-
Notifications
You must be signed in to change notification settings - Fork 72
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Registered group implementation (#334)
* Registered group implementation * Group create/update changed * Fixed migration * Added comments to capabilities * Apply suggestions from code review Co-authored-by: msm-code <msm@tailcall.net> * Update mwdb/resources/auth.py * Update mwdb/core/capabilities.py Co-authored-by: msm-code <msm@tailcall.net> * Apply suggestions from code review Co-authored-by: msm-code <msm@tailcall.net> Co-authored-by: msm-code <msm@tailcall.net>
- Loading branch information
Showing
19 changed files
with
321 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
34 changes: 34 additions & 0 deletions
34
mwdb/model/migrations/versions/e304b81836b0_add_group_default_and_group_workspace_.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
"""Add Group.default and Group.workspace fields | ||
Revision ID: e304b81836b0 | ||
Revises: c8ba40a69421 | ||
Create Date: 2021-03-30 16:51:19.733285 | ||
""" | ||
import sqlalchemy as sa | ||
from alembic import op | ||
|
||
# revision identifiers, used by Alembic. | ||
revision = "e304b81836b0" | ||
down_revision = "c8ba40a69421" | ||
branch_labels = None | ||
depends_on = None | ||
|
||
|
||
def upgrade(): | ||
op.add_column("group", sa.Column("default", sa.Boolean(), nullable=True)) | ||
op.execute('UPDATE "group" SET "default"=TRUE WHERE name=\'public\'') | ||
op.execute('UPDATE "group" SET "default"=FALSE WHERE name<>\'public\'') | ||
op.alter_column("group", "default", existing_type=sa.Boolean(), nullable=False) | ||
|
||
op.add_column("group", sa.Column("workspace", sa.Boolean(), nullable=True)) | ||
op.execute('UPDATE "group" SET "workspace"=FALSE WHERE name=\'public\'') | ||
op.execute('UPDATE "group" SET "workspace"=TRUE WHERE name<>\'public\'') | ||
op.alter_column("group", "workspace", existing_type=sa.Boolean(), nullable=False) | ||
|
||
|
||
def downgrade(): | ||
# ### commands auto generated by Alembic - please adjust! ### | ||
op.drop_column("group", "workspace") | ||
op.drop_column("group", "default") | ||
# ### end Alembic commands ### |
97 changes: 97 additions & 0 deletions
97
mwdb/model/migrations/versions/f4ccb4be2170_create_registered_group_if_database_is_.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
"""Create 'registered' group if database is empty | ||
Revision ID: f4ccb4be2170 | ||
Revises: e304b81836b0 | ||
Create Date: 2021-03-30 16:52:07.740584 | ||
""" | ||
import logging | ||
|
||
import sqlalchemy as sa | ||
from alembic import op | ||
from sqlalchemy.dialects.postgresql.array import ARRAY | ||
|
||
# revision identifiers, used by Alembic. | ||
revision = "f4ccb4be2170" | ||
down_revision = "e304b81836b0" | ||
branch_labels = None | ||
depends_on = None | ||
|
||
logger = logging.getLogger("alembic") | ||
|
||
group_helper = sa.Table( | ||
"group", | ||
sa.MetaData(), | ||
sa.Column("id", sa.Integer()), | ||
sa.Column("name", sa.String(32)), | ||
sa.Column("capabilities", ARRAY(sa.Text())), | ||
sa.Column("private", sa.Boolean()), | ||
sa.Column("default", sa.Boolean()), | ||
sa.Column("workspace", sa.Boolean()), | ||
) | ||
|
||
user_helper = sa.Table( | ||
"user", | ||
sa.MetaData(), | ||
sa.Column("id", sa.Integer()), | ||
) | ||
|
||
member_helper = sa.Table( | ||
"member", | ||
sa.MetaData(), | ||
sa.Column("user_id", sa.Integer()), | ||
sa.Column("group_id", sa.Integer()), | ||
sa.Column("group_admin", sa.Boolean()), | ||
) | ||
|
||
|
||
def upgrade(): | ||
# If 'public' doesn't exist: assume that there are no builtin objects at all | ||
# They will be created by 'mwdb-core configure' initializer | ||
connection = op.get_bind() | ||
public_group = connection.execute( | ||
group_helper.select().where(group_helper.c.name == "public") | ||
).fetchone() | ||
if not public_group: | ||
logger.warning( | ||
"'public' group doesn't exist: assuming there are no objects to migrate" | ||
) | ||
return | ||
|
||
# Create 'registered' group with 'public' capabilities and some extra ones | ||
logger.info("Creating 'registered' group") | ||
registered_group_id = next( | ||
connection.execute( | ||
group_helper.insert().returning(group_helper.c.id), | ||
name="registered", | ||
capabilities=( | ||
public_group.capabilities | ||
+ ["adding_files", "manage_profile", "personalize"] | ||
), | ||
private=False, | ||
default=True, | ||
workspace=False, | ||
) | ||
).id | ||
|
||
# 'public' capabilities will be moved to 'registered' group | ||
logger.info("Wiping 'public' group capabilities") | ||
connection.execute( | ||
group_helper.update() | ||
.where(group_helper.c.name == "public") | ||
.values(capabilities=[]) | ||
) | ||
|
||
# Add all users to 'registered' group | ||
logger.info("Adding all existing users to 'registered' group") | ||
for user in connection.execute(user_helper.select()): | ||
connection.execute( | ||
member_helper.insert(), | ||
user_id=user.id, | ||
group_id=registered_group_id, | ||
group_admin=False, | ||
) | ||
|
||
|
||
def downgrade(): | ||
raise NotImplementedError("This migration is not downgradable") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.