Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/feature/data_manager' into gtc-2822
Browse files Browse the repository at this point in the history
  • Loading branch information
@danscales
danscales committed May 10, 2024
2 parents 953ac3a + 302db98 commit 7c81f3f
Show file tree
Hide file tree
Showing 7 changed files with 33 additions and 24 deletions.
2 changes: 1 addition & 1 deletion app/authentication/token.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ async def get_manager(user: User = Depends(get_user)) -> User:
"""Get the details for authenticated MANAGER for data-api application or
ADMIN user."""

if user.role != "ADMIN" or user.role != "MANAGER":
if user.role != "ADMIN" and user.role != "MANAGER":
raise HTTPException(status_code=401, detail="Unauthorized write access to a dataset/version/asset by a user who is not an admin or data manager")

return user
3 changes: 2 additions & 1 deletion app/models/pydantic/authentication.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@ class User(StrictBaseModel):
email: EmailStr
createdAt: datetime
role: str
applications: List[str]
provider: str
providerId: Optional[str]
extraUserData: Dict[str, Any]


Expand Down
1 change: 1 addition & 0 deletions app/routes/datasets/dataset.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ async def get_owner(

if user.role == "ADMIN":
return user

dataset_row: ORMDataset = await datasets.get_dataset(dataset)
owner: str = dataset_row.owner_id
if owner != user.id:
Expand Down
37 changes: 20 additions & 17 deletions app/routes/datasets/versions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@

from collections import defaultdict
from copy import deepcopy
from typing import Any, Dict, List, Optional, Sequence, Tuple, Union
from typing import Any, Dict, List, Optional, Sequence, Tuple, Union, cast
from urllib.parse import urlparse

from fastapi import (
Expand All @@ -26,7 +26,6 @@
from fastapi.logger import logger
from fastapi.responses import ORJSONResponse

from ...authentication.token import is_admin
from ...crud import assets
from ...crud import metadata as metadata_crud
from ...crud import versions
Expand All @@ -35,12 +34,11 @@
from ...models.orm.assets import Asset as ORMAsset
from ...models.orm.versions import Version as ORMVersion
from ...models.pydantic.asset_metadata import (
FieldMetadata,
FieldMetadataOut,
FieldsMetadataResponse,
RasterBandMetadata,
RasterBandsMetadataResponse,
)
from ...models.pydantic.authentication import User
from ...models.pydantic.change_log import ChangeLog, ChangeLogResponse
from ...models.pydantic.creation_options import (
CreationOptions,
Expand Down Expand Up @@ -70,8 +68,8 @@
from ...tasks.delete_assets import delete_all_assets
from ...utils.aws import get_aws_files
from ...utils.google import get_gs_files
from .dataset import get_owner
from .queries import _get_data_environment
from typing import cast

router = APIRouter()

Expand Down Expand Up @@ -122,12 +120,14 @@ async def add_new_version(
version: str = Depends(version_dependency),
request: VersionCreateIn,
background_tasks: BackgroundTasks,
is_authorized: bool = Depends(is_admin),
user: User = Depends(get_owner),
response: Response,
):
"""Create a version for a given dataset by uploading the geospatial/tabular asset.
"""Create a version for a given dataset by uploading the geospatial/tabular
asset.
Only the dataset's owner or a user with `ADMIN` user role can do this operation.
Only the dataset's owner or a user with `ADMIN` user role can do
this operation.
"""

