Commit 4924cedd authored by louis kleverman's avatar louis kleverman

updated wps to have the licenced flag and update resource

parent 03e17e8f
......@@ -19,6 +19,13 @@ def public_processor():
"permission" : "allow"
}
def licenced_processor():
return {
"entity" : "member",
"operations": ["GET"],
"permission" : "allow"
}
def create_resource(resource,resource_type,acl=[],owner="admin"):
if(not resource or not resource_type):
return False
......@@ -83,14 +90,18 @@ def delete_processor_resource(resource):
})
def update_processor_visibility(proc_id, prev_visibility, new_visibility):
def update_processor_visibility(proc_id, prev_visibility, new_visibility,licenced=False,prev_licenced=False):
if(not proc_id or not prev_visibility or not new_visibility ):
log.debug('UPDATE PROC VISIBILITY MISSING PARAMS')
return False
resource = "processor:%s" % str(proc_id)
log.debug(' --------CHECK %s (prev == %s and new == %s ' % (resource,prev_visibility,new_visibility) )
# resource = "processor:%s" % str(proc_id)
# log.debug("PASSED VALUES : id : %s prev_visibility : %s new_visibility : %s licenced : %s prev_licenced : %s" % (
# proc_id, prev_visibility, new_visibility,licenced,prev_licenced
# ))
# log.debug(' --------CHECK %s (prev == %s and new == %s ' % (resource,prev_visibility,new_visibility) )
try:
# PRIVATE TO PUBLIC
if(prev_visibility == 1 and new_visibility == ProcessorVisibility.PUBLIC ):
log.debug(' ------------------ UPDATING VISIBILITY PRIVATE => PUBLIC')
......@@ -106,12 +117,56 @@ def update_processor_visibility(proc_id, prev_visibility, new_visibility):
return False
acl = res['acl']
acl.append(public_processor())
new_acl = licenced_processor() if licenced else public_processor()
acl.append(new_acl)
return update_resource(resource,{
"acl":acl
})
if(prev_visibility == 3 and new_visibility == 3 and licenced != prev_licenced):
log.debug(' ------------------ UPDATING LICENCED ACL ' + str(prev_licenced) +' =>' + str(licenced))
# get member id
r_member = requests.get(
"http://user-manager-api:8000/api/v1/groups/member?populate=false",
headers={
"Token":os.environ['SCHEDULER_TOKEN']
}
)
member_id = (json.loads(r_member.text))['_id']
if r_member.status_code != 200:
return False
# get resource's acls
r = requests.get(
"http://user-manager-api:8000/api/v1/resources/%s?populate=false" % (resource),
headers={
"Token":os.environ['SCHEDULER_TOKEN']
}
)
res = json.loads(r.text)
if r.status_code != 200:
return False
prev_acl = licenced_processor() if prev_licenced else public_processor()
new_acl = licenced_processor() if licenced else public_processor()
acl = [
a for a in res['acl'] if not ( a['entity'] == member_id and a['permission'] == "allow" and json.dumps(prev_acl['operations']) == json.dumps(a['operations']))
]
acl.append(new_acl)
log.debug('NEW ACL : %r' % acl)
return update_resource(resource,{
"acl":acl
})
# PUBLIC TO PRIVATE
elif(prev_visibility == 3 and (new_visibility == ProcessorVisibility.PRIVATE or new_visibility == ProcessorVisibility.PRIVATE_LOCKED )):
log.debug(' ------------------- UPDATING VISIBILITY PUBLIC => PRIVATE')
......@@ -136,7 +191,8 @@ def update_processor_visibility(proc_id, prev_visibility, new_visibility):
res = json.loads(r.text)
if r.status_code != 200:
return False
member_acl = public_processor()
member_acl = licenced_processor() if prev_licenced else public_processor()
acl = [
a for a in res['acl'] if not ( a['entity'] == member_id and a['permission'] == "allow" and json.dumps(member_acl['operations']) == json.dumps(a['operations']))
......
