Add sego expert role (#147)

* Add sego expert role

* Fix sego expert destroy test

* Refactor sego expert as general role

* Fix optim vie for sego experts

* Bump 1.25.4

CHANGELOG

@@ -4,6 +4,8 @@
 <ul>
   <li>Manage integer variables by using <a href="https://joss.theoj.org/papers/10.21105/joss.04737">egobox</a> for mixed
     integer LHS DOE and Egor optimizer</li>
+  <li>Authorize optimizations list read access to SEGO experts</li>
+  <li>Authorize any optimization read access given its id to any user</li>
   <li>Fix bug in event journalization occuring when analysis notes length is more than 255 chars</li>
   <li>Fix error display styling in anaylsis edition</li>
   <li>[Tech] Upgrade frontend: React Table v8</li>

VERSION

@@ -1 +1 @@
-1.25.3
+1.25.4

app/controllers/optimizations_controller.rb

@@ -133,7 +133,7 @@ def update
       elsif @optimization.save
         redirect_to optimization_path(@optimization), notice: "Optimization update was succesful, added #{params[:optimization][:inputs][:x].length} inputs"
       else
-        redirect_to optimization_path(@optimization), alert: "Optimization update failed due to an unkown error"
+        redirect_to optimization_path(@optimization), alert: "Optimization update failed due to an unknown error"
       end
     end
   end

app/models/optimization.rb

@@ -15,14 +15,15 @@ class OptimizationError < Exception; end
     "SEGMOOMOE" => WhatsOpt::Services::OptimizerKind::SEGMOOMOE
   }
 
+  UNKNOWN_STATUS = -3
   OPTIMIZATION_ERROR = -2
   PENDING = -1
   VALID_POINT = 0
   INVALID_POINT = 1
   RUNTIME_ERROR = 2
   SOLUTION_REACHED = 3
   RUNNING = 4
-  OPTIMIZER_STATUS = [VALID_POINT, INVALID_POINT, RUNTIME_ERROR, SOLUTION_REACHED, RUNNING, PENDING, OPTIMIZATION_ERROR]
+  OPTIMIZER_STATUS = [VALID_POINT, INVALID_POINT, RUNTIME_ERROR, SOLUTION_REACHED, RUNNING, PENDING, OPTIMIZATION_ERROR, UNKNOWN_STATUS]
 
   MAX_OPTIM_NUMBER = 20
 
@@ -140,6 +141,10 @@ def perform
     log_error("#{err}: #{err.message}") # asynchronous: just set error state and log the error
   end
 
+  def safe_status
+    OPTIMIZER_STATUS[self.status]
+  end
+
   def destroy_optimizer
     self.proxy.destroy_optimizer
   end 

app/models/user.rb

@@ -46,6 +46,10 @@ def admin?
     @admin ||= has_role?(:admin)
   end
 
+  def sego_expert?
+    @sego_expert ||= has_role?(:sego_expert)
+  end
+
   def reset_api_key!
     generate_api_key
     save

app/policies/optimization_policy.rb

@@ -3,7 +3,7 @@
 class OptimizationPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
-      if user.admin?
+      if user.admin? || user.sego_expert?
         scope.all
       else
         scope.with_role(:owner, user)
@@ -15,20 +15,16 @@ def create?
     true
   end
 
-  def index?
-    show?
-  end
-
   def show?
-    (@user.admin? || @user.has_role?(:owner, @record))
+    true
   end
 
   def update?
-    @user.has_role?(:owner, @record)
+    (@user.admin? || @user.has_role?(:owner, @record))
   end
 
   def destroy?
-    show?
+    (@user.admin? || @user.has_role?(:owner, @record))
   end
 
   def select?

app/views/optimizations/_optimizations.html.erb

@@ -12,7 +12,7 @@
       <th style="15%">History</th>
       <th style="20%">Status</th>
       <th style="20%">Created</th>
-<% if current_user.admin? %>
+<% if current_user.admin? || current_user.sego_expert? %>
       <th>Owner</th>
 <% end %>
     </tr>
@@ -37,7 +37,7 @@
         <i class="<%= status_display(optim.outputs["status"])[1] %>"></i>
       </a></td>
       <td><%= optim.created_at.strftime("%d/%m/%Y, at %I:%M%p") %></td>
-<% if current_user.admin? %>
+<% if current_user.admin? || current_user.sego_expert? %>
       <td><%= optim.owner&.login %></td>
 <% end %>
     </tr>

test/controllers/optimizations_controller_test.rb

@@ -5,28 +5,57 @@
 class OptimizationsControllerTest < ActionDispatch::IntegrationTest
   setup do
     sign_in users(:user1)
-    @ack = optimizations(:optim_ackley2d)
-    @unstat = optimizations(:optim_unkown_status)
+    @optim_ack = optimizations(:optim_ackley2d)
+    @optim_unknown_status = optimizations(:optim_unknown_status)
   end
 
-  test "should get index" do
+  test "should get index of is owned optimizations" do
     get optimizations_url
     assert_response :success
     assert_select "tbody>tr", count: Optimization.owned_by(users(:user1)).size
   end
 
-  test "admin should destroy optimization" do
+  test "SEGO experts should get read access to all optimizations" do
+    sign_out users(:user1)
+    sign_in users(:user2)
+    get optimizations_url
+    assert_response :success
+    assert_select "tbody>tr", count: Optimization.count
+  end
+
+  test "admin can destroy optimization" do
     sign_out users(:user1)
     sign_in users(:admin)
     assert_difference("Optimization.count", -1) do
-      post select_optimizations_path, params: { delete: "-", optimization_request_ids: [@ack.id] }
+      post select_optimizations_path, params: { delete: "-", optimization_request_ids: [@optim_ack.id] }
       assert_redirected_to optimizations_url
     end
   end
 
