Skip to content

Fine Grained access rights #1310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 182 commits into from
May 6, 2020
Merged

Fine Grained access rights #1310

merged 182 commits into from
May 6, 2020

Conversation

odeimaiz
Copy link
Member

@odeimaiz odeimaiz commented Feb 24, 2020
edited by sanderegg
Loading

What do these changes do?

Frontend

  • Sharing resources with: (by @odeimaiz)
    • Everyone
    • My organization
    • Private
  • fixes call to create as_template not passing the uuid (by @sanderegg)

Database: (by @sanderegg)

  • modifications in projects table, prj_owner is still an email but now there is a a user id - foreign key instead of e-mail, add access_rights column containing JSON about gid:rights + creation/last modified date automatically set by postgres
  • new groups table, contain groups id, name, description, type (standard, primary, everyone), creation/modification dates
  • new user_to_groups table, contain links between user and groups, creation/modification dates
  • modifications in users table, add primary_gid column
  • added triggers in postgres that automatically create the primary group when a user is created
  • added triggers in postgres that protect the all group from deletion
  • migration scripts for all these points (migrate project table, migrate users table) through alembic

Webserver: (by @sanderegg)

  • modification of the /me endpoint to retrieve the groups
  • fixes cloning of project not changing the path to simcore-s3 files

Bonus

  • Templates and Studies are collapsible
  • More uniform fonts throughout Study Browser
  • added import-db recipe to allow copying a database from a remote host in order to test migration

Related issue number

ITISFoundation/osparc-issues#22
closes #1437
closes #1344
closes #1459
closes #1486

SaveAsTemplate

How to test

Checklist

  • Did you change any service's API? Then make sure to bundle document and upgrade version (make openapi-specs, git commit ... and then make version-*)
  • Unit tests for the changes exist
  • Runs in the swarm
  • Documentation reflects the changes
  • New module? Add your github username to .github/CODEOWNERS

@odeimaiz odeimaiz self-assigned this Feb 24, 2020
@codecov
Copy link

codecov bot commented Feb 24, 2020
edited
Loading

Codecov Report

Merging #1310 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1310   +/-   ##
=======================================
  Coverage   59.33%   59.33%           
=======================================
  Files         187      187           
  Lines        7351     7351           
  Branches      798      798           
=======================================
  Hits         4362     4362           
  Misses       2776     2776           
  Partials      213      213
Flag Coverage Δ
#integrationtests 58.36% <0.00%> (ø)
#unittests 70.57% <0.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d94c927...d94c927. Read the comment docs.

@odeimaiz odeimaiz added this to the Mithos milestone Feb 24, 2020
@odeimaiz odeimaiz added the a:frontend issue affecting the front-end (area group) label Feb 24, 2020
@odeimaiz odeimaiz mentioned this pull request Feb 26, 2020
Closed
1 task
@odeimaiz odeimaiz modified the milestones: Mithos, Dim Sum Mar 31, 2020
@sanderegg sanderegg mentioned this pull request May 5, 2020
Merged
7 tasks
@odeimaiz odeimaiz requested a review from ignapas May 5, 2020 13:58
sanderegg and others added 4 commits May 5, 2020 16:44
@sanderegg
typo
3c6caf8
@odeimaiz
typo (thanks @sanderegg)
1af1ecc
@sanderegg
fixes create as template not changing the project file paths
90b82fd
@odeimaiz
Merge pull request #67 from sanderegg/odeimaiz-feature/user-access-ri…
0537c0b 
…ghts

- fixes call to create as_template not passing the uuid
- fixes cloning of project not changing the path to simcore-s3 files
@odeimaiz odeimaiz changed the title WIP: User access rights WIP: Fine Grained access rights May 5, 2020
@sanderegg sanderegg changed the title WIP: Fine Grained access rights Fine Grained access rights May 5, 2020
@sanderegg sanderegg requested review from pcrespov, GitHK and mguidon May 5, 2020 16:05
@sanderegg sanderegg self-assigned this May 5, 2020
@sanderegg sanderegg removed their request for review May 5, 2020 16:05
pcrespov
pcrespov approved these changes May 6, 2020
View reviewed changes
Copy link
Member

@pcrespov pcrespov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very well done guys! Excellent work in a record time!

mguidon
mguidon approved these changes May 6, 2020
View reviewed changes
Copy link
Member

@mguidon mguidon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Beautiful!

packages/postgres-database/tests/test_groups.py
with pytest.raises(UniqueViolation, match="user_to_groups_uid_gid_key"):
await conn.execute(
user_to_groups.insert().values(uid=ringo.id, gid=rory_group.gid)
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interesting what one can learn about music history during code reviews...

@odeimaiz odeimaiz merged commit 05bd572 into ITISFoundation:master May 6, 2020
@odeimaiz odeimaiz deleted the feature/user-access-rights branch May 19, 2020 07:54
@sanderegg sanderegg mentioned this pull request May 26, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sanderegg sanderegg sanderegg left review comments

@pcrespov pcrespov pcrespov approved these changes

@mguidon mguidon mguidon approved these changes

@ignapas ignapas Awaiting requested review from ignapas

@GitHK GitHK Awaiting requested review from GitHK GitHK is a code owner

Assignees

@odeimaiz odeimaiz

@sanderegg sanderegg

Labels
a:database associated to postgres service and postgres-database package a:frontend issue affecting the front-end (area group) a:webserver issue related to the webserver service
Projects
None yet
Milestone
Zhong Zi
5 participants
@odeimaiz @ignapas @pcrespov @mguidon @sanderegg