......@@ -60,7 +60,7 @@ from ctep.scheduler.backends.dpmc import DpmcClient
from ctep.util import truthy
from ctep.acl.allowed_resources import allowed_resources
from ctep.acl.resource import create_resource,public_processor,delete_processor_resource,update_processor_visibility
from ctep.acl.resource import create_resource,public_processor,licenced_processor,delete_processor_resource,update_processor_visibility
log = logging.getLogger(__name__)
......@@ -79,6 +79,7 @@ def jsonify_processor(proc: Processor, include_admin_fields=False, include_appro
'id': proc.id,
'name': proc.name,
'description': proc.description,
'licenced': proc.licenced,
'parameters': proc.parameters,
'multiProcessingInput': proc.multi_processing_input,
'visibility': ProcessorVisibility(proc.visibility),
......@@ -109,6 +110,7 @@ processor_schema = Schema({
'id': int,
'name': str,
'description': str,
'licenced':bool,
'parameters': config_schema,
'multiProcessingInput': Or(str, None),
'visibility': And(ProcessorVisibility, Use(lambda v: v.name)),
......@@ -127,6 +129,7 @@ processor_create_schema = Schema({
'name': str,
'description': str,
'parameters': config_schema,
Optional('licenced', default=False): bool,
Optional('multiProcessingInput', default=None): Or(str, None),
Optional('visibility', default=ProcessorVisibility.PRIVATE): And(str, Use(ProcessorVisibility.__getitem__)),
Optional('persistent_path'): Or(str, None),
......@@ -187,6 +190,7 @@ class ProcessorsRootHandler(JsonApiHandler):
new_processor = await db.create(Processor,
user=self.current_user,
name=self.body['name'],
licenced=self.body.get('licenced'),
description=self.body['description'],
status=ProcessorStatus.WAITING_FOR_BINARY,
multi_processing_input=multi_processing_input,
......@@ -202,7 +206,13 @@ class ProcessorsRootHandler(JsonApiHandler):
if(multi_processing_input is not None and not new_processor.check_multi_processing_input()):
raise HTTPError(HTTPStatus.BAD_REQUEST)
acl = public_processor() if new_processor.visibility == 3 else []
if new_processor.visibility == 3:
if new_processor.licenced:
acl = licenced_processor()
else:
acl = public_processor()
else:
acl = []
resource_creation = create_resource( ("processor:%s"%(new_processor.id)) , "processors" ,acl , self.current_user.name )
if( not resource_creation ):
......@@ -219,6 +229,7 @@ class ProcessorsRootHandler(JsonApiHandler):
processor_update_schema = Schema({
Optional('name'): str,
Optional('description'): str,
Optional('licenced'): bool,
Optional('parameters'): config_schema,
Optional('multiProcessingInput', default=None): Or(str, None),
Optional('visibility'): And(str, Use(ProcessorVisibility.__getitem__)),
......@@ -242,7 +253,7 @@ class ProcessorHandler(JsonApiHandler):
proc = await db.get(Processor.select(Processor, User)
.join(User)
.where(
(Processor.id == proc_id)
(Processor.id == proc_id)
# & (self.current_user.admin | (Processor.user == self.current_user))
& (Processor.status != ProcessorStatus.DELETED)
)
......@@ -287,18 +298,33 @@ class ProcessorHandler(JsonApiHandler):
if 'visibility' in self.body:
# Only admins can LOCK or UNLOCK
if self.current_user.admin:
log.debug("POCESSOR VISI BEFORE : %r " % processor.visibility )
update_processor_visibility(processor.id, processor.visibility, self.body['visibility'] )
licenced = self.body['licenced'] if 'licenced' in self.body else processor.licenced
# log.debug("POCESSOR LICENCE : %r " % licenced )
# log.debug("POCESSOR VISI BEFORE : %r " % processor.visibility )
update_processor_visibility(processor.id, processor.visibility, self.body['visibility'],licenced, processor.licenced )
processor.visibility = self.body['visibility']
processor.licenced = self.body['licenced']
else:
if processor.visibility == ProcessorVisibility.PRIVATE_LOCKED:
raise HTTPError(HTTPStatus.FORBIDDEN)
elif self.body['visibility'] == ProcessorVisibility.PRIVATE_LOCKED:
raise HTTPError(HTTPStatus.FORBIDDEN)
else:
log.debug("POCESSOR VISI BEFORE : %r " % processor.visibility )
update_processor_visibility(processor.id, processor.visibility, self.body['visibility'] )
licenced = self.body['licenced'] if 'licenced' in self.body else processor.licenced
# log.debug("POCESSOR VISI BEFORE : %r " % processor.visibility )
# log.debug("POCESSOR LICENCE : %r " % licenced )
update_processor_visibility(processor.id, processor.visibility, self.body['visibility'], licenced, processor.licenced )
processor.visibility = self.body['visibility']
processor.licenced = self.body['licenced']
elif 'licenced' in self.body:
# Only admins can LICENCE or UNLICENCE
if self.current_user.admin:
# log.debug(' GOT IN CHANGE LICENCE TO %s ' % (self.body['licenced']) )
update_processor_visibility(processor.id, processor.visibility, processor.visibility, self.body['licenced'], processor.licenced )
processor.licenced = self.body['licenced']
else:
raise HTTPError(HTTPStatus.FORBIDDEN)
if 'persistent_path' in self.body:
# Only admins can set this
......