input_data = request.dict(exclude_none=True, by_alias=True)
Expand Down Expand Up @@ -171,7 +171,7 @@ async def update_version(
dv: Tuple[str, str] = Depends(dataset_version_dependency),
request: VersionUpdateIn,
background_tasks: BackgroundTasks,
is_authorized: bool = Depends(is_admin),
user: User = Depends(get_owner),
):
"""Partially update a version of a given dataset.
Expand Down Expand Up @@ -219,7 +219,7 @@ async def append_to_version(
dv: Tuple[str, str] = Depends(dataset_version_dependency),
request: VersionAppendIn,
background_tasks: BackgroundTasks,
is_authorized: bool = Depends(is_admin),
user: User = Depends(get_owner),
):
"""Append new data to an existing (geo)database table.
Expand Down Expand Up @@ -262,7 +262,7 @@ async def append_to_version(
async def delete_version(
*,
dv: Tuple[str, str] = Depends(dataset_version_dependency),
is_authorized: bool = Depends(is_admin),
user: User = Depends(get_owner),
background_tasks: BackgroundTasks,
):
"""Delete a version.
Expand Down Expand Up @@ -413,12 +413,13 @@ async def get_metadata(
async def create_metadata(
*,
dv: Tuple[str, str] = Depends(dataset_version_dependency),
is_authorized: bool = Depends(is_admin),
user: User = Depends(get_owner),
request: VersionMetadataIn,
):
"""Create a metadata record for a dataset version.
Only the dataset's owner or a user with `ADMIN` user role can do this operation.
Only the dataset's owner or a user with `ADMIN` user role can do
this operation.
"""
dataset, version = dv
input_data = request.dict(exclude_none=True, by_alias=True)
Expand All @@ -441,11 +442,12 @@ async def create_metadata(
async def delete_metadata(
*,
dv: Tuple[str, str] = Depends(dataset_version_dependency),
is_authorized: bool = Depends(is_admin),
user: User = Depends(get_owner),
):
"""Delete metadata record for a dataset version.
Only the dataset's owner or a user with `ADMIN` user role can do this operation.
Only the dataset's owner or a user with `ADMIN` user role can do
this operation.
"""
dataset, version = dv

Expand All @@ -468,12 +470,13 @@ async def delete_metadata(
async def update_metadata(
*,
dv: Tuple[str, str] = Depends(dataset_version_dependency),
is_authorized: bool = Depends(is_admin),
user: User = Depends(get_owner),
request: VersionMetadataUpdate,
):
"""Update metadata record for a dataset version.
Only the dataset's owner or a user with `ADMIN` user role can do this operation.
Only the dataset's owner or a user with `ADMIN` user role can do
this operation.
"""
dataset, version = dv
input_data = request.dict(exclude_none=True, by_alias=True)
Expand Down
2 changes: 1 addition & 1 deletion terraform/vars/terraform-staging.tfvars
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
environment = "staging"
log_level = "info"
service_url = "https://staging-data-api.globalforestwatch.org"
rw_api_url = "https://staging-api.resourcewatch.org"
rw_api_url = "https://api.resourcewatch.org"
desired_count = 1
auto_scaling_min_capacity = 1
auto_scaling_max_capacity = 15
Expand Down
3 changes: 2 additions & 1 deletion tests/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -321,7 +321,8 @@ async def get_manager_mocked() -> User:
email="[email protected]",
createdAt="2021-06-13T03:18:23.000Z",
role="MANAGER",
applications=[],
provider="local",
providerId="123",
extraUserData={},
)

Expand Down
9 changes: 6 additions & 3 deletions tests_v2/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,8 @@ async def get_user_mocked() -> User:
email="[email protected]",
createdAt="2021-06-13T03:18:23.000Z",
role="USER",
applications=[],
provider="local",
providerId="1234",
extraUserData={},
)

Expand All @@ -52,7 +53,8 @@ async def get_admin_mocked() -> User:
email="[email protected]",
createdAt="2021-06-13T03:18:23.000Z",
role="ADMIN",
applications=[],
provider="google",
providerId="1234",
extraUserData={},
)

Expand All @@ -64,7 +66,8 @@ async def get_manager_mocked() -> User:
email="[email protected]",
createdAt="2021-06-13T03:18:23.000Z",
role="MANAGER",
applications=[],
provider="local",
providerId="1234",
extraUserData={},
)

Expand Down

0 comments on commit 7c81f3f

Please sign in to comment.