Merge ef1be86 into 573c2ae

askomics · Jun 8, 2021 · c9a1380 · c9a1380
2 parents 573c2ae + ef1be86
commit c9a1380
Show file tree

Hide file tree

Showing 21 changed files with 2,588 additions and 27 deletions.
diff --git a/askomics/api/query.py b/askomics/api/query.py
@@ -32,24 +32,28 @@ def query():
         if "user" not in session and current_app.iniconfig.getboolean("askomics", "protect_public"):
             startpoints = []
             public_queries = []
+            public_form_queries = []
         else:
             tse = TriplestoreExplorer(current_app, session)
             results_handler = ResultsHandler(current_app, session)
             startpoints = tse.get_startpoints()
             public_queries = results_handler.get_public_queries()
+            public_form_queries = results_handler.get_public_form_queries()
 
     except Exception as e:
         traceback.print_exc(file=sys.stdout)
         return jsonify({
             'startpoints': [],
             "publicQueries": [],
+            "publicFormQueries": [],
             'error': True,
             'errorMessage': str(e)
         }), 500
 
     return jsonify({
         'startpoints': startpoints,
         "publicQueries": public_queries,
+        "publicFormQueries": public_form_queries,
         'error': False,
         'errorMessage': ''
     })

diff --git a/askomics/api/results.py b/askomics/api/results.py
@@ -84,6 +84,15 @@ def get_preview():
         file_id = data["fileId"]
         result_info = {"id": file_id}
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'preview': [],
+                'header': [],
+                'id': file_id,
+                'error': True,
+                'errorMessage': "You do not have access to this query"
+            }), 401
+
         headers, preview = result.get_file_preview()
 
     except Exception as e:
@@ -132,6 +141,16 @@ def get_graph_and_sparql_query():
         file_id = data["fileId"]
         result_info = {"id": file_id}
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'graphState': {},
+                'sparqlQuery': "",
+                'graphs': [],
+                'endpoints': [],
+                'diskSpace': 0,
+                'error': True,
+                'errorMessage': "You do not have access to this query"
+            }), 401
 
         # Get graph state and sparql query
         graph_state = result.get_graph_state(formated=True)
@@ -195,9 +214,18 @@ def get_graph_state():
             }), 400
 
         file_id = data["fileId"]
+        formated = data.get("formated", True)
+
         result_info = {"id": file_id}
         result = Result(current_app, session, result_info)
-        graph_state = result.get_graph_state(formated=True)
+        if not result:
+            return jsonify({
+                'graphState': {},
+                'id': file_id,
+                'error': True,
+                'errorMessage': "You do not have access to this graph"
+            }), 401
+        graph_state = result.get_graph_state(formated=formated)
 
     except Exception as e:
         traceback.print_exc(file=sys.stdout)
@@ -232,6 +260,11 @@ def download_result():
         file_id = data["fileId"]
         result_info = {"id": file_id}
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'error': True,
+                'errorMessage': "You do not have access to this result"
+            }), 401
         dir_path = result.get_dir_path()
         file_name = result.get_file_name()
 
@@ -317,6 +350,15 @@ def get_sparql_query():
         result_info = {"id": file_id}
 
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'query': {},
+                'graphs': [],
+                'endpoints': [],
+                'diskSpace': 0,
+                'error': True,
+                'errorMessage': "You do not have access to this result"
+            }), 401
         query = SparqlQuery(current_app, session)
 
         sparql = result.get_sparql_query()
@@ -383,6 +425,12 @@ def set_description():
         new_desc = data["newDesc"]
 
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'files': [],
+                'error': True,
+                'errorMessage': "You do not have access to this result"
+            }), 500
         result.update_description(new_desc)
 
         results_handler = ResultsHandler(current_app, session)
@@ -427,6 +475,12 @@ def publish_query():
         result_info = {"id": data["id"]}
 
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'files': [],
+                'error': True,
+                'errorMessage': 'Failed to publish query: \n{}'.format("You do not have access to this query")
+            }), 401
         result.publish_query(data.get("public", False))
 
         results_handler = ResultsHandler(current_app, session)
@@ -471,6 +525,12 @@ def template_query():
         result_info = {"id": data["id"]}
 
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'files': [],
+                'error': True,
+                'errorMessage': 'Failed to publish query: \n{}'.format("You do not have access to this query")
+            }), 401
         result.template_query(data.get("template", False))
 
         results_handler = ResultsHandler(current_app, session)
@@ -491,6 +551,56 @@ def template_query():
     })
 
 
+@results_bp.route('/api/results/form', methods=['POST'])
+@api_auth
+@login_required
+def form_query():
+    """Create a form from a result
+
+    Returns
+    -------
+    json
+        error: True if error, else False
+        errorMessage: the error message of error, else an empty string
+    """
+    try:
+        data = request.get_json()
+        if not (data and data.get("id")):
+            return jsonify({
+                'files': [],
+                'error': True,
+                'errorMessage': "Missing id parameter"
+            }), 400
+
+        result_info = {"id": data["id"]}
+
+        result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'files': [],
+                'error': True,
+                'errorMessage': 'Failed to publish query: \n{}'.format("You do not have access to this query")
+            }), 401
+        result.form_query(data.get("template", False))
+
+        results_handler = ResultsHandler(current_app, session)
+        files = results_handler.get_files_info()
+
+    except Exception as e:
+        traceback.print_exc(file=sys.stdout)
+        return jsonify({
+            'files': [],
+            'error': True,
+            'errorMessage': 'Failed to create form template query: \n{}'.format(str(e))
+        }), 500
+
+    return jsonify({
+        'files': files,
+        'error': False,
+        'errorMessage': ''
+    })
+
+
 @results_bp.route('/api/results/send2galaxy', methods=['POST'])
 @api_auth
 @login_required
@@ -513,6 +623,11 @@ def send2galaxy():
 
         result_info = {"id": data["fileId"]}
         result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'error': True,
+                'errorMessage': 'Failed to publish query: \n{}'.format("You do not have access to this query")
+            }), 401
         result.send2galaxy(data["fileToSend"])
     except Exception as e:
         traceback.print_exc(file=sys.stdout)
@@ -525,3 +640,48 @@ def send2galaxy():
         'error': False,
         'errorMessage': ''
     })
+
+
+@results_bp.route('/api/results/save_form', methods=['POST'])
+@api_auth
+@login_required
+def save_form():
+    """Update a form
+
+    Returns
+    -------
+    json
+        error: True if error, else False
+        errorMessage: the error message of error, else an empty string
+    """
+    try:
+        # Get query and endpoints and graphs of the query
+        data = request.get_json()
+        if not (data and data.get("graphState") and data.get("formId")):
+            return jsonify({
+                'error': True,
+                'errorMessage': "Missing graphState or formId parameter"
+            }), 400
+
+        result_info = {"id": data["formId"]}
+
+        result = Result(current_app, session, result_info)
+        if not result:
+            return jsonify({
+                'error': True,
+                'errorMessage': 'Failed to edit form: \n{}'.format("You do not have access to this form")
+            }), 401
+
+        result.update_graph(data.get("graphState"))
+
+    except Exception as e:
+        traceback.print_exc(file=sys.stdout)
+        return jsonify({
+            'error': True,
+            'errorMessage': str(e),
+        }), 500
+
+    return jsonify({
+        'error': False,
+        'errorMessage': ''
+    })
diff --git a/askomics/libaskomics/Database.py b/askomics/libaskomics/Database.py
@@ -233,6 +233,8 @@ def create_results_table(self):
             traceback text,
             graphs_and_endpoints text,
             template boolean,
+            has_form_attr boolean,
+            form boolean,
             FOREIGN KEY(user_id) REFERENCES users(user_id)
         )
         '''
@@ -296,6 +298,28 @@ def update_results_table(self):
         except Exception:
             pass
 
+        query = '''
+        ALTER TABLE results
+        ADD has_form_attr boolean NULL
+        DEFAULT(0)
+        '''
+
+        try:
+            self.execute_sql_query(query)
+        except Exception:
+            pass
+
+        query = '''
+        ALTER TABLE results
+        ADD form boolean NULL
+        DEFAULT(0)
+        '''
+
+        try:
+            self.execute_sql_query(query)
+        except Exception:
+            pass
+
     def create_endpoints_table(self):
         """Create the endpoints table"""
         query = '''