+  test "SEGO expert cannot destroy optimization" do
+    sign_out users(:user1)
+    sign_in users(:user2)
+    assert_difference("Optimization.count", 0) do
+      post select_optimizations_path, params: { delete: "-", optimization_request_ids: [@optim_ack.id] }
+      assert_redirected_to root_url
+    end
+  end
+
   test "non-owner cannot destroy optimization" do
+    sign_out users(:user1)
+    sign_in users(:user3)
+    assert_difference("Optimization.count", 0) do
+      post select_optimizations_path, params: { delete: "-", optimization_request_ids: [@optim_ack.id] }
+      assert_response :redirect
+    end
+  end
+
+  test "non-owner cannot update optimization" do
+    sign_out users(:user1)
+    sign_in users(:user3)
     assert_difference("Optimization.count", 0) do
-      post select_optimizations_path, params: { delete: "-", optimization_request_ids: [@unstat.id] }
+      patch optimization_path(@optim_ack), params: { inputs: {x: [1.0], y:[2.0]} }
+      assert_response :redirect
     end
   end
 
@@ -48,35 +77,34 @@ class OptimizationsControllerTest < ActionDispatch::IntegrationTest
     assert Optimization.last.owner, users(:user1)
   end
 
-  test "should authorized access by default" do
-    post optimizations_url, params: { optimization: { kind: "SEGOMOE", xlimits: ["1, 2", "3, 4"], options: ["", ""] } }
+  test "should authorized read access by default to any single optimization" do
     sign_out users(:user1)
     sign_in users(:user2)
-    get optimization_url(Optimization.last)
-    assert_response :found
+    get optimization_url(@optim_ack)
+    assert_response :success
   end
 
   test "should not delete by default" do
     assert_difference("Optimization.count", 0) do
-      post select_optimizations_path, params: {optimization_request_ids: [@ack.id, @unstat.id] }
+      post select_optimizations_path, params: {optimization_request_ids: [@optim_ack.id, @optim_unknown_status.id] }
     end
   end
 
   test "should compare the optimizations" do 
     sign_out users(:user1)
     sign_in users(:admin)
-    post select_optimizations_path, params: {optimization_request_ids: [@ack.id, @unstat.id] }
-    assert_redirected_to controller: 'optimizations', action: 'compare', optim_list: [@ack.id, @unstat.id]
+    post select_optimizations_path, params: {optimization_request_ids: [@optim_ack.id, @optim_unknown_status.id] }
+    assert_redirected_to controller: 'optimizations', action: 'compare', optim_list: [@optim_ack.id, @optim_unknown_status.id]
   end
 
   test "should add an input to the optimization" do
-    put optimization_path(@ack), params: {optimization: { inputs: { x: ["0, 0"], y: ["0"]} } }
-    assert_redirected_to optimization_path(@ack)
+    put optimization_path(@optim_ack), params: {optimization: { inputs: { x: ["0, 0"], y: ["0"]} } }
+    assert_redirected_to optimization_path(@optim_ack)
   end
 
   test "should not add invalid input" do
-    put optimization_path(@ack), params: {optimization: { inputs: { x: ["0"], y: ["0"]} } }
-    assert_redirected_to edit_optimization_path(@ack)
+    put optimization_path(@optim_ack), params: {optimization: { inputs: { x: ["0"], y: ["0"]} } }
+    assert_redirected_to edit_optimization_path(@optim_ack)
   end
 
   test "should not be able to create too many optimizations" do

test/fixtures/optimizations.yml

@@ -2,7 +2,7 @@ optim_ackley2d:
   kind: SEGOMOE
   config: <%= { :xlimits => [[-32.768, 32.768], [-32.768, 32.768]] }.to_json.inspect  %>
 
-optim_unkown_status:
+optim_unknown_status:
   kind: SEGOMOE
   config: <%= { :xlimits => [[-4, 2], [-2, 4]] }.to_json.inspect  %>
-  outputs: {status: -2010281.829}
+  outputs: <%= { :status => -666}.to_json.inspect %>

test/fixtures/roles.yml

@@ -1,6 +1,9 @@
 admin_role: 
   name: admin
-
+
+sego_expert_role:
+  name: sego_expert
+
 owner_cicav_mda_role:
   name: owner
   resource: cicav (Analysis)
@@ -57,9 +60,9 @@ owner_optim_ackley2d_role:
   name: owner
   resource: optim_ackley2d (Optimization) 
 
-owner_unkown_status:
+owner_optim_unknown_status_role:
   name: owner
-  resource: optim_unkown_status (Optimization)
+  resource: optim_unknown_status (Optimization)
 
 owner_cicav_project_role:
   name: owner

test/fixtures/users_roles.yml

@@ -58,9 +58,13 @@ users_roles_optim_ackley2d:
   user: user1
   role: owner_optim_ackley2d_role
 
-users_roles_optim_unkown_status:
+users_roles_optim_unknown_status:
   user: user5
-  role: owner_optim_unkown_status_role
+  role: owner_optim_unknown_status_role
+
+users_roles_optim_unknown_status:
+  user: user2
+  role: sego_expert_role
 
 users_roles_cicav_project:
   user: user1