......@@ -94,6 +94,7 @@ def jsonify_processor(processor, expanded=False):
processor_info = {} if not expanded else {
'owner_id': processor['user_id'],
'name': processor['name'],
'licenced': processor['licenced'],
'description': processor['description'],
'status': ProcessorStatus(processor['status']).name,
#'parameters': processor.parameters,
......
......@@ -46,3 +46,5 @@ class CurrentUserHandler(JsonApiHandler):
"admin": self.current_user.admin,
}
......@@ -34,7 +34,7 @@ from .model import User, Settings, all_tables
log = logging.getLogger(__name__)
CURRENT_VERSION = 13
CURRENT_VERSION = 14
MODEL_VERSION_KEY = 'model_version'
......@@ -166,6 +166,12 @@ def migrate_13():
('''ALTER TABLE public."wps_task" ADD COLUMN "input_size" BIGINT DEFAULT NULL''', [])
]
def migrate_14():
# Add licenced processors
return [
('''ALTER TABLE public."wps_processor" ADD COLUMN "licenced" BOOLEAN DEFAULT FALSE''', []),
]
migrations = {
2: migrate_2,
3: migrate_3,
......@@ -179,6 +185,7 @@ migrations = {
11: migrate_11,
12: migrate_12,
13: migrate_13,
14: migrate_14,
}
......
......@@ -89,6 +89,7 @@ class User(BaseModel):
class Processor(BaseModel):
user = ForeignKeyField(db_column='user_id', null=False, rel_model=User, to_field='id')
name = CharField(null=False)
licenced = BooleanField(default=False)
description = TextField(null=False)
status = IntegerField(null=False, default=ProcessorStatus.WAITING_FOR_BINARY)
parameters = JSONField(null=False)
......
......@@ -309,6 +309,7 @@ class ProcessorEditor extends Component {
hasApproved: !(processor.approved == undefined || processor.approved == null),
persistentPath: processor.persistentpath !== null ? processor.persistent_path : '',
approved: processor.approved !== null ? processor.approved : false,
licenced: processor.licenced !== null ? processor.licenced : false,
inputs: inputlist,
editing: true,
......@@ -414,6 +415,7 @@ class ProcessorEditor extends Component {
if (state.current_user && state.current_user.access && state.current_user.access.admin === 1) {
desc.persistent_path = this.state.persistentPath;
desc.approved = this.state.approved;
desc.licenced = this.state.licenced;
}
console.log('saving processor', desc);
......@@ -566,6 +568,17 @@ class ProcessorEditor extends Component {
</FormGroup>
</Col>
</FormGroup> : null}
{state.current_user && state.current_user.access && state.current_user.access.admin === 1 ?
<FormGroup row>
<Label for="processorLicenced" sm={2}>Licenced</Label>
<Col sm={10}>
<FormGroup check>
<Label check>
<Input type="checkbox" checked={this.state.licenced} onChange={(e) => this.onFieldChange('licenced', e.target.checked)}></Input> Make this processor licenced
</Label>
</FormGroup>
</Col>
</FormGroup> : null}
</Form>
</Col>
</Row>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment