: Channel or layer name from the request Returns: Http status code """ if 'permissions' not in request.data: return BossHTTPError("Permission are not included in the request", ErrorCodes.INCOMPLETE_REQUEST) else: perm_list = dict(request.data)['permissions'] try: obj = self.get_object(collection, experiment, channel_layer) if request.user.has_perm("assign_group", obj): BossPermissionManager.add_permissions_group( group_name, obj, perm_list) return Response(status=status.HTTP_201_CREATED) else: return BossPermissionError('assign group', collection) except Group.DoesNotExist: return BossGroupNotFoundError(group_name) except Permission.DoesNotExist: return BossHTTPError( "Invalid permissions in post".format( request.data['permissions']), ErrorCodes.UNRECOGNIZED_PERMISSION) except BossError as err: return err.to_http()